| Author |
Message
|
| oli |
 Posted: Wed Feb 04, 2009 1:09 am Post subject: How to use username token in SOAPRequest node |
 |
|
Acolyte
Joined: 14 Jul 2006
Posts: 68
Location: Germany
|
Hi all,
I have a very simple scenario where I need to call a web service that requires a username token in the ws-security header of the soap message
| Code: |
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" SOAP-ENV:mustUnderstand="1">
<wsse:UsernameToken>
<wsse:Username>MyUser</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">MyPwd</wsse:Password>
</wsse:UsernameToken>
</wsse:Security> |
Is it possible to add this username token to the SOAP Header with the SOAPRequest node?
If not, is there another way to do that?
Thanks,
Oli |
|
| Back to top |
|
 |
| mqjeff |
| Posted: Wed Feb 04, 2009 4:12 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
|
| Back to top |
|
|
| oli |
| Posted: Wed Feb 04, 2009 4:55 am Post subject: |
|
|
Acolyte
Joined: 14 Jul 2006
Posts: 68
Location: Germany
|
| Sorry, but I cannot see any hint how the username token can be added using a SOAPRequest node. I already searched the InfoCenter bur I didn't find a description, how to do this ... |
|
| Back to top |
|
|
| bobbee |
| Posted: Mon Apr 27, 2009 3:48 am Post subject: |
|
|
Knight
Joined: 20 Sep 2001
Posts: 545
Location: Tampa
|
| Did you get this to work. I would be interested in what you did. I have a customer trying this and they are having difficulties. |
|
| Back to top |
|
|
| Featherstone |
| Posted: Mon Oct 18, 2010 6:15 am Post subject: |
|
|
Novice
Joined: 18 Oct 2010
Posts: 11
|
| Would appreciate an example of how to do this as I'm facing the same problem. I need to call a 3rd party web servie and need to include header such as this (example from their API docs) |
|
| Back to top |
|
|
| zpat |
| Posted: Mon Oct 18, 2010 7:03 am Post subject: |
|
|
Jedi Council
Joined: 19 May 2001
Posts: 5866
Location: UK
|
| Code: |
SET OutputRoot.Properties.CodedCharSetId = 1208;
SET OutputRoot.Properties.IdentitySourceType = 'Usernameandpassword';
SET OutputRoot.Properties.IdentitySourceToken = xxxx;
SET OutputRoot.Properties.IdentitySourcePassword = 'yyyy';
|
Set up a default Security Profile on the Broker - accept defaults, change Propagation to YES.
Reconfigure BAR for SOAPRequest node, i.e. under Security Profile select 'Default Propagation'
This is actually quite hard to work out. Following the full WS-security examples does not help. There is no need for a policy set for example. I had to open a PMR to get the necessary advice.
It's an area that WMB could be improved on to make the whole WS-security set up simpler (compare to SoapUI for example which is much easier).
https web services will presumably require a JKS truststore setup for the broker which is fairly easy using ikeyman. |
|
| Back to top |
|
|
| Featherstone |
| Posted: Tue Oct 19, 2010 3:26 am Post subject: |
|
|
Novice
Joined: 18 Oct 2010
Posts: 11
|
Still struggling to get this to work!
I'm able to connect to the 3rd party service using SOAPUI and they have an operation called 'Ping' to test the connection.
I've set everyhting as you've suggested and also created a keystore and truststore and set the appropriate properties for the BrokerRegistry
brokerKeystoreFile, brokerKeystorePass etc (and for Truststore also!).
If I use mqsisetdbparms to set and incorrect password for the keystore then the flow throws this in an error. If I set the password correctly then in debug the flow goes into the SOAPRequest node but then nothing on the output terminals (out, fault, failure). If I run a debug trace I do seem to be getting an error:-
'DocuSignFlow.Ping_api_1.Request' received HTTP data from host 'demo.docusign.net' with status code of 500.
The trace also seems to say
The broker is sending data via HTTP to a remote server at host 'demo.docusign.net' (port 443) using URL '/api/3.0/api.asmx'
Is this right when I believe I should be going over HTTPS ?
Any ideas ? |
|
| Back to top |
|
|
| zpat |
| Posted: Tue Oct 19, 2010 9:00 am Post subject: |
|
|
Jedi Council
Joined: 19 May 2001
Posts: 5866
Location: UK
|
Have you made your Soap request URL https?
Have you set a proxy server for WMB to use?
So you have done the SETs above in a compute node, then used a HttpHeader node to add the request header (and any cookies needed).
Possibly need something like this also:
SET OutputRoot.Properties.IdentityMappedIssuedBy = '<the name of CA signer cert label in truststore>'; |
|
| Back to top |
|
|
| Featherstone |
| Posted: Mon Oct 25, 2010 3:22 am Post subject: Adding the WS-SECURITY header |
|
|
Novice
Joined: 18 Oct 2010
Posts: 11
|
I've discussed with the 3rd party and they offer an alternative to using the ws-security in the SOAP header. Basically I can create a new HTTP header by adding a HTTPHeader node and using the 'add header' on the HTTPRequest properties page.
I would still like to work out how to add the following to my SOAP request message (I'm using the SOAPRequest node to create the outgoing request)
I've seen in SOAPUI that the format of the header that the 3rd party requires is as follows
| Code: |
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsse:UsernameToken wsu:Id="UsernameToken-19" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsse:Username>someusername</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">somepassword</wsse:Password><wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">33fZYADbQLtcoxNU6f4pAQ==</wsse:Nonce><wsu:Created>2010-10-25T11:11:56.854Z</wsu:Created></wsse:UsernameToken></wsse:Security></soapenv:Header> |
Can you please explain what you mean for :-
| Quote: |
| So you have done the SETs above in a compute node, then used a HttpHeader node to add the request header (and any cookies needed). |
I've re-drected the SOAPRequest node to a MockService in SOAPUI to see what the message looks like but I don't seem to get a soap header element that looks like that which is required ! |
|
| Back to top |
|
|
| shilpa.sabade |
| Posted: Sun Jul 08, 2012 11:05 pm Post subject: WS - security with soaprequest node |
|
|
Voyager
Joined: 23 Feb 2011
Posts: 76
|
Hi All,
I tried steps :
SET OutputRoot.Properties.CodedCharSetId = 1208;
SET OutputRoot.Properties.IdentityMappedType = 'usernameAndPassword';
SET OutputRoot.Properties.IdentityMappedToken = 'xxxxxx';
SET OutputRoot.Properties.IdentityMappedPassword ='yyyy';
Set up a default Security Profile on the Broker - accept defaults, change Propagation to YES.
Reconfigure BAR for SOAPRequest node, i.e. under Security Profile select 'Default Propagation'
But doesnot seem to work for me . Am trying to set Header as follows :
| Code: |
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-2" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>xxxxxxx</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">yyyyyyy</wsse:Password>
</wsse:UsernameToken>
</wsse:Security> |
can any of you help me with this .  |
|
| Back to top |
|
|
| shilpa.sabade |
| Posted: Mon Jul 09, 2012 3:49 am Post subject: |
|
|
Voyager
Joined: 23 Feb 2011
Posts: 76
|
Hi All,
I tried steps :
SET OutputRoot.Properties.CodedCharSetId = 1208;
SET OutputRoot.Properties.IdentityMappedType = 'usernameAndPassword';
SET OutputRoot.Properties.IdentityMappedToken = 'xxxxxx';
SET OutputRoot.Properties.IdentityMappedPassword ='yyyy';
Set up a default Security Profile on the Broker - accept defaults, change Propagation to YES.
Reconfigure BAR for SOAPRequest node, i.e. under Security Profile select 'Default Propagation'
But doesnot seem to work for me . Am trying to set Header as follows :
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-2" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>xxxxxxx</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">yyyyyyy</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
can any of you help me with this . |
|
| Back to top |
|
|
| lancelotlinc |
| Posted: Mon Jul 09, 2012 4:57 am Post subject: |
|
|
Jedi Knight
Joined: 22 Mar 2010
Posts: 4941
Location: Bloomington, IL USA
|
|
| Back to top |
|
|
| smdavies99 |
| Posted: Mon Jul 09, 2012 7:19 am Post subject: |
|
|
Jedi Council
Joined: 10 Feb 2003
Posts: 6076
Location: Somewhere over the Rainbow this side of Never-never land.
|
| lancelotlinc wrote: |
shilpa.sabade
Use [c o d e] tags or don't post here. |
got out of bed on the wrong side today then 
Perhaps using the word 'Please' might elicit a more favourable response?
_________________
WMQ User since 1999
MQSI/WBI/WMB/'Thingy' User since 2002
Linux user since 1995
Every time you reinvent the wheel the more square it gets (anon). If in doubt think and investigate before you ask silly questions. |
|
| Back to top |
|
|
| lancelotlinc |
| Posted: Mon Jul 09, 2012 7:21 am Post subject: |
|
|
Jedi Knight
Joined: 22 Mar 2010
Posts: 4941
Location: Bloomington, IL USA
|
|
| Back to top |
|
|
| shilpa.sabade |
| Posted: Wed Jul 11, 2012 12:41 am Post subject: |
|
|
Voyager
Joined: 23 Feb 2011
Posts: 76
|
Hi ,
First of all sorry for late response :
I tried [ c o d e]
SET OutputRoot.SOAP.Header.wsse:Security.wsse:UsernameToken.wsse:Username='ced-bwx-jboss-serviceid';
SET OutputRoot.SOAP.Header.wsse:Security.wsse:UsernameToken.wsse:Password='STJWNc';
its still not working!
Please let me know , if there are any other ways! |
|
| Back to top |
|
|
|
|
