I was looking how to enable WS-Security features in the Axis client to my web service application. I have tested it with Axis 1.4 client.

The things you need to configure axis client are:

  1. Copy wss4j.jar (rev. 1.5.1), opensaml-1.1.jar and xmlsec-20050514.jar (from the openSAML distribution) to classpath (WEB-INF/lib)

  2. Add handler to client.wsdd:

    <!-- Using the WSDoAllSender security handler in request flow -->
    <deployment xmlns="http://xml.apache.org/axis/wsdd/" java="http://xml.apache.org/axis/wsdd/providers/java">
        <transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender">
            <globalconfiguration>
                <requestflow>
                    <handler type="java:org.apache.ws.axis.security.WSDoAllSender">
                        <parameter name="action" value="UsernameToken"/>
                        <parameter name="passwordType" value="PasswordDigest"/>
                        <parameter name="mustUnderstand" value="false"/>
                    </handler>
                </requestflow>
            </globalconfiguration>
        </transport>
    </deployment>
    

You don’t need to hardcode username and password as a handler parameters. Just call setUsername(…) and setPassword(…) methods of your Stub.