How to set wsse:security SOAP header in soa 11g?

Similar Messages

• Urgent How do I add Wsse:Security  soap:mustUnderstand="1" in SOAP Document

  Hi All,
  I am trying to consume external web service with WS Security. How do I add the below nodes to my SOAPDOC?
  <soapenv:Header xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <wsse:Security soap:mustUnderstand="1" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  Can anyone help in this regard?
  Thanks!
  Pradeep
  [email protected]

  try following
  &Sdoc = CreateSOAPDoc();
  &Sdoc.AddEnvelope(0);
  &Sdoc.AddHeader();
  &Sdoc.AddBody();
  &Sdoc.AddMethod("someelement", 1);
  &MethodNode = &Sdoc.MethodNode;
  &textNode = &MethodNode.AddText("12345");
  &HdrNode = &Sdoc.HeaderNode;
  &HdrAttribute = &HdrNode.AddAttribute("xmlns:soapenv", "http://schemas.xmlsoap.org/soap/envelope/");
  &WsseNode = &HdrNode.AddElement("wsse:Security");
  &WsseAttribute = &WsseNode.AddAttribute("soap:mustUnderstand", "1");
  &WsseAttribute = &WsseNode.AddAttribute("xmlns:soap", "http://schemas.xmlsoap.org/wsdl/soap/");
  &WsseAttribute = &WsseNode.AddAttribute("xmlns:wsse", "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
  &strxml = &Sdoc.XmlDoc.GenFormattedXmlString();
  &MYFILE = GetFile("c:\temp\test.xml", "N", %FilePath_Absolute);
  If &MYFILE.IsOpen Then
     &MYFILE.WriteLine(&strxml);
     &MYFILE.Close();
  End-If;content c:\temp\test.xml:
  <?xml version="1.0"?>
  <SOAP-ENV:Envelope xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
    <SOAP-ENV:Header xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
      <wsse:Security soap:mustUnderstand="1" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"/>
    </SOAP-ENV:Header>
    <SOAP-ENV:Body>
      <someelement>12345</someelement>
    </SOAP-ENV:Body>
  </SOAP-ENV:Envelope>

• Setting up the Soap Header when consuming a web service.

  Hi SDN,
  I am trying to consume a web service,where I need to pass the soap header for sending the request to the sever.
  I am using if_ws_protocol_ws_header->SET_REQUEST_HEADER to set the Username and Password to the soap header. After a lot of trouble shooting I came to conclusion that the Username and Password are not being updated in soap header.
  I want to know how to set the soap header? I have tested the web service in the SOAP UI testing tool and it works fine taking the credentials. The webservice is using HTTPS protocol.Do we have any separate config for https. Do I need to pass the nonce and date created in the soap header for sure ? And is there any thing to be configured by basis team?
  Here is what I am trying to pass:
  ' <soapenv:Header>'
        '<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">'
           '<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">'
              '<wsse:Username>XXXXXXX</wsse:Username>'
              '<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">XXXXX</wsse:Password>'
              '</wsse:UsernameToken>'
       ' </wsse:Security>'
        '/soapenv:Header>'
  Thank you.

  CONCATENATE
  '<soapenv:Header>'
  '<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"'
  'xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"'
  'xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">'
  '<wsse:UsernameToken>'
  '<wsse:Username>XXXXXX</wsse:Username>'
  '<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">XXXXXX</wsse:Password>'
  '<wsse:Nonce>' XXXXX'</wsse:Nonce>'
  '<wsu:Created>' XXXXX '</wsu:Created>'
  '</wsse:UsernameToken>'
  '</wsse:Security>'
  '</soapenv:Header>'
     INTO l_string.
  I solved my self and its working , Here is what I was passed.
  Thank you guys.

• WS-Security SOAP Header does not include expected elements

  Our SAP R/3 Enterprise is sending messages to XI which then forwards them to third party applications withing our corporate firewall.
  One of these applications (Java) provides a Web Service  to which we are attempting to direct a message from XI.
  This Web Service requires WS-Security information be included in the SOAP header identifying Username, Password as described by the Oasis standards.
  <soapenv:Header>
      <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
        soapenv:mustUnderstand="1">
        <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
          wsu:Id="UsernameToken-21280292">
          <wsse:Username>test</wsse:Username>
          <wsse:Password
            Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest"
            >Zzqxojj3iKMfki45et4ZWqrAupQ=</wsse:Password>
          <wsse:Nonce>b6QiDyhP3Ds9z24NMI0r6w==</wsse:Nonce>
          <wsu:Created>2007-01-04T16:57:48.625Z</wsu:Created>
        </wsse:UsernameToken>
      </wsse:Security>
    </soapenv:Header>
  I have gone through a lot of documentation provided by SAP and SDN in an attempt to determine how and what to configure in order to generate the above SOAP header and although I am fairly sure SAP XI can perform this function I am at a loss on what needs to be done.
  Their are plenty of documents describing how to do this for a Web Service generated by an SAP (WAS, R/3, XI, etc) but other than references to doing so for a third party application nothing that is concrete. Yet I am fairly certain that it is a simple process.
  In one article of SAP Insider I found reference to this email address and am hoping that you will be able to assist.
  Our XI is currently running WAS Netweaver 04 (640) patched at SAPKB64017.

  Chris--
  OASIS WS-Security 1.0 has been supported by the XI SOAP adapter for a long time.
  However, what you're trying to do isn't possible in XI yet, because it isn't pure WS-Security.
  WS-Security provides definition for the wsse:UsernameToken element, but provides little in the way of content.  The standard allows for //wsse:UsernameToken/Username, and for //wsse:UsernameToken/<xsd:any> to support extensibility.  WS-Security does not define the existence of wsse:Password, wsse:Nonce, wsse:Created, etc.
  OASIS released a separate standard at the same time as WS-Security 1.0 to define a set of extensions for the wsse:UsernameToken element.  This standard includes //wsse:UsernameToken/Password and your other elements.  So, you need an application that has implemented WS-Security 1.0 as well as the "Web Services Security UsernameToken Profile 1.0" standard.
  XI does not appear to support this standard extension, so customers are frequently doing a custom implementation in order to implement the features they need from the UsernameToken Profile standard.  I've seen a customer do it in the plain HTTP adapter and use XSLT in the message mapping for receiver cases. 
  I've yet to see a sender case.  Adapter modules in the SOAP adapter might work, but I see this as a technical risk because I don't know if you can re-authenticate from within the adapter module, and I suspect that XI applies the business-service authorization rule (the user authorization to access that particular service) before the adapter modules are called.
  --Dan King
  Manager, SAP NetWeaver Integration
  Capgemini

• How to set height of JTable Header ?

  How to set height of JTable Header and set the text to another size ?

  You can set the font of the header as you can for any component. The font will dictate the preferred height of the header. If you don't like the preferred height, you can set that as well.
  // add table to a scroll pane or the header will not appear
  JTable table = new JTable(...);
  container.add(new JScrollPane(table));
  // get a reference to the header, set the font
  JTableHeader header = table.getTableHeader();
  header.setFont(new Font(...));
  // set the preferred height of the header to 50 pixels.
  // the width is ignored by the scroll pane.
  header.setPreferredSize(new Dimension(1, 50));Mitch Goldstein
  Author, Hardcore JFC (Cambridge Univ Press)
  [email protected]

• How to set WSSE credentials using Service Account in OSB

  Hi Guys,
  Flow Path:
  OSB-A (Only Proxy Service) --> OSB-B (Both Proxy and Business service present) --> PIMWS --> PLSQL
  In OSB-A i have a service account, which iam getting it in a variable using assign activity and trying to populate that in header variable using replace activity then calling OSB-B but iam getting the following exception..
  When i check in the flow.. $header is not replaced with the actual WSSE: tags and credentials. How to make it to work ?
  <proc:OutputParameters xmlns:proc="http://xmlns.oracle.com/apps/ap/soaprovider/plsql/xx_i024_suppliers_pkg/process_suppliers/" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
  <proc:X_RETURN_STATUS>Missing <wsse:Security> in SOAP Header</proc:X_RETURN_STATUS>
  <proc:X_RETURN_CODE>wsse:InvalidSecurity</proc:X_RETURN_CODE>
  </proc:OutputParameters>
  Thanks,
  Vijay
  Edited by: veejai24 on 16-Apr-2012 09:01

  I am able to use Service Account in my OSB. The following are the steps i did.
  I have created a service account and kept my username and password there in a common OSB Project.
  Then in my proxy service i have an assign which is having the wsse header tags, which retrieves the username and password from service account.
  I replace the header with the above information and calling the business service using routing options.
  In business service, in http transport page i have used Authentication type as basic and kept the service account by browsing from my common OSB Project.
  If i fire a request iam getting the response back as expected.
  My question is why should i do 2 times the same thing, when i try to remove the configuration from business service iam getting exception saying "WSSE credentials are missing"
  When i put it back its started working.
  Thanks,
  Vijay

• OWSM: How to encrypt payload and SOAP header?

  Hi,
  Anybody know how I can encrypt the payload and the SOAP header via OWSM? I can only find references on how to do it using SSL. The reason for using OWSM/WS-Security was to move away from using transport based encryption (SSL).
  Regards Pete

  http://download.oracle.com/docs/cd/E10291_01/doc.1013/e10299/policy_steps.htm#sthref612
  if you look at the topic :XML Encrypt
  you will see you can encrypt every part of the xml
  Encrypted Content
  Part of the SOAP envelope to be encrypted. Valid values are: BODY, HEADERS, ENVELOPE, and XPATH. The default is BODY.

• How to use XHeaderName1 in SOAP header

  I have a scenario in which im passing the target URL of a webservice dynamically in my mapping udf.
  I have to pass the URL to the TServerLocation parameter in SOAP header. But the error i get is that the URL is too long for TServerLocation. So i have to split it and send it using XHeaderName1,XHeaderName2 and XHeaderName3.
  Can anyone tell me how to do this.
  i saw this blog which gives me some idea but still my scenario is not working
  /people/william.li/blog/2006/04/18/dynamic-configuration-of-some-communication-channel-parameters-using-message-mapping
  please Help

  Hi Sivasakthi Danasekaran,
  URL is an environment variable I think it will take 256 charecters only. You need to split it compulsorly.
  Reward points if needful.
  Thanks,
  RamuV

• How to get information from SOAP header in weblogic without handlers

  I need to retrieve information from SOAP header without handlers.
  Any ideas how to do that?

  Just wondering if Filter can be used here, though I never tried that.

• How to set and pass a Header Varible in Jsp

  Hi ,
  I am using Headervariable login module(which takes user id form http header variable) for single sign on.
  I configured the login module stack. But to test i need a jsp from which i can pass the user id in http header.
  to test if i am able to set the user id in http header , i  have written 2 jsps
  1. Header.jsp
  In this , i am setting the user id
  response.addHeader("UserId" ,"user1");
  and i am posting it to HeaderResult.jsp
  2.HeaderResult.jsp
  In this, i am tryng to rretrieve it By using
  request.getHeader("UserId");
  But i am not geeting any value.
  Can i set user defined header variables?if not, can i set the standard http header variabes,
  Please help me with the code.
  Thanks,
  Lakshmi

  Hi Deltev,
  Yes it will be lost, should i use request.servervariable(Http_userid)?
  The Headeresult.jsp is only to test if i am able to set the header .
  Actaully ,from Header.jsp i am calling the portal(Login module stack configured to HeaderVaribleLogin).
  the poratl expects the userid  from Http Header from jsp i need to send this in header.
  How do i do this. I am missing something while passing the userid in header.
  Please lete me know.
  Thanks,
  Lakshmi

• How to get data from SOAP-Header/MAIN-Section?

  Hi,
  I need some data of the SOAP-Header-MAIN-Section, e.g. <SAP:Sender><SAP:SERVICE>
  Is it possible to get these data with XSLT-Mapping or Java-Mapping? Are there blogs about it?
  I need these data of the MAIN-Section inside the condition of the receiver determination.
  Thank you all.
  Regards
  Wolfgang

  Hi,
  Do you wnat to access the Sender Service details in your mapping using java or XSL mapping? this is possible.
  Check this link,
  http://help.sap.com/saphelp_nw04/helpdata/en/43/09b16006526e72e10000000a422035/content.htm
  Or do you want to access the SOAP header itself?
  Regards,
  bhavesh

• How to add new custom SOAP header when generate webservice?

  Hi
  When invoke an external webservice, SOA Gateway provide a method to add new customized SOAP Header, via extending seeded java function "WebServiceInvokerSubscription".
  And in case of generating a new webservice in EBS, is there some similar method to add new customized SOAP header in the webservice?
  Thanks
  James

  Look at your Payment Process Profile. THere should be a reporting subtab and within that subtab is a Separate Remittance Advice region. I believe that is where you specify the format for the remittance advice document (which is built in XML Publisher). Take a look at that.
  John Dickey

• How to add  variables in SOAP header before to call my Physical Service?

  In ODSI,
  I created a Physical Service for an external WebService (third part).
  In a logical Service (inside a XQuery Extension Function) i am calling the previous Physical Service. However, I need to add some variables in the SOAP Header Request before to call that Physical Service.
  Thanks

  Since your webservice accepts a SOAP Header, the wsdl for your webservice should describe that SOAP header (as well as the body). And when ODSI creates the physical data service from the wsdl, the read function will take two arguments - one is the SOAP header and the other is the SOAP body. All you need to do is populate the soap header and body.
  If your wsdl does not describe the soap header - fix it so that it does. If need be, make a copy of the wsdl, modify it to describe the soap header, save it in your DataSpace, and then (re)create the physical data service from the wsdl.
  - Mike

• How to set the default screen header structure of PA30?

  Hi,
  I am not talking about the screen header of a particular infotype, e.g. IT0002. I have managed to change the header for any infotype by changing  the structure of relevant screen header modifier.
  The question is, how to change the screen header at the initial screen of PA30?
  Because all settings in table V_582A_B are with an infotype number. No idea about how to change the default sreen header.
  thanks in advance.

  PA20 / PA30 Initial screen always maps to screen header '00' even if it's not in V_582A_B. Therefore, if you have an infotype currently maps to screen header '00' and plan to have initial screen header to be different than the header of this infotype, you'll need to re-configure this infotype to map to a different screen header.
  Rgds.

• How to use JKS-based Keystore in Oracle SOA 11g

  I am trying to do FTPS on third party remote server(with UNIX OS) using SOA 11g FTP Adapter. I have Installed and Configured vsftpd and generated vsftpd.pem certificate file on remote server.
  Followed the steps mentioned in http://download.oracle.com/docs/cd/E17904_01/integration.1111/e10231/adptr_file.htm#CIABDGCF
  In one of the step "Setting Up the Oracle FTP Adapter" walletLocation is required, then I went through steps mentioned in http://download.oracle.com/docs/cd/E17904_01/core.1111/e10105/wallets.htm#CHDGIJDC
  Tried to use both 1) JKS Keystore Management 2) Wallet Management
  But unable to find both of them in em of Oracle SOA 11g as the steps are not matching.
  Can anyone tell me how to use JKS Keystore Management or Wallet Management ?
  Many Thanks!!
  Regards
  Yogesh

  Hi Yogesh,
  I believe the wallet can be created from the FMW console only if the HTTP server is installed and available. If there is no Oracle HTTP server, please configure one as given under.
  [ http://download.oracle.com/docs/cd/E12839_01/doc.1111/e14260/toc.htm | Oracle HTTP Server Installation ]
  Reards,
  Neeraj Sehgal