[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Ftpapi] SOAP header wsse: and wsu:

fyi,

I had a similar requirement to use ws-security...  
I tried to implement my version of the SOAP Header  using HTTPAPI but the thing appears gradually more complicated  ...
so  I ended up writing a Java class using Apache-CXF to dump the received xml ,  a Java Call from RPGLE then parse the xml and process...  
much simpler to use something existing than reinventing the wheel...

Paul



From:        Thomas Raddatz <thomas.raddatz@xxxxxxxxxxx>
To:        ftpapi@xxxxxxxxxxxxxxxxxxxxxx
Date:        10/07/2018 16:27
Subject:        Re: [Ftpapi] SOAP header wsse: and wsu:
Sent by:        ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx



Hi Rob,

This is what I sent to another guy a few days ago:

<quote>
a) Develop a procedure that creates the WSSE header. Parameters passed:
passwordType and saltType. Return value: String with WSSE header encoded
in job CCSID. Actually that procedure should go into the WSDL2RPG
runtime service program (WSDL2RPGRT) and call getLoginDataImpl() to get
the login credentials.

b) Change the generated stub to call the new createWssHeader() procedure
and add the header returned to the SOAP request:

  // Namespaces
  g_requestBuffer =
  ' xmlns:tns="http://www.ripedev.com/"' +
  '>';
  OutputStream_appendBuffer(
  hOutStream: %addr(g_requestBuffer)+2: %len(g_requestBuffer));

  // Add WSSE header
  g_requestBuffer =
     createWsseHeader(WSDL2RPG_WSSE_PWD_TYPE_DIGEST
                      : WSDL2RPG_WSSE_SLAT_TYPE_NONE);

  OutputStream_appendBuffer(
  hOutStream: %addr(g_requestBuffer)+2: %len(g_requestBuffer));

  // SOAP header

  // Message body
  g_requestBuffer =
  '<soapenv:Body>' +
  '';

It is not a big deal to convert the password to UTF-8 before creating a
SHA-1 hash as described on
http://docs.oasis-open.org/wss-m/wss/v1.1.1/os/wss-UsernameTokenProfile-v1.1.1-os.html.

I do not know where you copied your information from, that reference a
MD5 hash. However calculating an MD5 hash is also not a big thing.

The "nonce" could be a UUID which is also easy to produce.
</quote>

Optionally WSDL2RPG_WSSE_PWD_TYPE_DIGEST and
WSDL2RPG_WSSE_SLAT_TYPE_NONE could be integer fields which could be
logical or'ed and passed as an "option" parameter. This way it was
easier to add additional option such as
"WSDL2RPG_WSSE_MUST_UNDERSTAND_YES" or similar things.

There are already procedure like f_genUUID(), f_genMd5() and
f_genSHA1(). UTF-8 conversion is done with Transcoder_new(),
Transcoder_xlateString() and Transcoder_delete(). Last but not least
base64_encode() encodes a buffer to Base64. So actually everything
should be there.

Are you willing to develop that procedure or share your code with me and
eventually test WSDL2RPG? I do not have a server that uses the WSSE header.

Thomas.

Am 10.07.2018 um 13:48 schrieb Rob van Bezouwen - DSV:
> Hi Scott,
>
>  
>
> https://wsbexpress.dhl.com/sndpt/DocumentRendering?wsdl
>
>  
>
> Where and how can I implement the soapenv:Header part for wsse: and wsu: ?
>
>  
>
> <soapenv:Envelopexmlns:dhl=*"_http://www.dhl.com_"*xmlns:soapenv=*"_http://schemas.xmlsoap.org/soap/envelope/_"*xmlns:trac=*"_http://scxgxtt.phx-dc.dhl.com/glDHLExpressTrack/providers/services/trackShipment_"*>**
>
> *   *<soapenv:Header>**
>
> *     
> *<wsse:Securitysoapenv:mustUnderstand=*"**1"*xmlns:wsse=*"_http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd_"*xmlns:wsu=*"_http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd_"*>**
>
> *     
> *<wsse:UsernameTokenwsu:Id=*"**UsernameToken-404040404040404040404040"*>**
>
> *      *<wsse:Username>*MyUserName*</wsse:Username>**
>
> *     
> *<wsse:PasswordType=*"_http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText_"*>*MyPassword*</wsse:Password>**
>
> *     
> *<wsse:NonceEncodingType=*"_http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary_"*>*MyNonce*</wsse:Nonce>**
>
> *     
> *<wsu:Created>*2016-02-09T07:31:11.078Z*</wsu:Created></wsse:UsernameToken></wsse:Security>**
>
> *   *</soapenv:Header>
>
>  
>
> Thank you,
>
> Rob Bezouwen 
>
>  
>
>
>
--
_______________________________________________
Ftpapi mailing list
Ftpapi@xxxxxxxxxxxxxxxxxxxxxx
http://scottklement.com/mailman/listinfo/ftpapi
 
-- 
_______________________________________________
Ftpapi mailing list
Ftpapi@xxxxxxxxxxxxxxxxxxxxxx
http://scottklement.com/mailman/listinfo/ftpapi