How to set Savon SOAP WSSE Security attributes?
604 views
Skip to first unread message
Daniel Au
Feb 3, 2014, 5:19:43 PM2/3/14
to sav...@googlegroups.com
Thanks in advance for any help I get on this!
I'm trying to duplicate a SoapUI request using Savon 2.3.3 as below, but I cannot figure out a way to match the WSSE security attributes below:
The three issues I'm seeing are:
1. How do I add attribute 'soapenv:mustUnderstand="1" to wsse:Security?
2. How do I add EncodingType to wsse:Nonce?
3. How do I modify format of the wsu:Created timestamp?
Working in SoapUI:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:acc="http://www.xifin.com/schema/accession" xmlns:msg="http://www.xifin.com/schema/msgHeader" xmlns:typ="http://www.xifin.com/schema/types">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-12">
<wsse:Username>userId</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">TzrsEC/Zb4pfxDA4WH/Hw9fKsbA=</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">cpZQ83M91lxvs32T12KXQGFNZXCuaI7G4VcsgwgvgX8=</wsse:Nonce>
<wsu:Created>2014-01-02T23:36:41.12Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<acc:GetRequest>
<msg:MessageHeader>
<msg:SequenceNumber>1111</msg:SequenceNumber>
</msg:MessageHeader>
<acc:Payload>
<acc:Stuff>Stuff</acc:Stuff
</acc:Payload>
</acc:GetRequest>
</soapenv:Body>
</soapenv:Envelope>
Failing in Savon:
<soapenv:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:acc="http://www.xifin.com/schema/accession" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ins0="http://www.xifin.com/schema/types" xmlns:ins1="http://www.xifin.com/schema/msgHeader" xmlns:msg="http://www.xifin.com/schema/msgHeader">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-1">
<wsse:Username>userId</wsse:Username>
<wsse:Nonce>22e70dfb2639fd23c0cdb85875c0ec530af00915</wsse:Nonce>
<wsu:Created>2014-02-03T15:00:34-06:00</wsu:Created>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">NTNiYjliZWFhOThmZTZkMjBlODY3ZmI5NWJjMDM2YTIxYTMwZTU5NQ==</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<acc:GetRequest>
<msg:MessageHeader>
<msg:SequenceNumber>1111</msg:SequenceNumber>
</msg:MessageHeader>
<acc:Payload>
<acc:Stuff>Stuff</acc:Stuff
</acc:Payload>
</acc:GetRequest>
</soapenv:Body>
</soapenv:Envelope>
Code:
require 'savon'
require 'httpi'
namespaces = {
"xmlns:msg" => "http://www.xifin.com/schema/msgHeader"
}
client = Savon.client(
:wsse_auth => ['userId','password, :digest],
convert_request_keys_to: :none,
env_namespace: :soapenv,
namespaces: namespaces,
namespace_identifier: :acc
pretty_print_xml: true)
response = client.call(:get_accession, message: {
:"msg:MessageHeader" => {
"msg:SequenceNumber" => '1111',
},
:"acc:Payload" => {
"acc:Stuff" => 'Stuff'
}
})
Thank you!
Bonus points to how I can remove the duplicate headers created by Savon in blue, since I've defined namespaces myself.
Reply all
Reply to author
Forward
0 new messages