Skip to Content

Web Service Security User token in PI7.4 SOAP receiver adapter

Hello experts,

We are using PI7.4 dual stack system. I have an IDoc to Webservice scenario where receiver expects Soap message in following format -

<?xml version="1.0" encoding="UTF-8"?>
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<env:Header>
<wsse:Security env:mustUnderstand="1">
<wsse:UsernameToken>
<wsse:Username>{UserName}</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">{Password}</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</env:Header>
<env:Body>


I read many threads and discussions on SCN about WSSE, but some things are not clear to me -

1. Does SOAP adapter in PI7.4 supports wsse with user name token?

2. I selected security profile as 'Webservice security' in the channel and getting required security OASIS standard by default in the receiver aggreement. However, security procedure does not have user credentials options in agreement. It shows only 'None' , 'Sign', 'Encrypt' and 'Sign and Encrypt' options. If I select 'None' here and give user credentials in receiver channel, will that work? Is this the right way?

3. If above things don't work then Do I need to use Axis adapter setup with PI7.4 to achieve this ? If yes, please provide some blogs/ documents on Axis adapter configuration.

4. Is it possible to add additional modules like XMLAnonimyzer bean to axis adapter, as I need to change the namespace prefix in the output xml.

4. Is there any other way of configuring WSSE with user token in PI7.4 like XSLT/JAVA mapping?

Any clarification on these will be really helpful.

Thanks in advance.

Minal

Add comment
10|10000 characters needed characters exceeded

  • Follow
  • Get RSS Feed

4 Answers

  • Best Answer
    Apr 15, 2016 at 04:48 AM

    Marking this as answered. As of now we have decided to go ahead with Java mapping to get the necessary WSSE details in output.

    Add comment
    10|10000 characters needed characters exceeded

  • Mar 29, 2016 at 11:49 AM

    Hi Minal,

    Normal soap adapter does not support wsse token, you need to use soap with axis adapter to set this wsse token, you can refer this blog for how to set using axis adapter How to Configure AXIS Framework for Authentication Using the "wsse" Security Standard in SAP PI

    or

    Use below XSLT mapping after your message mapping.

    <?xml version="1.0" encoding="UTF-8"?>
    <xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">  
       <xsl:template match="/">
          <soap:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">  
             <soap:Header>
                <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">  
                   <wsse:UsernameToken>
                      <wsse:Username>User</wsse:Username>
                      <wsse:Password>Password</wsse:Password>
                   </wsse:UsernameToken>
                </wsse:Security>
             </soap:Header>
             <soap:Body>
                <xsl:copy-of select="*"/>
             </soap:Body>
          </soap:Envelope>
       </xsl:template>
    </xsl:stylesheet>
    
    
    

    Enable Do Not Use SOAP Envelope in soap receiver adapter


    Regards,

    Praveen

    Add comment
    10|10000 characters needed characters exceeded

  • Mar 30, 2016 at 06:21 AM

    Thanks Praveen

    As per the blog on AddSOAPHeaderBean module, output can be produced in below format.

    <SOAP:Header>
    <ns0:authenticationHdr xmlns:ns0='http://customheader.com'>
    <UserName>Praveen Gujjeti</UserName>
    <Password>passwordNotExposedinID</Password>
    </ns0:authenticationHdr>
    </SOAP:Header>

    However, my requirement is to create header with some additional parameters like below -


    <wsse:Security env:mustUnderstand="1">
    <wsse:UsernameToken>

    <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">{Password}</wsse:Password>
    </wsse:UsernameToken>
    </wsse:Security>
    </env:Header>


    How can I add these with the module ?


    I tried the option on additional mapping with 'Do Not use Soap Envelope' option checked in channel. But getting Http 500 Internal server error from webservice.


    Thanks

    Minal

    Add comment
    10|10000 characters needed characters exceeded

  • Mar 30, 2016 at 04:08 AM

    Thanks a lot Juan and Praveen for the information.

    @Juan,

    Can I use XMLAnonymizer bean after AddSOAPHeaderBean, as the namespace prefixes are different in the required output.

    Add comment
    10|10000 characters needed characters exceeded