You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Yeikel Valdes Santana <Ye...@aexp.com.INVALID> on 2022/01/14 04:30:50 UTC
Help regarding generation of wsse:Security headers
Hi all,
I am new to Axis and I am trying to use it to integrate with an external Soap Service.
I generated the stub using the following maven configuration :
<plugin>
<groupId>org.apache.axis2</groupId>
<artifactId>axis2-wsdl2code-maven-plugin</artifactId>
<version>${axis2.version}</version>
<executions>
<execution>
<goals>
<goal>wsdl2code</goal>
</goals>
<configuration>
<packageName>com.example.generated</packageName>
<wsdlFile>src/main/wsdl/service.wsdl</wsdlFile>
<databindingName>xmlbeans</databindingName>
<syncMode>async</syncMode>
</configuration>
</execution>
</executions>
</plugin>
And then I am using it in my service like :
ServiceV3Stub stub = new ServiceV3Stub() and calling it using service.call(requestDocument,new CallBackHandler());
The challenge that I am facing is that while I can generate the request body, I do not know how to generate the wsse:Security section of the request
A sample SOAP request that I am trying to generate is :
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<ds:Signature Id="SIG-xxxx" xmlns:ds="http://www.w3.org/2000/09/xmldsig#<http://www.w3.org/2000/09/xmldsig>">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n>">
<ec:InclusiveNamespaces PrefixList="soapenv"
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n>"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#id-xxx">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n>">
<ec:InclusiveNamespaces PrefixList=""
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#<http://www.w3.org/2001/10/xml-exc-c14n>"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>xxx=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>xxx </ds:SignatureValue>
<ds:KeyInfo Id="KI-xxx">
<wsse:SecurityTokenReference wsu:Id="xxxx">
<ds:X509Data>
<ds:X509IssuerSerial>
<ds:X509IssuerName>ssss</ds:X509IssuerName>
<ds:X509SerialNumber>---</ds:X509SerialNumber>
</ds:X509IssuerSerial>
</ds:X509Data>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
</soapenv:Header>
<soapenv:Body wsu:Id="id-xxxx"
</soapenv:Envelope>
Normally, In SOAP UI, I imported the a JKS file and generated from the UI https://www.soapui.org/docs/soapui-projects/ws-security/
Do you have any sample snippet with Axis?
Thank you!
American Express made the following annotations
"This message and any attachments are solely for the intended recipient and may contain confidential or privileged information. If you are not the intended recipient, any disclosure, copying, use, or distribution of the information included in this message and any attachments is prohibited. If you have received this communication in error, please notify us by reply e-mail and immediately and permanently delete this message and any attachments. Thank you."
American Express a ajouté le commentaire suivant
Ce courrier et toute pièce jointe qu'il contient sont réservés au seul destinataire indiqué et peuvent contenir des renseignements confidentiels et privilégiés. Si vous n'êtes pas le destinataire prévu, toute divulgation, duplication, utilisation ou distribution du courrier ou de toute pièce jointe est interdite. Si vous avez reçu cette communication par erreur, veuillez nous en aviser par courrier et détruire immédiatement le courrier et les pièces jointes. Merci.
Re: Help regarding generation of wsse:Security headers
Posted by robertlazarski <ro...@gmail.com>.
The wsse:Security sections are part of the soap envelope defined by the
Axis sub project rampart:
https://axis.apache.org/axis2/java/rampart/
I am not a current user of Rampart though I help maintain it.
On Thu, Jan 13, 2022 at 6:31 PM Yeikel Valdes Santana
<Ye...@aexp.com.invalid> wrote:
> Hi all,
>
>
>
> I am new to Axis and I am trying to use it to integrate with an external
> Soap Service.
>
>
>
> I generated the stub using the following maven configuration :
>
>
>
> <plugin>
> <groupId>org.apache.axis2</groupId>
> <artifactId>axis2-wsdl2code-maven-plugin</artifactId>
> <version>${axis2.version}</version>
> <executions>
> <execution>
> <goals>
> <goal>wsdl2code</goal>
> </goals>
> <configuration>
> <packageName>com.example.generated</packageName>
> <wsdlFile>src/main/wsdl/service.wsdl</wsdlFile>
> <databindingName>xmlbeans</databindingName>
> <syncMode>async</syncMode>
> </configuration>
> </execution>
> </executions>
> </plugin>
>
>
>
> And then I am using it in my service like :
>
>
>
> ServiceV3Stub stub = new ServiceV3Stub() and calling it using
> service.call(requestDocument,new CallBackHandler());
>
>
>
> The challenge that I am facing is that while I can generate the request
> body, I do not know how to generate the wsse:Security section of the
> request
>
>
>
> A sample SOAP request that I am trying to generate is :
>
>
>
> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
> <soapenv:Header>
> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
> <ds:Signature Id="SIG-xxxx" xmlns:ds="http://www.w3.org/2000/09/xmldsig# <http://www.w3.org/2000/09/xmldsig>">
> <ds:SignedInfo>
> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n# <http://www.w3.org/2001/10/xml-exc-c14n>">
> <ec:InclusiveNamespaces PrefixList="soapenv"
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n# <http://www.w3.org/2001/10/xml-exc-c14n>"/>
> </ds:CanonicalizationMethod>
> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
> <ds:Reference URI="#id-xxx">
> <ds:Transforms>
> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n# <http://www.w3.org/2001/10/xml-exc-c14n>">
> <ec:InclusiveNamespaces PrefixList=""
> xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n# <http://www.w3.org/2001/10/xml-exc-c14n>"/>
> </ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
> <ds:DigestValue>xxx=</ds:DigestValue>
> </ds:Reference>
> </ds:SignedInfo>
> <ds:SignatureValue>xxx </ds:SignatureValue>
> <ds:KeyInfo Id="KI-xxx">
> <wsse:SecurityTokenReference wsu:Id="xxxx">
> <ds:X509Data>
> <ds:X509IssuerSerial>
> <ds:X509IssuerName>ssss</ds:X509IssuerName>
> <ds:X509SerialNumber>---</ds:X509SerialNumber>
> </ds:X509IssuerSerial>
> </ds:X509Data>
> </wsse:SecurityTokenReference>
> </ds:KeyInfo>
> </ds:Signature>
> </wsse:Security>
> </soapenv:Header>
> <soapenv:Body wsu:Id="id-xxxx"
> </soapenv:Envelope>
>
>
>
>
>
> Normally, In SOAP UI, I imported the a JKS file and generated from the UI
> https://www.soapui.org/docs/soapui-projects/ws-security/
>
>
>
> Do you have any sample snippet with Axis?
>
>
>
> Thank you!
>
>
> American Express made the following annotations
>
> ------------------------------
>
>
> "This message and any attachments are solely for the intended recipient
> and may contain confidential or privileged information. If you are not the
> intended recipient, any disclosure, copying, use, or distribution of the
> information included in this message and any attachments is prohibited. If
> you have received this communication in error, please notify us by reply
> e-mail and immediately and permanently delete this message and any
> attachments. Thank you."
>
>
> American Express a ajouté le commentaire suivant
>
> Ce courrier et toute pièce jointe qu'il contient sont réservés au seul
> destinataire indiqué et peuvent contenir des renseignements confidentiels
> et privilégiés. Si vous n'êtes pas le destinataire prévu, toute
> divulgation, duplication, utilisation ou distribution du courrier ou de
> toute pièce jointe est interdite. Si vous avez reçu cette communication par
> erreur, veuillez nous en aviser par courrier et détruire immédiatement le
> courrier et les pièces jointes. Merci.
>
> ------------------------------
>