WS Security in IS 6.5 - UsernameToken XSD needed

kit296 · February 7, 2009, 2:44am

Hello,

I am looking to add a Username Token into the Soap message in IS 6.5 and I will be calling external webservice (SSL ) I know webMethods WS Security is currenly not supported in WM 65. I am created a work around inorder to pass this block.

I am using addHeaderEntry service and I created a document then did XMLStringToDocument then DocumentToNode and passing that node to addHeaderEntry service. I also added nsDecls field in documentToXMLString service.
Below is my resulting XML I created

<wsse:Security
xmlns:wsse=“http://schemas.xmlsoap.org/ws/2002/07/secext”>
wsse:UsernameToken
wsse:UsernameUser1</wsse:Username>
wsse:PasswordPassw0rd</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>

I am getting following error at addHeaderEntry service.

An error occurred while tracing
com.wm.app.b2b.server.ServiceException: [ISS.0088.9143] Invalid Header Entry. SOAP Header Entries must have a namespace name

Attached is my docuement created for the WS-Security block
I would like to know if my XSD is not correct , if so then how should I need to define it ,
of if any one sample XSD for the WS Security block.

Regards,

wMusers.Com1 · February 7, 2009, 3:01am

Here’s a sample token created by SoapUI 2.5.1

Clear text password (PasswordText)

<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
    <wsse:UsernameToken wsu:Id="UsernameToken-4391369" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
        <wsse:Username>testuser</wsse:Username>
        <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">passw0rd1</wsse:Password>
        <wsse:Nonce>MdwCUoMI/9a6QSZr+Heutg==</wsse:Nonce>
        <wsu:Created>2009-02-06T21:24:37.265Z</wsu:Created>
    </wsse:UsernameToken>
</wsse:Security>

Hashed password (PasswordDigest)

<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
    <wsse:UsernameToken wsu:Id="UsernameToken-14296592" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
        <wsse:Username>testuser</wsse:Username>
        <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">lZhfnJFTn/pAB5z9VgZyqjLGpr4=</wsse:Password>
        <wsse:Nonce>0IG8ZzeVuTffpY4iXG7TwA==</wsse:Nonce>
        <wsu:Created>2009-02-06T21:29:07.841Z</wsu:Created>
    </wsse:UsernameToken>
</wsse:Security>

You don’t really need the wsu:Id, the Nonce can be any unique base64-encoded value.

Mark

kit296 · February 7, 2009, 3:21am

Thanks Mark !

I tried above(XML) inputs to xmlStringToXMLNode and given node input to addHeaderEntry still got the same Error
com.wm.app.b2b.server.ServiceException: [ISS.0088.9143] Invalid Header Entry. SOAP Header Entries must have a namespace name

I think I would need XSD or some thing to import that document type into WM, If there is no XSD then what would be alternative approach ?

Thanks Again.

gupta_r.17495 · February 7, 2009, 4:22am

Before you converted to did you specified nsDecls in the documentToXMLString step (to add namespace) into the xmldata??

HTH,
RMg

wMusers.Com1 · February 7, 2009, 6:33pm

You did read the “sticky” posts in this forum didn’t you. There are good examples there.

Example doc type for WS-Security UsernameToken

Map step showing how nsDecls is to be populated

kit296 · February 18, 2009, 7:47pm

Thanks Carlson and Rmg!

Sorry I was not able to respond. As as work around I was able to create XML that attach that to SOAPHeader and that Works !!

<wsse:Security xmlns:wsse=“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd” xmlns:wsu=“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd”>
wsu:Timestamp/
<wsse:UsernameToken >
wsse:Username%auth/user%</wsse:Username>
<wsse:Password Type=“http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText”>%auth/pass%</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>

I am still trying to create webemthods document that has ‘Type’ attibute for password token. I know I can create XSD and import into webMethods. But Is there inbuilt webMethods tool to create such attibutes.

wMusers.Com1 · February 18, 2009, 9:09pm

Have a closer look at the document type in this post. The “@wsse:Type” allows you to set the password type to one of the supported values described in the WS-Security spec.

M