I am accessing a third party web service using JAX-WS generated client (Java) code. A call to a service that initiates a client session returns a Token in the response which, a.o., contains a Signature. The Token is required in subsequent calls to other services for authentication purposes.
I learned from using SoapUI that the WS/Endpoint requires the Token to be used as-is... meaning everything works fine when I literally copy the Token (which is one big line) from the initial response to whatever request I like to make next.
Now I am doing the same in my JAX-WS client. I retrieved a Token (I copied it from the response which I captured with Fiddler) and I tested it succesfully in a subsequent call using SoapUI.
However, when performing a subsequent call to a service using the JAX-WS client, the Signature part in the Token is changed. It should look like:
But (when capturing the request with Fiddler) it now looks like:
<Signature:Signature xmlns:Signature="http://www.w3.org/2000/09/xmldsig#" xmlns="http://www.w3.org/2000/09/xmldsig#">...</Signature:Signature>
Apparently this is not acceptable according to the WS/Endpoint so now I'd like to know:
- Why is the Token marshalled back this way?
- More importantly, how can I prevent my client from doing that?
Thanks in advance!