0

I am pretty new to SOAP and I would like to learn how to customize SOAP header. More specifically, I am trying to configure my outbound message SOAP header to be compliant with the expected format. The header is going to be used for authentication purposes.

This is what I have so far.

I have set up a method to add the security deader where I am trying to format the header as per specification.

private void addSecurityHeader(SOAPMessageContext messageContext) throws SOAPException {

public static final String WSSE_NS = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
public static final String WSSE_SECURITY_NAME = "Security";
public static final String WSSE_NS_PREFIX = "wsse";
public static final String SOAPENV_NS_PREFIX = "soapenv";

SOAPEnvelope envelope = messageContext.getMessage().getSOAPPart().getEnvelope();
SOAPHeader header = messageContext.getMessage().getSOAPPart().getEnvelope().getHeader();
SOAPBody body = messageContext.getMessage().getSOAPPart().getEnvelope().getBody();

// changing prefix to soapenv
envelope.setPrefix(SOAPENV_NS_PREFIX);
header.setPrefix(SOAPENV_NS_PREFIX);
body.setPrefix(SOAPENV_NS_PREFIX);

// adding security Element
Name securityName = soapFactory.createName(WSSE_SECURITY_NAME, WSSE_NS_PREFIX, WSSE_NS);
SOAPHeaderElement securityElement = header.addHeaderElement(securityName);

When I print out the message in Eclipse console, the Security element is in the following format: 

<wsse:Security xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" SOAP-ENV:mustUnderstand="1">

But this is the desired format of the Security format:

<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">

To summarize the issues that I need to address:

1) I need to change the SOAP-ENV to soapenv.

SOAP-ENV:mustUnderstand="1"

should be

soapenv:mustUnderstand="1"

2) I need to remove

xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"

as it's not needed in this element.

Any tips how to accomplish it would be greatly appreciated.

BustedSanta
  • 1,368
  • 7
  • 28
  • 55

1 Answers1

1

I recently solved the issue in following way:-

  1. Created SOAP Message from a template XML file

    BufferedReader rd  = new BufferedReader(new FileReader(new File("D:\\TestGetOppuService.xml")));
    StringBuffer fileContent = new StringBuffer();
    String line = null;
    while ((line = rd.readLine()) != null)
    {
        if(line.indexOf("Current_TimeStamp")>0)
        {
            line = line.replaceAll("Current_TimeStamp", createTime);
        }
        if(line.indexOf("Expire_TimeStamp")>0)
        {
            line = line.replaceAll("Expire_TimeStamp", expiresTime);
        }
        if(line.indexOf("NONCE_STRING")>0)
        {
            line = line.replaceAll("NONCE_STRING", getNonceString(createTime));
        }
        fileContent.append(line + '\n');
    }

  2. Be careful in sending TimeStamp. Client and Server clocks should be in Sync so be careful about the client and server machine's timezone

  3. Nonce String should be encoded properly. I took help from:-
    Java Webservice Client UsernameToken equivalent to PHP

  4. Here's how template XML file looks like:-

    <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:typ="http://xmlns.oracle.com/apps/sales/opptyMgmt/opportunities/opportunityService/types/">
<soapenv:Header>
  <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
     <wsu:Timestamp wsu:Id="TS-fasfwffsafsaf-asffsaf">
        <wsu:Created>Current_TimeStamp</wsu:Created>
        <wsu:Expires>Expire_TimeStamp</wsu:Expires>
     </wsu:Timestamp>
     <wsse:UsernameToken wsu:Id="UsernameToken-asfsafsaf-78787080affaf-saf">
        <wsse:Username>XXXXX</wsse:Username>
        <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">XXXXXXXXXXX</wsse:Password>
        <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">NONCE_STRING</wsse:Nonce>
        <wsu:Created>Current_TimeStamp</wsu:Created>
     </wsse:UsernameToken>
  </wsse:Security>
</soapenv:Header>
<soapenv:Body>
  -----------Content------------
</soapenv:Body>
</soapenv:Envelope>
Community
  • 1
  • 1
Vibha
  • 939
  • 9
  • 17