SOAP header for authentication in Notes/Domino - soap

I need to consume a WS that requires client (machine) certificate. More precisely it uses WS-Security : SOAP Message Security, WS-Security : X.509 Certificate Token Profile as defined by http://docs.oasis-open.org/wss-m/wss/v1.1.1/os/wss-SOAPMessageSecurity-v1.1.1-os.html
Using the native consumer, Domino don't add (magically) the authentication in the SOAP header. Now how I'm supposed to do add the security in header? Ideally in LotusScript...
I don't see anyway to embed the Consumer in my own header or enrich the existing consumer. I join the IBM response on this.
So my question:
Is there a work around to do this in Lotusscript ?
did some of you done something like this in java (and I will probably make an LS2J since a lot of LotusScript code already exists when I will get (hopefully) the response from the WS
IBM response:
We understand that you are attempting to use SOAP header for authentication. Unfortunately this is currently not supported.
For your reference, we have at least two Enhancement Requests (that I could find in this area) that are related to this topic:
SPR # SODY9H6BTM: Creating Your Own Soap Objects Does Not Support Client Certificate Authentication In A Web Agent.
SPR # JSHN7A3MLP: Authentication data in the Header element of WS Consumer SOAP envelopes
Unfortunately there is nothing further we can do in Support at this time.

If I understood your problem correctly you do not know how to deal with SOAP header and if so there are 2 things you may want to know:
1) Passing session using native Domino consumer approach. See example below
TestServiceLocator service = new TestServiceLocator();
TestPort port = service.getTestPort();
// that would tell to save cookie session between calls
((javax.xml.rpc.Stub)port)._setProperty(javax.xml.rpc.Stub.SESSION_MAINTAIN_PROPERTY, Boolean.TRUE);
2) If it does not work for you, you may try to use native SOAP approach. I've blogged about that recently: SOAP and passing session
// Create SOAP Connection
SOAPConnectionFactory soapConnectionFactory = SOAPConnectionFactory.newInstance();
SOAPConnection soapConnection = soapConnectionFactory.createConnection();
// connect to webserivce
SOAPMessage soapResponse = soapConnection.call(connect(username, password), url);
// read cookie from response and use it when send another requests
MimeHeaders session = soapResponse.getMimeHeaders();
String sesisonCookie = session.getHeader("Set-Cookie")[0];
SOAPMessage soapResponse2 = soapConnection.call(customerGetAll(sesisonCookie), url);
soapConnection.close();
and than imagine you are in customGetAll method
SOAPBody soapBody = envelope.getBody();
SOAPElement soapBodyElem = soapBody.addChildElement("Customer_GetAll", "m");
soapMessage.getMimeHeaders().addHeader("Cookie", sesisonCookie);
soapMessage.saveChanges();
Hope it will help.

Related

Livy REST API: GET requests work but POST requests fail with '401 Authentication required'

I’ve written a Java client for parts of Livy’s REST API at https://github.com/apache/incubator-livy/blob/master/docs/rest-api.md. The client uses Spring’s RestTemplate.getForObject() and postForObject() to make GET and POST requests respectively. The Livy server is secured with Kerberos.
GET /sessions and GET /batches requests work fine: I get the expected responses from Livy. But both POST /sessions and POST /batches requests fail with:
org.springframework.web.client.HttpClientErrorException: 401 Authentication required
Does anyone know why the POST requests fail when the GET requests succeed? My code does nothing explicit with authentication.
I've tried authenticating as several different users via Kerberos but I always get this problem. Does Livy need extra configuration to allow POST requests from particular users (since POST requests effectively create interactive sessions or submit jobs to Spark)?
It turns out that whilst the regular org.springframework.web.client.RestTemplate class is sufficient for GET requests, you need to use org.springframework.security.kerberos.client.KerberosRestTemplate for POST requests. You may also need to add an extra header to POST requests if the Livy server has CSRF (cross-site request forgery) protection enabled as described here.
GET /batches example
RestTemplate restTemplate = new RestTemplate();
GetBatchesResponse response2 = restTemplate.getForObject("http://your_livy_server:8998" + "/batches", GetBatchesResponse.class);
where GetBatchesResponse is a simple POJO I've written that represents the response body to GET /batches.
POST /batches example
PostBatchesRequest postRequestBody = new PostBatchesRequest();
postRequestBody.setFile("/path/to/your/application"); // In HDFS
KerberosRestTemplate kerberosRestTemplate = new KerberosRestTemplate("path_to_your_key_tab_file", "your_user#your_realm");
// Add CSRF header if required:
HttpHeaders headers = new HttpHeaders();
headers.set("X-Requested-By", "your_user#your_realm");
headers.setContentType(MediaType.APPLICATION_JSON);
HttpEntity<PostBatchesRequest> postRequest = new HttpEntity<PostBatchesRequest>(postRequestBody, headers);
Batch batch = kerberosRestTemplate.postForObject("http://your_livy_server:8998" + "/batches", postRequest, Batch.class);
where PostBatchesRequest and Batch are POJOs I've written to represent the request body and response respectively.

How to create a SOAP message from JSON payload in mule

I need to transform the following json payload into a soap message and send the message to a consumer, the consumer edits the data and sends back the soap message.
I haven't done much in soap. I only have REST experience. what steps do I need to take in a process like this?
what is the best approach?
[{"salesOrderId":"00004-5-6","saleName":"House Sale","status":"processing"}, {"salesOrderId":"00001-2-3","saleName":"Car Sale","status":"processing"}]
There are various way to perform this transformation, for example:
PATH - 1
Json To XML (with transformer or string set payload)
Xml To SOAP Request using XSLT, transformer or string set payload.
Send SOAP Request sobre HTTP (POST / Content-type: applicacion/xml / soapAction)
PATH - 2
Json To SOAP Request using Groovy, XSLT or string set payload.
Send SOAP Request sobre HTTP-OUTBOUND (POST / Content-type: applicacion/xml / soapAction)
PATH - 3
Json To SOAP Request Proxy (WSDL To Java).
Send SOAP Request sobre HTTP-OUTBOUND (POST / Content-type: applicacion/xml / soapAction)
The easiest way of doing it is extract the JSON elements from the JSON payload by using <json:json-to-object-transformer/>and store each node value in variables like flow variable in Mule.
Then You can create the SOAP request using XSLT and passing the flow variables value into XSLT as <mulexml:context-property/>
ref:- https://developer.mulesoft.com/docs/display/current/XSLT+Transformer
Once your SOAP XML is created, you can simply post them to your HTTP outbound endpoint pointing to your external web service you need to consume
Try using Mule DataMapper. That helps you to convert a JSON to XML in the more easier way. You can try it in Anypoint Studio of Mule.

SOAP/WSDL, AXIS2 and digital signing a SOAP message

We need to send a SOAP message to a webservice. This is somewhat new territory, so we are a bit confused... even when searching and reading about the subject. Here is what we know / did:
1) We must authenticate through the use of a Digital Certificate in Base64 (obtained issuing a CSR – Certificate Signing Request).
2) The SOAP message must contain a Security Header (wss:Security xmlns:wss="http://schemas.xmlsoap.org/ws/2002/12/secext") and a Body.
3) The WSDL file does not contain a HEADER section, but we have the header "Field structure"
4) We decided to use Axis2/xmlbeans, and created the JAVA classes with https://axis.apache.org/axis2/java/core/tools/eclipse/wsdl2java-plugin.html
5) We can easily create the STUB and send the WSDL body element using the provided sync/async register stub methods (i assume Axis2 will generate the correct SOAP message)
Questions
1) How can we add the WS-Security(?) HEADER to the SOAP message. Do we have to manipulate the AXIS2 generated code?
2) How can we authenticate using the Digital Certificate?
Thanks
1) How can we add the WS-Security(?) HEADER to the SOAP message. Do we have to manipulate the AXIS2 generated code?
ServiceClient client = stub._getServiceClient();
SOAP11Factory factory = new SOAP11Factory();
OMNamespace SecurityElementNamespace = factory.createOMNamespace("http://schemas.xmlsoap.org/ws/2002/12/secext", "wss");
OMElement usernameTokenEl = factory.createOMElement("UsernameToken", SecurityElementNamespace);
OMElement usernameEl = factory.createOMElement("Username", SecurityElementNamespace);
OMElement passwordEl = factory.createOMElement("Password", SecurityElementNamespace);
usernameEl.setText(username);
passwordEl.setText(password);
usernameTokenEl.addChild(usernameEl);
usernameTokenEl.addChild(passwordEl);
SOAPHeaderBlockImpl block = new SOAP11HeaderBlockImpl("Security", SecurityElementNamespace, factory);
block.addChild(usernameTokenEl);
client.addHeader(block);

How to access AU Response sent from Server side at Client Side

I want to know AU Responses pushed from server to Client in ZK at client side(i.e in ZUL). Searched alot not able to find any hint :(
Using the (global) Clients object you can send responses from the server to the client.
Then using already mentioned zAu.cmd0 and zAu.cmd1 javacript objects you can define the functions to process those responses.
At the server side to send a response to the server (Java):
AuResponse response = new AuResponse("myClientHandler", new Object[]{"hello ","world"});
Clients.response(response);
At the client-side for you could define something like (Javascript):
zAu.cmd0.myClientHandler = function (greet, person) {
alert(greet + person);
};
You can either use zAu.cmd0 or zAu.cmd1 depending on your requirement. Refer to processing Au Responses section of ZK Client side reference guide.

Use GWT RPC Serialization to send an object from client to server in a POST

I prefer to use RPC Serialization but then send data using servlets.
We have strangely found that this performs better and it allows us to have general logic for retrying all servlet calls for example.
I have figured out how to send an object from server to client but can't find a way to serialize on client and deserialize on server.
SERVER TO CLIENT
Server:
serializedObj = RPC.encodeResponseForSuccess(DUMMY_METHOD_OF_TYPE_SERIZABLE, object);
Client:
GWT.create(MyRpc.class).createStreamReader(serializedObj).readObject();
CLIENT TO SERVER
Client:
SerializationStreamWriter streamWriter = streamFactory.createStreamWriter();
streamWriter.writeObject(object);
serializedObj = streamWriter.toString();
But how can I unserialize this after sending it by POST to the server?
Thanks!
http://softteco.blogspot.com/2010/02/serializing-objects-in-gwt-and.html
Note the server side deserialize option
// Getting parameter from request
String content = request.getParameter("content");
// Initializing stream reader
ServerSerializationStreamReader streamReader = new ServerSerializationStreamReader(
Thread.currentThread().getContextClassLoader(), null);
// Filling stream reader with data
streamReader.prepareToRead(content);
// Reading deserialized object from the stream
dto = (D) streamReader.readObject();