Unlock a world of possibilities! Login now and discover the exclusive benefits awaiting you.
Hi,
I am calling a web service with tESBConsumer component. Web service requires WS-Security. This is implemented in the tESBConsumer component with the "Use Authentication -> Username Token" setting. This adds WS-Security header to the Soap envelop but does not add the Nonce element. Web service also requires Nonce.
This is generated from Talend DI v6.4.1
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soap:mustUnderstand="1">
<wsse:UsernameToken wsu:Id="UsernameToken-6780c83f-ffc8-4588-a427-8f4a5eb41f77">
<wsse:Username>***</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">****</wsse:Password>
</wsse:UsernameToken> </wsse:Security> </soap:Header>
This generated from SoapUI;
<soapenv:Envelope xmlns:intf="http://intf.service.electronicaccountsummary.eho.hmn.ykb.com/" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <wsse:UsernameToken wsu:Id="UsernameToken-6C5C1C99C561657DAB15142383167429"><wsse:Username>***</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">***</wsse:Password> <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">N/+/XZhFKO9btrOs+chsBw==</wsse:Nonce> <wsu:Created>2017-12-25T21:45:16.742Z</wsu:Created></wsse:UsernameToken> </wsse:Security> </soapenv:Header>
This is the Talend generated code of the job;
This code should be added also to add Nonce header
// Automatically adds a Base64 encoded message nonce and a created timestamp wssProps.put(WSHandlerConstants.ADD_UT_ELEMENTS, WSConstants.NONCE_LN + " " + WSConstants.CREATED_LN);
Is there a easy way to change wss4j configuration to add nonce?
Thanks.
Thanks for the reply. It seems the same root cause (CXF configuration) but i don't have a problem in ESB. I am using Talend DI studio and the problem is with tESBConsumer component. By the way i found a solution by generating wssHeaders manually.
Here is my job design:
wssUserPwd component is calling a routine that creates wss header document. payload+header are merged with XmlMap and passed to tESBConsumer (callWS).
routine code:
public static routines.system.Document create(String username, String pwd) throws Exception {
DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
DocumentBuilder builder = dbf.newDocumentBuilder();
Document doc = builder.newDocument();
Element element = doc.createElement("root");
doc.appendChild(element);
WSSecHeader hdr = new WSSecHeader(doc);
hdr.insertSecurityHeader();
WSSecUsernameToken user = new WSSecUsernameToken();
user.setPasswordType(WSS4JConstants.PASSWORD_TEXT);
user.setUserInfo(username, pwd);
user.addCreated();
user.addNonce();
user.prepare(doc);
user.appendToHeader(hdr);
routines.system.Document ret = new routines.system.Document();
ret.setDocument(new DOMReader().read(doc));
//printDocument(doc,System.out);
return ret;
}