Home/ Questions/Q 8672215
In Process

The Archive Base Latest Questions

Editorial Team
  • 0
Asked: 2026-06-12T19:08:44+00:00

I want to convert a SOAPMessage to a byte Array so i can encrypt

  • 0

I want to convert a SOAPMessage to a byte Array so i can encrypt it and then decrypt it in a proxy server that will make the Invoke of a Web service on my behalf.
The problem is that SOAPMessage does not implement java.io.Serializable and therefore I can’t proceed on the encryption of it.

I have used this for serializing

public static byte[] serializeSoapMessage (SOAPMessage sm){
    try {

        ByteArrayOutputStream baos = new ByteArrayOutputStream();
        sm.writeTo(baos);
       byte[] bytes= baos.toByteArray();
       return bytes;
    } catch (SOAPException ex) {
        Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
    } catch (IOException ex) {
        Logger.getLogger(Main.class.getName()).log(Level.SEVERE, null, ex);
    }
    return null;
}

But deserialization is a problem because ObjectInputStream requires the implementation of java.io.Serializable

Thank you in regards 🙂

Share

Leave an answer

You must login to add an answer.

Need An Account,

1 Answer

  1. Editorial Team

    I think you don’t quite understand what SOAPMessage.writeTo is doing (or how object streams work). As far as I can tell, writeTo will create the XML for the SOAPMessage and write it as bytes to the stream it’s given. To read it, you use a MessageFactory and its createMessage method. The information written to the stream isn’t an object (which is what ObjectInputStream expects), it’s data.

    To do what you want, wrap your ByteArrayOutputStream in a CipherOutputStream (see this question to see how to wrap streams with cipher streams) and call sm.writeTo(cipherOutputStream) instead. This will encrypt the bytes on the stream, and then you can send the bytes to your web service.

    Have the web service run the decryption by wrapping the bytes received in a ByteArrayInputStream and then wrapping that in a CipherInputStream. Give the resulting CipherInputStream to the MessageFactory and it will reconstruct the original SOAPMessage.

    Admittedly, I’m not an expert in web services, so I can’t give you working code for your specific solution, but this approach will definitely give you an encrypted byte[] to send that will contain the encrypted SOAPMessage.

    Note that the object streams don’t encrypt anything anyway. You may think so because its output is more or less unreadable, but it’s by no means encrypted. The only way to get encryption is to use, well, encryption.

    Some references for you:

    Hope that’s enough to get you started.

    • 0