SoapCore and Message Header - soap

I have a customer that requires us to use a SOAP service (and yes...I tried to have that changed and no go). The soap message needs to look like this with an AuthHeader in the Header.
I've tried using SoapCore with an IMessageInspector2 and a MessageHeader attribute but no luck
Does anyone have a solution for this? I have to send the WSDL to our customer so they can code against it.

Related

How to parametrize UUID in upload XML-attachment in Jmeter?

I need to make stress test with method POST (SOAP API). I tried to use function ${_UUID} to make UUID like abec119d-2d8e-4705-a994-f7c326967bnn and send XML code in body data of HTTP request, but it fails with response
500 (Invalid Security Header)
So, my question is - is it possible, to randomize UUID in uploading XML file or how can I make it?
Invalid Security Header message indicates that the contents of your wsse:Security header is malformed.
Without seeing the header itself it's hard to say what's wrong exactly, most probably you're sending a hard-coded timestamp which in the past hence server doesn't accept it. Also it could be that the signature is required and again your hard-coded signature is not accepted.
I would recommend installing WS Security for SOAP plugin using JMeter Plugins Manager
and once you perform the necessary configuration it should generate the "good" header so your SOAP request will be accepted.

Node-Red HTTP Input verify json

this might be a stupid question but I was unable to find a solution, also no luck with search.
My Node-Red flow gets triggered by a HTTP Input because I want to create a REST Webservice. It works fine so far but I wonder how to verify the content someone send to me.
As I see right now, I can pass any kind of content. There is no verification if the content matches to the content I want as input.
If I set content-type to application/json, it only accepts json data. That's great but I also want to ensure, users can post only a specific json string.
If someone sends data I'm unable to proceed (not the json object I expected), I want to send HTTP 400 as response.
I'm pretty new to Node-Red and also to json. I'm more an old-school programmer using classic webservices and soap. What I'm missing is some kind of WSDL (not sure if it exists when using REST) and some kind of payload validation.
It would be great if someone can point me the way to go.
Best regards
Patrick
There are some nodes available for doing schema validation on JSON objects.
For example, node-red-contrib-json-schema-validator - which uses ajv as the validation engine under the covers. Unfortunately this node doesn't come with much in the way of help. Essentially it lets you provide your schema and if a message fails to validate, it logs an error which can be handled with a Catch node if you want.
I found the issue. It was too bad.
I just forgotten to set HTTP Header content-type to application/json.
node-red-contrib-json-schema-validator works like a charm if content type is set corret

RESTful services with AXL

I am trying to create a few restful webservices that will add a bit functionality to the company cisco phones. The basic idea is simple, the users get a small client on which they need to enter login and password. When they have done so, their phone/phones are 'registered' to my restful service and they get added functions on their phone. When they log out, they get unregistered. To provide the extra functions (like adjusted caller information etc etc) I need the Cisco AXL API. This is a SOAP based API. I have generated the java classes using the wsdl already. When I make a testclient using the generated classes, all works fine.
But here comes the problem: When I try to run a soap request while my application is deployed on my Tomcat 7 container, it doesn't work anymore.
The problem seems to be the AXLAPIService, which hangs when executing the following piece of code:
#WebEndpoint(name = "AXLPort")
public AXLPort getAXLPort() {
return super.getPort(new QName("http://www.cisco.com/AXLAPIService/", "AXLPort"), AXLPort.class);
}
In other words, i am not getting a port for the soap request and it makes the tomcat crash i f you wait long enough.
I went googling. Somebody on some forum once had a problem because of an out of date stax version. I adjusted the stax version in my POM and tried again, to no help.
I also read somewhere that the underlaying javax.xml.ws.Service actually has an enumeration of ports, and when you do getPort(), you will get the most appropiate port. I then looked up the default port for SOAP and that would be 80, just like the port used for RESTful services. Could it be that the soap service would be wanting port 80, but that it can't have it because it is already in use?
So, to summarize my question:
can it be that my restful services consume the same port that my soap
request would want to use?
if not, what could be the problem then and how should I fix it?
As additional information, this is how the axl wsdl defines the service:
<service name="AXLAPIService">
<port binding="s0:AXLAPIBinding" name="AXLPort">
<soap:address location="https://CCMSERVERNAME:8443/axl/"/>
</port>
I was thinking about changing the soap port myself. Some googling tells me I should do that in the wsdl but I wouldn't really know how. There is post already here but I fail to see how binding another portname could help me out....
As with so many things involving Cisco Telephony and their Administrative XmL (AXL), I found a workaround instead of an actual answer. Since a problem never really leaves my mind, I spent the rest of yesterday trying to find a solution for getting information out of that AXL thing.
Any actual answers to the above questions are still welcome though.
The workaround I found is this: Since SOAP can be seen as a special http POST request, it should be possible to do a SOAP call using a REST framework such as Jersey. You just need some extra code to make it work. I used the 'SoapProvider' from the link and for those who are also wrestling with this, I'll add my code:
public void doSoapRequest() throws SOAPException, JAXBException{
ClientConfig config = new DefaultClientConfig();
config.getClasses().add(SoapProvider.class);
Client c = Client.create(config);
c.addFilter(new LoggingFilter());
c.addFilter(new HTTPBasicAuthFilter("user", "password"));
MessageFactory messageFactory = MessageFactory.newInstance();
SOAPMessage message = messageFactory.createMessage();
SOAPPart soapPart = message.getSOAPPart();
SOAPEnvelope envelope = soapPart.getEnvelope();
SOAPBody body = envelope.getBody();
SOAPElement bodyElement = body.addChildElement(envelope.createName("getCCMVersion", "", "http://www.cisco.com/AXL/API/8.5"));
message.saveChanges();
WebResource service = c.resource("https://youraxlmachine:8443/axl/");
// POST the request
ClientResponse cr = service.type(MediaType.TEXT_XML).header("SOAPAction", "\"https://youraxlmachine:8443/axl/getCCMVersion\"").post(ClientResponse.class, message);
message = cr.getEntity(SOAPMessage.class);
JAXBContext ctx = JAXBContext.newInstance(GetCCMVersionRes.class);
Unmarshaller um = ctx.createUnmarshaller();
GetCCMVersionRes response = (um.unmarshal(message.getSOAPPart().getEnvelope().getBody().extractContentAsDocument(), GetCCMVersionRes.class)).getValue();
System.out.println("HERE COMES THE VERSION!");
System.out.println(response.getReturn().getComponentVersion().getVersion());
}
I have left as many things unchanged as I could, except for the company specific details. This code works for getting the CCM version.
WARNING: Depending on how you perform the request, you might get a different result for the same request. I'll explain:
I have implemented other AXL methods as well, such as getUser. Before I even coding the Jersey soap service, I tried everything with SOAPUI. So I setup the SOAPUI so I could do RESTful requests to the AXL server. Using my restful setup in SOAPUI, I get the same results as I when would do the standard SOAP calls using both SOAPUI and my first implementation of a soapclient in java.
But when I use the jersey client to do the same getUser request, some important fields are missing from the result. I have no clue what could have caused this. For the request getPhone, I dont even get a valid response. So be warned.

How to pass parameters to soap in classic asp

I need to call a web service from my classic ASP website. I have been provided with a URL and three variables from the SOAP provider:
URL of web service: http://www.theirwebsite.co.uk/B2bservice.asmx
Parameter1: CustId
Parameter2: PWord
Parameter3: OrderNo
So I'm supposed to send this SOAP request from my classic ASP website, along with the parameter values (which I've been given too) and it's supposed to return a string.
I've tested the SOAP response using soapclient.com, and sure enough if I enter the web service URL and add the paramter values, it returns a string, like it should.
The problem is I just can't find how to do it with classic ASP!! I've found numerous examples of calling a SOAP URL from classic ASP, but none of them mention how to pass parameters.
Can someone please show me a simple-as-possible implementation of how I get the return string from this web service in ASP, passing the parameters in?
Many thanks in advance for any help.
Dan, you have to change the GET for a POST
I don't know much about classic ASP and don't know if it has a SOAP client implementation, but if classic ASP allows you to send an HTTP POST with an arbitrary body and arbitrary HTTP headers, it should be possible to do what you want (in a somewhat hacky way).
Just issue a POST request with the entire SOAP message hard-coded except for your parameters. Make sure to get the Content-Type and SOAPAction headers right.
If you don't know how to properly create a valid SOAP message and to properly set the headers, use a tool like http://web.progress.com/en/actional/actional-diagnostics.html to send a test message, then use a tool like Fiddler to take a look at what was actually sent, and then hard-code it into your app.

How do I write a WSDL file to accept arbitrary SOAP Headers?

I have a client that wants to send a large number of SOAP Header fields to my web service. The only thing I am expected to do with these values is reflect them back.
What is the proper way to handle this? They would like me to define each of them in the WSDL, but they are quite specific and will have no meaning to any other clients.
I have some code that simply intercepts the request and copies the headers back onto the response, but I don't know how to handle this in the WSDL. Is it legitimate to simply leave them out yet? Or a generic way to say "send me anything and I'll send it back"?
At least in WSDL 1.1, it isn't required to list all the headers in the WSDL file:
It is not necessary to exhaustively list all headers that appear in the SOAP Envelope using soap:header. For example, extensions (see section 2.1.3) to WSDL may imply specific headers should be added to the actual payload and it is not required to list those headers here.
I can't find the corresponding section in the WSDL 2.0 spec, but I don't think this would have changed.