I new to Java, and thought it'd be a nice learning exercise to implement a client application on top of a .NET WCF service I'm already familiar with.
I ran wsimport.bat from the latest JAX-WS (https://jax-ws.java.net/) to generate the client proxies, However I'm stuck with the authentication part. The WCF service uses Application level Username/Password to authenticate. I don't know where to supply the credentials.
In C#, for this WCF Service I just need to add a service reference, and do the following:
var client = new ServiceClient();
client.ClientCredentials.UserName.UserName = "username";
client.ClientCredentials.UserName.Password = "password";
client.DoSomething();
From Fiddler, calling client.DoSomething() produces the following request:
<?xml version="1.0"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<o:Security xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" s:mustUnderstand="1">
<u:Timestamp u:Id="_0">
<u:Created>2013-05-20T01:34:28.353Z</u:Created>
<u:Expires>2013-05-20T01:39:28.353Z</u:Expires>
</u:Timestamp>
<o:UsernameToken u:Id="uuid-da5b7b57-dbb4-4c54-b529-f5b41fc728b4-1">
<o:Username>username</o:Username>
<o:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</o:Password>
</o:UsernameToken>
</o:Security>
</s:Header>
<s:Body>
<DoSomething xmlns="http://tempuri.org/"/>
</s:Body>
</s:Envelope>
Here is the Java I'm currently using:
SomeService service = new SomeService();
ISomeService port = service.getBasicHttpBindingISomeService();
DoSomethingResponse response = port.getDoSomething();
This produces the following request:
<?xml version="1.0"?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
<S:Body>
<ns6:DoSomething xmlns="http://schemas.microsoft.com/2003/10/Serialization/Arrays" xmlns:ns6="http://tempuri.org/" xmlns:ns7="http://schemas.microsoft.com/2003/10/Serialization/"/>
</S:Body>
</S:Envelope>
It's missing the Security node, so I'm not sure how to set that up on the Java side. What am I missing?
I'm not 100% bound to using JAX-WS, if there is a better alternative out there for my needs. However, the WCF service can not be modified to reconfigured, as it's out of my reach.
WSDL:
<wsdl:definitions xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:tns="http://tempuri.org/" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract" xmlns:wsa10="http://www.w3.org/2005/08/addressing" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" name="SomeService" targetNamespace="http://tempuri.org/">
<wsp:Policy wsu:Id="BasicHttpBinding_ISomeService_policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken RequireClientCertificate="false"/>
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Lax/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
</wsp:Policy>
</sp:TransportBinding>
<sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssUsernameToken10/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SignedSupportingTokens>
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy/>
</sp:Wss10>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsdl:types>
<xsd:schema targetNamespace="http://tempuri.org/Imports">
<xsd:import schemaLocation="https://someservice.com/service.svc?xsd=xsd0" namespace="http://tempuri.org/"/>
<xsd:import schemaLocation="https://someservice.com/service.svc?xsd=xsd1" namespace="http://schemas.microsoft.com/2003/10/Serialization/"/>
<xsd:import schemaLocation="https://someservice.com/service.svc?xsd=xsd6" namespace="http://schemas.microsoft.com/2003/10/Serialization/Arrays"/>
</xsd:schema>
</wsdl:types>
<wsdl:message name="ISomeService_DoSomething_OutputMessage">
<wsdl:part name="parameters" element="tns:DoSomethingResponse"/>
</wsdl:message>
<wsdl:portType name="ISomeService">
<wsdl:operation name="DoSomething">
<wsdl:input wsaw:Action="http://tempuri.org/ISomeService/DoSomething" message="tns:ISomeService_DoSomething_InputMessage"/>
<wsdl:output wsaw:Action="http://tempuri.org/ISomeService/DoSomethingResponse" message="tns:ISomeService_DoSomething_OutputMessage"/>
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="BasicHttpBinding_ISomeService" type="tns:ISomeService">
<wsp:PolicyReference URI="#BasicHttpBinding_ISomeService_policy"/>
<soap:binding transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="DoSomething">
<soap:operation soapAction="http://tempuri.org/ISomeService/DoSomething" style="document"/>
<wsdl:input>
<soap:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap:body use="literal"/>
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:service name="SomeService">
<wsdl:port name="BasicHttpBinding_ISomeService" binding="tns:BasicHttpBinding_ISomeService">
<soap:address location="https://someservice.com/service.svc"/>
</wsdl:port>
</wsdl:service>
</wsdl:definitions>
I'm using the latest JDK on Windows 8 x64
You need to create a custom CallbackHandler from your Java client. I am not an expert in Java but I know that some of my clients use Metro libraries to communicate with my WCF web services.
Try searching for creating a CallbackHandler with/without Metro library.
You can download Metro library from here.
An example of what I am suggesting.
Related
I am trying to define a SOAP service that consumes OASIS WS-N notification messages.
I do 'WSDL-to-Java' approach but for some reason the incoming message is not being recognized.
Relevant fragments from WSDL:
<wsdl:definitions name="WSNBrokerNotification"
targetNamespace="http://docs.oasis-open.org/wsn/brw-2"
xmlns:tns="http://docs.oasis-open.org/wsn/brw-2"
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
xmlns:wsntw="http://docs.oasis-open.org/wsn/bw-2"
xmlns:wsnt="http://docs.oasis-open.org/wsn/b-2"
xmlns:wsa="http://www.w3.org/2005/08/addressing"
xmlns:wsrf-rw="http://docs.oasis-open.org/wsrf/rw-2"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:wsn-br="http://docs.oasis-open.org/wsn/br-2"
xmlns:wstop="http://docs.oasis-open.org/wsn/t-1"
xmlns:wsn-brw="http://docs.oasis-open.org/wsn/brw-2">
...
<wsdl:message name="Notify">
<wsdl:part name="Notify" element="wsnt:Notify"/>
</wsdl:message>
...
<!-- ========= NotificationConsumer PortType Definition =========== -->
<wsdl:portType name="NotificationConsumer">
<wsdl:operation name="Notify">
<wsdl:input message="tns:Notify"/>
</wsdl:operation>
</wsdl:portType>
...
<!-- ========= NotificationConsumer PortType Definition =========== -->
<wsdl:portType name="NotificationConsumer">
<wsdl:operation name="Notify">
<wsdl:input message="tns:Notify"/>
</wsdl:operation>
</wsdl:portType>
...
<wsdl:binding name="NotificationConsumer" type="tns:NotificationConsumer">
<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="Notify">
<soap:operation soapAction="http://docs.oasis-open.org/wsn/bw-2/NotificationConsumer/Notify"/>
<wsdl:input>
<soap:body use="literal"/>
</wsdl:input>
</wsdl:operation>
</wsdl:binding>
...
<!-- =============== SERVICE ================= -->
<wsdl:service name="WSNBrokerNotification">
....
<wsdl:port name="NotificationConsumer" binding="tns:NotificationConsumer">
<soap:address location="http://localhost:19001"/>
</wsdl:port>
...
</wsdl:service>
</wsdl:definitions>
When the following SOAP message is arriving:
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:a="http://www.w3.org/2005/08/addressing">
<s:Header>
<a:Action s:mustUnderstand="1">http://docs.oasis-open.org/wsn/bw-2/NotificationConsumer/Notify</a:Action>
<a:To s:mustUnderstand="1">http://jenkins.nu.majiic:50918/spsconsumerTest_f4bcbd26-8e96-45fe-b622-563d0e4a8edf</a:To>
</s:Header>
<s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<Notify xmlns="http://docs.oasis-open.org/wsn/b-2">
<NotificationMessage>
<MyLittleMessage/>
</NotificationMessage>
</Notify>
</s:Body>
</s:Envelope>
my SOAP framework - Apache CXF - reports this:
[qtp558404860-18] WARN org.apache.cxf.phase.PhaseInterceptorChain - Interceptor for {http://consumer.wsn.foo.bar/}WSBrokerNotificationConsumerService has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: Message part {http://docs.oasis-open.org/wsn/b-2}Notify was not recognized. (Does it exist in service WSDL?)
at org.apache.cxf.wsdl.interceptors.DocLiteralInInterceptor.validatePart(DocLiteralInInterceptor.java:252)
at org.apache.cxf.wsdl.interceptors.DocLiteralInInterceptor.handleMessage(DocLiteralInInterceptor.java:191)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:267)
at org.apache.cxf.transport.http_jetty.JettyHTTPDestination.doService(JettyHTTPDestination.java:247)
at org.apache.cxf.transport.http_jetty.JettyHTTPHandler.handle(JettyHTTPHandler.java:79)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
at org.eclipse.jetty.server.handler.ScopedHandler.nextHandle(ScopedHandler.java:235)
at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandler.java:1300)
at org.eclipse.jetty.server.handler.ScopedHandler.nextScope(ScopedHandler.java:190)
at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandler.java:1215)
at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.java:141)
at org.eclipse.jetty.server.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:221)
at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper.java:127)
at org.eclipse.jetty.server.Server.handle(Server.java:500)
at org.eclipse.jetty.server.HttpChannel.lambda$handle$1(HttpChannel.java:383)
at org.eclipse.jetty.server.HttpChannel.dispatch(HttpChannel.java:547)
at org.eclipse.jetty.server.HttpChannel.handle(HttpChannel.java:375)
at org.eclipse.jetty.server.HttpConnection.onFillable(HttpConnection.java:273)
at org.eclipse.jetty.io.AbstractConnection$ReadCallback.succeeded(AbstractConnection.java:311)
at org.eclipse.jetty.io.FillInterest.fillable(FillInterest.java:103)
at org.eclipse.jetty.io.ChannelEndPoint$2.run(ChannelEndPoint.java:117)
at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPool.java:806)
at org.eclipse.jetty.util.thread.QueuedThreadPool$Runner.run(QueuedThreadPool.java:938)
at java.lang.Thread.run(Thread.java:748)
[qtp558404860-18] INFO org.apache.cxf.services.WSBrokerNotificationConsumerService.WSBrokerNotificationConsumerPort.WSBrokerNotificationConsumer - Outbound Message
I am a bit confused, because I can clearly definition of <Notify> elements with proper namespace, unless I am missing something?...
Any help will be greatly appreciated!
solved; the issue was due to the lack of #WebService annotation on the class that was implementing the web service.
I'm using only jaxws-maven-plugin (no Spring or any other library) to generate my webservice client classes from a WSDL which works fine except I need to use WS-Security to encrypt a specific sub-element of my request.
Could you please point me to any documentation or give me a hint how to configure it? Is there a configuration file where do I set the following? Or do I need to use another library like Apache CXF?
WS-A Version: 200508
Key Identifier Type: Binary Security Token
Symmetric Encoding Algorithm: AES256-CBC
Key Encryption Algorithm: RSA-OAEP-MGF1P
Algorithm Suite: Basic256Sha256
Encypted elements XPath: //xxx/yyy
Thanks!
What I found out: (note I still don't understand what's going on)
Wildfly uses built in Apache CXF somehow (Glassfish implementation and configuration is different)
I had to modify the provided WSDL to add WS-Policy (haven't found a way how to add it to external file or somewhere without modifying the WSDL - which I'm not the author of) - see below
Had to provide a keystore
and configure access to it:
XxxService service = new XxxService();
BindingProvider bp = (BindingProvider) service.getXxxPort();
final Map<String, Object> rqc = bp.getRequestContext();
Properties p = new Properties();
p.setProperty("org.apache.ws.security.crypto.merlin.keystore.file", ...);
p.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", ...);
p.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", ...);
p.setProperty("org.apache.ws.security.crypto.merlin.keystore.alias", ...);
rqc.put("security.signature.properties", p);
rqc.put("security.encryption.properties", p);
WSDL Example
<?xml version="1.0" encoding="UTF-8"?>
<wsdl:definitions ... >
...
<wsdl:binding name="..." type="...">
<wsaw:UsingAddressing wsdl:required="false" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" />
<wsdlsoap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http" />
<!-- added to wsdl for encryption -->
<wsp:PolicyReference URI="#general_policy" />
<wsdl:operation name="xxx">
<wsdlsoap:operation soapAction="" />
<wsdl:input name="...">
<!-- added to wsdl for encryption -->
<wsp:PolicyReference URI="#xxx_policy" />
<wsdlsoap:body use="literal" />
</wsdl:input>
<wsdl:output ... >
</wsdl:operation>
</wsdl:binding>
<!-- added to wsdl for encryption -->
<wsp:Policy wsu:Id="general_policy"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702"
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<wsp:ExactlyOne>
<wsp:Policy>
<wsp:All>
<sp:AsymmetricBinding>
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
<sp:Layout>
<wsp:Policy>
<sp:Strict />
</wsp:Policy>
</sp:Layout>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
</wsp:Policy>
</sp:AsymmetricBinding>
</wsp:All>
</wsp:Policy>
</wsp:ExactlyOne>
</wsp:Policy>
<wsp:Policy wsu:Id="xxx_policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:ContentEncryptedElements
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<sp:XPath>/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Envelope']/*[namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/' and local-name()='Body']/*[namespace-uri()='xxx' and local-name()='xxxRequest']/yyy</sp:XPath>
</sp:ContentEncryptedElements>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</wsdl:definitions>
First of all, sorry for this long post but I am brushing my mind on this since days without success. I really seek your help.
I am trying to invoke a webservice which is secured by OWSM. Below are the policy assertions specified in the WSDL.
*************************************
<wsp:Policy wsu:Id="service.BindingQSPort_Fault_Policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"/>
<sp:SignedElements xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"/>
<sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"/>
<sp:EncryptedElements xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"/>
</wsp:Policy>
<wsp:Policy wsu:Id="service.BindingQSPort_Input_Policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<sp:Body/>
<sp:Header Name="fmw-context" Namespace="http://xmlns.oracle.com/fmw/context/1.0"/>
<sp:Header Name="" Namespace="http://www.w3.org/2005/08/addressing"/>
<sp:Header Name="" Namespace="http://schemas.xmlsoap.org/ws/2004/08/addressing"/>
</sp:SignedParts>
<sp:SignedElements xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"/>
<sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<sp:Header Name="fmw-context" Namespace="http://xmlns.oracle.com/fmw/context/1.0"/>
</sp:EncryptedParts>
<sp:EncryptedElements xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"/>
</wsp:Policy>
<wsp:Policy wsu:Id="service.BindingQSPort_Output_Policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<sp:Body/>
</sp:SignedParts>
<sp:SignedElements xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"/>
<sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"/>
<sp:EncryptedElements xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"/>
</wsp:Policy>
<wsp:Policy wsu:Id="wss10_x509_token_over_ssl_service_policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
<wsp:Policy>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Lax/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
<sp:OnlySignEntireHeadersAndBody/>
<sp:ProtectTokens/>
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy/>
</sp:Wss10>
</wsp:Policy>
<wsdl:message name="svcFault">
<wsdl:part name="payload" element="WL5G3N2:fault"/>
</wsdl:message>
<wsdl:message name="sendSMS">
<wsdl:part name="payload" element="WL5G3N1:sendSMS"/>
</wsdl:message>
<wsdl:message name="sendSMSResponse">
<wsdl:part name="payload" element="WL5G3N1:sendSMSResponse"/>
</wsdl:message>
<wsdl:portType name="service">
<wsdl:operation name="sendSMS">
<wsdl:input message="WL5G3N1:sendSMS"/>
<wsdl:output message="WL5G3N1:sendSMSResponse"/>
<wsdl:fault name="svcFault" message="WL5G3N1:svcFault"/>
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="service.Binding" type="WL5G3N1:service">
<WL5G3N3:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<wsp:PolicyReference URI="#wss10_x509_token_over_ssl_service_policy" wsdl:required="false" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"/>
<wsdl:operation name="sendEmail">
<WL5G3N3:operation style="document" soapAction="sendEmail"/>
<wsdl:input>
<WL5G3N3:body use="literal"/>
<wsp:PolicyReference URI="#service.BindingQSPort_Input_Policy" wsdl:required="false" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"/>
</wsdl:input>
<wsdl:output>
<WL5G3N3:body use="literal"/>
<wsp:PolicyReference URI="#service.BindingQSPort_Output_Policy" wsdl:required="false" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"/>
</wsdl:output>
<wsdl:fault name="svcFault">
<WL5G3N3:fault name="svcFault" use="literal"/>
<wsp:PolicyReference URI="#service.BindingQSPort_Fault_Policy" wsdl:required="false" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"/>
</wsdl:fault>
</wsdl:operation>
</wsdl:binding>
*************************************
I have written a JAX-RPC client which is using "weblogic.wsee.security.bst.ClientBSTCredentialProvider" to provide client credential as required by the service. Below is the security related code.
*************************************
serverCert.checkValidity();
cp = new ClientBSTCredentialProvider(
clientKeyStore, clientKeyStorePass,
clientKeyAlias, clientKeyPass,
"JKS", serverCert);
l_credproviders.add(cp);
Stub stub = (Stub)port;
stub._setProperty(WSSecurityContext.CREDENTIAL_PROVIDER_LIST
, l_credproviders
);
stub._setProperty(WSSecurityContext.TRUST_MANAGER
, new TrustManager() {
public boolean certificateCallback(
X509Certificate[] chain,
int validateErr) {
// Check that the server cert matches
boolean result = true;//chain[0].equals(serverCert);
return result;
}
}
);
*************************************
I am testing my client using SOAPUI. However above client code is giving me below Exceptions.
**************************************
java.rmi.RemoteException: SOAPFaultException - FaultCode [{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}InvalidSecurity] FaultString [Error on verifying message against security policy Error code:4206] FaultActor [null]No Detail; nested exception is:
**************************************
Can someone please help me to understand what my WSDL is specifying and why "ClientBSTCredentialProvider" is not able to attach the required policy? Or is is happening that since I am testing with SOAPUI, SOAPResponse is not as per the WSDL policy? Below are the SOAP requests and response for this.
***************************************
~~SOAP REQUEST~~
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"><env:Header xmlns:wsa="http://www.w3.org/2005/08/addressing"><wsa:MessageID wsu:Id="MessageID_HUf02VXDqusotArv" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">uuid:c7404e48f626d447:-246df928:14183ec2b7f:-8000</wsa:MessageID><wsa:Action wsu:Id="Action_CcS8Hy0hmQ2wVKHH" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">sendSMS</wsa:Action><wsa:To wsu:Id="To_bb3aIWjwG1Got1IZ" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">http://domainname:8090/sendSMS</wsa:To><wsa:ReplyTo wsu:Id="ReplyTo_w1ZItNbfV8se2kbF" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsa:Address>http://www.w3.org/2005/08/addressing/anonymous</wsa:Address></wsa:ReplyTo><wsse:Security env:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="bst_zM6y3VGAX9jZAaiV" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">MIICQTCCAaqgAwIBAgIEUixN4TANBgkqhkiG9w0BAQUFADBlMQswCQYDVQQGEwJMQjEPMA0GA1UECBMGQmVpcnV0MRAwDgYDVQQHEwdMZWJhbm9uMQ0wCwYDVQQKEwRNRFNMMQ0wCwYDVQQLEwRNRFNMMRUwEwYDVQQDEwxNYXl1ciBDbGllbnQwHhcNMTMwOTA4MTAxMzUzWhcNMTMxMjA3MTAxMzUzWjBlMQswCQYDVQQGEwJMQjEPMA0GA1UECBMGQmVpcnV0MRAwDgYDVQQHEwdMZWJhbm9uMQ0wCwYDVQQKEwRNRFNMMQ0wCwYDVQQLEwRNRFNMMRUwEwYDVQQDEwxNYXl1ciBDbGllbnQwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMeT5uG9IJFxUE8SP2eXxrW7Lvo0ZlEiv8NS2OzLHe4e4T1gZC6NZhsDk6G3GKt8z6yj8MlfIPzYTrXxNSgnW34WYZ2kFw6TrjakUr99i4sH5yi1Z0Bmm3nNq9/2WWrdMXVjeI5EwEdU/UUogb2Wdgh1HPZgGUuWhkLoDmVR36y1AgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAlvFZVLJ2h0BNe7EFGDUtBmEPF8EkdQn1R2AyK5AQONLM2RwNJYhVdVGLI13y+XJbACiyrFz5Sxsgu46hk6Bk6P+K/ZAUWQwDiV0pLhLg7LuR/K33o2EGkXiUnwOdcScG040n2sUnbi7ed/5mPcNuOGlYMQL/PHHZ2QGGTLEOe2U=</wsse:BinarySecurityToken><dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><dsig:SignedInfo><dsig:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/><dsig:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><dsig:Reference URI="#MessageID_HUf02VXDqusotArv"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>oG0PCOutUmUrhIhjsHB2G9Nu7Qc=</dsig:DigestValue></dsig:Reference><dsig:Reference URI="#Action_CcS8Hy0hmQ2wVKHH"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>jwnM3Pu8lEpk7WLokAfW/LcR8bM=</dsig:DigestValue></dsig:Reference><dsig:Reference URI="#To_bb3aIWjwG1Got1IZ"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>9RzmvWQQJG853YKPzwoWDUjWze8=</dsig:DigestValue></dsig:Reference><dsig:Reference URI="#ReplyTo_w1ZItNbfV8se2kbF"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>FPYcJ1NcK6nX5nx5cF+Jj5I2PZE=</dsig:DigestValue></dsig:Reference><dsig:Reference URI="#Timestamp_H75m9X5C1O9rNV2E"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>ZAoaTp1B5yQv/ZGM6Pd8dfmNyPg=</dsig:DigestValue></dsig:Reference><dsig:Reference URI="#Body_q8jxTBg8ZRE0VjRO"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>tnn+BbvQz/kuDBocU8Po24hn8W4=</dsig:DigestValue></dsig:Reference><dsig:Reference URI="#bst_zM6y3VGAX9jZAaiV"><dsig:Transforms><dsig:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></dsig:Transforms><dsig:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><dsig:DigestValue>IG2FZBY/Oqtsu4H6sl/6f2iHJx8=</dsig:DigestValue></dsig:Reference></dsig:SignedInfo><dsig:SignatureValue>LaXCIcrxyatPzcAsKJGK28TEgaEOUdoXUrcmucjHrZDuErfGPS5fa9LrIX7irGYYDoYjJ5uQLq7a7nSRcazfNPznf03nISgr6Voc+23HON2E+fyRmHkKJzWe6OxHRPyHYmxbYQzgXkwGCKqLOZVLJsQLQykMiNV8YK3vuacDAdU=</dsig:SignatureValue><dsig:KeyInfo><wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="str_gp0ybJxTKkZntAn1" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsse:Reference URI="#bst_zM6y3VGAX9jZAaiV" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/></wsse:SecurityTokenReference></dsig:KeyInfo></dsig:Signature><wsu:Timestamp wsu:Id="Timestamp_H75m9X5C1O9rNV2E" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsu:Created>2013-10-04T14:43:16Z</wsu:Created><wsu:Expires>2013-10-04T14:44:16Z</wsu:Expires></wsu:Timestamp></wsse:Security></env:Header><env:Body wsu:Id="Body_q8jxTBg8ZRE0VjRO" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><ent:sendSMS xmlns:ent="http://www.banqueaudi.com/evs/ent.msg.Notification"><util:header xmlns:util="http://www.banqueaudi.com/ebo/util.cmn.EBMHeader"><util:ebmSID>FCDB</util:ebmSID></util:header><ent:body><msg:smsNotification xmlns:msg="http://www.banqueaudi.com/ebo/msg.Notification"><msg:sender>98989898</msg:sender><msg:recipients><msg:recipient>78831471</msg:recipient></msg:recipients><msg:subject>SUBJECT</msg:subject><msg:message>My message</msg:message></msg:smsNotification></ent:body></ent:sendSMS></env:Body></env:Envelope>
***************************************
***************************************
~~SOAP RESONSE~~
<soapenv:Envelope xmlns:ent="http://www.banqueaudi.com/evs/ent.msg.Notification" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:util="http://www.banqueaudi.com/ebo/util.cmn.EBMHeader" xmlns:util1="http://www.banqueaudi.com/ebo/util.cmn.Basic">
<soapenv:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/></soapenv:Header>
<soapenv:Body wsu:Id="id-45" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><xenc:EncryptedData Id="ED-2" Type="http://www.w3.org/2001/04/xmlenc#Content" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"><wsse:Reference URI="#EK-B692F44E26CFCF96A613807927256684"/></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>x6T1pLtqpeAyg8SNuQQi23Ok6ceQikgVKyj80ylEdecdZoNOs2tUwhaO+irKXYy0XbMrmM+t3mMHsi2nNX5fps/camDpP9yOlN8Hosd+vUWsI4RA/8mnJVePitR3pf2dLgJD44vBowH5bQZ8R8B1vxDDjUpU2DOpfIxaPaSMApXvYfmPOMiDNtM/tXRCHrbHcljTAFvRZG9ShUZM6419i0JtpSCr77EkxJiWcVu9NIVwkHZoXpS8zY+pjjaatKi2EMzB9zPMXhtEvCER5pnEXWzUdhb5s9mWJAGaTd8h0j5o93LY/Mnw/mWBlzhFlk6b8cyJw1IrDAl5Tar8isuCqR2FbFs0aWqS8ng1QPnnc4xtBmCdgViifiXP0877LmFEqW74vDXtEDZniAfiixWt0u0gVsSYurJdwCWdZrfON12jAW35j6fWtgmGprsb6yE2cwg+J2BJaODdxTMOwyBAswygdjJw+RPLOXxCcYddyKJiFb/K+U0WiDj41yl/v8dmkYX1g9f6/CzpHMz8zpDdb+ecp2WNu3ry3z7fksMzp/LLsC5x2eVdgchOdtNZqufgLv8WQ+Ae/Hmuw/zgQ2l+xjxP4gYWanOphJ92H1Lk5KC/VsB3VdR2uz6b+rQZl0fJnY45HL7mx9uGKwQeQB9FWO1LNwcSQZw2yq7CeqUgspyvNMvwu1EXlUiIkYTu9EU0yVC9OGsXnspD9J4AG1m4IwFAL9iFHy7tJfnn5P0pSuSAoa4HeI0zO73H2zyrxEvi7eurXABxo1fk+gtXKDHl+elDtbwC1eJSYpwWZKBcpJSDATa0RCn28YKVVXZVZf0WOA3pTZ9NQNPCNVF/FC9SW8rrQ/777CFcuSlYIsexqL2+D6/TWStLvhrZLZ3K/3CsY/mwsnLwh2aFql8RZCunLSAK2a91y7Z044VO5598KERgBw8gO5RJrmwnSixmPrBjPo1yLkYcmzquHMlqS0CpWpypt5iyDJuF91P39eqYcJHZnwjG7ni8S8RFr2H5Hi3JFNm/k+A4mH5YvtyBqqTfN4+QjJMDBZkVTGFYs6JiRRUJoUK17okXxs8Pq6VYW3iSwEB85CFiVHZlt1eWppveVSHZfQsZsUr+A/QrTdRMZIx+ChRuqmXYdXiYQ35TDPveYWhiIQcWeOXvumtIZRTqYMoA34KuB/9GaH0P+7HUNfeROw6knj5y1DO1w/uIC8x6Uuhr5gMyZSuuzSEfZGUhQ6aWFtSCmnJaoVq18hdAnxNG31Oqi2gy7daCLWDRleow25xGYI2Or+dxhal3khe9+37OceJEWhgmB8gTD2nGBvp7VWLptsoGBgXgqnXs6ab8mG9lLmXbO4ef2ECq84BN//oIiV570qY6OWTQwL1yjNDQ3+1h2bKQ4DE51xq5N1UcTRoGA9DycotHmrOzyhedAMQTndlaNMJr87cC+cRVHYE=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></soapenv:Body>
</soapenv:Envelope>
***************************************
I found resolution to my problem, which I successfully tested with SOAP-UI. Will keep posted once it works on live though.
There are following points that first we should know before writing a client for OWSM secured webservice.
It is feasible to call JAX-WS service using JAX-RPC client and vice-versa.
It is feasible to invoke a OWSM secured webservice, with JAX-RPC client without installing/ configuring OWSM at client side.
Following is the client code (only related to security) for referecnce.
ist l_credproviders = new ArrayList();
CredentialProvider cp = null;
cp = new ClientBSTCredentialProvider(MyClientKeystore.pubCertAlias, MyClientKeystore.prvKeyAlias, MyClientKeystore.serverPubCertAlias);
l_credproviders.add(cp);
Stub stub = (Stub)port;
stub._setProperty(WSSecurityContext.CREDENTIAL_PROVIDER_LIST
, l_credproviders
);
stub._setProperty(WLStub.POLICY_COMPATIBILITY_PREFERENCE
, JFProperties.getProperty(
"POLICY.COMPATIBILITY.PREFERENCE")
);
stub._setProperty(WSSecurityContext.TRUST_MANAGER
, new TrustManager() {
public boolean certificateCallback(
X509Certificate[] chain,
int validateErr) {
// Check that the server cert matches
return true;
}
}
);
How client credential provider API wotrks to secure a client:
a) It connects to the URL and parse the WSDL.
b) Get the policy assertions from the WSDL.
c) create SOAP request message considering the client policy assertions.
d) send and receive the response from the server.
e) validate response from server against the policy assertions of server response from already parsed WSDL, If server response is not valid against policy throws SecurityExceptions.
Hope this help and someone gets benefited from my exhausted experience :)
I have the following conversation log (from WCF Trace file). It shows a WCF client calling an SSL protected Metro web service. Does the conversation have applied security? How do I know this from the logs?
Message Source: ServiceLevelSendRequest
Message Type: System.ServiceModel.Dispatcher.OperationFormatter+OperationFormatterMessage
<MessageLogTraceRecord Time="2011-09-22T01:33:06.4045159+02:00" Source="ServiceLevelSendRequest" Type="System.ServiceModel.Dispatcher.OperationFormatter+OperationFormatterMessage" xmlns="http://schemas.microsoft.com/2004/06/ServiceModel/Management/MessageTrace">
<s:Envelope xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<a:Action s:mustUnderstand="1">http://webService/hello/helloRequest</a:Action>
<a:MessageID>urn:uuid:cd9642a0-ac70-4208-84e3-8a901cf5713a</a:MessageID>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<VsDebuggerCausalityData xmlns="http://schemas.microsoft.com/vstudio/diagnostics/servicemodelsink"></VsDebuggerCausalityData>
</s:Header>
<s:Body>
<hello xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://webService/">
<name xmlns="">Dani</name>
</hello>
</s:Body>
</s:Envelope>
</MessageLogTraceRecord>
Message Source: TransportSend
Message Type: System.ServiceModel.Security.SecurityAppliedMessage
<MessageLogTraceRecord Time="2011-09-22T01:33:06.4105163+02:00" Source="TransportSend" Type="System.ServiceModel.Security.SecurityAppliedMessage" xmlns="http://schemas.microsoft.com/2004/06/ServiceModel/Management/MessageTrace">
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<a:Action s:mustUnderstand="1">http://webService/hello/helloRequest</a:Action>
<a:MessageID>urn:uuid:cd9642a0-ac70-4208-84e3-8a901cf5713a</a:MessageID>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<VsDebuggerCausalityData xmlns="http://schemas.microsoft.com/vstudio/diagnostics/servicemodelsink">uIDPo/CE9TN8gjlFg7wGpuXg+HYAAAAAjfdEWwkubUe9Mb/DW0Kwl7kxQkfs6KtNkycVwDcjc44ACQAA</VsDebuggerCausalityData>
<a:To s:mustUnderstand="1">https://localhost:8181/megegytest/hello</a:To>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="_0">
<u:Created>2011-09-21T23:33:06.409Z</u:Created>
<u:Expires>2011-09-21T23:38:06.409Z</u:Expires>
</u:Timestamp>
</o:Security>
</s:Header>
<s:Body>
<hello xmlns="http://webService/" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<name xmlns="">Dani</name>
</hello>
</s:Body>
</s:Envelope>
</MessageLogTraceRecord>
Message Source: TransportReceive
Message Type: System.ServiceModel.Channels.BufferedMessage
<MessageLogTraceRecord Time="2011-09-22T01:33:06.4165166+02:00" Source="TransportReceive" Type="System.ServiceModel.Channels.BufferedMessage" xmlns="http://schemas.microsoft.com/2004/06/ServiceModel/Management/MessageTrace">
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<S:Header>
<To xmlns="http://www.w3.org/2005/08/addressing">http://www.w3.org/2005/08/addressing/anonymous</To>
<Action xmlns="http://www.w3.org/2005/08/addressing" xmlns:S="http://schemas.xmlsoap.org/soap/envelope/" S:mustUnderstand="1">http://webService/hello/helloResponse</Action>
<MessageID xmlns="http://www.w3.org/2005/08/addressing">uuid:0303f4ea-1171-4ad6-b220-4b341d78b299</MessageID>
<RelatesTo xmlns="http://www.w3.org/2005/08/addressing">urn:uuid:cd9642a0-ac70-4208-84e3-8a901cf5713a</RelatesTo>
<wsse:Security S:mustUnderstand="1">
<wsu:Timestamp xmlns:ns14="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512" xmlns:ns13="http://www.w3.org/2003/05/soap-envelope" wsu:Id="_1">
<wsu:Created>2011-09-21T23:33:06Z</wsu:Created>
<wsu:Expires>2011-09-21T23:38:06Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</S:Header>
<S:Body>
<ns2:helloResponse xmlns:ns2="http://webService/">
<return xmlns="">Hello Dani !</return>
</ns2:helloResponse>
</S:Body>
</S:Envelope>
</MessageLogTraceRecord>
Message Source: ServiceLevelReceiveReply
Message Type: System.ServiceModel.Security.SecurityVerifiedMessage
<MessageLogTraceRecord Time="2011-09-22T01:33:06.4245171+02:00" Source="ServiceLevelReceiveReply" Type="System.ServiceModel.Security.SecurityVerifiedMessage" xmlns="http://schemas.microsoft.com/2004/06/ServiceModel/Management/MessageTrace">
<HttpResponse>
<StatusCode>OK</StatusCode>
<StatusDescription>OK</StatusDescription>
<WebHeaders>
<Transfer-Encoding>chunked</Transfer-Encoding>
<Content-Type>text/xml;charset=utf-8</Content-Type>
<Date>Wed, 21 Sep 2011 23:33:06 GMT</Date>
<Server>GlassFish Server Open Source Edition 3.1.1</Server>
<X-Powered-By>Servlet/3.0 JSP/2.2 (GlassFish Server Open Source Edition 3.1.1 Java/Oracle Corporation/1.7)</X-Powered-By>
</WebHeaders>
</HttpResponse>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<S:Header>
<To xmlns="http://www.w3.org/2005/08/addressing">http://www.w3.org/2005/08/addressing/anonymous</To>
<Action xmlns="http://www.w3.org/2005/08/addressing" xmlns:S="http://schemas.xmlsoap.org/soap/envelope/" S:mustUnderstand="1">http://webService/hello/helloResponse</Action>
<MessageID xmlns="http://www.w3.org/2005/08/addressing">uuid:0303f4ea-1171-4ad6-b220-4b341d78b299</MessageID>
<RelatesTo xmlns="http://www.w3.org/2005/08/addressing">urn:uuid:cd9642a0-ac70-4208-84e3-8a901cf5713a</RelatesTo>
<wsse:Security S:mustUnderstand="1">
<wsu:Timestamp xmlns:ns14="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512" xmlns:ns13="http://www.w3.org/2003/05/soap-envelope" wsu:Id="_1">
<wsu:Created>2011-09-21T23:33:06Z</wsu:Created>
<wsu:Expires>2011-09-21T23:38:06Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</S:Header>
<S:Body>
<ns2:helloResponse xmlns:ns2="http://webService/">
<return xmlns="">Hello Dani !</return>
</ns2:helloResponse>
</S:Body>
</S:Envelope>
</MessageLogTraceRecord>
WSDL:
<definitions targetNamespace="http://webService/" name="hello">
<wsp:Policy wsu:Id="helloPortBindingPolicy">
<sp:TransportBinding>
<wsp:Policy>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:IncludeTimestamp/>
<sp:Layout>
<wsp:Policy>
<sp:Lax/>
</wsp:Policy>
</sp:Layout>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken RequireClientCertificate="false"/>
</wsp:Policy>
</sp:TransportToken>
</wsp:Policy>
</sp:TransportBinding>
<sp:Wss10/>
<wsam:Addressing/>
</wsp:Policy>
<types>
<xsd:schema>
<xsd:import namespace="http://webService/" schemaLocation="https://localhost:8181/megegytest/hello?xsd=1"/>
</xsd:schema>
</types>
<message name="hello">
<part name="parameters" element="tns:hello"/>
</message>
<message name="helloResponse">
<part name="parameters" element="tns:helloResponse"/>
</message>
<portType name="hello">
<operation name="hello">
<input wsam:Action="http://webService/hello/helloRequest" message="tns:hello"/>
<output wsam:Action="http://webService/hello/helloResponse" message="tns:helloResponse"/>
</operation>
</portType>
<binding name="helloPortBinding" type="tns:hello">
<wsp:PolicyReference URI="#helloPortBindingPolicy"/>
<soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/>
<operation name="hello">
<soap:operation soapAction=""/>
<input>
<soap:body use="literal"/>
</input>
<output>
<soap:body use="literal"/>
</output>
</operation>
</binding>
<service name="hello">
<port name="helloPort" binding="tns:helloPortBinding">
<soap:address location="https://localhost:8181/megegytest/hello"/>
</port>
</service>
</definitions>
It uses HTTPS so it is secured. WSDL also demands secure transport through security policy declaring TransportBinding element and HttpsToken. Log will not show any encryption because encryption is done on transport level outside of WCF scope. If you want to see that messages are encrypted you must sniff traffic on network level for example with WireShark. You can also use Fiddler as HTTPS proxy to see that client is doing HTTP CONNECT to tunnel SSL through proxy.
Im trying to call a Java web service created using Axis from PHP code.The webservice is hosted on my LAN. I am able to call the web service successfully using SoapUI. I have the PHP Soap Extension installed.
However,im not sure whether my PHP code is correct. Below is my PHP code.
<?php
$client = new SoapClient('http://machinename/axis/services/Compiere?wsdl');
$params = array('in0'=> '124','in1'=>'1');
$result = $client->__SoapCall('createOrder',array($params));
print $result->createOrderReturn;
?>
The WSDL is as follows :
<?xml version="1.0" encoding="UTF-8"?>
<wsdl:definitions targetNamespace="http://compservice.com" xmlns:apachesoap="http://xml.apache.org/xml-soap" xmlns:impl="http://compservice.com" xmlns:intf="http://compservice.com" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsdlsoap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<!--WSDL created by Apache Axis version: 1.4
Built on Apr 22, 2006 (06:55:48 PDT)-->
<wsdl:message name="createOrderRequest">
<wsdl:part name="in0" type="xsd:int"/>
<wsdl:part name="in1" type="xsd:int"/>
</wsdl:message>
<wsdl:message name="createOrderResponse">
<wsdl:part name="createOrderReturn" type="xsd:string"/>
</wsdl:message>
<wsdl:portType name="OrderServiceInt">
<wsdl:operation name="createOrder" parameterOrder="in0 in1">
<wsdl:input message="impl:createOrderRequest" name="createOrderRequest"/>
<wsdl:output message="impl:createOrderResponse" name="createOrderResponse"/>
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="CompiereSoapBinding" type="impl:OrderServiceInt">
<wsdlsoap:binding style="rpc" transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="createOrder">
<wsdlsoap:operation soapAction=""/>
<wsdl:input name="createOrderRequest">
<wsdlsoap:body encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" namespace="http://compservice.com" use="encoded"/>
</wsdl:input>
<wsdl:output name="createOrderResponse">
<wsdlsoap:body encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" namespace="http://compservice.com" use="encoded"/>
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:service name="OrderServiceIntService">
<wsdl:port binding="impl:CompiereSoapBinding" name="Compiere">
<wsdlsoap:address location="http://nuca232/axis/services/Compiere"/>
</wsdl:port>
</wsdl:service>
</wsdl:definitions>
Is my PHP code correct ?
Please help.
Thank You.
Why don't you try the direct mode?
<?php
$client = new SoapClient('http://machinename/axis/services/Compiere?wsdl');
$params = array('in0'=> '124','in1'=>'1');
$result = $client->createOrder( $parms );
print_r($result);
Instead of using $client->__SoapCall('createOrder',array($params));
As the manual says: "Usually, in WSDL mode, SOAP functions can be called as methods of the SoapClient object"