Announcement Announcement Module
Collapse
No announcement yet.
how to add security info in wsdl Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • how to add security info in wsdl

    Hi,

    I am having problem to add security info in wsdl so that client should know about this.I am using org.springframework.ws.wsdl.wsdl11.DefaultWsdl11De finition which generated wsdl from xsd.


    My web service expects this kind of security




    <SOAP-ENV:Header>
    <wsse:Security
    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
    SOAP-ENV:mustUnderstand="1">
    <wsse:BinarySecurityToken
    xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
    EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
    ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
    wsu:Id="CertId-1BC7C7CC8C1DC237A312742702475786"
    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">MIIBoTCCAQqgAwIBAgIES+Jf0jANBgkqhkiG9w0BA QUFADAVMRMwEQYDVQQDEwpkaXNwYXJ0bmVyMB4XDTEwMDUwNjA 2MjEwNloXDTM3MDkyMDA2MjEwNlowFTETMBEGA1UEAxMKZGlzc GFydG5lcjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAiSz YcGY6SZvtyX/HzIT9zgzlf1/stzTo2WN2/zikebOY+K8pOfc8IU2vxsDp+b4Jc/KSMzZIocPejHhyRXKKuf36TckHclkZCpIil24gHZdARUQXRrm0 izFwMkACEeHoTv6/35FjSiQpntBxbaTLmGZ4U93Pjuko2jlBheiFeq0CAwEAATANBg kqhkiG9w0BAQUFAAOBgQAepQ1pXeyveQCPRQSnjcJKnXBbLiPq l+UeScmaqXBqBOrUGFRe8AX4PEh28qmomwWfdJ7abV1yShFvnA cZBP5gM6KrS1fZ2lCQu7sLyk8YW3zBLqs1Bm6bf4GTfywd2+mU RJZuTwx/vqe2d5xNsfD9BOEJ6hlxzdzKlZR111O4IQ==
    </wsse:BinarySecurityToken>
    <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
    Id="Signature-7">
    <ds:SignedInfo>
    <ds:CanonicalizationMethod
    Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
    <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
    <ds:Reference URI="#id-8">
    <ds:Transforms>
    <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
    </ds:Transforms>
    <dsigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
    <dsigestValue>O+wONgrnKflVXuIf/QqMIVPHICg=</dsigestValue>
    </ds:Reference>
    </ds:SignedInfo>
    <ds:SignatureValue>
    cPLtiHI8a3Ay7lCau0wosF7pakNPaOkFdmjC8osUqkUUECjQvS PCoVyWZldPxheWIEEM1qUAR7X2
    1cOFNn2YUfTu9c3ElEgfRycDUTpcvF5hs37Er+ssR3QBKQ9Jmd 76MHcc8LW12KNGGWZn/grUMhnR
    uuOzSrfAtOHYK22wPvE=
    </ds:SignatureValue>
    <ds:KeyInfo Id="KeyId-1BC7C7CC8C1DC237A312742702475787">
    <wsse:SecurityTokenReference
    xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
    wsu:Id="STRId-1BC7C7CC8C1DC237A312742702475788"
    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
    <wsse:Reference URI="#CertId-1BC7C7CC8C1DC237A312742702475786"
    ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" />
    </wsse:SecurityTokenReference>
    </ds:KeyInfo>
    </ds:Signature>
    <wsse:UsernameToken
    xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
    wsu:Id="UsernameToken-6"
    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
    <wsse:Username>115394</wsse:Username>
    <wsse:Password
    Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">bmkWaU4qDZK7B/DPXqoHysN4LaQ=</wsse:Password>
    <wsse:Nonce
    EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">dvSBmtESEOGb96pQIZJZWw==</wsse:Nonce>
    <wsu:Created>2010-05-19T11:57:24.561Z</wsu:Created>
    </wsse:UsernameToken>
    </wsse:Security>
    </SOAP-ENV:Header>



    Regards,
    Ajit

  • #2
    No thoughts on this one?

    Same issue, no solution yet....

    Comment


    • #3
      Conclusions

      After continuing the investigation, we concluded that security header is not supposed to be exposed in the service wsdl. Generation and inclusion of the security header is the responsability of the consummer of the webservice. We have a .NET client, consumming Java/Spring services, and we had to enable generation of security headers by configuring Visual Studio to use Web Service Enhancements (WSE 3.0) as presented here:

      http://www.vbdotnetheaven.com/Upload...yProtocol.aspx.

      Comment

      Working...
      X