I have to insert the security tag in all the request inside the header. How do I automate? because for every request I have to copy past manually which takes time to do for all the request
Below is the Actual Request:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ws="http://ws.test.sample.com/" xmlns:ws1="http://ws.test.sample.com/">
<soapenv:Header>
</soapenv:Header>
After adding the security tag:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ws="http://ws.test.sample.com/" xmlns:ws1="http://ws.test.sample.com/">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://doc.test.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-1" xmlns:wsu="http://doc.test.xsd">
<wsse:Username>test</wsse:Username>
<wsse:Password Type="http://doc.test.xsd">o9j1/hA/mkFTG0ODti</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
Related
When calling a web service, the client is expected to send a specific prefix for a namespace. Otherwise, a fault code is returned.
Here's the request that returns a fault code:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://service.connector.uut.cs.com.tr/">
<soapenv:Header>
<se:Security xmlns:se="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<se:UsernameToken>
<se:Username>XXXX</se:Username>
<se:Password>XXXX</se:Password>
</se:UsernameToken>
</se:Security>
</soapenv:Header>
<soapenv:Body>
<ser:kayitliKullaniciListeleExtended>
<urun>EFATURA</urun>
<gecmisEklensin></gecmisEklensin>
</ser:kayitliKullaniciListeleExtended>
</soapenv:Body>
</soapenv:Envelope>
Whereas this request works:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://service.connector.uut.cs.com.tr/">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>XXXX</wsse:Username>
<wsse:Password>XXXX</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<ser:kayitliKullaniciListeleExtended>
<urun>EFATURA</urun>
<gecmisEklensin></gecmisEklensin>
</ser:kayitliKullaniciListeleExtended>
</soapenv:Body>
</soapenv:Envelope>
Only difference between the two requests is the namespace prefix (the one that works is wsse, every other prefix fails). Is it a correct implementation to ask the client to pass a specific prefix for the namespace?
I expected that the prefix names can be anything as long as the uri identified by xmlns: is correct.
Before this project I never worked with SOAP. So I followed all of the instructions from: https://wktaaeu.force.com/nlcommunity/s/article/Setting-up-OAuth-2-0-Introduction?language=en_US and used the Postman templates on that page to make SOAP requests.
After a while I got the Access Token and company code, but I can't find out how to make other requests. With every request that I try to make from different sources on the internet I get the following error:
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<soap:Body>
<soap:Fault>
<faultcode>soap:Server</faultcode>
<faultstring>Server was unable to process request. ---> Object reference not set to an instance of an object.</faultstring>
<detail />
</soap:Fault>
</soap:Body>
</soap:Envelope>
Im making a mistake why every request fails but I can't figure it out.
Examples of different requests I tried
This one I took from: Postman Twinfield API request deleted transactions
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<h:Authentication xmlns:h="http://www.twinfield.com/" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<AccessToken xmlns="http://schemas.datacontract.org/2004/07/Twinfield.WebServices.Shared">ACCESS_TOKEN</AccessToken>
<CompanyCode xmlns="http://schemas.datacontract.org/2004/07/Twinfield.WebServices.Shared">35f3248f-46cc-4a8e-b16c-69ac65118771</CompanyCode>
</h:Authentication>
</s:Header>
<s:Body>
<Query i:type="b:GetDeletedTransactions" xmlns="http://www.twinfield.com/" xmlns:a="http://schemas.datacontract.org/2004/07/Twinfield.WebServices" xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns:b="http://schemas.datacontract.org/2004/07/Twinfield.WebServices.DeletedTransactionsService">
<b:CompanyCode>COMPANY_CODE</b:CompanyCode>
<b:DateFrom>2022-01-01T00:00:00</b:DateFrom>
<b:DateTo>2022-12-31T23:59:00</b:DateTo>
<b:Daybook></b:Daybook>
</Query>
</s:Body>
</s:Envelope>
Second try was by myself from the docs:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:twin="http://www.twinfield.com/">
<soapenv:Header>
<twin:Header>
<twin:AccessToken>ACCESS_TOKEN</twin:AccessToken>
</twin:Header>
</soapenv:Header>
<soapenv:Body>
<twin:ProcessXmlString>
<twin:xmlRequest><![CDATA[<list><type>offices</type></list>]]></twin:xmlRequest>
</twin:ProcessXmlString>
</soapenv:Body>
</soapenv:Envelope>
Last one also made by my reading the docs:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:twinfield="http://www.twinfield.com/">
<soap:Header>
<twinfield:Header>
<twinfield:AccessToken>ACCESS_TOKEN</twinfield:AccessToken>
<twinfield:CompanyCode>COMPANY_CODE</twinfield:CompanyCode>
</twinfield:Header>
</soap:Header>
<soap:Body>
<twinfield:ProcessXmlDocument>
<twinfield:xmlRequest>
<read>
<type>dimensions</type>
<office>COMPANY_CODE</office>
<dimtype>SALARIS</dimtype>
<code>1234</code>
</read>
</twinfield:xmlRequest>
</twinfield:ProcessXmlDocument>
</soap:Body>
</soap:Envelope>
I'v had the same struggle as you are going through, after a while I contacted Twinfield about this and they offered me a slightly different soap xml, this is no where explained nor noted down but it worked so maybe it will work for you as well:
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<h:Authentication xmlns:h="http://www.twinfield.com/" xmlns:i="http://www.w3.org/2001/XMLSchema-instance">
<AccessToken xmlns="http://schemas.datacontract.org/2004/07/Twinfield.WebServices.Shared">{{Accescode}}</AccessToken>
<CompanyCode xmlns="http://schemas.datacontract.org/2004/07/Twinfield.WebServices.Shared">{{Company}}</CompanyCode>
</h:Authentication>
</s:Header>
<s:Body>
<Query i:type="b:GetDeletedTransactions" xmlns="http://www.twinfield.com/" xmlns:a="http://schemas.datacontract.org/2004/07/Twinfield.WebServices" xmlns:i="http://www.w3.org/2001/XMLSchema-instance" xmlns:b="http://schemas.datacontract.org/2004/07/Twinfield.WebServices.DeletedTransactionsService">
<b:CompanyCode>{{Company}}</b:CompanyCode>
<b:DateFrom>2022-06-01T00:00:00</b:DateFrom>
<b:DateTo>2022-07-30T23:59:00</b:DateTo>
<b:Daybook></b:Daybook>
</Query>
</s:Body>
</s:Envelope>
As you can see there a few parameters that you need to set the "Company" and the "Access code"
for the company list I've been using this xml request:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:twin="http://www.twinfield.com/">
<soapenv:Header>
<twin:Header>
<twin:AccessToken>{{Accescode}}</twin:AccessToken>
</twin:Header>
</soapenv:Header>
<soapenv:Body>
<twin:ProcessXmlString>
<twin:xmlRequest><![CDATA[<list><type>offices</type></list>]]></twin:xmlRequest>
</twin:ProcessXmlString>
</soapenv:Body>
</soapenv:Envelope>
if these dont work it might be that your licence within the twinfield environment needs to be adjusted so you've access to this.
I have credentials for VMware SSO-server. I make attempts to send SOAP-request for acquiring a SAML-token from server:
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ns="http://docs.oasis-open.org/ws-sx/ws-trust/200512"
xmlns:oas1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:urn="urn:oasis:names:tc:SAML:2.0:assertion"
xmlns:xd="http://www.w3.org/2000/09/xmldsig#"
xmlns:sam="http://www.rsa.com/names/2009/12/std-ext/SAML2.0"
xmlns:oas="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:ns1="http://docs.oasis-open.org/ws-sx/ws-trust/200802"
xmlns:add="http://www.w3.org/2005/08/addressing"
xmlns:adv="http://www.rsa.com/names/2009/12/std-ext/WS-Trust1.4/advice">
<soapenv:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsu:Created>2017-01-24T20:03:20.344Z</wsu:Created>
<wsu:Expires>2017-01-30T20:03:20.344Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken>
<wsse:Username>username</wsse:Username>
<wsse:Password>password</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<ns:RequestSecurityToken>
<ns:TokenType>urn:oasis:names:tc:SAML:2.0:assertion</ns:TokenType>
<ns:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</ns:RequestType>
<ns:Lifetime>
<oas1:Created>2017-01-24T20:03:20.344Z</oas1:Created>
<oas1:Expires>2017-01-30T20:03:20.344Z</oas1:Expires>
</ns:Lifetime>
<ns:Renewing Allow="false" OK="true"/>
<ns:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer</ns:KeyType>
<ns:SignatureAlgorithm>http://www.w3.org/2001/04/xmldsig-more#rsa-sha256</ns:SignatureAlgorithm>
</ns:RequestSecurityToken>
</soapenv:Body>
</soapenv:Envelope>
But I receive such error message:
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
<S:Body>
<S:Fault xmlns:ns4="http://www.w3.org/2003/05/soap-envelope">
<faultcode>S:Server</faultcode>
<faultstring>org.xml.sax.SAXParseException</faultstring>
</S:Fault>
</S:Body>
</S:Envelope>
Could anyone explain where is my mistake in the SOAP-request?
I am using the DocuSign API WSDL in my SOAP UI and trying to call a method but getting the error User_Authentication_Failed - Missing authentication header
In some post seen that Security token need to to use but not getting the security token in docusign instead we have Integrator key value.
Please if someone can provide the guidance here.
My SOAP UI request is:
<soapenv:Envelope xmlns:ns="http://www.docusign.net/API/3.0" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-2" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>haider#abcd.com</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">HR123456</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">iJwabpA/2j2ooh7deCAVcg==</wsse:Nonce>
<wsu:Created>2014-07-24T17:46:39.991Z</wsu:Created>
</wsse:UsernameToken>
<wsu:Timestamp wsu:Id="Timestamp-1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsu:Created>2014-07-24T17:46:19.730Z</wsu:Created>
<wsu:Expires>2014-07-24T17:56:19.730Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<ns:RequestPDF>
<!--Optional:-->
<ns:EnvelopeID>01f90b51-7cf4 -48a1-8946-2795fc970b77</ns:EnvelopeID>
</ns:RequestPDF>
</soapenv:Body>
</soapenv:Envelope>
Getting Response as:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<soap:Header>
<wsa:Action>http://schemas.xmlsoap.org/ws/2004/08/addressing/fault</wsa:Action>
<wsa:MessageID>urn:uuid:6e9fbf02-7c18-4d65-bbfc-f828cf51bb57</wsa:MessageID>
<wsa:RelatesTo>urn:uuid:7e7b4a69-834f-4906-9b92-a16cc8f6d32b</wsa:RelatesTo>
<wsa:To>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:To>
<wsse:Security>
<wsu:Timestamp wsu:Id="Timestamp-659010d2-c16b-479a-ae43-169846a7898c">
<wsu:Created>2014-07-24T17:47:54Z</wsu:Created>
<wsu:Expires>2014-07-24T17:52:54Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</soap:Header>
<soap:Body>
<soap:Fault>
<faultcode>soap:Server</faultcode>
<faultstring>User_Authentication_Failed - Missing authentication header</faultstring>
<detail/>
</soap:Fault>
</soap:Body>
</soap:Envelope>
The documentation below may be a better outline of using authentication headers and the endpoint URL's:
https://www.docusign.com/p/APIGuide/APIGuide.htm#Introduction+Changes/Authentication.htm%3FTocPath%3DAuthentication%7C_____0
Below also outlines the above with Send On Behalf Of:
https://www.docusign.com/p/APIGuide/APIGuide.htm#Introduction+Changes/Send On Behalf Of Functionality.htm%3FTocPath%3DAuthentication%7C_____2
Since the header type you choose also determines which endpoint URL you should use, below are examples for the demo environment:
HTTP = https://demo.docusign.net/api/3.0/dsapi.asmx
SOAP = https://demo.docusign.net/api/3.0/api.asmx
Because you are utilizing SOAP, the correct endpoint would be the api.asmx.
In SOAP UI, you can:
Select the endpoint drop down from the top
[edit current]
Populate the following URL:
https://demo.docusign.net/api/3.0/api.asmx
You would also need to add your Integrator Key as well inside the authentication. The integrator key should always be in brackets "[ ]" as well.My example below:
<soap:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soap:mustUnderstand="1">
<wsse:UsernameToken wsu:Id="UsernameToken-1">
<wsse:Username>[INTEGRATOR KEY]DS USERNAME</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">[PASSWORD]</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
In SOAP UI you will add the header and value for the request. Select the header button at the footer of the page and select add. You will add your authentication header here.
I try to add rampart security to my axis 2 project using this tutorial page 19- 22
SO everything seems fine but when I switch to soapUI perspective to try to test the service
the request which I'm proposed is :
soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:axis="http://axis2wstest">
<soapenv:Header/>
<soapenv:Body>
<axis:testws>
<!--Optional:-->
<axis:x>5</axis:x>
</axis:testws>
</soapenv:Body>
</soapenv:Envelope>
and it gives me as a response:
faultstring>Missing wsse:Security header in request</fau
SO I add the security header and my request becomes the same as the one written in the tutorial
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:axis="http://axis2wstest">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-
200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-
open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="123">
<wsse:Username>test</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-
200401-wss-username-token-profile-1.0#PasswordText">pass</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<axis:testws>
<!--Optional:-->
<axis:x>5</axis:x>
</axis:testws>
</soapenv:Body>
</soapenv:Envelope>
but the response is the same
soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Body>
<soapenv:Fault xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<faultcode>wsse:InvalidSecurity</faultcode>
<faultstring>Missing wsse:Security header in request</faultstring>
<detail/>
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>
Don't add the security header directly to your request!
Click on Aut at the bottom left. Then you can enter your username/password there.
For more information see: http://www.soapui.org/SOAP-and-WSDL/authenticating-soap-requests.html
As Authorisation type choose Preemptive. (Only in soapUI 4.5.1 as far as I know)