IBM webMethods Hybrid Integration

IBM webMethods Hybrid Integration

Join this online group to communicate across IBM product users and experts by sharing advice and best practices with peers and staying up to date regarding product enhancements.

 View Only

  • 1.  WS Security in IS 6.5 - UsernameToken XSD needed

    Posted Fri February 06, 2009 09:45 PM

    Hello,

    I am looking to add a Username Token into the Soap message in IS 6.5 and I will be calling external webservice (SSL ) I know webMethods WS Security is currenly not supported in WM 65. I am created a work around inorder to pass this block.

    I am using addHeaderEntry service and I created a document then did XMLStringToDocument then DocumentToNode and passing that node to addHeaderEntry service. I also added nsDecls field in documentToXMLString service.
    Below is my resulting XML I created

    <wsse:Security
    xmlns:wsse=“http://schemas.xmlsoap.org/ws/2002/07/secext”>
    wsse:UsernameToken
    wsse:UsernameUser1</wsse:Username>
    wsse:PasswordPassw0rd</wsse:Password>
    </wsse:UsernameToken>
    </wsse:Security>

    I am getting following error at addHeaderEntry service.

    An error occurred while tracing
    com.wm.app.b2b.server.ServiceException: [ISS.0088.9143] Invalid Header Entry. SOAP Header Entries must have a namespace name

    Attached is my docuement created for the WS-Security block
    I would like to know if my XSD is not correct , if so then how should I need to define it ,
    of if any one sample XSD for the WS Security block.

    Regards,
    wmDoc.jpg


    #webMethods
    #API-Management
    #soa


  • 2.  RE: WS Security in IS 6.5 - UsernameToken XSD needed

    Posted Fri February 06, 2009 10:02 PM

    Here’s a sample token created by SoapUI 2.5.1

    Clear text password (PasswordText)

    <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-4391369" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>testuser</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">passw0rd1</wsse:Password>
<wsse:Nonce>MdwCUoMI/9a6QSZr+Heutg==</wsse:Nonce>
<wsu:Created>2009-02-06T21:24:37.265Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>

    Hashed password (PasswordDigest)

    <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-14296592" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:Username>testuser</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">lZhfnJFTn/pAB5z9VgZyqjLGpr4=</wsse:Password>
<wsse:Nonce>0IG8ZzeVuTffpY4iXG7TwA==</wsse:Nonce>
<wsu:Created>2009-02-06T21:29:07.841Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>

    You don’t really need the wsu:Id, the Nonce can be any unique base64-encoded value.

    Mark


    #API-Management
    #webMethods
    #soa


  • 3.  RE: WS Security in IS 6.5 - UsernameToken XSD needed

    Posted Fri February 06, 2009 10:21 PM

    Thanks Mark !

    I tried above(XML) inputs to xmlStringToXMLNode and given node input to addHeaderEntry still got the same Error
    com.wm.app.b2b.server.ServiceException: [ISS.0088.9143] Invalid Header Entry. SOAP Header Entries must have a namespace name

    I think I would need XSD or some thing to import that document type into WM, If there is no XSD then what would be alternative approach ?

    Thanks Again.


    #soa
    #API-Management
    #webMethods


  • 4.  RE: WS Security in IS 6.5 - UsernameToken XSD needed

    Posted Fri February 06, 2009 11:22 PM

    Before you converted to did you specified nsDecls in the documentToXMLString step (to add namespace) into the xmldata??

    HTH,
    RMg


    #webMethods
    #API-Management
    #soa


  • 5.  RE: WS Security in IS 6.5 - UsernameToken XSD needed

    Posted Sat February 07, 2009 01:33 PM

    You did read the “sticky” posts in this forum didn’t you. There are good examples there.

    Example doc type for WS-Security UsernameToken

    Map step showing how nsDecls is to be populated


    #webMethods
    #soa
    #API-Management


  • 6.  RE: WS Security in IS 6.5 - UsernameToken XSD needed

    Posted Wed February 18, 2009 02:47 PM

    Thanks Carlson and Rmg!

    Sorry I was not able to respond. As as work around I was able to create XML that attach that to SOAPHeader and that Works !!

    <wsse:Security xmlns:wsse=“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd” xmlns:wsu=“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd”>
    wsu:Timestamp/
    <wsse:UsernameToken >
    wsse:Username%auth/user%</wsse:Username>
    <wsse:Password Type=“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText”>%auth/pass%</wsse:Password>
    </wsse:UsernameToken>
    </wsse:Security>

    I am still trying to create webemthods document that has ‘Type’ attibute for password token. I know I can create XSD and import into webMethods. But Is there inbuilt webMethods tool to create such attibutes.


    #API-Management
    #webMethods
    #soa


  • 7.  RE: WS Security in IS 6.5 - UsernameToken XSD needed

    Posted Wed February 18, 2009 04:10 PM

    Have a closer look at the document type in this post. The “@wsse:Type” allows you to set the password type to one of the supported values described in the WS-Security spec.

    M


    #API-Management
    #webMethods
    #soa


Related Content