Missing wsse:Security header in request - eclipse

I try to add rampart security to my axis 2 project using this tutorial page 19- 22
SO everything seems fine but when I switch to soapUI perspective to try to test the service
the request which I'm proposed is :
soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:axis="http://axis2wstest">
<soapenv:Header/>
<soapenv:Body>
<axis:testws>
<!--Optional:-->
<axis:x>5</axis:x>
</axis:testws>
</soapenv:Body>
</soapenv:Envelope>
and it gives me as a response:
faultstring>Missing wsse:Security header in request</fau
SO I add the security header and my request becomes the same as the one written in the tutorial
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:axis="http://axis2wstest">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-
200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-
open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="123">
<wsse:Username>test</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-
200401-wss-username-token-profile-1.0#PasswordText">pass</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<axis:testws>
<!--Optional:-->
<axis:x>5</axis:x>
</axis:testws>
</soapenv:Body>
</soapenv:Envelope>
but the response is the same
soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Body>
<soapenv:Fault xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<faultcode>wsse:InvalidSecurity</faultcode>
<faultstring>Missing wsse:Security header in request</faultstring>
<detail/>
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>

Don't add the security header directly to your request!
Click on Aut at the bottom left. Then you can enter your username/password there.
For more information see: http://www.soapui.org/SOAP-and-WSDL/authenticating-soap-requests.html
As Authorisation type choose Preemptive. (Only in soapUI 4.5.1 as far as I know)

Related

Is it correct that a namespace prefix in a soap request be fixed?

When calling a web service, the client is expected to send a specific prefix for a namespace. Otherwise, a fault code is returned.
Here's the request that returns a fault code:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://service.connector.uut.cs.com.tr/">
<soapenv:Header>
<se:Security xmlns:se="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<se:UsernameToken>
<se:Username>XXXX</se:Username>
<se:Password>XXXX</se:Password>
</se:UsernameToken>
</se:Security>
</soapenv:Header>
<soapenv:Body>
<ser:kayitliKullaniciListeleExtended>
<urun>EFATURA</urun>
<gecmisEklensin></gecmisEklensin>
</ser:kayitliKullaniciListeleExtended>
</soapenv:Body>
</soapenv:Envelope>
Whereas this request works:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://service.connector.uut.cs.com.tr/">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>XXXX</wsse:Username>
<wsse:Password>XXXX</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<ser:kayitliKullaniciListeleExtended>
<urun>EFATURA</urun>
<gecmisEklensin></gecmisEklensin>
</ser:kayitliKullaniciListeleExtended>
</soapenv:Body>
</soapenv:Envelope>
Only difference between the two requests is the namespace prefix (the one that works is wsse, every other prefix fails). Is it a correct implementation to ask the client to pass a specific prefix for the namespace?
I expected that the prefix names can be anything as long as the uri identified by xmlns: is correct.

How to add the custom security tag in all request in soapUi using groovy

I have to insert the security tag in all the request inside the header. How do I automate? because for every request I have to copy past manually which takes time to do for all the request
Below is the Actual Request:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ws="http://ws.test.sample.com/" xmlns:ws1="http://ws.test.sample.com/">
<soapenv:Header>
</soapenv:Header>
After adding the security tag:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ws="http://ws.test.sample.com/" xmlns:ws1="http://ws.test.sample.com/">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://doc.test.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-1" xmlns:wsu="http://doc.test.xsd">
<wsse:Username>test</wsse:Username>
<wsse:Password Type="http://doc.test.xsd">o9j1/hA/mkFTG0ODti</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>

WSO2 Identitiy Server Password change, getting issue “Can not access the directory service for user”

I am attempting a password reset feature in wso2 identity server where I'm using LDAP as secondary storage.
I'm using this( https://docs.wso2.com/display/IS530/Configuring+Users#ConfiguringUsers-UpdateuserusingSOAP) link as documentation to update user details by calling https://localhost:9443/services/RemoteUserStoreManagerService?wsdl admin service.
I'm using LDAP as secondary storage. but, when I'm trying to update the password by the updateCredential() method getting the below issue
getting this error response
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Body>
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring>Can not access the directory service for user : yellow#xyz.com</faultstring>
<detail/>
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>
where I'm sending this request to updateCredential() method
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ser="http://service.ws.um.carbon.wso2.org">
<soapenv:Header/>
<soapenv:Body>
<ser:updateCredential>
<!--Optional:-->
<ser:userName>USERS/yellow#xyz.com</ser:userName>
<!--Optional:-->
<ser:newCredential>123456</ser:newCredential>
<!--Optional:-->
<ser:oldCredential>123456789</ser:oldCredential>
</ser:updateCredential>
</soapenv:Body>
</soapenv:Envelope>

Sabre HotelRateDescriptionLLSRQ error ERR.SWS.PROVIDER.REQUEST_HANDLER_ERROR

I am getting error Unexpected request processing error when trying to get rates in sabre soap api. Here is my request xml:
<soapenv:Body>
<ns:HotelRateDescriptionRQ ReturnHostCommand="false" Version="2.3.0">
<ns:AvailRequestSegment>
<!--Optional:-->
<ns:GuestCounts Count="2"/>
<!--Optional:-->
<ns:HotelSearchCriteria>
<ns:Criterion>
<ns:HotelRef HotelCode="46333"/>
</ns:Criterion>
</ns:HotelSearchCriteria>
<!--Optional:-->
<!--Optional:-->
<ns:RatePlanCandidates>
<ns:RatePlanCandidate CurrencyCode="USD"/>
</ns:RatePlanCandidates>
<!--Optional:-->
<ns:TimeSpan End="12-28" Start="12-25"/>
</ns:AvailRequestSegment>
</ns:HotelRateDescriptionRQ>
</soapenv:Body>
But i got error response:
<soap-env:Body>
<HotelRateDescriptionRS xmlns="http://webservices.sabre.com/sabreXML/2011/10" xmlns:xs="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:stl="http://services.sabre.com/STL/v01" Version="2.3.0">
<stl:ApplicationResults status="NotProcessed">
<stl:Error type="Application" timeStamp="2018-02-15T01:50:26-06:00">
<stl:SystemSpecificResults>
<stl:Message>Unexpected request processing error</stl:Message>
<stl:ShortText>ERR.SWS.PROVIDER.REQUEST_HANDLER_ERROR</stl:ShortText>
</stl:SystemSpecificResults>
</stl:Error>
</stl:ApplicationResults>
</HotelRateDescriptionRS>
</soap-env:Body>
so what am i doing wrong here?
I have fixed this problem, the problem because i use token from service TokenCreateRQ, it should use service SessionCreateRS
Possible Solutions:
1) have you set the ns: arrcordingly ?
xmlns="http://webservices.sabre.com/sabreXML/2011/10"
xmlns:xs="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
2) Did you set the service type in the header accordingly?
<eb:Service eb:type="OTA">HotelPropertyDescriptionLLSRQ</eb:Service>
<eb:Action>HotelPropertyDescriptionLLSRQ</eb:Action>
Let me know if this works for you

#DocuSignAPI: DocuSign Login using SOAP UI

I am using the DocuSign API WSDL in my SOAP UI and trying to call a method but getting the error User_Authentication_Failed - Missing authentication header
In some post seen that Security token need to to use but not getting the security token in docusign instead we have Integrator key value.
Please if someone can provide the guidance here.
My SOAP UI request is:
<soapenv:Envelope xmlns:ns="http://www.docusign.net/API/3.0" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-2" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>haider#abcd.com</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">HR123456</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">iJwabpA/2j2ooh7deCAVcg==</wsse:Nonce>
<wsu:Created>2014-07-24T17:46:39.991Z</wsu:Created>
</wsse:UsernameToken>
<wsu:Timestamp wsu:Id="Timestamp-1" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsu:Created>2014-07-24T17:46:19.730Z</wsu:Created>
<wsu:Expires>2014-07-24T17:56:19.730Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<ns:RequestPDF>
<!--Optional:-->
<ns:EnvelopeID>01f90b51-7cf4 -48a1-8946-2795fc970b77</ns:EnvelopeID>
</ns:RequestPDF>
</soapenv:Body>
</soapenv:Envelope>
Getting Response as:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<soap:Header>
<wsa:Action>http://schemas.xmlsoap.org/ws/2004/08/addressing/fault</wsa:Action>
<wsa:MessageID>urn:uuid:6e9fbf02-7c18-4d65-bbfc-f828cf51bb57</wsa:MessageID>
<wsa:RelatesTo>urn:uuid:7e7b4a69-834f-4906-9b92-a16cc8f6d32b</wsa:RelatesTo>
<wsa:To>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:To>
<wsse:Security>
<wsu:Timestamp wsu:Id="Timestamp-659010d2-c16b-479a-ae43-169846a7898c">
<wsu:Created>2014-07-24T17:47:54Z</wsu:Created>
<wsu:Expires>2014-07-24T17:52:54Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</soap:Header>
<soap:Body>
<soap:Fault>
<faultcode>soap:Server</faultcode>
<faultstring>User_Authentication_Failed - Missing authentication header</faultstring>
<detail/>
</soap:Fault>
</soap:Body>
</soap:Envelope>
The documentation below may be a better outline of using authentication headers and the endpoint URL's:
https://www.docusign.com/p/APIGuide/APIGuide.htm#Introduction+Changes/Authentication.htm%3FTocPath%3DAuthentication%7C_____0
Below also outlines the above with Send On Behalf Of:
https://www.docusign.com/p/APIGuide/APIGuide.htm#Introduction+Changes/Send On Behalf Of Functionality.htm%3FTocPath%3DAuthentication%7C_____2
Since the header type you choose also determines which endpoint URL you should use, below are examples for the demo environment:
HTTP = https://demo.docusign.net/api/3.0/dsapi.asmx
SOAP = https://demo.docusign.net/api/3.0/api.asmx
Because you are utilizing SOAP, the correct endpoint would be the api.asmx.
In SOAP UI, you can:
Select the endpoint drop down from the top
[edit current]
Populate the following URL:
https://demo.docusign.net/api/3.0/api.asmx
You would also need to add your Integrator Key as well inside the authentication. The integrator key should always be in brackets "[ ]" as well.My example below:
<soap:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soap:mustUnderstand="1">
<wsse:UsernameToken wsu:Id="UsernameToken-1">
<wsse:Username>[INTEGRATOR KEY]DS USERNAME</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">[PASSWORD]</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
In SOAP UI you will add the header and value for the request. Select the header button at the footer of the page and select add. You will add your authentication header here.