cancel
Showing results for 
Search instead for 
Did you mean: 

Prefix inconsistent on XML tag security

Former Member
0 Kudos

Hello,

We are using security standard OASIS in PROXY->PI->SOAP integration scenario. Our CRM system generate the call to a WS throw PI system. We are using a private key generated by PI for sign the request to the WS.

The problem occurs when PI generate the security header of the WS request, specifically the property mustUnderstand of the tag wsse:Security. The error is in the prefix, the prefix generated by PI is xmlns and the correct prefix defined by oasis standard was the same of the main tag envelope (SOAP in this case). This inconsistency is generating a fault message in the response of the WS.

This is a sample request to the WS generated by PI server:

<SOAP:Envelope xmlns:SOAP='http://schemas.xmlsoap.org/soap/envelope/'>

     <SOAP:Header xmlns:SOAP='http://schemas.xmlsoap.org/soap/envelope/'>

          <wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:mustUnderstand='1' xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/'>

...

          </wsse:Security>

     </SOAP:Header>

     <SOAP:Body>

...

     </SOAP:Body>

</SOAP:Envelope>

The incorrect prefix property xmlns is marked with green color, I mark the correct tag of the main message SOAP prefix with yellow color.

An example
of the oasis standard is:

<S11: Envelope>

<S11:Header>

...

<wsse:Security S11:actor="..." S11:mustUnderstand="...">

...

</wsse:Security>

...

</S11:Header>

...

</S11:Envelope>

The prefix of the envelope tag (in this case S11) must be equal to the property
mustUnderstand of the Security tag.

you know how to fix this label?

Best regards,

Jose L.

Accepted Solutions (0)

Answers (1)

Answers (1)

anupam_ghosh2
Active Contributor
0 Kudos

Hi Jose,

               You need a java  mapping to fix ths as shown below. I have assumed that you are working in PI 7.1 or above version.

import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.InputStream;
import java.io.OutputStream;
import javax.xml.parsers.DocumentBuilder;
import javax.xml.parsers.DocumentBuilderFactory;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.stream.StreamResult;

import org.w3c.dom.Attr;
import org.w3c.dom.Document;
import org.w3c.dom.Element;
import org.w3c.dom.NamedNodeMap;
import org.w3c.dom.Node;
import com.sap.aii.mapping.api.AbstractTransformation;
import com.sap.aii.mapping.api.TransformationInput;
import com.sap.aii.mapping.api.TransformationOutput;
import com.sap.aii.mapping.api.StreamTransformationException;


public class PrefixDOM  extends AbstractTransformation {

     
     

     public void execute(InputStream in, OutputStream out)
               throws StreamTransformationException {
          
          try
          {
               DocumentBuilderFactory factory=DocumentBuilderFactory.newInstance();
               DocumentBuilder builderel=factory.newDocumentBuilder();
               /*input document in form of XML*/
               Document docIn=builderel.parse(in);
               /*document after parsing*/
               Document docOut=builderel.newDocument();
               TransformerFactory tf=TransformerFactory.newInstance();
               Transformer transform=tf.newTransformer();
               Element root;
          
               Node rootOut;
            
               root=docIn.getDocumentElement();
              
               String prefix="",rootNodeName="";
               int i=0,l=0;
              
               if(root!=null)
               {
                rootNodeName=root.getNodeName();
                l=rootNodeName.length();
               }
               for(i=0;i<l && rootNodeName.charAt(i)!=':';++i)
               {
                prefix=prefix+rootNodeName.charAt(i);
               }
             
               rootOut=docOut.importNode(root,true);
               docOut.appendChild(rootOut);
               Node temp=docOut.getElementsByTagName("wsse:Security").item(0);
           
               Element t=(Element)temp;
               String listOfAttributes[],listOfVal[];
               NamedNodeMap attributes = (NamedNodeMap)temp.getAttributes();
               listOfAttributes=new String[attributes.getLength()];
               listOfVal=new String[attributes.getLength()];
               for (int g = 0; g < listOfAttributes.length; g++) {
                   Attr attribute = (Attr)attributes.item(g);
                
                   listOfAttributes[g]=attribute.getName();
                   listOfVal[g]=attribute.getValue();
                  
               }
               for (int g = 0; g < listOfAttributes.length; g++) {
                  
                   t.removeAttribute(listOfAttributes[g]);
               }
               for (int g =0; g<listOfAttributes.length; g++) {
                if(listOfAttributes[g].equalsIgnoreCase("xmlns:mustUnderstand"))
                {
                 listOfAttributes[g]=prefix+":mustUnderstand";
                }
                t.setAttribute(listOfAttributes[g],listOfVal[g]);
              
               }
             

               transform.transform(new DOMSource(docOut), new StreamResult(out));
          }
          catch(Exception e)
          {
               e.printStackTrace();
          }
          
     }

   

     public static void main(String[] args) {
          try{
               PrefixDOM genFormat=new PrefixDOM();
               FileInputStream in=new FileInputStream("C:\\apps\\scn\\input.xml");
               FileOutputStream out=new FileOutputStream("C:\\apps\\scn\\output.xml");
               genFormat.execute(in,out);
          }
          catch(Exception e)
          {
               e.printStackTrace();
          }
     }
    
     public void transform(TransformationInput arg0, TransformationOutput arg1)
       throws StreamTransformationException {
      // TODO Auto-generated method stub
      this.execute(arg0.getInputPayload().getInputStream(), arg1.getOutputPayload().getOutputStream());
     
     }
    
    
    }

Lets hope problem resolves  else need to change the mapping  a bit.

Regards

Anupam

Former Member
0 Kudos

Hello Anupam,

Thanks for your solution, I will try that but I think that is a standard problem.

The problem that is happening is described in note 1749852 but it says

that it applies to the support package SP006 patch 000037 and we are

currently in the support package SP007 patch 000025. This note apply to

our system?