[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

SSL SOAP wsse header

From: Chris Masciopinto <ccwm65@xxxxxxxxx>
To: ftpapi@xxxxxxxxxxxxxxxxxxxxxx
Subject: SSL SOAP wsse header
Date: Mon, 9 Mar 2015 10:05:50 -0700

Hi all,

I'm attempting to call a remote web service (via SOAP) over an SSL connection (the target url is https). The service requires only basic authentication, using a username token and plain text password along with a NONCE entry (wsse entries in the SOAP header).

I used SOAPUI (from my pc) to test the connectivity and then copied the XML from the SOAP call to the IBM i (in the IFS) and read that into an RPG variable at run time to make the http_post_url call.
This works fine the first time it is called. If I call it again, however, it fails. If I wait long enough (several hours, the next day, etc) it works again. When it fails, the result from the web serive indicates an invalid security header.

Now, I'm not all that savvy on SSL stuff, so I might simply be working under the wrong assumption that it *should* work twice in a row. Should it?

The machine I'm working on is at v7r1.

In any case, there are a couple of questions that I can't seem to find a good answer for:
1) Do I actually need the Web Service's certificate installed in the IBM i ? In SOAPUI, I didn't need to install a certificate (unless it happened automatically, under the covers) and the docs for the web service indicate simple (basic) user authentication. SSL is simply utilized for data encryption over the wire.

2) I can't use a static SOAP call forever... I will eventually need to insert the username and password for the actual (current) user. Plus, the timestamp would need to be generated realtime, changing the nonce entry. SO... How do I generate the user token and nonce entries, which seem to have hash codes built into them. The machine does NOT have WebSphere installed, we're simply using the HTTP service. The language of choice here is RPG... no java/C/etc. I know there is an API to calculate a hash value; would I use that? What do I pass into it? There seem to be TWO hash values, one for the user token and one for the nonce.

I'm really hoping this isn't going to get TOO involved because the concept we're trying to implement *should* be pretty basic and I *think* it should be "doable" in just RPG and not having to set up some extensive 3rd party (or add-on) software.

Any assistance would be GREATLY appreciated!

Thank you,
Chris M.
-----------------------------------------------------------------------
This is the FTPAPI mailing list. To unsubscribe, please go to:
http://www.scottklement.com/mailman/listinfo/ftpapi
-----------------------------------------------------------------------

Follow-Ups:
- Re: SSL SOAP wsse header
  - From: Scott Klement

Prev by Date: Re: Problem: FTP API continues endlessly, no timeout
Next by Date: Re: Using raw to post data
Previous by thread: RE: Problem: FTP API continues endlessly, no timeout
Next by thread: Re: SSL SOAP wsse header
Index(es):
- Date
- Thread