I'm trying to connect to a soap endpoint which defines 2 service location one is invalid. How can I change the binding to use the other service.
I'm new to SOAP and zeep the doc says:
from zeep import Client
from zeep import xsd
client = Client('http://my-endpoint.com/production.svc?wsdl')
service2 = client.bind('SecondService', 'Port12')
service2.someOperation(myArg=1)
But it doesn't mention what are the argument.
My services are defined as:
<wsdl:service name="PackageInq">
<wsdl:port name="BasicHttpBinding_IPackageInq" binding="tns:BasicHttpBinding_IPackageInq">
<soap:address location="http://invalid.local:8989/TopUp/PackageInq.svc"/>
</wsdl:port>
<wsdl:port name="BasicHttpsBinding_IPackageInq" binding="tns:BasicHttpsBinding_IPackageInq">
<soap:address location="https://valid.com/TopUp/PackageInq.svc"/>
</wsdl:port>
</wsdl:service>
I have tried things alike client.bind('BasicHttpsBinding_IPackageInq') and getting:
ValueError: Service not found
Also if you know any good document that I can read, I would be glad if you recommend it.
Update
I found the correct syntax
client.bind('PackageInq', 'BasicHttpsBinding_IPackageInq')
but still when using
client.service.Method()
hits the invalid endpoint again
Well after reading the doc more carefully
client.bind returns a service and you are supposed to use that and not the client.
so it would be like
from zeep import Client
from zeep import xsd
client = Client('http://my-endpoint.com/production.svc?wsdl')
service2 = client.bind('SecondService', 'Port12')
service2.someOperation(myArg=1)
zeep version 4.0.0.
<wsdl:service name="RiskAnalysis">
<wsp:PolicyReference xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy" URI="#BasicPolicy"/>
<wsdl:port name="RiskAnalysisHttpsSoap11Endpoint" binding="tns:RiskAnalysisSoap11Binding">
<soap:address location="https://addreshere/"/>
</wsdl:port>
<wsdl:port name="RiskAnalysisHttpsSoap12Endpoint" binding="tns:RiskAnalysisSoap12Binding">
<soap12:address location="https://addreshere/"/>
</wsdl:port>
</wsdl:service>
from zeep import Client
requestPayload = {'Attachment': inputQuery.encode() }
soapClient = Client('http://my-endpoint.com/production?wsdl', service_name=RiskAnalysis, port_name=RiskAnalysisHttpsSoap12Endpoint )
soapClient.client.service.OPERATIONS(**requestPayload)
Related
I want to modify the WSDL file, say "soap:address" element in it.
<service name="SessionCreateRQService">
<port name="SessionCreatePortType" binding="tns:SessionCreateSoapBinding">
<soap:address location="https://webservices.sabre.com"/>
</port>
</service>
once it is done, pass the modified WSDL file during SOAP Request Calls.
Thanks
Finally found it.
all you need to do is, pass location as a parameter while making a client call.
Client(URL, location='https://sws-crt.cert.sabre.com/')
No need of editing the WSDL file
The "modify wsdl address" feature described under https://docs.jboss.org/author/display/WFLY8/Web+services+configuration seems to be not working.
The Wildfly is behind an Apache Httpd 2.2, usind mod_proxy.
ProxyPass / http://srv1:8080/
ProxyPassReverse / http://srv1:8080/
ProxyRequests Off
AllowEncodedSlashes NoDecode
In Wildfly, I configured
...
<subsystem xmlns="urn:jboss:domain:webservices:1.2">
<modify-wsdl-address>true</modify-wsdl-address>
<wsdl-host>jbossws.undefined.host</wsdl-host>
<wsdl-port>80</wsdl-port>
...
in my standalone.xml. But when I request the Webservice wsdl via Apache Proxying using http://srv1/MyWebservice?wsdl, the port is not set to 80:
...
<wsdl:service name="MyWebservice">
<wsdl:port binding="tns:MyWebserviceSoapBinding" name="MyPort">
<soap:address location="http://srv1:8080/MyWebservice"/>
</wsdl:port>
</wsdl:service>
...
Any idea why this feature is not working?
It seems to be working when I change the standalone.xml to explicitly set the host:
...
<subsystem xmlns="urn:jboss:domain:webservices:1.2">
<modify-wsdl-address>true</modify-wsdl-address>
<wsdl-host>srv1</wsdl-host>
<wsdl-port>80</wsdl-port>
...
It might be a bug, but I'm not quite sure whether I'm using this correctly.
Is it possible to change the Secure Token Server that my client uses to during runtime?
I got a working METRO 2.3 client for a .NET Service that is secured using the Security Token Service of the Active Directory Federation Services.
Everything is configured using xml fles.
The service offers two identical servers. One for testing and one for production.
Is it possible to switch the server at runtime?
My shortened wsit-client.xml:
<definitions xmlns="http://schemas.xmlsoap.org/wsdl/">
<import location="mex.xml" namespace="http://schemas.microsoft.com/ws/2008/06/identity/securitytokenservice"/>
<import location="myservice.svc.xml" namespace="http://namespace.org/"/>
</definitions>
And the important part of my mex.xml:
<wsdl:definitions name="SecurityTokenService"
targetNamespace="http://schemas.microsoft.com/ws/2008/06/identity/securitytokenservice"
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/"
xmlns:wsa10="http://www.w3.org/2005/08/addressing"
xmlns:wsp1="http://www.w3.org/ns/ws-policy"
xmlns:tc="http://schemas.sun.com/ws/2006/05/trust/client">
<wsdl:service name="SecurityTokenService">
<wsdl:port name="IssuedTokenWSTrustBinding_IWSTrust13Async" binding="tns:IssuedTokenWSTrustBinding_IWSTrust13Async">
<soap12:address location="http://login.test.miljoeportal.dk/adfs/services/trust/13/issuedtokensymmetricbasic256sha256"/>
<wsa10:EndpointReference>
<wsa10:Address>http://login.test.theserver.com/adfs/services/trust/13/issuedtokensymmetricbasic256sha256</wsa10:Address>
<Identity xmlns="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity">
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<X509Data>
<X509Certificate>THECERTIFICATE</X509Certificate>
</X509Data>
</KeyInfo>
</Identity>
</wsa10:EndpointReference>
</wsdl:port>
</wsdl:service>
<wsp1:Policy wsu:Id="IssuedTokenWSTrustBinding_IWSTrust13AsyncPolicy">
<wsp1:ExactlyOne>
<wsp1:All>
<tc:PreconfiguredSTS wspp:visibility="private"
endpoint= "http://login.test.theserver.com/adfs/services/trust/13/username"
wsdlLocation="https://login.test.theserver.com/adfs/services/trust/mex"
metadata= "https://login.test.theserver.com/adfs/services/trust/mex"
serviceName="SecurityTokenService"
portName="UserNameWSTrustBinding_IWSTrust_13Async"
wstVersion="http://docs.oasis-open.org/ws-sx/ws-trust/200512"/>
</wsp1:All>
</wsp1:ExactlyOne>
</wsp1:Policy>
</wsdl:definitions>
Is it possible to change the http://login.test.theserver.com urls to http://login.prod.theserver.com during runtime?
It is possible to set these parameters like this:
MyServices s = new MyService();
myserviceinterface = s.getMyService();
Map<String, Object> context = ((BindingProvider) myserviceinterface ).getRequestContext();
context.put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, "http://service.theserver.com/wsdl");
String stsEndpoint = "http://login.theserver.com/adfs/services/trust/13/username";
String stsWSDLLocation = "https://login.theserver.com/adfs/services/trust/mex";
String stsServiceName = "SecurityTokenService";
String stsPortName = "UserNameWSTrustBinding_IWSTrust13Async";
String stsNamespace = "http://schemas.microsoft.com/ws/2008/06/identity/securitytokenservice";
context.put(STSIssuedTokenConfiguration.STS_ENDPOINT, stsEndpoint);
context.put(STSIssuedTokenConfiguration.STS_NAMESPACE, stsNamespace);
context.put(STSIssuedTokenConfiguration.STS_WSDL_LOCATION, stsWSDLLocation);
context.put(STSIssuedTokenConfiguration.STS_SERVICE_NAME, stsServiceName);
context.put(STSIssuedTokenConfiguration.STS_PORT_NAME, stsPortName);
I have not found a way to change the keystore settings in runtime.
I'm developing an ios app which will invoke a web service operation. The existing web service is configured with wsHttpBinding security set as TransportWithMessageCredential.
I've used wsdl2objc to generate the implementation files (from wsdl) and have setup a small app for testing purposes. I'm not able to get the app to talk to the web service correctly though, and from what I've read it seems virtually impossible with these web config settings (wsHttpBinding, Transport and Message security).
I've done quite a bit of research, and with the help of information found on this site (and others), I've managed to find out what SOAP requests should look like. I basically used WCF Test Client with Fiddler monitoring the traffic. I also tried soapUI, which wasn't as successful as I'd hoped.
I did setup a test web service locally and I can successfully consume, but only when the web config has security using BasicHttpBinding or wsHttpBinding security mode = "none" (which I understand is just like basicHttpBinding).
My solution (I hope) is...what if I write a web service to call this web service? Both web services will reside on the server, but the one the iphone will consume is configured with SSL. The idea is then to manually encrypt the operation (and necessary attributes) using an ios security framework (HMAC) or other hashing algorythm, and have the SSL web service decrypt and then invoke the requested operation from the existing web service. Does this make sense? I'm thinking this seems too simple, that I must be missing something. Does anyone see any real problem with this?
Thanks.
Edit I just wanted to clarify my situation a little: My app is not able to consume the existing web service as it is configured. My thought was to create a web service which will talk with this one. The new web service will simply decrypt the incoming data and invoke a method on the existing web service. Once a response is received, the new web service will encrypt the data and send it back to the iphone app. Sorry if I'm not being clear.
Update
Here is the soap envelope (from Fiddler):
<s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"
xmlns:a="http://www.w3.org/2005/08/addressing" xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<s:Header>
<a:Action s:mustUnderstand="1">http://tempuri.org/IService/ValidateMe</a:Action>
<a:MessageID>urn:uuid:81d70393-5356-4e3a-b209-49ea53068935</a:MessageID>
<a:ReplyTo>
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
</a:ReplyTo>
<a:To s:mustUnderstand="1">https://mibe.stpa.com/WCFService/IVService.svc/ValidationService</a:To>
<o:Security xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" s:mustUnderstand="1">
<u:Timestamp u:Id="_0">
<u:Created>2013-02-10T04:48:18.646Z</u:Created>
<u:Expires>2013-02-10T04:53:18.646Z</u:Expires>
</u:Timestamp>
<c:SecurityContextToken xmlns:c="http://schemas.xmlsoap.org/ws/2005/02/sc" u:Id="uuid-0191ec20-905d-4ef0-a818-3eced0e02ecf-32">
<c:Identifier>urn:uuid:06bd1d3e-97e5-41bc-afce-3993736f202d</c:Identifier>
</c:SecurityContextToken>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/>
<Reference URI="#_0">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>/RpEprwYbnSypHXVF/rdxn3nkRo=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>ya8hHooO129dNOHplhY3xRndoDk=</SignatureValue>
<KeyInfo>
<o:SecurityTokenReference>
<o:Reference ValueType="http://schemas.xmlsoap.org/ws/2005/02/sc/sct" URI="#uuid-0191ec20-905d-4ef0-a818-3eced0e02ecf-32"/>
</o:SecurityTokenReference>
</KeyInfo>
</Signature>
</o:Security>
</s:Header>
<s:Body>
<ValidateMe xmlns="http://tempuri.org/">
<memberId>950470173</memberId>
</ValidateMe>
</s:Body>
</s:Envelope>
I am consuming an secured service hosted over basicHttpBinding
I have to pass credentials to the service for authenticatioon
Here’s the config setting for the client
<security mode="TransportWithMessageCredential">
<transport clientCredentialType="None" proxyCredentialType="None"
realm="" />
<message clientCredentialType="UserName" algorithmSuite="Default" />
</security>
While calling the service, I am getting following exception message
An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail.
Message = "An invalid security token was provided (Bad UsernameToken Values)”
I not sure how to get it working I am curious if somebody can help me out or provide me any url where I could find the solution
When you create your MyServiceClient object you can set the username and password on the clientInstance.Credentials.UserName object.