| Author |
Message
|
| jonatan_mx |
 Posted: Fri Apr 10, 2015 12:21 pm Post subject: is it posible to read security element header ws-security |
 |
|
Newbie
Joined: 10 Apr 2015
Posts: 6
|
is it posible to read the security element on the header <wsse:Security xmlns:wsse> ws-security inside a compute node, i already have the policy set and policy binding and the PKI and everithyng works fine, but inside the compute node i dont have this header, i think the soap input remove it, and the problem is that i need to read the security header in order to get the certificate serial number, how can i do this inside a compute node?
anyone?
thanks |
|
| Back to top |
|
 |
| fjb_saper |
| Posted: Sat Apr 11, 2015 7:41 pm Post subject: |
|
|
Grand High Poobah
Joined: 18 Nov 2003
Posts: 20756
Location: LI,NY
|
Did you set your policy to propagate? 
_________________
MQ & Broker admin |
|
| Back to top |
|
|
| shashivarungupta |
| Posted: Sun Apr 12, 2015 7:32 pm Post subject: Re: is it posible to read security element header ws-securit |
|
|
Grand Master
Joined: 24 Feb 2009
Posts: 1343
Location: Floating in space on a round rock.
|
| jonatan_mx wrote: |
| is it posible to read the security element on the header <wsse:Security xmlns:wsse> ws-security inside a compute node... |
DECLARE wsse NAMESPACE 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
Declare reference to the wsse header, for example:
DECLARE wsHdr REFERENCE TO InputRoot.SOAP.Header.wsse:Security.wsse:UsernameToken;
Then after you can use username and password (for example) to validate/populate the values accordingly.
Also, following link gives few examples that would be helpful in case to access certificate details.
_________________
*Life will beat you down, you need to decide to fight back or leave it. |
|
| Back to top |
|
|
| jonatan_mx |
| Posted: Mon Apr 13, 2015 8:18 am Post subject: |
|
|
Newbie
Joined: 10 Apr 2015
Posts: 6
|
@fjb_saper the populate option is only for a security profile? it doesn't have this choice for a policy set because i cannot find it.
@shashivarungupta i did that but it is empty i have to do something else in order to access it?
thanks |
|
| Back to top |
|
|
| shashivarungupta |
| Posted: Mon Apr 13, 2015 4:27 pm Post subject: |
|
|
Grand Master
Joined: 24 Feb 2009
Posts: 1343
Location: Floating in space on a round rock.
|
| jonatan_mx wrote: |
| ....but it is empty i have to do something else in order to access it? |
What do you see when you have trace node in the mflow?
Did you try looking at the User Debug Trace?
Also, what do you mean that soap input removes it?
_________________
*Life will beat you down, you need to decide to fight back or leave it. |
|
| Back to top |
|
|
| mqjeff |
| Posted: Tue Apr 14, 2015 5:03 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
| shashivarungupta wrote: |
| jonatan_mx wrote: |
| ....but it is empty i have to do something else in order to access it? |
What do you see when you have trace node in the mflow?
Did you try looking at the User Debug Trace?
Also, what do you mean that soap input removes it?
|
the WSSE headers are removed and the contents are placed into the Identity tree, unless the WSSE headers are propagated, or the SOAP input node does not do the policy checking and instead a PEP node is used. |
|
| Back to top |
|
|
| jonatan_mx |
| Posted: Tue Apr 14, 2015 7:28 am Post subject: |
|
|
Newbie
Joined: 10 Apr 2015
Posts: 6
|
@shashivarungupta the headers was empty. for the reason that explain mqjeff
@mqjeff thank u as you say if i dont set the policy on the input node i retain the headers   thaks a lot |
|
| Back to top |
|
|
|
|
