Loading ...
Sorry, an error occurred while loading the content.

Re: [soaplite] Soap header UsernameToken Authenitcation

Expand Messages
  • Richard Gregory
    Thanks for the link, Peter. I ve pretty much got it solved, I think, but I just have one small problem, that is I can t figure out how to add the wsse prefix
    Message 1 of 4 , Dec 14, 2005
    • 0 Attachment
      Thanks for the link, Peter. I've pretty much got it solved, I think, but I just have one small
      problem, that is I can't figure out how to add the "wsse" prefix to the UsernameToken element:

      <soapenv:Header>
      <wsse:Security
      xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
      soapenv:mustUnderstand="1">
      <UsernameToken>
      <wsse:Username>wss4j</wsse:Username>
      <wsse:Password
      Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">Cq22uI3TX3XASvn2kIQkU0ITA0s=</wsse:Password>
      <wsse:Nonce>i1UwBPCCWbUoI9Duh80D7w==</wsse:Nonce>
      <wsu:Created
      xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2005-12-09T10:09:19.656Z</wsu:Created>
      </UsernameToken>
      </wsse:Security>
      </soapenv:Header>

      Here is the code of my client which generates the header.

      my $wsse = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
      my $wsu = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
      my $passworddigest =
      "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest";

      my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = gmtime(time);
      my $timestamp = sprintf "%4d-%02d-%02dT%02d:%02d:%02dZ\n",
      $year+1900,$mon+1,$mday,$hour,$min,$sec;

      my $username = "wss4j";
      my $password = "security";
      my $nonce = "4djRSlpeyWeGzcNgatneSA==";
      my $digest = MIME::Base64::encode_base64(Digest::SHA1::sha1($nonce . $created . $password), '');

      my $header = SOAP::Header->name(Security => {
      UsernameToken => {
      Username => SOAP::Data->type('' => $username)->prefix('wsse'),
      Password => SOAP::Data->type('' => $digest)->attr({'Type'=>$passworddigest})->prefix('wsse'),
      Nonce => SOAP::Data->type('' => $nonce)->prefix('wsse'),
      Created => SOAP::Data->type('' => $timestamp)->uri($wsu)->prefix('wsu')
      }
      })->uri($wsse)->prefix('wsse');

      $header->mustUnderstand(1);

      If I try to change it to:

      my $header = SOAP::Header->name(Security => {
      UsernameToken => {
      Username => SOAP::Data->type('' => $username)->prefix('wsse'),
      Password => SOAP::Data->type('' => $digest)->attr({'Type'=>$passworddigest})->prefix('wsse'),
      Nonce => SOAP::Data->type('' => $nonce)->prefix('wsse'),
      Created => SOAP::Data->type('' => $timestamp)->uri($wsu)->prefix('wsu')
      }->prefix('wsse')
      })->uri($wsse)->prefix('wsse');

      I get a message "Can't call method "prefix" on unblessed reference at ....."

      I feel like I'm really close here, so if anyone can help me out I'd be really grteful. Sorry if
      this is something really basic, but my only perl experience is trying to write clients for my Axis
      web servcies to test interoperability.

      Thanks,

      Richard.


      --- Peter Sinnott <psinnottie@...> wrote:


      ---------------------------------
      On Tue, Dec 13, 2005 at 04:34:03PM +0000, Richard Gregory wrote:
      > Hi,
      >
      > I'm trying to write a SOAP:lite client for an Axis service which needs authenticating with a
      > UsernameToken containing a username, password digest, nonce and timestamp. The header (as
      > generated by a working axis client) should be of this form:
      >

      http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsql90/html/soapscenarios.asp

      seems to have some examples that may be of use.


      --
      Our mission is to seamlessly build quality deliverables so that we may
      synergistically pursue emerging solutions to set us apart from the competition


      ---------------------------------
      YAHOO! GROUPS LINKS


      Visit your group "soaplite" on the web.

      To unsubscribe from this group, send an email to:
      soaplite-unsubscribe@yahoogroups.com

      Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.


      ---------------------------------






      ___________________________________________________________
      To help you stay safe and secure online, we've developed the all new Yahoo! Security Centre. http://uk.security.yahoo.com
    • Richard Gregory
      Thanks for the link, Peter. I ve pretty much got it solved, I think, but I just have one small problem, that is I can t figure out how to add the wsse prefix
      Message 2 of 4 , Dec 14, 2005
      • 0 Attachment
        Thanks for the link, Peter. I've pretty much got it solved, I think, but I just have one small
        problem, that is I can't figure out how to add the "wsse" prefix to the UsernameToken element:

        <soapenv:Header>
        <wsse:Security
        xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
        soapenv:mustUnderstand="1">
        <UsernameToken>
        <wsse:Username>wss4j</wsse:Username>
        <wsse:Password
        Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">Cq22uI3TX3XASvn2kIQkU0ITA0s=</wsse:Password>
        <wsse:Nonce>i1UwBPCCWbUoI9Duh80D7w==</wsse:Nonce>
        <wsu:Created
        xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2005-12-09T10:09:19.656Z</wsu:Created>
        </UsernameToken>
        </wsse:Security>
        </soapenv:Header>

        Here is the code of my client which generates the header.

        my $wsse = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
        my $wsu = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
        my $passworddigest =
        "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest";

        my ($sec,$min,$hour,$mday,$mon,$year,$wday,$yday,$isdst) = gmtime(time);
        my $timestamp = sprintf "%4d-%02d-%02dT%02d:%02d:%02dZ\n",
        $year+1900,$mon+1,$mday,$hour,$min,$sec;

        my $username = "wss4j";
        my $password = "security";
        my $nonce = "4djRSlpeyWeGzcNgatneSA==";
        my $digest = MIME::Base64::encode_base64(Digest::SHA1::sha1($nonce . $created . $password), '');

        my $header = SOAP::Header->name(Security => {
        UsernameToken => {
        Username => SOAP::Data->type('' => $username)->prefix('wsse'),
        Password => SOAP::Data->type('' => $digest)->attr({'Type'=>$passworddigest})->prefix('wsse'),
        Nonce => SOAP::Data->type('' => $nonce)->prefix('wsse'),
        Created => SOAP::Data->type('' => $timestamp)->uri($wsu)->prefix('wsu')
        }
        })->uri($wsse)->prefix('wsse');

        $header->mustUnderstand(1);

        If I try to change it to:

        my $header = SOAP::Header->name(Security => {
        UsernameToken => {
        Username => SOAP::Data->type('' => $username)->prefix('wsse'),
        Password => SOAP::Data->type('' => $digest)->attr({'Type'=>$passworddigest})->prefix('wsse'),
        Nonce => SOAP::Data->type('' => $nonce)->prefix('wsse'),
        Created => SOAP::Data->type('' => $timestamp)->uri($wsu)->prefix('wsu')
        }->prefix('wsse')
        })->uri($wsse)->prefix('wsse');

        I get a message "Can't call method "prefix" on unblessed reference at ....."

        I feel like I'm really close here, so if anyone can help me out I'd be really grteful. Sorry if
        this is something really basic, but my only perl experience is trying to write clients for my Axis
        web servcies to test interoperability.

        Thanks,

        Richard.


        --- Peter Sinnott <psinnottie@...> wrote:


        ---------------------------------
        On Tue, Dec 13, 2005 at 04:34:03PM +0000, Richard Gregory wrote:
        > Hi,
        >
        > I'm trying to write a SOAP:lite client for an Axis service which needs authenticating with a
        > UsernameToken containing a username, password digest, nonce and timestamp. The header (as
        > generated by a working axis client) should be of this form:
        >

        http://msdn.microsoft.com/library/default.asp?url=/library/en-us/dnsql90/html/soapscenarios.asp

        seems to have some examples that may be of use.


        --
        Our mission is to seamlessly build quality deliverables so that we may
        synergistically pursue emerging solutions to set us apart from the competition


        ---------------------------------
        YAHOO! GROUPS LINKS


        Visit your group "soaplite" on the web.

        To unsubscribe from this group, send an email to:
        soaplite-unsubscribe@yahoogroups.com

        Your use of Yahoo! Groups is subject to the Yahoo! Terms of Service.


        ---------------------------------






        ___________________________________________________________
        NEW Yahoo! Cars - sell your car and browse thousands of new and used cars online! http://uk.cars.yahoo.com/
      Your message has been successfully submitted and would be delivered to recipients shortly.