Loading ...
Sorry, an error occurred while loading the content.

Re: [soaplite] Soap header UsernameToken Authenitcation

Expand Messages
  • Peter Sinnott
    ... http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsql90/html/soapscenarios.asp seems to have some examples that may be of use. -- Our
    Message 1 of 4 , Dec 13, 2005
    • 0 Attachment
      On Tue, Dec 13, 2005 at 04:34:03PM +0000, Richard Gregory wrote:
      > Hi,
      >
      > I'm trying to write a SOAP:lite client for an Axis service which needs authenticating with a
      > UsernameToken containing a username, password digest, nonce and timestamp. The header (as
      > generated by a working axis client) should be of this form:
      >

      http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsql90/html/soapscenarios.asp

      seems to have some examples that may be of use.


      --
      Our mission is to seamlessly build quality deliverables so that we may
      synergistically pursue emerging solutions to set us apart from the competition
    • Richard Gregory
      Thanks for the link, Peter. I ve pretty much got it solved, I think, but I just have one small problem, that is I can t figure out how to add the wsse prefix
      Message 2 of 4 , Dec 14, 2005
      • 0 Attachment
        Thanks for the link, Peter. I've pretty much got it solved, I think, but I just have one small
        problem, that is I can't figure out how to add the "wsse" prefix to the UsernameToken element:

        <soapenv:Header>
        <wsse:Security
        xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
        soapenv:mustUnderstand="1">
        <UsernameToken>
        <wsse:Username>wss4j</wsse:Username>
        <wsse:Password
        Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">Cq22uI3TX3XASvn2kIQkU0ITA0s=</wsse:Password>
        <wsse:Nonce>i1UwBPCCWbUoI9Duh80D7w==</wsse:Nonce>
        <wsu:Created
        xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2005-12-09T10:09:19.656Z</wsu:Created>
        </UsernameToken>
        </wsse:Security>
        </soapenv:Header>

        Here is the code of my client which generates the header.

        my $wsse = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
        my $wsu = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
        my $passworddigest =
        "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest";

        my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = gmtime(time);
        my $timestamp = sprintf "%4d-%02d-%02dT%02d:%02d:%02dZ\n",
        $year+1900,$mon+1,$mday,$hour,$min,$sec;

        my $username = "wss4j";
        my $password = "security";
        my $nonce = "4djRSlpeyWeGzcNgatneSA==";
        my $digest = MIME::Base64::encode_base64(Digest::SHA1::sha1($nonce . $created . $password), '');

        my $header = SOAP::Header->name(Security => {
        UsernameToken => {
        Username => SOAP::Data->type('' => $username)->prefix('wsse'),
        Password => SOAP::Data->type('' => $digest)->attr({'Type'=>$passworddigest})->prefix('wsse'),
        Nonce => SOAP::Data->type('' => $nonce)->prefix('wsse'),
        Created => SOAP::Data->type('' => $timestamp)->uri($wsu)->prefix('wsu')
        }
        })->uri($wsse)->prefix('wsse');

        $header->mustUnderstand(1);

        If I try to change it to:

        my $header = SOAP::Header->name(Security => {
        UsernameToken => {
        Username => SOAP::Data->type('' => $username)->prefix('wsse'),
        Password => SOAP::Data->type('' => $digest)->attr({'Type'=>$passworddigest})->prefix('wsse'),
        Nonce => SOAP::Data->type('' => $nonce)->prefix('wsse'),
        Created => SOAP::Data->type('' => $timestamp)->uri($wsu)->prefix('wsu')
        }->prefix('wsse')
        })->uri($wsse)->prefix('wsse');

        I get a message "Can't call method "prefix" on unblessed reference at ....."

        I feel like I'm really close here, so if anyone can help me out I'd be really grteful. Sorry if
        this is something really basic, but my only perl experience is trying to write clients for my Axis
        web servcies to test interoperability.

        Thanks,

        Richard.


        --- Peter Sinnott <psinnottie@...> wrote:


        ---------------------------------
        On Tue, Dec 13, 2005 at 04:34:03PM +0000, Richard Gregory wrote:
        > Hi,
        >
        > I'm trying to write a SOAP:lite client for an Axis service which needs authenticating with a
        > UsernameToken containing a username, password digest, nonce and timestamp. The header (as
        > generated by a working axis client) should be of this form:
        >

        http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsql90/html/soapscenarios.asp

        seems to have some examples that may be of use.


        --
        Our mission is to seamlessly build quality deliverables so that we may
        synergistically pursue emerging solutions to set us apart from the competition


        ---------------------------------
        YAHOO! GROUPS LINKS


        Visit your group "soaplite" on the web.

        To unsubscribe from this group, send an email to:
        soaplite-unsubscribe@yahoogroups.com

        Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.


        ---------------------------------






        ___________________________________________________________
        To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com
      • Richard Gregory
        Thanks for the link, Peter. I ve pretty much got it solved, I think, but I just have one small problem, that is I can t figure out how to add the wsse prefix
        Message 3 of 4 , Dec 14, 2005
        • 0 Attachment
          Thanks for the link, Peter. I've pretty much got it solved, I think, but I just have one small
          problem, that is I can't figure out how to add the "wsse" prefix to the UsernameToken element:

          <soapenv:Header>
          <wsse:Security
          xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
          soapenv:mustUnderstand="1">
          <UsernameToken>
          <wsse:Username>wss4j</wsse:Username>
          <wsse:Password
          Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">Cq22uI3TX3XASvn2kIQkU0ITA0s=</wsse:Password>
          <wsse:Nonce>i1UwBPCCWbUoI9Duh80D7w==</wsse:Nonce>
          <wsu:Created
          xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2005-12-09T10:09:19.656Z</wsu:Created>
          </UsernameToken>
          </wsse:Security>
          </soapenv:Header>

          Here is the code of my client which generates the header.

          my $wsse = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
          my $wsu = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
          my $passworddigest =
          "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest";

          my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = gmtime(time);
          my $timestamp = sprintf "%4d-%02d-%02dT%02d:%02d:%02dZ\n",
          $year+1900,$mon+1,$mday,$hour,$min,$sec;

          my $username = "wss4j";
          my $password = "security";
          my $nonce = "4djRSlpeyWeGzcNgatneSA==";
          my $digest = MIME::Base64::encode_base64(Digest::SHA1::sha1($nonce . $created . $password), '');

          my $header = SOAP::Header->name(Security => {
          UsernameToken => {
          Username => SOAP::Data->type('' => $username)->prefix('wsse'),
          Password => SOAP::Data->type('' => $digest)->attr({'Type'=>$passworddigest})->prefix('wsse'),
          Nonce => SOAP::Data->type('' => $nonce)->prefix('wsse'),
          Created => SOAP::Data->type('' => $timestamp)->uri($wsu)->prefix('wsu')
          }
          })->uri($wsse)->prefix('wsse');

          $header->mustUnderstand(1);

          If I try to change it to:

          my $header = SOAP::Header->name(Security => {
          UsernameToken => {
          Username => SOAP::Data->type('' => $username)->prefix('wsse'),
          Password => SOAP::Data->type('' => $digest)->attr({'Type'=>$passworddigest})->prefix('wsse'),
          Nonce => SOAP::Data->type('' => $nonce)->prefix('wsse'),
          Created => SOAP::Data->type('' => $timestamp)->uri($wsu)->prefix('wsu')
          }->prefix('wsse')
          })->uri($wsse)->prefix('wsse');

          I get a message "Can't call method "prefix" on unblessed reference at ....."

          I feel like I'm really close here, so if anyone can help me out I'd be really grteful. Sorry if
          this is something really basic, but my only perl experience is trying to write clients for my Axis
          web servcies to test interoperability.

          Thanks,

          Richard.


          --- Peter Sinnott <psinnottie@...> wrote:


          ---------------------------------
          On Tue, Dec 13, 2005 at 04:34:03PM +0000, Richard Gregory wrote:
          > Hi,
          >
          > I'm trying to write a SOAP:lite client for an Axis service which needs authenticating with a
          > UsernameToken containing a username, password digest, nonce and timestamp. The header (as
          > generated by a working axis client) should be of this form:
          >

          http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsql90/html/soapscenarios.asp

          seems to have some examples that may be of use.


          --
          Our mission is to seamlessly build quality deliverables so that we may
          synergistically pursue emerging solutions to set us apart from the competition


          ---------------------------------
          YAHOO! GROUPS LINKS


          Visit your group "soaplite" on the web.

          To unsubscribe from this group, send an email to:
          soaplite-unsubscribe@yahoogroups.com

          Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.


          ---------------------------------






          ___________________________________________________________
          NEW Yahoo! Cars - sell your car and browse thousands of new and used cars online! http://uk.cars.yahoo.com/
        Your message has been successfully submitted and would be delivered to recipients shortly.