I have a business scenario where I have to invoke a client SOAP service that uses additional SOAP header parameters using Oracle SOA Suite 12c. When I test the web service independently via SOAP UI it shows below schema as input-
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:com="http://xmlns.client.org/Schema/Common/1.0/Common.xsd" xmlns:user="http://xmlns.uppcl.org/Schema/UserAccess/2.0/UserAccess.xsd">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.demo-open.org/wss/2004/01/demo-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken xmlns:wsu="http://docs.demo-open.org/wss/2004/01/demo-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>DemoUser</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">Demo#123</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
<com:TransactionReference>
<com:SourceSystemId>TXNSYSID</com:SourceSystemId>
<com:TxID>0403216376127836</com:TxID>
<!--Optional:-->
<com:BusinessID>DTUIQS</com:BusinessID>
</com:TransactionReference>
</soapenv:Header>
<soapenv:Body>
<user:CheckUserRequest>
<user:UserId>USER_ID</user:UserId>
</user:CheckUserRequest>
As we can see additional header elements wsse:Security > UsernameToken > Username/Password , TransactionReference > SourceSystemId / TxID / BusinessID as XML node.
Further, I configured the SOAP adapter in my SOA composite but it has only one input argument UserId. Now I am not able to figure out how can I pass additional headers (username/password, SourceSystemId / TxID / BusinessID ) in SOA Header for target web service invocation in my SOA composite.
add this snippet to omitt default wsa tags
<binding.ws> <property name="oracle.soa.ws.outbound.omitWSA" type="xs:boolean" many="false" override="may">true</property> </binding.ws>
Related
i'd like to remove "Timestamp" tag from SOAP headers and send Security headers like this:
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>Username</wsse:Username>
<wsse:Password>Password</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
I use WSO2 esb. Proxy service with policy.
Remove the <sp:IncludeTimeStamp> tag inside Policy xml and open and save the proxy service that uses this policy. Then only the proxy will load the changed policy xml and the change will get reflected in the proxy.
Created an application with this soap call createApplication()
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://org.apache.axis2/xsd" xmlns:xsd1="http://model.common.application.identity.carbon.wso2.org/xsd">
<soapenv:Header/>
<soapenv:Body>
<xsd:createApplication>
<xsd:serviceProvider>
<xsd1:applicationName>travelocity.com</xsd1:applicationName>
<xsd1:description>SaMLApp</xsd1:description>
</xsd:serviceProvider>
</xsd:createApplication>
Added a service provider with this soap call addRPServiceProvider()
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://org.apache.axis2/xsd"
xmlns:xsd1="http://dto.saml.sso.identity.carbon.wso2.org/xsd">
<soapenv:Header/>
<soapenv:Body>
<xsd:addRPServiceProvider>
<xsd:spDto><xsd1:assertionConsumerUrl>http://localhost:8080/travelocity.com/home.jsp</xsd1:assertionConsumerUrl>
<xsd1:doSignAssertions>true</xsd1:doSignAssertions>
<xsd1:doSignResponse>true</xsd1:doSignResponse>
<xsd1:doSingleLogout>true</xsd1:doSingleLogout>
<xsd1:issuer>sophos.com</xsd1:issuer>
<xsd1:nameIDFormat>urn:oasis:names:tc:SAML:1.1:nameid-format:emailAddress</xsd1:nameIDFormat>
<xsd1:useFullyQualifiedUsername>true</xsd1:useFullyQualifiedUsername>
</xsd:spDto>
</xsd:addRPServiceProvider>
Now how should I link those by calling updateApplication()? What should be the attributes of update application soap call? I referred this, but could not figure out the linking part in updateApplication().
Note: I can create these on WSO2 IS management console web UI. I could not create them through API calls.
SAML application will be added as an inbound authentication configuration of the Service Provider. So when you call updateApplication method, use the issuer name that you used to create the SAML application (travelocity.com in your case) as the inboundAuthKey in inboundAuthenticationConfig section. If you need a code sample please follow this.
I am very new to Mule ESB. I want to expose a Mule flow as an WebService to an external applicaton. How to set the request(payload) structure in the wsdl exposed by mule?
Am using CFX for it.
Currently my request while loading WSDL in SoapUI looks like this:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:sup="http://support.cxf.module.mule.org/">
<soapenv:Header/>
<soapenv:Body>
<sup:invoke>
<sup:arg0>?</sup:arg0>
</sup:invoke>
</soapenv:Body>
</soapenv:Envelope>
Actual request expected to be is as follows:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:v1="http://pcom.orga.com/pc/webservices/messages/v1">
<soapenv:Header/>
<soapenv:Body>
<v1:searchOfferRequest>
<searchInput>
<status>RELEASED</status>
</searchInput>
</v1:searchOfferRequest>
</soapenv:Body>
</soapenv:Envelope>
Have a look at Mule documentation for exposing a SOAP service in Mule, specifically look for the section "Creating a WSDL First JAX-WS Service" which has an example of what you are looking for.
HTH
I wish to write custom policy .How would i start .
I couldn't find any blogs about that .
My issue is my client has been fixed header request for authentication.So The Username-token authentication scenario is perfect for me .But client unable to send the Proper format request as per the Scenario needed .
Its sending username password in some other format
<soapenv:Header>
<pr:authentication soapenv:actor="http://schemas.xmlsoap.org/soap/actor/next" soapenv:mustUnderstand="0" xmlns:pr="http://webservices.im.com/ProxyService">
<pr:user>mwp</pr:user>
<pr:password>MWp003</pr:password>
</pr:authentication>
</soapenv:Header>
But its not working in wso2 ESB Username-token scenario.Expecting input Header is like this
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soapenv:mustUnderstand="1">
<wsu:Timestamp wsu:Id="TS-4">
<wsu:Created>2014-06-02T07:15:21Z</wsu:Created>
<wsu:Expires>2014-06-02T08:38:41Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken wsu:Id="UsernameToken-3">
<wsse:Username>admin</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">admin</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">byWKVY4stEATvTqaoNMswQ==</wsse:Nonce>
<wsu:Created>2014-06-02T07:15:21.304Z</wsu:Created>
</wsse:UsernameToken>
</wsse: >
</soapenv:Header
So what is the solution for this how would achieve this.
Thanks in advance.
ESB uses WS-Security specification to secure Web services. Therefore, client need to send messages according to that specification. But in your case, It seems to be your client sending user/password in custom SOAP headers. Then these can not be validated by ESB. There can be two solutions.
You need to modify your client to compliant with WS-Security spec.
You can write some custom handler (axis2 handler) to read custom headers in your message and validate user/password against the user store.
Basically WS-Security messages are also validated by a axis2 handler called Apache Rampart.
I have to create a form where I want to send customer id to CRMOD and and should get customer address…customer contacts.
I did but when i click on Run Query button it gives me error:
The SOAP response indicates that an error occurred on the server:
Server
SBL-ODU-01006Internal Error: Session is not available. Aborting.
How to avoid this.How can i pass my Siebel Credentials.How can i see the SOAP request tht MS Infopath is sending????
PLZ HELPy
The error is because you either don't have an active session, or you didn't include the credentials in the soap request header.
I am not sure how you do that in MS Infopath, but this is how SOAPUI adds it.
<soapenv:Envelope xmlns:acc="urn:/crmondemand/xml/account" xmlns:ns="urn:crmondemand/ws/account/10/2004" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>USERNAME</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">PASSWORD</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">ICC4Ho6oURr/yaJI9uN/+Q==</wsse:Nonce>
<wsu:Created>2013-04-11T22:07:18.772Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<ns:AccountWS_AccountQueryPage_Input>
<acc:ListOfAccount>
<acc:Account>
.....
</acc:Account>
</acc:ListOfAccount>
</ns:AccountWS_AccountQueryPage_Input>
</soapenv:Body>
</soapenv:Envelope>