Hello Israel: There is a new patch to allow arbitrary xml headers made by remco.boerma (cc'd)
http://code.google.com/p/pysimplesoap/issues/detail?id=78 Does it address your problem? Sorry, I didn't have enought time to see this in detail, but as AFAIK it should be doable with pysimplesoap (including the encription part if required), Best regards, Mariano Reingart http://www.sistemasagiles.com.ar http://reingart.blogspot.com On Fri, Sep 7, 2012 at 2:33 PM, Israel Brewster <[email protected]> wrote: > Yep. Here you go - the sample request provided by the company I'm trying to > work with. It's kinda ugly, but hopefully helpful in finding a solution. As > this is the public example they post on their website, I figure it should be > fairly safe to share > > <?xml version='1.0' encoding='utf-8'?> > <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; > xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; > xmlns:wsa="http://www.w3.org/2005/08/addressing";> > <soapenv:Header> > <wsse:Security > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; > soapenv:mustUnderstand="1"> > <wsu:Timestamp > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; > wsu:Id="Timestamp-1702354"> > <wsu:Created>2012-08-02T15:38:14.062Z</wsu:Created> > <wsu:Expires>2012-08-02T15:43:14.062Z</wsu:Expires> > </wsu:Timestamp> > <xenc:EncryptedKey Id="EncKeyId-4736426"> > <xenc:EncryptionMethod > Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"; /> > <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> > <wsse:SecurityTokenReference> > <wsse:KeyIdentifier > EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"; > > ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier";>aU53M6ufa/yIi/8Cf0SYnDqFNxg=</wsse:KeyIdentifier> > </wsse:SecurityTokenReference> > </ds:KeyInfo> > <xenc:CipherData> > > <xenc:CipherValue>Ra4sTc78C9XUm1Fr/PnCF8GzLKcQsvp4zU0AZIcsh4N9LfczMKmfGAHWiYi7uATIAcAHs1t6diqhrzndLB9q0j1fjRowCNszQ4cgCIuKKeqzAXVA1ZkT7h63hZu0Je6mhXD00VCK40FG8p+VumZw8sVASSj1lPrrTqTQR6mZMsM=</xenc:CipherValue> > </xenc:CipherData> > <xenc:ReferenceList> > <xenc:DataReference URI="#EncDataId-24737685" /> > </xenc:ReferenceList> > </xenc:EncryptedKey> > <wsse:BinarySecurityToken > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; > > EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"; > > ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"; > wsu:Id="CertId-11497308"> [x509 encoded certificate goes here] > </wsse:BinarySecurityToken> > <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; > Id="Signature-32961147"> > <ds:SignedInfo> > <ds:CanonicalizationMethod > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; /> > <ds:SignatureMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"; /> > <ds:Reference URI="#id-24737685"> > <ds:Transforms> > <ds:Transform > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; /> > </ds:Transforms> > <ds:DigestMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; /> > <ds:DigestValue>CcedwmiGz5BM/IMhSiHt8yVSIU8=</ds:DigestValue> > </ds:Reference> > </ds:SignedInfo> > > <ds:SignatureValue>ITjzmx37JQs/8E+TdSXfApXCU96hLF/t2U6V7B39ZIc6y7oQpWDU4Xpqib63WUZEvoMtOWMeK/vl > bJLoHVgwV/zkcBguEMGOTRSbJwQ7kfl15samDKXLy7I2/pN8hpV7b+AqM1xnM6xmhbljl7Xu0ou0 > /PbebqE+GciDO6IVvSs=</ds:SignatureValue> > <ds:KeyInfo Id="KeyId-7364874"> > <wsse:SecurityTokenReference > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; > wsu:Id="STRId-4101839"> > <wsse:Reference URI="#CertId-11497308" > ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"; > /> > </wsse:SecurityTokenReference> > </ds:KeyInfo> > </ds:Signature> > </wsse:Security> > <wsa:To>http://int2.myidtravel.com/ws/services/UploadService</wsa:To> > <wsa:MessageID>urn:uuid:13C80BD4B1F84AE17F1343921893115</wsa:MessageID> > <wsa:Action>urn:StaffProfilesUpload</wsa:Action> > </soapenv:Header> > <soapenv:Body > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; > wsu:Id="id-24737685"> > <xenc:EncryptedData Id="EncDataId-24737685" > Type="http://www.w3.org/2001/04/xmlenc#Content";> > <xenc:EncryptionMethod > Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"; /> > <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> > <wsse:SecurityTokenReference > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";> > <wsse:Reference URI="#EncKeyId-4736426" /> > </wsse:SecurityTokenReference> > </ds:KeyInfo> > <xenc:CipherData> > > <xenc:CipherValue>rSpEJkpoaveOKLvNV2EdY38XcwXMMdqRyVHL0+x0x8Pn9jW0oiNr54AP/I5k4OX7kPTisoD1ZccT > agFspo8zKeNZZmEMJcecjV5m7AdeCtpKrhJ6thTM6GC//7bzw5AlRwtqHmnpiI2qMXE5hZDoeCGm > umyqfxNy0gvNKaYAHKsTe92PDWo96oKgcBEtiToP5vpEYvfxjGjXQYjAsX/i2Ni9KSr0aFZvTDio > 89lZJF1nQkcb237pjStKXF7w6uqLzgckDPVtbx4eTg28pPim6u/pLBjGIFGOR8KFOyNJ6UZC1Atw > SXmdFGzD2pySmoAxm1Ue9G9ohK34SR+0bRWoATPrEMXqKJ3M63mgbF4xcyDulLAkuJt5Z8Myeljh > sPJKfWWpjaUCTn3ynlU5fXwYMA/WdTDlq4ddq7NprfNf2gP7eCz7E1sPNrC9b5DcMiqrkQgK61y2 > TTVGAozhb4plrawDithPjiVLERuJkL7ce4JbDGFyGkF4Bl5Tkwsf7NYOk46jR1LYM5XhAxqDJpI6 > bb+t3f+7P7cqN7PUqYGFEGrZWtizZkDS6Wk7v0y6N3xHFTrswcQcwCu/qqxF+yUaCtw4UInkMkLA > cjCgRNzPzqPWocvrgBWu18PjEW1nW3lMqqFWu8DvBcjXyN/QqnJpMIuGA/9++Rp3rHl2+IS0BVpV > FaFn8bA6ju151ZaIttfktss7HfHZZ5mMDXmA33trekcgtZCmdL4mjMpAGcMVYpAWT5eCNVbfJpa9 > mr6c+Ir514uq6S38o/eOHrUx49UTEXhN0IET288yhMdTp58ztAAvGuwbQA0qPX5CcnEbDP0Sm/OF > EDLHJz+CCVWPrzJZh7+s8/kMGZkTmk7q8qTXG5tV3+zWGiHTW5aoA2xOT8jvcx30Cjp+HTECURKw > rZF+m7x9dFrtAOnAPpiD8zmkDY+1+eLMnmQ4Dp94bJHi3e kKJ0xpplK5cV+MuvKfmYGkOAI+VaWJ WCriZfI88dh6+CneVUJHKMkNJxN5CJj2aY7868fOQdC0ZZzN4ujuSnrBeDDeJh26JuAziL5UZQ1E yJqpjv8VxBQDJUe8aEg6jMYF6kfE56yx+rR3qjzwiVQSSBRSQ3dQRG7/KIs+dhOg9N0k6nB3wA9E 11xcekz8Vt7I7GZH/Ye4/9xM21ATtHsdJ8mJB7Sy7Sxs0JgKE53B6FzAG+WD5OOYOcN2ZifXymTn JAR0jH0Ue58gx2pTV4pwxcZ+68i/194gWGcFezFiFGccy8KP2XsmZIdBRJjbrN+PZP2T5d6Dht56 eJkzDCB+PNwc26rFVFBp2ZyZNLWmbq5qJ9cYpqhsi6qHGll7VWkTP8G2U2S1Uxq5u8Thf7D6K5Te rSiHJiVTIdbYUIJ75TmnRhoitYQj3NbDGPIz6/TZfVCeLFA1WG9+6yunRO/N5VhUp0oec0kxe7p9 SdXK76v7BbkLoLotddXLUI4lidj0ejzB955bW9oUqh3ILH6gd6OJHDM8OHu29Cza79ZE2OURBhG9 6Jr26MAlKLQ2+yLUzEFfZAR+iwmGsAWppEXHFXFybKxtslegePxFmZ7TXmel7eE3VsNSX0kx6oYT 64c0</xenc:CipherValue> > </xenc:CipherData> > </xenc:EncryptedData> > </soapenv:Body> > </soapenv:Envelope> > ----------------------------------------------- > Israel Brewster > Computer Support Technician II > Era Alaska > 5245 Airport Industrial Rd > Fairbanks, AK 99709 > (907) 450-7250 x7293 > ----------------------------------------------- > > > > On Sep 7, 2012, at 7:14 AM, Mariano Reingart wrote: > >> Hello Israel: >> >> Do you have any example of a WS-Security with certificate data. >> And XML request message would be useful. >> >> Best regards, >> >> Mariano Reingart >> http://www.sistemasagiles.com.ar >> http://reingart.blogspot.com >> >> >> On Thu, Sep 6, 2012 at 6:39 PM, Israel Brewster <[email protected]> wrote: >>> I am trying to figure out how to create a SOAP client for a service that >>> requires WS-Security and uses certificates for authentication. Looking at >>> the sample request they provided, it looks as though the wise security >>> header contains the key, certificate, and some sort of signature. However, >>> in looking online, all I can seem to find are examples of using WS-Security >>> with a username and password. Are there any SAOP libraries available that >>> provide support for WS-Security with certificates and signatures? Thanks. >>> >>> ----------------------------------------------- >>> Israel Brewster >>> Computer Support Technician II >>> Era Alaska >>> 5245 Airport Industrial Rd >>> Fairbanks, AK 99709 >>> (907) 450-7250 x7293 >>> ----------------------------------------------- >>> >>> >>> >>> >>> _______________________________________________ >>> Soap mailing list >>> [email protected] >>> http://mail.python.org/mailman/listinfo/soap >>> > > _______________________________________________ Soap mailing list [email protected] http://mail.python.org/mailman/listinfo/soap
