| Author |
Message
|
| alaychem |
 Posted: Sat Apr 30, 2016 11:59 pm Post subject: Adding various headers to SOAP request node |
 |
|
Acolyte
Joined: 10 Feb 2016
Posts: 66
|
|
| Back to top |
|
 |
| smdavies99 |
| Posted: Sun May 01, 2016 10:19 pm Post subject: |
|
|
Jedi Council
Joined: 10 Feb 2003
Posts: 6076
Location: Somewhere over the Rainbow this side of Never-never land.
|
Have you searched this forum for ... oh, something like
'WS-Security'
You never know, you may find a solution there.
Have you tried anything yourself to solve it? If so, what happened?
_________________
WMQ User since 1999
MQSI/WBI/WMB/'Thingy' User since 2002
Linux user since 1995
Every time you reinvent the wheel the more square it gets (anon). If in doubt think and investigate before you ask silly questions. |
|
| Back to top |
|
|
| JosephGramig |
| Posted: Mon May 02, 2016 10:11 am Post subject: |
|
|
Grand Master
Joined: 09 Feb 2006
Posts: 1231
Location: Gold Coast of Florida, USA
|
You add those with "Policy Set" and "Policy Set Binding" profiles.
Have you already setup your X.509 V3 PKI? |
|
| Back to top |
|
|
| alaychem |
| Posted: Sun May 08, 2016 11:49 pm Post subject: |
|
|
Acolyte
Joined: 10 Feb 2016
Posts: 66
|
I' added a poilicy set and binding, and I got certificates for the SSL.
When I tried to send a request after configureing the policy set I got HTTP response 500 (No signature in message) from the target server.
I changed the address to HTTP insted of HTTPS so I could sniff the message with IPTRACE, and the WS headers didn't appear (still 500 from the server).
I've read about the WS-SECURITY and I understand that it use the cert's key to encypt the message, Is it possible to use WS-Security in non SSL communication? |
|
| Back to top |
|
|
| mqjeff |
| Posted: Mon May 09, 2016 6:31 am Post subject: |
|
|
Grand Master
Joined: 25 Jun 2008
Posts: 17447
|
WS-Security has nothing to do with the security of the connection.
So, yes, you could do WS-Security with HTTP instead of HTTPS.
But it wouldn't be very secure.
And it's a separate, documented, config to setup SSL than WS-Security.
_________________
chmod -R ugo-wx / |
|
| Back to top |
|
|
| alaychem |
| Posted: Mon May 09, 2016 8:54 pm Post subject: |
|
|
Acolyte
Joined: 10 Feb 2016
Posts: 66
|
@all Well, I've followed the insturctions from here:
http://www-01.ibm.com/support/docview.wss?uid=swg27015721
and I got the 500 "No signature in message" error.
@Joseph do you mean adding authentication token, or asymmetric token?
@mqjeff It's for debug purposes of course, in production, we will go SSL. |
|
| Back to top |
|
|
| alaychem |
| Posted: Mon May 16, 2016 3:20 am Post subject: |
|
|
Acolyte
Joined: 10 Feb 2016
Posts: 66
|
Hi
I got significant improvment but still there are few gaps between what is produced and what is supposed to be produced.
I'm lacking the
elment in the timestamp element.
I tried addind it with policy bindings>ws-security>advaced but it had no effect.
***EDIT***
the expires part is solved once I restarted the broker... 
I'm lacking an addtional
| Code: |
| <Reference URI=#...> |
element that the timestamp element should refer to
any ideas? |
|
| Back to top |
|
|
|
|
