Re: Help regarding generation of wsse:Security headers

Fri, 21 Jan 2022 09:19:29 -0800 

The wsse:Security sections are part of the soap envelope defined by the
Axis sub project rampart:

https://axis.apache.org/axis2/java/rampart/

I am not a current user of Rampart though I help maintain it.

On Thu, Jan 13, 2022 at 6:31 PM Yeikel Valdes Santana
<yeikel.valdessant...@aexp.com.invalid> wrote:

> Hi all,
>
>
>
> I am new to Axis and I am trying to use it to integrate with an external
> Soap Service.
>
>
>
> I generated the stub using the following maven configuration :
>
>
>
> <plugin>
>     <groupId>org.apache.axis2</groupId>
>     <artifactId>axis2-wsdl2code-maven-plugin</artifactId>
>     <version>${axis2.version}</version>
>     <executions>
>         <execution>
>             <goals>
>                 <goal>wsdl2code</goal>
>             </goals>
>             <configuration>
>                 <packageName>com.example.generated</packageName>
>                 <wsdlFile>src/main/wsdl/service.wsdl</wsdlFile>
>                 <databindingName>xmlbeans</databindingName>
>                 <syncMode>async</syncMode>
>             </configuration>
>         </execution>
>     </executions>
> </plugin>
>
>
>
> And then I am using it in my service like :
>
>
>
> ServiceV3Stub  stub = new ServiceV3Stub() and calling it using
>  service.call(requestDocument,new CallBackHandler());
>
>
>
> The challenge that I am facing is that while I can generate the request
> body, I do not know how to generate  the wsse:Security section of the
> request
>
>
>
> A sample SOAP request that I am trying to generate is :
>
>
>
> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";>
>     <soapenv:Header>
>         <wsse:Security 
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
>                        
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
>             <ds:Signature Id="SIG-xxxx" 
> xmlns:ds="http://www.w3.org/2000/09/xmldsig# 
> <http://www.w3.org/2000/09/xmldsig>">
>                 <ds:SignedInfo>
>                     <ds:CanonicalizationMethod 
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n# 
> <http://www.w3.org/2001/10/xml-exc-c14n>">
>                         <ec:InclusiveNamespaces PrefixList="soapenv"
>                                                 
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n# 
> <http://www.w3.org/2001/10/xml-exc-c14n>"/>
>                     </ds:CanonicalizationMethod>
>                     <ds:SignatureMethod 
> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
>                     <ds:Reference URI="#id-xxx">
>                         <ds:Transforms>
>                             <ds:Transform 
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n# 
> <http://www.w3.org/2001/10/xml-exc-c14n>">
>                                 <ec:InclusiveNamespaces PrefixList=""
>                                                         
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n# 
> <http://www.w3.org/2001/10/xml-exc-c14n>"/>
>                             </ds:Transform>
>                         </ds:Transforms>
>                         <ds:DigestMethod 
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
>                         <ds:DigestValue>xxx=</ds:DigestValue>
>                     </ds:Reference>
>                 </ds:SignedInfo>
>                 <ds:SignatureValue>xxx </ds:SignatureValue>
>                 <ds:KeyInfo Id="KI-xxx">
>                     <wsse:SecurityTokenReference wsu:Id="xxxx">
>                         <ds:X509Data>
>                             <ds:X509IssuerSerial>
>                                 <ds:X509IssuerName>ssss</ds:X509IssuerName>
>                                 <ds:X509SerialNumber>---</ds:X509SerialNumber>
>                             </ds:X509IssuerSerial>
>                         </ds:X509Data>
>                     </wsse:SecurityTokenReference>
>                 </ds:KeyInfo>
>             </ds:Signature>
>         </wsse:Security>
>     </soapenv:Header>
>     <soapenv:Body wsu:Id="id-xxxx"
> </soapenv:Envelope>
>
>
>
>
>
> Normally, In SOAP UI, I imported the a JKS file and generated from the UI
> https://www.soapui.org/docs/soapui-projects/ws-security/
>
>
>
> Do you have any sample snippet with Axis?
>
>
>
> Thank you!
>
>
> American Express made the following annotations
>
> ------------------------------
>
>
> "This message and any attachments are solely for the intended recipient
> and may contain confidential or privileged information. If you are not the
> intended recipient, any disclosure, copying, use, or distribution of the
> information included in this message and any attachments is prohibited. If
> you have received this communication in error, please notify us by reply
> e-mail and immediately and permanently delete this message and any
> attachments. Thank you."
>
>
> American Express a ajouté le commentaire suivant
>
> Ce courrier et toute pièce jointe qu'il contient sont réservés au seul
> destinataire indiqué et peuvent contenir des renseignements confidentiels
> et privilégiés. Si vous n'êtes pas le destinataire prévu, toute
> divulgation, duplication, utilisation ou distribution du courrier ou de
> toute pièce jointe est interdite. Si vous avez reçu cette communication par
> erreur, veuillez nous en aviser par courrier et détruire immédiatement le
> courrier et les pièces jointes. Merci.
>
> ------------------------------
>

Reply via email to