I have the following conversation log (from WCF Trace file). It shows a WCF client calling an SSL protected Metro web service. Does the conversation have applied security? How do I know this from the logs?
Message Source: ServiceLevelSendRequest
Message Type: System.ServiceModel.Dispatcher.OperationFormatter+OperationFormatterMessage
<MessageLogTraceRecord Time="2011-09-22T01:33:06.4045159+02:00" Source="ServiceLevelSendRequest" Type="System.ServiceModel.Dispatcher.OperationFormatter+OperationFormatterMessage" xmlns="http://schemas.microsoft.com/2004/06/ServiceModel/Management/MessageTrace">
<s:Envelope xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<a:Action s:mustUnderstand="1">http://webService/hello/helloRequest</a:Action>
<a:MessageID>urn:uuid:cd9642a0-ac70-4208-84e3-8a901cf5713a</a:MessageID>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<VsDebuggerCausalityData xmlns="http://schemas.microsoft.com/vstudio/diagnostics/servicemodelsink"></VsDebuggerCausalityData>
</s:Header>
<s:Body>
<hello xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://webService/">
<name xmlns="">Dani</name>
</hello>
</s:Body>
</s:Envelope>
</MessageLogTraceRecord>
Message Source: TransportSend
Message Type: System.ServiceModel.Security.SecurityAppliedMessage
<MessageLogTraceRecord Time="2011-09-22T01:33:06.4105163+02:00" Source="TransportSend" Type="System.ServiceModel.Security.SecurityAppliedMessage" xmlns="http://schemas.microsoft.com/2004/06/ServiceModel/Management/MessageTrace">
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<a:Action s:mustUnderstand="1">http://webService/hello/helloRequest</a:Action>
<a:MessageID>urn:uuid:cd9642a0-ac70-4208-84e3-8a901cf5713a</a:MessageID>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<VsDebuggerCausalityData xmlns="http://schemas.microsoft.com/vstudio/diagnostics/servicemodelsink">uIDPo/CE9TN8gjlFg7wGpuXg+HYAAAAAjfdEWwkubUe9Mb/DW0Kwl7kxQkfs6KtNkycVwDcjc44ACQAA</VsDebuggerCausalityData>
<a:To s:mustUnderstand="1">https://localhost:8181/megegytest/hello</a:To>
<o:Security s:mustUnderstand="1" xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<u:Timestamp u:Id="_0">
<u:Created>2011-09-21T23:33:06.409Z</u:Created>
<u:Expires>2011-09-21T23:38:06.409Z</u:Expires>
</u:Timestamp>
</o:Security>
</s:Header>
<s:Body>
<hello xmlns="http://webService/" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<name xmlns="">Dani</name>
</hello>
</s:Body>
</s:Envelope>
</MessageLogTraceRecord>
Message Source: TransportReceive
Message Type: System.ServiceModel.Channels.BufferedMessage
<MessageLogTraceRecord Time="2011-09-22T01:33:06.4165166+02:00" Source="TransportReceive" Type="System.ServiceModel.Channels.BufferedMessage" xmlns="http://schemas.microsoft.com/2004/06/ServiceModel/Management/MessageTrace">
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<S:Header>
<To xmlns="http://www.w3.org/2005/08/addressing">http://www.w3.org/2005/08/addressing/anonymous</To>
<Action xmlns="http://www.w3.org/2005/08/addressing" xmlns:S="http://schemas.xmlsoap.org/soap/envelope/" S:mustUnderstand="1">http://webService/hello/helloResponse</Action>
<MessageID xmlns="http://www.w3.org/2005/08/addressing">uuid:0303f4ea-1171-4ad6-b220-4b341d78b299</MessageID>
<RelatesTo xmlns="http://www.w3.org/2005/08/addressing">urn:uuid:cd9642a0-ac70-4208-84e3-8a901cf5713a</RelatesTo>
<wsse:Security S:mustUnderstand="1">
<wsu:Timestamp xmlns:ns14="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512" xmlns:ns13="http://www.w3.org/2003/05/soap-envelope" wsu:Id="_1">
<wsu:Created>2011-09-21T23:33:06Z</wsu:Created>
<wsu:Expires>2011-09-21T23:38:06Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</S:Header>
<S:Body>
<ns2:helloResponse xmlns:ns2="http://webService/">
<return xmlns="">Hello Dani !</return>
</ns2:helloResponse>
</S:Body>
</S:Envelope>
</MessageLogTraceRecord>
Message Source: ServiceLevelReceiveReply
Message Type: System.ServiceModel.Security.SecurityVerifiedMessage
<MessageLogTraceRecord Time="2011-09-22T01:33:06.4245171+02:00" Source="ServiceLevelReceiveReply" Type="System.ServiceModel.Security.SecurityVerifiedMessage" xmlns="http://schemas.microsoft.com/2004/06/ServiceModel/Management/MessageTrace">
<HttpResponse>
<StatusCode>OK</StatusCode>
<StatusDescription>OK</StatusDescription>
<WebHeaders>
<Transfer-Encoding>chunked</Transfer-Encoding>
<Content-Type>text/xml;charset=utf-8</Content-Type>
<Date>Wed, 21 Sep 2011 23:33:06 GMT</Date>
<Server>GlassFish Server Open Source Edition 3.1.1</Server>
<X-Powered-By>Servlet/3.0 JSP/2.2 (GlassFish Server Open Source Edition 3.1.1 Java/Oracle Corporation/1.7)</X-Powered-By>
</WebHeaders>
</HttpResponse>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xs="http://www.w3.org/2001/XMLSchema">
<S:Header>
<To xmlns="http://www.w3.org/2005/08/addressing">http://www.w3.org/2005/08/addressing/anonymous</To>
<Action xmlns="http://www.w3.org/2005/08/addressing" xmlns:S="http://schemas.xmlsoap.org/soap/envelope/" S:mustUnderstand="1">http://webService/hello/helloResponse</Action>
<MessageID xmlns="http://www.w3.org/2005/08/addressing">uuid:0303f4ea-1171-4ad6-b220-4b341d78b299</MessageID>
<RelatesTo xmlns="http://www.w3.org/2005/08/addressing">urn:uuid:cd9642a0-ac70-4208-84e3-8a901cf5713a</RelatesTo>
<wsse:Security S:mustUnderstand="1">
<wsu:Timestamp xmlns:ns14="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512" xmlns:ns13="http://www.w3.org/2003/05/soap-envelope" wsu:Id="_1">
<wsu:Created>2011-09-21T23:33:06Z</wsu:Created>
<wsu:Expires>2011-09-21T23:38:06Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</S:Header>
<S:Body>
<ns2:helloResponse xmlns:ns2="http://webService/">
<return xmlns="">Hello Dani !</return>
</ns2:helloResponse>
</S:Body>
</S:Envelope>
</MessageLogTraceRecord>
WSDL:
<definitions targetNamespace="http://webService/" name="hello">
<wsp:Policy wsu:Id="helloPortBindingPolicy">
<sp:TransportBinding>
<wsp:Policy>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:IncludeTimestamp/>
<sp:Layout>
<wsp:Policy>
<sp:Lax/>
</wsp:Policy>
</sp:Layout>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken RequireClientCertificate="false"/>
</wsp:Policy>
</sp:TransportToken>
</wsp:Policy>
</sp:TransportBinding>
<sp:Wss10/>
<wsam:Addressing/>
</wsp:Policy>
<types>
<xsd:schema>
<xsd:import namespace="http://webService/" schemaLocation="https://localhost:8181/megegytest/hello?xsd=1"/>
</xsd:schema>
</types>
<message name="hello">
<part name="parameters" element="tns:hello"/>
</message>
<message name="helloResponse">
<part name="parameters" element="tns:helloResponse"/>
</message>
<portType name="hello">
<operation name="hello">
<input wsam:Action="http://webService/hello/helloRequest" message="tns:hello"/>
<output wsam:Action="http://webService/hello/helloResponse" message="tns:helloResponse"/>
</operation>
</portType>
<binding name="helloPortBinding" type="tns:hello">
<wsp:PolicyReference URI="#helloPortBindingPolicy"/>
<soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="document"/>
<operation name="hello">
<soap:operation soapAction=""/>
<input>
<soap:body use="literal"/>
</input>
<output>
<soap:body use="literal"/>
</output>
</operation>
</binding>
<service name="hello">
<port name="helloPort" binding="tns:helloPortBinding">
<soap:address location="https://localhost:8181/megegytest/hello"/>
</port>
</service>
</definitions>
It uses HTTPS so it is secured. WSDL also demands secure transport through security policy declaring TransportBinding element and HttpsToken. Log will not show any encryption because encryption is done on transport level outside of WCF scope. If you want to see that messages are encrypted you must sniff traffic on network level for example with WireShark. You can also use Fiddler as HTTPS proxy to see that client is doing HTTP CONNECT to tunnel SSL through proxy.
Related
I have a 3rd party SOAP service. When I call the end point of the service using POSTMAN it sends the data back
POST - https://localhost:8443/api/PatronSearch
POSTMAN Body
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:sch="http://www.myservice.com/api/schema">
<soapenv:Header/>
<soapenv:Body>
<sch:PatronSearch>
<sch:Patron>
<sch:LastName>Summers</sch:LastName>
</sch:Patron>
</sch:PatronSearch>
</soapenv:Body>
</soapenv:Envelope>
Response in POSTMAN
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<PatronList xmlns:ns2="http://www.myservice.com/api" xmlns="http://www.myservice.com/api/schema">
<Patron xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:type="EmployeeData">
<Id>1</Id>
<Type>Employee</Type>
<ReadOnly>false</ReadOnly>
<LastName>Summers</LastName>
<FirstName>Petron</FirstName>
<Gender>Male</Gender>
<PhoneNo>+14567891234</PhoneNo>
<Language>en</Language>
<MobilePhoneNo>+14567891235</MobilePhoneNo>
<Email>Summers.Petron#gmail.com</Email>
<DepartmentId>2</DepartmentId>
</Patron>
</PatronList>
</soap:Body>
</soap:Envelope>
but when I try to access same service using java then it is throwing me following error
org.springframework.ws.soap.client.SoapFaultClientException: Unexpected element findPatron found. Expected {http://www.myservice.com/api/schema}PatronSearch.
Here is the method from where I am calling this service
public PatronList getPatronInfo(PatronSearch patronSearch) {
template = new WebServiceTemplate(marshaller);
JAXBElement<PatronSearch> jaxbElement = new JAXBElement<PatronSearch>(new QName("", "findPatron"),
PatronSearch.class, patronSearch);
PatronList patronList = (PatronList) template
.marshalSendAndReceive("https://localhost:8443/api/PatronSearch", jaxbElement);
return patronList;
}
here is the snap shot of wsdl
<?xml version="1.0" encoding="utf-8"?>
<!--Created with Liquid XML Studio Developer Edition 9.1.11.3570 (http://www.liquid-technologies.com)-->
<definitions xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:mime="http://schemas.xmlsoap.org/wsdl/mime/" xmlns:tns="http://example.com/" xmlns:ns="http://www.myservice.com/api/schema" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:http="http://schemas.xmlsoap.org/wsdl/http/" name="myservice" targetNamespace="http://www.myservice.com/api" xmlns="http://schemas.xmlsoap.org/wsdl/">
<types>
<xs:schema xmlns:tns="http://schemas.xmlsoap.org/wsdl/">
<xs:import schemaLocation="MyServiceWebService.xsd" namespace="www.myservice.com/api/schema" />
</xs:schema>
</types>
<message name="PatronSearch">
<part xmlns:q1="http://www.myservice.com/api/schema" name="search" element="q1:PatronSearch" />
</message>
<message name="PatronList">
<part xmlns:q1="http://www.myservice.com/api/schema" name="list" element="q1:PatronList" />
</message>
<portType name="MyServiceWebServiceType">
<operation name="findPatron">
<input xmlns:q1="http://www.myservice.com/api" name="findPatron" message="q1:PatronSearch" />
<output xmlns:q1="http://www.myservice.com/api" name="listPatron" message="q1:PatronList" />
<fault xmlns:q1="http://www.myservice.com/api" name="fout" message="q1:Fault" />
</operation>
</portType>
<binding xmlns:q1="http://www.myservice.com/api/" name="MyServiceWebServiceSoapBinding" type="q1:MyServiceWebServiceType">
<soap:binding transport="http://schemas.xmlsoap.org/soap/http" />
<operation name="findPatron">
<input name="findPatron" />
<output name="listPatron" />
<fault name="fout" />
</operation>
</binding>
<service name="MyServiceWebService">
<port xmlns:q1="http://www.myservice.com/api" name="MyServiceWebServicePort" binding="q1:MyServiceWebServiceSoapBinding">
<soap:address location="https://localhost:8443/api" />
</port>
</service>
</definitions>
any suggestion what I am doing wrong or a better way to call the service.
Error message states: "Expected {http://www.myservice.com/api/schema}PatronSearch". Supply appropriate namespace and local name when constructing QName:
JAXBElement<PatronSearch> jaxbElement = new JAXBElement<PatronSearch>(new QName("http://www.myservice.com/api/schema", "PatronSearch"), PatronSearch.class, patronSearch);
I have generated WSDL client using this answer for my WSDL. The stub is generated successfully however when I invoke the server I get below error message
undeclared namespace prefix SOAP-ENV at offset 216 of http://10.7.225.35:30002/kestrel/AirService
This is to stop the scroll bar obscuring the text
When the request is generated I can see that targetnamespaces are added in body tag instead of soapEnvelope tag, if I change it manually and try it in SOAPUI tool , it works like charm.I tried generating client from wsimport as well but getting similar issue. Attaching request and response for reference.Also attaching the wsdl file.
Attaching WSDL file(SO not allowing me to add entire so adding partial)
Thanks in advance , any help is appreciated.
Air WSDL file
<?xml version="1.0" encoding="UTF-8"?>
<definitions name="AirService"
xmlns="http://schemas.xmlsoap.org/wsdl/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
xmlns:tns="http://www.travelport.com/service/air_v46_0"
xmlns:ns1="http://www.travelport.com/schema/air_v46_0"
targetNamespace="http://www.travelport.com/service/air_v46_0">
<import namespace="http://www.travelport.com/service/air_v46_0"
location="AirAbstract.wsdl" />
<binding name="AirPrePayBinding"
type="tns:AirPrePayPortType">
<soap:binding style="document"
transport="http://schemas.xmlsoap.org/soap/http" />
<operation name="service">
<soap:operation soapAction="http://localhost:8080/kestrel/AirService"/>
<input>
<soap:body use="literal" />
</input>
<output>
<soap:body use="literal" />
</output>
<fault name="ErrorInfoMsg">
<soap:fault name="ErrorInfoMsg" use="literal" />
</fault>
</operation>
</binding>
AirAbstract.wsdl
<?xml version="1.0" encoding="UTF-8"?>
<definitions name="AirService"
xmlns="http://schemas.xmlsoap.org/wsdl/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
xmlns:tns="http://www.travelport.com/service/air_v46_0"
xmlns:ns1="http://www.travelport.com/schema/air_v46_0"
targetNamespace="http://www.travelport.com/service/air_v46_0">
<import namespace="http://www.travelport.com/service/air_v46_0"
location="AirAbstract.wsdl" />
<binding name="AirPrePayBinding"
type="tns:AirPrePayPortType">
<soap:binding style="document"
transport="http://schemas.xmlsoap.org/soap/http" />
<operation name="service">
<soap:operation soapAction="http://localhost:8080/kestrel/AirService"/>
<input>
<soap:body use="literal" />
</input>
<output>
<soap:body use="literal" />
</output>
<fault name="ErrorInfoMsg">
<soap:fault name="ErrorInfoMsg" use="literal" />
</fault>
</operation>
</binding>
Request
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Header />
<S:Body xmlns:ns1="http://www.travelport.com/schema/air_v46_0" xmlns:ns2="http://www.travelport.com/schema/common_v46_0" xmlns:ns3="http://www.travelport.com/schema/vehicle_v46_0" xmlns:ns4="http://www.travelport.com/schema/rail_v46_0" xmlns:ns5="http://www.travelport.com/schema/cruise_v46_0" xmlns:ns6="http://www.travelport.com/schema/hotel_v46_0" xmlns:ns7="http://www.travelport.com/schema/passive_v46_0" xmlns:ns8="http://www.travelport.com/schema/universal_v46_0" xmlns:ns9="http://www.travelport.com/soa/common/security/SessionContext_v1">
<ns1:LowFareSearchReq ReturnUpsellFare="true" TargetBranch="P7111432">
<ns2:BillingPointOfSaleInfo OriginApplication="UAPI" />
<ns1:SearchAirLeg>
<ns1:SearchOrigin>
<ns2:CityOrAirport Code="BLR" />
</ns1:SearchOrigin>
<ns1:SearchDestination>
<ns2:CityOrAirport Code="JAI" />
</ns1:SearchDestination>
<ns1:SearchDepTime PreferredTime="2019-03-22" />
<ns1:AirLegModifiers>
<ns1:PermittedCabins>
<ns2:CabinClass Type="Economy" />
</ns1:PermittedCabins>
</ns1:AirLegModifiers>
</ns1:SearchAirLeg>
<ns1:AirSearchModifiers>
<ns1:PreferredProviders>
<ns2:Provider Code="1G" />
</ns1:PreferredProviders>
</ns1:AirSearchModifiers>
<ns2:SearchPassenger Code="ADT" />
<ns2:SearchPassenger Code="INF" PricePTCOnly="true" />
<ns2:SearchPassenger Code="CNN" />
<ns1:AirPricingModifiers CurrencyType="INR" FaresIndicator="AllFares" />
</ns1:LowFareSearchReq>
</S:Body>
</S:Envelope>
Response
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<SOAP-ENV:Header />
<SOAP-ENV:Body>
<SOAP-ENV:Fault>
<SOAP-ENV:faultcode>500</SOAP-ENV:faultcode>
<SOAP-ENV:faultstring>undeclared namespace prefix SOAP-ENV at offset 216 of http://10.7.225.35:30002/kestrel/AirService</SOAP-ENV:faultstring>
<SOAP-ENV:faultactor></SOAP-ENV:faultactor>
<SOAP-ENV:detail>undeclared namespace prefix SOAP-ENV at offset 216 of http://10.7.225.35:30002/kestrel/AirService</SOAP-ENV:detail>
</SOAP-ENV:Fault>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
On the SOAP request, namespace of SOAP-ENV is a duplicate of the S namespace.
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
<SOAP-ENV:Header />
<S:Body xmlns:ns1="http://www.travelport.com/schema/air_v46_0" >
... snip ...
</S:Envelope>
I guess the parser doesn't like duplicated namespace prefixes, so change the request to use S as the prefix for the header (or remove it as it's not populated)
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/" >
<S:Header />
<S:Body xmlns:ns1="http://www.travelport.com/schema/air_v46_0" >
</S:Envelope>
As for the other namespaces, it shouldn't matter where in the document you declare the namespaces, as long as they are declared before they are used.
If you post the stub code that is being generated by CXF then we can probably identify the problem with that.
I have a WebService deployed into a server an one client doing requests aginst it. I have client and server certificates which established SSL connection and, in the server side, build a signature and then the client tries to verify it.
The problem is when the server signs the SOAP message it looks like this one:
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope">
<S:Body>
<ns2:ResponseMessage xmlns="urn:iec62325.504:messages:1:0" xmlns:ns2="http://iec.ch/TC57/2011/schema/message">
<ns2:Header>
<ns2:Verb>reply</ns2:Verb>
<ns2:Noun>QueryData</ns2:Noun>
<ns2:Timestamp>2016-11-17T15:44:51Z</ns2:Timestamp>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
<Reference URI="">
<Transforms>
<Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
<Transform Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<DigestValue>yLDpd7Nck0LUBDjoKHM/uh/iCad2v5GhFR+7GTWBNh0=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>iovrYXAs+UttPJmu+5kZvnQ6P7XqhfrFd6nEgtArCRT/BwsIZlo6QYH5nCK/M67jCVTHcRso0KDa
o/1YUeZLi6btLu0I9rNKrlXEp7x08ZRrG0sCqaGV//8AK4jnQDJ7TR4At0lfJg/JMniNAxmTCb3M
Py6iP5t4LVlvRPVEb1G44uCzMTjtcseTEPJ+/k+CIsOqQ5zA4Srk05bMdkkse62bGqMPMoqBpU0K
5r29Wl0ZXre/tIt5LJ/7el27MtaIqpo+9CgroFJZUIu6p8Em5p5/s4c5VknWCK2VZVGe7vhjHuiN
vUlbVWV0DiXHC92jQ2Ty4BTMGABALY40h2V7Bg==</SignatureValue>
<KeyInfo>
<X509Data>
...
When the message is catched by the handle of the client, it looks like this:
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope" xmlns:env="http://www.w3.org/2003/05/soap-envelope">
<env:Header/>
<S:Body>
<ns2:ResponseMessage xmlns="urn:iec62325.504:messages:1:0" xmlns:ns2="http://iec.ch/TC57/2011/schema/message">
<ns2:Header>
<ns2:Verb>reply</ns2:Verb>
<ns2:Noun>QueryData</ns2:Noun>
<ns2:Timestamp>2016-11-17T15:44:51Z</ns2:Timestamp>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
...
Something between send and receive is insertting this namespace:
xmlns:env="http://www.w3.org/2003/05/soap-envelope"
and this empty tag:
< env:Header/>
And for this, the client cannot verify the signature
The WebService is generated by Netbeans wizard throug this wsdl with JAX-WS:
<definitions xmlns="http://schemas.xmlsoap.org/wsdl/" xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/"
xmlns:cmsg="urn:iec62325.504:messages:1:0" xmlns:wss="urn:iec62325.504:wss:1:0"
xmlns:msg="http://iec.ch/TC57/2011/schema/message" targetNamespace="urn:iec62325.504:wss:1:0">
<types>
<xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema">
<xs:import namespace="urn:iec62325.504:messages:1:0"
schemaLocation="../xsd/urn-iec62325-504-messages-1-0.xsd"/>
<xs:import namespace="http://iec.ch/TC57/2011/schema/message"
schemaLocation="../xsd/http-iec-ch-TC57-2011-schema-message.xsd"/>
</xs:schema>
</types>
<message name="msgRequestMessage">
<part name="parameter" element="msg:RequestMessage"/>
</message>
<message name="msgResponseMessage">
<part name="parameter" element="msg:ResponseMessage"/>
</message>
<message name="msgFaultMsg">
<part name="msgFaultMessage" element="msg:FaultMessage"/>
</message>
<portType name="port_TFEDI_type">
<operation name="request">
<input message="wss:msgRequestMessage"/>
<output message="wss:msgResponseMessage"/>
<fault name="msgFaultMessage" message="wss:msgFaultMsg"/>
</operation>
</portType>
<binding name="binding_TFEDI" type="wss:port_TFEDI_type">
<soap12:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<operation name="request">
<soap12:operation soapActionRequired="false" style="document"/>
<input>
<soap12:body use="literal"/>
</input>
<output>
<soap12:body use="literal"/>
</output>
<fault name="msgFaultMessage">
<soap12:fault name="msgFaultMessage" use="literal"/>
</fault>
</operation>
</binding>
<service name="ServiceEME">
<port name="Service_EME_Port" binding="wss:binding_TFEDI">
<soap12:address location="http://example.com/WebService_EME/Service_EME"/>
</port>
</service>
</definitions>
The service is working perfectly but i don't know how to avoid this tag.
Thank you
Header is a mandatory field in a SOAP message, and must be the first element under Envelope. It also has to be qualified. The client needs to handle this as this is SOAP standard.
I new to Java, and thought it'd be a nice learning exercise to implement a client application on top of a .NET WCF service I'm already familiar with.
I ran wsimport.bat from the latest JAX-WS (https://jax-ws.java.net/) to generate the client proxies, However I'm stuck with the authentication part. The WCF service uses Application level Username/Password to authenticate. I don't know where to supply the credentials.
In C#, for this WCF Service I just need to add a service reference, and do the following:
var client = new ServiceClient();
client.ClientCredentials.UserName.UserName = "username";
client.ClientCredentials.UserName.Password = "password";
client.DoSomething();
From Fiddler, calling client.DoSomething() produces the following request:
<?xml version="1.0"?>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<o:Security xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" s:mustUnderstand="1">
<u:Timestamp u:Id="_0">
<u:Created>2013-05-20T01:34:28.353Z</u:Created>
<u:Expires>2013-05-20T01:39:28.353Z</u:Expires>
</u:Timestamp>
<o:UsernameToken u:Id="uuid-da5b7b57-dbb4-4c54-b529-f5b41fc728b4-1">
<o:Username>username</o:Username>
<o:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</o:Password>
</o:UsernameToken>
</o:Security>
</s:Header>
<s:Body>
<DoSomething xmlns="http://tempuri.org/"/>
</s:Body>
</s:Envelope>
Here is the Java I'm currently using:
SomeService service = new SomeService();
ISomeService port = service.getBasicHttpBindingISomeService();
DoSomethingResponse response = port.getDoSomething();
This produces the following request:
<?xml version="1.0"?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
<S:Body>
<ns6:DoSomething xmlns="http://schemas.microsoft.com/2003/10/Serialization/Arrays" xmlns:ns6="http://tempuri.org/" xmlns:ns7="http://schemas.microsoft.com/2003/10/Serialization/"/>
</S:Body>
</S:Envelope>
It's missing the Security node, so I'm not sure how to set that up on the Java side. What am I missing?
I'm not 100% bound to using JAX-WS, if there is a better alternative out there for my needs. However, the WCF service can not be modified to reconfigured, as it's out of my reach.
WSDL:
<wsdl:definitions xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:tns="http://tempuri.org/" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy" xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl" xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract" xmlns:wsa10="http://www.w3.org/2005/08/addressing" xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" name="SomeService" targetNamespace="http://tempuri.org/">
<wsp:Policy wsu:Id="BasicHttpBinding_ISomeService_policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken RequireClientCertificate="false"/>
</wsp:Policy>
</sp:TransportToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Lax/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
</wsp:Policy>
</sp:TransportBinding>
<sp:SignedSupportingTokens xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:UsernameToken sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:WssUsernameToken10/>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SignedSupportingTokens>
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy/>
</sp:Wss10>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
<wsdl:types>
<xsd:schema targetNamespace="http://tempuri.org/Imports">
<xsd:import schemaLocation="https://someservice.com/service.svc?xsd=xsd0" namespace="http://tempuri.org/"/>
<xsd:import schemaLocation="https://someservice.com/service.svc?xsd=xsd1" namespace="http://schemas.microsoft.com/2003/10/Serialization/"/>
<xsd:import schemaLocation="https://someservice.com/service.svc?xsd=xsd6" namespace="http://schemas.microsoft.com/2003/10/Serialization/Arrays"/>
</xsd:schema>
</wsdl:types>
<wsdl:message name="ISomeService_DoSomething_OutputMessage">
<wsdl:part name="parameters" element="tns:DoSomethingResponse"/>
</wsdl:message>
<wsdl:portType name="ISomeService">
<wsdl:operation name="DoSomething">
<wsdl:input wsaw:Action="http://tempuri.org/ISomeService/DoSomething" message="tns:ISomeService_DoSomething_InputMessage"/>
<wsdl:output wsaw:Action="http://tempuri.org/ISomeService/DoSomethingResponse" message="tns:ISomeService_DoSomething_OutputMessage"/>
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="BasicHttpBinding_ISomeService" type="tns:ISomeService">
<wsp:PolicyReference URI="#BasicHttpBinding_ISomeService_policy"/>
<soap:binding transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="DoSomething">
<soap:operation soapAction="http://tempuri.org/ISomeService/DoSomething" style="document"/>
<wsdl:input>
<soap:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap:body use="literal"/>
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:service name="SomeService">
<wsdl:port name="BasicHttpBinding_ISomeService" binding="tns:BasicHttpBinding_ISomeService">
<soap:address location="https://someservice.com/service.svc"/>
</wsdl:port>
</wsdl:service>
</wsdl:definitions>
I'm using the latest JDK on Windows 8 x64
You need to create a custom CallbackHandler from your Java client. I am not an expert in Java but I know that some of my clients use Metro libraries to communicate with my WCF web services.
Try searching for creating a CallbackHandler with/without Metro library.
You can download Metro library from here.
An example of what I am suggesting.
I have a JAX-WS java server which publishes a web-service
#WebService(endpointInterface="calculator.operation.Calculator")
public class CalculatorWs implements Calculator{
public String[] add(String a) {
System.out.println(a);
String[] test = {"this", "that"};
System.out.println(test);
return test;
}
}
and
#WebService
#SOAPBinding(style=SOAPBinding.Style.DOCUMENT)
public interface Calculator {
String[] add(String a);
}
and have a perl client
use SOAP::Lite +trace => 'all';
$SOAP::Constants::PREFIX_ENV = 'soapenv';
$SOAP::Constants::PREFIX_ENC = "SOAP-ENC";
my $soap = SOAP::Lite
->service('http://localhost:8080/tomcat/calculator?wsdl')
->soapversion('1.1');
my $var = {'a' => "test"};
my $result = $soap -> add($var);
The problem I'm having is that the Java server does not receive the arguments passed by the Perl client, although the value returned by the Java server is received and recognized by the client.
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/" xmlns:wsp="http://www.w3.org/ns/ws-policy" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsam="http://www.w3.org/2
007/05/addressing/metadata" xmlns:wsp1_2="http://schemas.xmlsoap.org/ws/2004/09/
policy" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:SOAP-ENC="ht
tp://schemas.xmlsoap.org/soap/encoding/" xmlns:tns="http://operation.calculator/
" xmlns:xsd="http://www.w3.org/2001/XMLSchema"><soapenv:Body><tns:add><c-gensym3
><a xsi:type="xsd:string">test</a></c-gensym3></tns:add></soapenv:Body></soapenv
:Envelope>
this is the SOAP request sent by the Perl client. Im assuming the way its building the SOAP request is to blame . But if anyone could help me figure it out, would be greatly appreciated. Thanks.
(edit)
Here is the WSDL generated by JAX-WS:
<?xml version="1.0" encoding="UTF-8" ?>
- <!-- Published by JAX-WS RI at http://jax-ws.dev.java.net. RI's version is JAX-WS RI 2.2.3-b01-.
-->
- <!-- Generated by JAX-WS RI at http://jax-ws.dev.java.net. RI's version is JAX-WS RI 2.2.3-b01-.
-->
- <definitions xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- wssecurity-utility-1.0.xsd" xmlns:wsp="http://www.w3.org/ns/ws-policy" xmlns:wsp1_2="http://schemas.xmlsoap.org/ws/2004/09/policy" xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:tns="http://operation.calculator/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns="http://schemas.xmlsoap.org/wsdl/" targetNamespace="http://operation.calculator/" name="CalculatorWsService">
- <types>
- <xsd:schema>
<xsd:import namespace="http://operation.calculator/" schemaLocation="http://localhost:8080/tomcat/calculator?xsd=1" />
</xsd:schema>
</types>
- <message name="add">
<part name="parameters" element="tns:add" />
</message>
- <message name="addResponse">
<part name="parameters" element="tns:addResponse" />
</message>
- <portType name="Calculator">
- <operation name="add">
<input wsam:Action="http://operation.calculator/Calculator/addRequest" message="tns:add" />
<output wsam:Action="http://operation.calculator/Calculator/addResponse" message="tns:addResponse" />
</operation>
</portType>
- <binding name="CalculatorWsPortBinding" type="tns:Calculator">
<soap:binding transport="http://schemas.xmlsoap.org/soap/http" style="document" />
- <operation name="add">
<soap:operation soapAction="" />
- <input>
<soap:body use="literal" />
</input>
- <output>
<soap:body use="literal" />
</output>
</operation>
</binding>
- <service name="CalculatorWsService">
- <port name="CalculatorWsPort" binding="tns:CalculatorWsPortBinding">
<soap:address location="http://localhost:8080/tomcat/calculator" />
</port>
</service>
</definitions>
Showing the java function is great for java programmers, you need to show the WSDL or sample SOAP (read XML) invocation ... my guess, all you need
my $result = $soap -> add( 'test');
You should know SOAP::Simple is better at wsdl than SOAP::Lite
I was having the same problem. I made it work with the following two changes:
Name your arguments as in the XSD (http://localhost:8080/tomcat/calculator?xsd=1)
Don't use the default namespace, but a namespace prefix for the SOAP method (ns() method).
Example code:
my $soap = SOAP::Lite
-> proxy('http://localhost:8080/tomcat/calculator')
-> ns ('http://operation.calculator/');
my $response = $soap->call('add', SOAP::Data->name( arg0 => 'Peter Pan'));