TE Super Contributor.
Super Contributor.
299 views

WS-Security in Integration Activity


Using Designer 4.0.1 AU2, and trying to implement WS-Security in an
Integration Activity.

The new AU2 Integration Activity has some really cool features. One of
which is this
Web Service Input Field called Envelope/Header. This has me wondering
if I can use
this to implement WS-Security in an Integration Activity.

The first thing that comes to mind is to try and copy/paste in there a
<soapenv:Header>
from SoapUI. When I do that, I get a slightly altered result in the
Integration
Activity than what SoapUI produces.

Using a Mock Service in another SoapUI, I sent SOAP packages from
SoapUI on my
desktop and from User App. Here is what I see.

First, from SoapUI;

<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:z="http://xmlns.oracle.com/Enterprise/Tools/schemas/Z_IAM_CRM_USER_CREATE.VERSION_1">
<soapenv:Header><wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsse:UsernameToken
wsu:Id="UsernameToken-4"><wsse:Username>IAM_BROKER</wsse:Username><wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">NPJ5Z59qif</wsse:Password><wsse:Nonce
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">J5uvNxqkO0RK9+3vikMwFg==</wsse:Nonce><wsu:Created>2012-04-26T18:05:20.877Z</wsu:Created></wsse:UsernameToken></wsse:Security></soapenv:Header>
<soapenv:Body>
<z:Z_IAM_CRM_USER_CREATE>
<z:MsgData>
<z:Transaction>
<z:Z_IAMCRMUSER class="R">
<z:OPRID IsChanged="?">IAMTEST3</z:OPRID>
<z:OPERPSWD IsChanged="?">passw0rd</z:OPERPSWD>
<z:EMAILID
IsChanged="?">testuser@hughes.com</z:EMAILID>
<z:FIRST_NAME IsChanged="?">Testy</z:FIRST_NAME>
<z:LAST_NAME IsChanged="?">User3</z:LAST_NAME>
<z:PROVIDER_GRP_ID
IsChanged="?">DummyPG</z:PROVIDER_GRP_ID>
<z:ROLENAME IsChanged="?">DummyAR</z:ROLENAME>
<z:HNS_COMPANY_ID
IsChanged="?">Hughes</z:HNS_COMPANY_ID>
<z:PHONE IsChanged="?">9871234567</z:PHONE>
</z:Z_IAMCRMUSER>
</z:Transaction>
</z:MsgData>
</z:Z_IAM_CRM_USER_CREATE>
</soapenv:Body>
</soapenv:Envelope>

I took the Envelope element from this, pasted it into a flowdata
variable which I
copied into the envelope/Header field;

Here is what I used in the flowdata variable
'<wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsse:UsernameToken
wsu:Id="UsernameToken-4"><wsse:Username>IAM_BROKER</wsse:Username><wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">NPJ5Z59qif</wsse:Password><wsse:Nonce
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">J5uvNxqkO0RK9+3vikMwFg==</wsse:Nonce><wsu:Created>2012-04-26T18:05:20.877Z</wsu:Created></wsse:UsernameToken></wsse:Security>'


This is what was sent to the Mock Service from the Integration
Activity;

<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:z="http://xmlns.oracle.com/Enterprise/Tools/schemas/Z_IAM_CRM_USER_MODIFY.VERSION_1">
<soapenv:Header><![CDATA[<soapenv:Header
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><wsse:Security
soap:mustUnderstand="1"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsse:UsernameToken><wsse:Username>IAM_BROKER</wsse:Username><wsse:Password>NPJ5Z59qif</wsse:Password></wsse:UsernameToken></wsse:Security></soapenv:Header>]]></soapenv:Header>
<soapenv:Body>
<z:Z_IAM_CRM_USER_MODIFY>
<z:MsgData>
<z:Transaction>
<z:Z_IAMCRMUSER>
<z:OPRID>tuser07</z:OPRID>
<z:OPERPSWD>dummyPW</z:OPERPSWD>
<z:EMAILID>test.user07@hnstest.com</z:EMAILID>
<z:FIRST_NAME>Test</z:FIRST_NAME>
<z:LAST_NAME>User07</z:LAST_NAME>
<z:PROVIDER_GRP_ID>DummyPG</z:PROVIDER_GRP_ID>
<z:ROLENAME>DummyAR</z:ROLENAME>
<z:HNS_COMPANY_ID>Hughes</z:HNS_COMPANY_ID>
<z:PHONE>201 123-5675</z:PHONE>
<z:ACCTLOCK>0</z:ACCTLOCK>
</z:Z_IAMCRMUSER>
</z:Transaction>
</z:MsgData>
</z:Z_IAM_CRM_USER_MODIFY>
</soapenv:Body>
</soapenv:Envelope>

Note the difference in the <soapend:Header>

Not sure if I am on the right track here, but we need to implement
WS-Security, somehow.


--
tse7147
------------------------------------------------------------------------
tse7147's Profile: http://forums.novell.com/member.php?userid=4730
View this thread: http://forums.novell.com/showthread.php?t=455183

Labels (1)
0 Likes
1 Reply
Anonymous_User Absent Member.
Absent Member.

Re: WS-Security in Integration Activity

tse7147,

It appears that in the past few days you have not received a response to your
posting. That concerns us, and has triggered this automated reply.

Has your problem been resolved? If not, you might try one of the following options:

- Visit http://support.novell.com and search the knowledgebase and/or check all
the other self support options and support programs available.
- You could also try posting your message again. Make sure it is posted in the
correct newsgroup. (http://forums.novell.com)

Be sure to read the forum FAQ about what to expect in the way of responses:
http://forums.novell.com/faq.php

If this is a reply to a duplicate posting, please ignore and accept our apologies
and rest assured we will issue a stern reprimand to our posting bot.

Good luck!

Your Novell Product Support Forums Team
http://forums.novell.com/

0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.