ASG
IBM
Zystems
Cressida
Icon
Netflexity
 
  MQSeries.net
Search  Search       Tech Exchange      Education      Certifications      Library      Info Center      SupportPacs      LinkedIn  Search  Search                                                                   FAQ  FAQ   Usergroups  Usergroups
 
Register  ::  Log in Log in to check your private messages
 
RSS Feed - WebSphere MQ Support RSS Feed - Message Broker Support

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » SignatureValue as part of WS reply message using HTTP nodes

Post new topic  Reply to topic
 SignatureValue as part of WS reply message using HTTP nodes « View previous topic :: View next topic » 
Author Message
PravinG
PostPosted: Sat Oct 17, 2009 3:31 am    Post subject: SignatureValue as part of WS reply message using HTTP nodes Reply with quote

Newbie

Joined: 16 Oct 2006
Posts: 9
Location: India
MB V6.1

We have a requirement wherein message flow will act as a Web service provider. The web service call will be synchronous in nature and will go through a secured SSL environment (We are using digital certificates with Server authentication).

As a reply to the web service call, we have to provide a ‘success’ message to WS-client. The sample of the same is given at the bottom of this topic.

We are asked to create the SignatureValue in the reply message to the WS-client. We know that this is possible using the SOAP nodes (WS-security - BinarySecurityToken) but we are not sure how we can achieve this using HTTP nodes.

We cannot use SOAP nodes because the message is not in SOAP message format. It’s a normal XML message.

Can anyone throw a light on whether this can be achieved using HTTP nodes? If so, how?

This is actually a ‘message level security’ which I guess is not possible using HTTP nodes.

Here is the sample message for your reference.

<?xml version="1.0" encoding="utf-8"?>
<RootTag xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:noNamespaceSchemaLocation="G:\USERGU~1\NEWDOC~1\System_4.0.xsd">
<SignonRs>
<ClientDt>2007-08-25T17:02:02</ClientDt>
<ServerDt>2007-08-25T17:02:02</ServerDt>
<LanguagePref>en-gb</LanguagePref>
<SignonProfile>
<Sender>011</Sender>
<Receiver>Receiver-001</Receiver>
<MsgCode>PNOTRS</MsgCode>
</SignonProfile>
</SignonRs>
<BillerSvcRs>…..</BillerSvcRs>
<Signature>
<XPath>/System/BillerSvcRs/PmtNotifyRs</XPath>
<SignatureValue>MIIKTwYJKoZIhvcNAQcCoIIKQDCCCjwCAQExCzAJ......</SignatureValue> </Signature>
</RootTag>
Back to top
View user's profile Send private message
fjb_saper
PostPosted: Sat Oct 17, 2009 4:39 am    Post subject: Reply with quote

Grand High Poobah

Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
There is nothing that absolutely can't be done...
However in order to sign your message you will need to have in BLOB form and then sign that BLOB.

Happy hunting...
_________________
MQ & Broker admin
Back to top
View user's profile Send private message Send e-mail
srinivas.ganapathi
PostPosted: Sun Oct 18, 2009 4:11 am    Post subject: Hi Reply with quote

Newbie

Joined: 09 Jun 2008
Posts: 7
Can you elaborate on your answer.
Even if we have the BLOB message how can we sign a part of the message using a digital signature using the httprequest node (ie.. part of the message needs to be signed here) .
I know we can sign the entire message contents using the http node . But i think signing a part of the message is the property of WS-Security and is supported only using the SOAP nodes.

Kindly let me know if i am correct.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic  Reply to topic Page 1 of 1

MQSeries.net Forum Index » WebSphere Message Broker (ACE) Support » SignatureValue as part of WS reply message using HTTP nodes
Jump to:  



You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum
Protected by Anti-Spam ACP
  
 


Theme by Dustin Baccetti
Powered by phpBB © 2001, 2002 phpBB Group

Copyright © MQSeries.net. All rights reserved.