How to add a security header to DHLWebServices in C# .Net 2.0

Question

I need to send a createShipmentRequest() to DHLWebSerivces and my problem is to add a security header to the soap request.

Edited to add the DHL documentation:

I'm trying the last solution proposed here How To Pass Soap Header When WSDL Doesn't Define It?.

public partial class SecurityHeader : SoapHeader
  {
    public string Username { get; set; }
    public string Password { get; set; }
  }
  public partial class gblExpressRateBook
  {
    public SecurityHeader securityHeader = new SecurityHeader() { 
    EncodedMustUnderstand = "1", Username = "*****", Password = "*****" };

 protected override XmlWriter GetWriterForMessage(SoapClientMessage message, 
    int bufferSize)
    {
      message.Headers.Add(securityHeader);
      return base.GetWriterForMessage(message, bufferSize);
    }
 }

Here is the result in Fiddler:

Edited to add the entire first line "soap:Envelope".

soap:Envelope [ xmlns:soap=http://schemas.xmlsoap.org/soap/envelope/ xmlns:xsi=http://www.w3.org/2001/XMLSchema-instance xmlns:xsd=http://www.w3.org/2001/XMLSchema ]   

soap:Header

SecurityHeader [ xmlns=http://scxgxtt.phx-dc.dhl.com/euExpressRateBook/ShipmentMsgRequest ]

...

And here is what I should have according to a code sample of DHL:

Edited to add the indentation of the code.

<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:glob="http://scxgxtt.phx-dc.dhl.com/glDHLExpressLabel/providers/globalLabel">
<soapenv:Header>
  <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsse:UsernameToken wsu:Id="UsernameToken-5" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
    <wsse:Username>*****</wsse:Username>
    <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">*****</wsse:Password>
    <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">*****************</wsse:Nonce>
    <wsu:Created>2010-02-12T17:40:39.124Z</wsu:Created>
  </wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>

Edited to add SOAPUI request done via Fiddler:

Sent request via Fiddler:

Received response via Fiddler:

Can someone please help me build this "wsse:Security" header?

It's hard to see the problem, but is it that the namespaces aren't correct? — Neil, May 02 '17 at 08:19
The namespaces seems to be correct because I don't get any error about that. I just receive the following error: Exception thrown: 'System.Net.WebException' in System.Web.Services.dll ... HTTP 401 : Unauthorized. I thing it's because the soap header request doesn't content all expected elements. — ZotNet, May 02 '17 at 08:57
If you manually create a good header and send it using Fiddler, does it work? could it be as simple as you have the wrong user/password? — Neil, May 02 '17 at 08:58
I'm sure the username and password are correct because I can send a request via SOAPUI and it's working as expected. — ZotNet, May 02 '17 at 09:05
Does the documentation say they use SOAP authorization? Could it be they use an authorization http header (https://en.wikipedia.org/wiki/Basic_access_authentication) — Neil, May 02 '17 at 09:05
SoapUI will show you exactly what is being sent to the client, so you should be able to a) copy that to fiddler to double check it's ok, and b) compare what is being sent (including namespaces) against your code. — Neil, May 02 '17 at 09:07
I did the SOAPUI request via Fiddler and edited my question to add the Fiddler request and response. I guess I need to add "Authorization: Basic", it should be something like "authType" but I don't know how to do it neither where to add it... — ZotNet, May 02 '17 at 10:57

How to add a security header to DHLWebServices in C# .Net 2.0

0 Answers0