Groups keyboard shortcuts have been updated
Dismiss
See shortcuts

Issue with ITI-43 Transaction and SAML Assertion in wsse:Security Header

11 views
Skip to first unread message

Waldemar

unread,
Oct 18, 2024, 3:09:36 AM10/18/24
to ipf-user

Hi,

I’m encountering an issue with the ITI-43 transaction. When an external client sends a request with a SAML assertion in the wsse:Security header and the attribute mustUnderstand=1, I receive the following error:

    <soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope">
        <soap:Body>
            <soap:Fault>
                <soap:Code>
                    <soap:Value>soap:MustUnderstand</soap:Value>
                </soap:Code>
                <soap:Reason>
                    <soap:Text xml:lang="en">MustUnderstand headers: [{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Security] are not understood.</soap:Text>
                </soap:Reason>
            </soap:Fault>
        </soap:Body>
    </soap:Envelope>


However, when the request is sent with mustUnderstand=0, everything works correctly.

Could you provide some guidance on how to add an interceptor to handle the ITI-43 request and configure it properly? Any tips or advice would be greatly appreciated.

Best regards,
Waldemar

Dmytro Rud

unread,
Oct 18, 2024, 3:44:23 AM10/18/24
to ipf-...@googlegroups.com
Hi Waldemar

You may configure a full-fledged WS-Security support as described on https://cxf.apache.org/docs/ws-security.html, or deploy an instance of org.openehealth.ipf.commons.ihe.ws.WsSecurityUnderstandingInInterceptor just to make the header "understood".

Best regards
Dmytro


--
You received this message because you are subscribed to the Google Groups "ipf-user" group.
To unsubscribe from this group and stop receiving emails from it, send an email to ipf-user+u...@googlegroups.com.
To view this discussion on the web visit https://groups.google.com/d/msgid/ipf-user/e33e45fe-3b2c-4934-8ceb-f77a3c9de9e2n%40googlegroups.com.

Waldemar

unread,
Oct 18, 2024, 8:09:17 AM10/18/24
to ipf-user

Hi Dmytro,

Thank you for your assistance and quick response. The WSSecurityUnderstandingInterceptor turned out to be exactly the solution I was looking for. Everything is working perfectly now.

Best regards,
Waldemar

Reply all
Reply to author
Forward
0 new messages