cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Web Service Security User token in PI7.4 SOAP receiver adapter

Go to solution
minal_vaidya2
Explorer

on ‎03-29-2016 12:43 PM

0 Kudos

Hello experts,

We are using PI7.4 dual stack system. I have an IDoc to Webservice scenario where receiver expects Soap message in following format -

<?xml version="1.0" encoding="UTF-8"?>
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<env:Header>
<wsse:Security env:mustUnderstand="1">
<wsse:UsernameToken>
<wsse:Username>{UserName}</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">{Password}</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</env:Header>
<env:Body>


I read many threads and discussions on SCN about WSSE, but some things are not clear to me -

1. Does SOAP adapter in PI7.4 supports wsse with user name token?

2. I selected security profile as 'Webservice security' in the channel and getting required security OASIS standard by default in the receiver aggreement. However, security procedure does not have user credentials options in agreement. It shows only 'None' , 'Sign', 'Encrypt' and 'Sign and Encrypt' options. If I select 'None' here and give user credentials in receiver channel, will that work? Is this the right way?

3. If above things don't work then Do I need to use Axis adapter setup with PI7.4 to achieve this ? If yes, please provide some blogs/ documents on Axis adapter configuration.

4. Is it possible to add additional modules like XMLAnonimyzer bean to axis adapter, as I need to change the namespace prefix in the output xml.

4. Is there any other way of configuring WSSE with user token in PI7.4 like XSLT/JAVA mapping?

Any clarification on these will be really helpful.

Thanks in advance.

Minal

Show replies
Show replies
Answer

Accepted Solutions (1)

Accepted Solutions (1)

minal_vaidya2
Explorer
‎04-15-2016 5:48 AM
0 Kudos

Marking this as answered. As of now we have decided to go ahead with Java mapping to get the necessary WSSE details in output.

Show replies
Show replies

Answers (3)

Answers (3)

minal_vaidya2
Explorer
‎03-30-2016 7:21 AM
0 Kudos

Thanks Praveen

As per the blog on AddSOAPHeaderBean module, output can be produced in below format.

<SOAP:Header>
<ns0:authenticationHdr xmlns:ns0='http://customheader.com'>
<UserName>Praveen Gujjeti</UserName>
<Password>passwordNotExposedinID</Password>
</ns0:authenticationHdr>
</SOAP:Header>

However, my requirement is to create header with some additional parameters like below -


<wsse:Security env:mustUnderstand="1">
<wsse:UsernameToken>

<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">{Password}</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</env:Header>


How can I add these with the module ?


I tried the option on additional mapping with 'Do Not use Soap Envelope' option checked in channel. But getting Http 500 Internal server error from webservice.


Thanks

Minal

Show replies
Show replies
former_member182412
Active Contributor
‎03-30-2016 12:46 PM
0 Kudos

Hi Minal,

This XSLT gave me exact result what you are looking for, if this does not work first test your web service in soap ui and see what is exact problem.



<?xml version="1.0" encoding="UTF-8"?>  


<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">    


   <xsl:template match="/">  


      <soap:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" 


   xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">    


         <soap:Header>  


            <wsse:Security soap:mustUnderstand="1">    


               <wsse:UsernameToken>  


                  <wsse:Username>User</wsse:Username>  


                  <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">Password</wsse:Password>  


               </wsse:UsernameToken>  


            </wsse:Security>  


         </soap:Header>  


         <soap:Body>  


            <xsl:copy-of select="*"/>  


         </soap:Body>  


      </soap:Envelope>  


   </xsl:template>  


</xsl:stylesheet>

Regards,

Praveen.

juan_vasquez2
Active Participant
‎03-30-2016 7:44 PM
0 Kudos

Hello Minal

You only need to define a namespace like


<wsse:Security env:mustUnderstand="1" xmlns:wsse="http://yourNmeSpace.com">

<wsse:UsernameToken>

<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">{Password}</wsse:Password>

</wsse:UsernameToken>

</wsse:Security>

minal_vaidya2
Explorer
‎03-30-2016 5:08 AM
0 Kudos

Thanks a lot Juan and Praveen for the information.

@Juan,

Can I use XMLAnonymizer bean after AddSOAPHeaderBean, as the namespace prefixes are different in the required output.

Show replies
Show replies
former_member182412
Active Contributor
‎03-30-2016 5:14 AM
0 Kudos

Hi Minal,

Yes you can use XMLAnonymizerBean after AddSOAPHeaderBean but you can also use before the AddSOAPHeaderBean module.

Regards,

Praveen.

former_member182412
Active Contributor
‎03-29-2016 12:49 PM
0 Kudos

Hi Minal,

Normal soap adapter does not support wsse token, you need to use soap with axis adapter to set this wsse token, you can refer this blog for how to set using axis adapter

or

Use below XSLT mapping after your message mapping.



<?xml version="1.0" encoding="UTF-8"?>


<xsl:stylesheet version="1.0" xmlns:xsl="http://www.w3.org/1999/XSL/Transform">  


   <xsl:template match="/">


      <soap:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">  


         <soap:Header>


            <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">  


               <wsse:UsernameToken>


                  <wsse:Username>User</wsse:Username>


                  <wsse:Password>Password</wsse:Password>


               </wsse:UsernameToken>


            </wsse:Security>


         </soap:Header>


         <soap:Body>


            <xsl:copy-of select="*"/>


         </soap:Body>


      </soap:Envelope>


   </xsl:template>


</xsl:stylesheet>

Enable Do Not Use SOAP Envelope in soap receiver adapter


Regards,

Praveen

Show replies
Show replies
juan_vasquez2
Active Participant
‎03-29-2016 5:38 PM
0 Kudos

Hello Minal

You can use this adapter module AF_Modules/AddSOAPHeaderBean, this way is easy

See this blog

http://scn.sap.com/community/pi-and-soa-middleware/blog/2013/11/22/addsoapheaderbean-module

Regards

Juan

Ask a Question