--- In [email protected], Richard <legal...@...> wrote:
>
>
> In article <glmrre+g...@...>,
> "gsoap4cpg" <gsoap4...@...> writes:
>
> > Has ANYONE a little HowTo or something how to add WS-Security to a
> > gSOAP-based server application?
>
> I would be interested in this as well. I too was disappointed that
> the main gSOAP manual just deferred me to the source tree.
I've done it now, since there where some major points which should be
documented somewhere if you want to upgrade an existing gSOAP server
to use WS-Security. This applies to gSOAP 2.7.12 and MSVC:
* Compile wsseapi.c as wsseapi.cpp to force using of C++ Compiler. It
won't compile in C-Mode.
* Patch wsseapi.cpp in line 1330:
old:
cert = d2i_X509(NULL, (unsigned char**)&data, size);
new:
cert = d2i_X509(NULL, (const unsigned char**)&data, size);
* add #import "wsse.h" in that C/C++ Header file for which a WSDL has
to be generated
* According to a bug in OpenSSL (current: 0.9.8j) under Win32 some
statements which are used in wsse-sample (wssedemo.c) can't be used.
PEM_read_PrivateKey() and PEM_read_X509() will crash on Win32.
Use following instead:
BIO* pBio = BIO_new(BIO_s_file());
BIO_read_filename(pBio, "server.pem");
EVP_KEY* pRsaPrvKey = PEM_read_bio_PrivateKey(pBio, NULL, NULL,
(void*)"keyfilepassword");
EVP_KEY* pCert = PEM_read_bio_X509(pBio, NULL, NULL, NULL);
BIO_free(pBio);
Now my WS-Security enabled gSOAP server seems to run but I don't know
exactly what to change in my client test program (C++ .NET). But
that's another story ;-)
