anthony-id edited this page Nov 5, 2011 · 3 revisions
Clone this wiki locally


This is a simple CFC to wrap SOAP envelopes with WS-Security. Some web services providers require WS-Security using a username and password. cfWSAuthenticator adds the required headers for WS-Security to the SOAP envelope and provides a mechanism to send the envelope on to the endpoint.

ColdFusion handles web services fairly well, but uses Axis1. Unfortunately, that makes WS-Security a challenge since the libraries assume Axis2 (in fact, WS-Security comes "out-of-the-box" with Axis2). Therefore, in the case when WS-Security is required, the web services objects need to be abandoned for old-fashioned http POST requests. This is where cfWSAuthenticator comes in. Create (or extract) the SOAP envelope, wrap it in authentication and send it on to the endpoint. I wrote a blog post about this last year:


The "send" functionality is a convenience method - it is a cfhttp call that adds some additional headers required for WS-Security. It could easily be abstracted out to a helper object.

Release Notes