Yep. Here you go - the sample request provided by the company I'm trying to work with. It's kinda ugly, but hopefully helpful in finding a solution. As this is the public example they post on their website, I figure it should be fairly safe to share
<?xml version='1.0' encoding='utf-8'?> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; xmlns:wsa="http://www.w3.org/2005/08/addressing";> <soapenv:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; soapenv:mustUnderstand="1"> <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="Timestamp-1702354"> <wsu:Created>2012-08-02T15:38:14.062Z</wsu:Created> <wsu:Expires>2012-08-02T15:43:14.062Z</wsu:Expires> </wsu:Timestamp> <xenc:EncryptedKey Id="EncKeyId-4736426"> <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"; /> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <wsse:SecurityTokenReference> <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"; ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier";>aU53M6ufa/yIi/8Cf0SYnDqFNxg=</wsse:KeyIdentifier> </wsse:SecurityTokenReference> </ds:KeyInfo> <xenc:CipherData> <xenc:CipherValue>Ra4sTc78C9XUm1Fr/PnCF8GzLKcQsvp4zU0AZIcsh4N9LfczMKmfGAHWiYi7uATIAcAHs1t6diqhrzndLB9q0j1fjRowCNszQ4cgCIuKKeqzAXVA1ZkT7h63hZu0Je6mhXD00VCK40FG8p+VumZw8sVASSj1lPrrTqTQR6mZMsM=</xenc:CipherValue> </xenc:CipherData> <xenc:ReferenceList> <xenc:DataReference URI="#EncDataId-24737685" /> </xenc:ReferenceList> </xenc:EncryptedKey> <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"; ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"; wsu:Id="CertId-11497308"> [x509 encoded certificate goes here] </wsse:BinarySecurityToken> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; Id="Signature-32961147"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; /> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"; /> <ds:Reference URI="#id-24737685"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; /> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; /> <ds:DigestValue>CcedwmiGz5BM/IMhSiHt8yVSIU8=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>ITjzmx37JQs/8E+TdSXfApXCU96hLF/t2U6V7B39ZIc6y7oQpWDU4Xpqib63WUZEvoMtOWMeK/vl bJLoHVgwV/zkcBguEMGOTRSbJwQ7kfl15samDKXLy7I2/pN8hpV7b+AqM1xnM6xmhbljl7Xu0ou0 /PbebqE+GciDO6IVvSs=</ds:SignatureValue> <ds:KeyInfo Id="KeyId-7364874"> <wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="STRId-4101839"> <wsse:Reference URI="#CertId-11497308" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"; /> </wsse:SecurityTokenReference> </ds:KeyInfo> </ds:Signature> </wsse:Security> <wsa:To>http://int2.myidtravel.com/ws/services/UploadService</wsa:To> <wsa:MessageID>urn:uuid:13C80BD4B1F84AE17F1343921893115</wsa:MessageID> <wsa:Action>urn:StaffProfilesUpload</wsa:Action> </soapenv:Header> <soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="id-24737685"> <xenc:EncryptedData Id="EncDataId-24737685" Type="http://www.w3.org/2001/04/xmlenc#Content";> <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"; /> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";> <wsse:Reference URI="#EncKeyId-4736426" /> </wsse:SecurityTokenReference> </ds:KeyInfo> <xenc:CipherData> <xenc:CipherValue>rSpEJkpoaveOKLvNV2EdY38XcwXMMdqRyVHL0+x0x8Pn9jW0oiNr54AP/I5k4OX7kPTisoD1ZccT agFspo8zKeNZZmEMJcecjV5m7AdeCtpKrhJ6thTM6GC//7bzw5AlRwtqHmnpiI2qMXE5hZDoeCGm umyqfxNy0gvNKaYAHKsTe92PDWo96oKgcBEtiToP5vpEYvfxjGjXQYjAsX/i2Ni9KSr0aFZvTDio 89lZJF1nQkcb237pjStKXF7w6uqLzgckDPVtbx4eTg28pPim6u/pLBjGIFGOR8KFOyNJ6UZC1Atw SXmdFGzD2pySmoAxm1Ue9G9ohK34SR+0bRWoATPrEMXqKJ3M63mgbF4xcyDulLAkuJt5Z8Myeljh sPJKfWWpjaUCTn3ynlU5fXwYMA/WdTDlq4ddq7NprfNf2gP7eCz7E1sPNrC9b5DcMiqrkQgK61y2 TTVGAozhb4plrawDithPjiVLERuJkL7ce4JbDGFyGkF4Bl5Tkwsf7NYOk46jR1LYM5XhAxqDJpI6 bb+t3f+7P7cqN7PUqYGFEGrZWtizZkDS6Wk7v0y6N3xHFTrswcQcwCu/qqxF+yUaCtw4UInkMkLA cjCgRNzPzqPWocvrgBWu18PjEW1nW3lMqqFWu8DvBcjXyN/QqnJpMIuGA/9++Rp3rHl2+IS0BVpV FaFn8bA6ju151ZaIttfktss7HfHZZ5mMDXmA33trekcgtZCmdL4mjMpAGcMVYpAWT5eCNVbfJpa9 mr6c+Ir514uq6S38o/eOHrUx49UTEXhN0IET288yhMdTp58ztAAvGuwbQA0qPX5CcnEbDP0Sm/OF EDLHJz+CCVWPrzJZh7+s8/kMGZkTmk7q8qTXG5tV3+zWGiHTW5aoA2xOT8jvcx30Cjp+HTECURKw rZF+m7x9dFrtAOnAPpiD8zmkDY+1+eLMnmQ4Dp94bJHi3ekKJ0xpplK5cV+MuvKfmYGkOAI+VaWJ WCriZfI88dh6+CneVUJHKMkNJxN5CJj2aY7868fOQdC0ZZzN4ujuSnrBeDDeJh26JuAziL5UZQ1E yJqpjv8VxBQDJUe8aEg6jMYF6kfE56yx+rR3qjzwiVQSSBRSQ3dQRG7/KIs+dhOg9N0k6nB3wA9E 11xcekz8Vt7I7GZH/Ye4/9xM21ATtHsdJ8mJB7Sy7Sxs0JgKE53B6FzAG+WD5OOYOcN2ZifXymTn JAR0jH0Ue58gx2pTV4pwxcZ+68i/194gWGcFezFiFGccy8KP2XsmZIdBRJjbrN+PZP2T5d6Dht56 eJkzDCB+PNwc26rFVFBp2ZyZNLWmbq5qJ9cYpqhsi6qHGll7VWkTP8G2U2S1Uxq5u8Thf7D6K5Te rSiHJiVTIdbYUIJ75TmnRhoitYQj3NbDGPIz6/TZfVCeLFA1WG9+6yunRO/N5VhUp0oec0kxe7p9 SdXK76v7BbkLoLotddXLUI4lidj0ejzB955bW9oUqh3ILH6gd6OJHDM8OHu29Cza79ZE2OURBhG9 6Jr26MAlKLQ2+yLUzEFfZAR+iwmGsAWppEXHFXFybKxtslegePxFmZ7TXmel7eE3VsNSX0kx6oYT 64c0</xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedData> </soapenv:Body> </soapenv:Envelope> ----------------------------------------------- Israel Brewster Computer Support Technician II Era Alaska 5245 Airport Industrial Rd Fairbanks, AK 99709 (907) 450-7250 x7293 -----------------------------------------------
BEGIN:VCARD VERSION:3.0 N:Brewster;Israel;;; FN:Israel Brewster ORG:Frontier Flying Service;MIS TITLE:PC Support Tech II EMAIL;type=INTERNET;type=WORK;type=pref:[email protected] TEL;type=WORK;type=pref:907-450-7293 item1.ADR;type=WORK;type=pref:;;5245 Airport Industrial Wy;Fairbanks;AK;99701; item1.X-ABADR:us CATEGORIES:General X-ABUID:36305438-95EA-4410-91AB-45D16CABCDDC\:ABPerson END:VCARD
On Sep 7, 2012, at 7:14 AM, Mariano Reingart wrote: > Hello Israel: > > Do you have any example of a WS-Security with certificate data. > And XML request message would be useful. > > Best regards, > > Mariano Reingart > http://www.sistemasagiles.com.ar > http://reingart.blogspot.com > > > On Thu, Sep 6, 2012 at 6:39 PM, Israel Brewster <[email protected]> wrote: >> I am trying to figure out how to create a SOAP client for a service that >> requires WS-Security and uses certificates for authentication. Looking at >> the sample request they provided, it looks as though the wise security >> header contains the key, certificate, and some sort of signature. However, >> in looking online, all I can seem to find are examples of using WS-Security >> with a username and password. Are there any SAOP libraries available that >> provide support for WS-Security with certificates and signatures? Thanks. >> >> ----------------------------------------------- >> Israel Brewster >> Computer Support Technician II >> Era Alaska >> 5245 Airport Industrial Rd >> Fairbanks, AK 99709 >> (907) 450-7250 x7293 >> ----------------------------------------------- >> >> >> >> >> _______________________________________________ >> Soap mailing list >> [email protected] >> http://mail.python.org/mailman/listinfo/soap >>
_______________________________________________ Soap mailing list [email protected] http://mail.python.org/mailman/listinfo/soap
