I have to add wss and addresing wsa to my SOAP Request. I have tried doing that using SOAP Message UsernameToken but it failed
Password_Digest = Base64 ( SHA-1 ( nonce + created + Base64 ( SHA-1 ( password ) ) ) )
It would be easier to use WS-Security Plugin for JMeter which provides a custom PreProcessor called SOAP Message UsernameToken where you can specify the UsernameToken details:
More information: Running SOAP WS-Security Load Tests in JMeter
Related
I'm trying to call a REST API for this end point URL. But I'm getting this exception
javax.net.ssl.SSLHandshakeException: Received fatal alert: handshake_failure
I have already added the JCE and installed the certificate in the Java keystore.
I'm using Java 8 and part of my code looks like this:
Client client = ClientBuilder.newClient();
WebTarget target = client.target(END_POINT);
Invocation.Builder invocationBuilde = target.request(MediaType.APPLICATION_JSON);
Response response = invocationBuilder.get();
String s = response.readEntity(String.class);
System.out.println(s)
In addition to this I activated the debug mode -Djavax.net.debug=all and this is all the negotiation:
Negotiation REST API
From client (eg: https://localhost:8080/) we are passing the certificate related values and calling the rest services ( hosted on different port - https://localhost:446/serviceName).
The issue is like, when we try to pass the certificate , SSL handshake is happening correctly (no error on debug) , but the certificate value is not passed to the service hosted on another port. Certificate value is accessed in server code by referring to (X509Certificate)httpReq.getAttribute("javax.servlet.request.X509Certificate");
Note : We use Spring boot application which intenally runs on tomcat server.And desired CA authorised certificates, keystore and truststore are present in resource path in both the projects (client and service hosted). In rest service project config file, the client-auth is set to false.
Sample code snippet used to call rest service:
SSLContext sslContext = SSLContexts.custom().loadTrustMaterial(restserviceTruststore)
.loadKeyMaterial(restserviceKeyStore, password).build();
HttpClient client = HttpClients.custom() .setHostnameVerifier(SSLConnectionSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER)
.setSslcontext(sslContext).build();
RestTemplate restTemplate = new RestTemplate();
restTemplate.setRequestFactory(new HttpComponentsClientHttpRequestFactory(client));
HttpHeaders headers = new HttpHeaders();
headers.setContentType(MediaType.APPLICATION_XML);
HttpEntity<String> request = new HttpEntity<>(XML, headers);
response = restTemplate.postForObject(endpointURL, request, String.class);
Question:
1) From client what keystore and trustore should we need to pass to SSLContext? Is it server's keystore /truststore or clients?
2)What are the exact steps to be followed to resolve this issue.
I'm developing a SOAP service using Apache CXF & WSS4J for security,which receives a SOAP service request which are digitally signed message. Testing using SOAP UI but I'm getting an issue with decrypting and validating the signature. Here is the error message that I'm getting.
<faultcode xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">ns1:FailedCheck</faultcode>
<faultstring>The signature or decryption was invalid</faultstring>
I have a working spring-mvc application with rest services and some rest-assured tests which are fine :
#Test
public void createFoobarFromScratchReturns201(){
expect().statusCode(201).given()
.queryParam("foo", generateFoo())
.queryParam("bar", generateBar())
.when().post("/foo/bar/");
}
=> OK
Then I implemented a digest authentication. Everything is working well, now I have to log in to use my services :
curl http://localhost:8089/foo/bar
=> HTTP ERROR 401, Full authentication is required to access this resource
curl http://localhost:8089/foo/bar --digest -u user_test:password
=> HTTP 201, CREATED
But when I try to upgrade my tests with the most obvious function, I still have a 401 error :
#Test
public void createFoobarFromScratchReturns201(){
expect().statusCode(201).given()
.auth().digest("user_test", "password") // Digest added here
.queryParam("foo", generateFoo())
.queryParam("bar", generateBar())
.when().post("/foo/bar/");
}
=> Expected status code <201> doesn't match actual status code <401>
I found some clues with the preemptive() function, but it seems to be only implemented for basic :
// Returns an AuthenticatedScheme and stores it into the general configuration
RestAssured.authentication = preemptive().basic("user_test", "password");
// Try a similar thing, but it didn't work :
RestAssured.authentication = RestAssured.digest("user_test", "password");
Currently, I am trying to achieve two things :
I need to upgrade a couple of my tests to support digest
I need to amend the #Before of the rest of my tests suites (whose are not related to auth issues), to be already logged in.
Any ideas or documentation ?
Try enabling support for cookies in the HTTP client embedded inside Rest Assured with:
RestAssuredConfig config = new RestAssuredConfig().httpClient(new HttpClientConfig().setParam(ClientPNames.COOKIE_POLICY, CookiePolicy.BEST_MATCH));
expect().statusCode(201).given()
.auth().digest("user_test", "password") // Digest added here
.config(config)
.queryParam("foo", generateFoo())
.queryParam("bar", generateBar())
.when().post("/foo/bar/");
The HTTP client (and therefore Rest Assured) supports digest authentication and the configuration of RestAssured using the digest method works well.
I am trying to test soap 1.2 services using RobotFramework. So far, we have only tested soap 1.1 services using suds library for RobotFramework, and suds is not compatible with soap 1.2.
Backwards compatibility is an option for the new services, but it would be better to have a more long-term solution. I am not an experienced programmer, though I can edit code if told what to edit and where.
What happens in the test we have for soap 1.2 services using suds is: suds is unable to interpret the response it gets from the webservice and gives this error: SAXParseException: :159:229: mismatched tag
The soap message is fine, there is no problem using it in SoapUI.
I have found some snippets online that suggest I could get suds library to work with soap 1.2 for my RobotFramework tests. But I have little programming experience and no idea how to incorporate those snippets in suds.
Someone commented on this snippet that this fixed his issue with RobotFramework and suds.
Is there someone out there willing to explain how I could make this work? I can't seem to figure it out on my own. Any suggestions would be greatly appreciated.
from suds.client import Client
from suds.bindings import binding
import logging
USERNAME = 'username'
PASSWORD = 'password'
# Just for debugging purposes.
logging.basicConfig(level=logging.INFO)
logging.getLogger('suds.client').setLevel(logging.DEBUG)
# Telnic's SOAP server expects a SOAP 1.2 envelope, not a SOAP 1.1 envelope
# and will complain if this hack isn't done.
binding.envns = ('SOAP-ENV', 'http://www.w3.org/2003/05/soap-envelope')
client = Client('client.wsdl',
username=USERNAME,
password=PASSWORD,
headers={'Content-Type': 'application/soap+xml'})
# This will now work just fine.
client.service.someRandomMethod()
snippet from: https://gist.github.com/kgaughan/858851
In short Suds does not support SOAP 1.2 bindings. Development has ceased quite some time ago. For this reason the SudsLibrary does not support it either.
Some of the differences I observed using an example service SOAP 1.1/1.2 are:
HTTP header Content-Type:
1.2 = "application/soap+xml"
1.1 = "text/xml".
HTTP header
1.2 = Action
1.1 = SOAPAction
Envelope Namespace
1.2 = "http://www.w3.org/2003/05/soap-envelope"
1.1 = "http://schemas.xmlsoap.org/soap/envelope/"
For each of these a seperate solution was implemented in the example below. The content type could be overwritten. The Action can be added but the SOAPAction can not be removed. The namespace can also be overwritten using the extension library. This should work for you if your service ignores the SOAPaction header attribute.
Test Case.robot
*** Settings ***
Library SudsLibrary
Library SudsLibraryExtension
Library Collections
*** Test Cases ***
TC
${BASE_URL} Set Variable http://www.holidaywebservice.com
${SERVICE} Create Dictionary
... name=HolidayService_v2
... wsdl=HolidayService2.asmx?WSDL
${PORT} Set variable HolidayService2Soap12
${METHOD} Set variable GetCountriesAvailable
Set Binding SOAP-ENV http://www.w3.org/2003/05/soap-envelope
Create Soap Client ${BASE_URL}/${SERVICE.name}/${SERVICE.wsdl}
Set Port ${PORT}
Set Headers Content-Type application/soap+xml
Set Headers Soapaction ${EMPTY}
Set Headers Action "${BASE_URL}/${SERVICE.name}/${METHOD}"
${result} Call Soap Method ${METHOD}
SudsLibraryExtension.py
import suds.bindings
from robot.libraries.BuiltIn import BuiltIn, RobotNotRunningError
class SudsLibraryExtension(object):
"""
Extension on the SudsLibrary
"""
ROBOT_LIBRARY_SCOPE = 'GLOBAL'
ROBOT_LIBRARY_VERSION = 1.0
def __init__(self, LibraryName='SudsLibrary'):
"""SudsLibraryExtension can be imported with an optional argument.
- ``LibraryName``:
Default value for `LibraryName` is SudsLibrary if not given.
The name can by any Library Name that implements or extends the
SudsLibraryExtension.
"""
try:
self.SudsLibrary = BuiltIn().get_library_instance(LibraryName)
# This is useful for when you run Robot in Validation mode or load
# the library in an IDE that automatically retrieves the documen-
# tation from the library.
except RobotNotRunningError:
pass
def set_binding(self, binding, url):
"""Set Binding can be used to add a binding to the message.
Example Set Binding SOAP-ENV http://www.w3.org/2003/05/soap-envelope
"""
suds.bindings.binding.envns = (binding, url)