WS-Security: Custom/Proprietary tokens in SOAP Header

Similar Messages

• How to add Custom Attributes in the SOAP header for OWSM

  Hi,
  I like to know how to add the Custom Attributes in the SOAP header for OSWM username token authentication.
  Currently we are getting the header element like
  <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  here we need to add the attribute "soap:mustUnderstand="1" , so the element will look like
  <wsse:Security soap:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  Any info on this will be helpful.
  Thanks,
  ArunM

  Hi Jay, you can make it in more than 1 way.
  I suggest you the following:
  - create an URL iview that points to any URL you want.
  - define a Resource that points to the iview (with a window name, to open in new window)
  - define an Area that points to the resource
  - add your new Area to the your current Area Group
  Regards!

• How to add a custom element to a SOAP Header in c#

  I am new to SOAP and web-services, and not an expert on c# either so sorry if I have made an infuriatingly simple error.
  I am calling several web-services and I now need to add an element called *pcimask* to the SoapHeader in order to get a response that is PCI Compliant.
  The web-services/WSDL don't expose this property so I guess I need to add it at runtime.
  My application creates SOAP messages like the below: (the Soap Request and Response are output into a text file by a SOAP Logging class)
  <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:xsd="http://www.w3.org/2001/XMLSchema">
  <soap:Header>
  <AutHeader xmlns="http://edb.com/ws/WSCommon_v21">
  <SourceApplication>myApp</SourceApplication>
  <DestinationApplication>theirApp</DestinationApplication>
  <Function>CardCreate</Function>
  <Version>3.0.0</Version>
  <ClientContext>
  <userid>myID</userid>
  <credentials>SecureToken</credentials>
  <channel>NBA</channel>
  <orgid>123456</orgid>
  <orgunit>654321</orgunit>
  <customerid />
  <locale xsi:nil="true" />
  <ip>123.456.789.012</ip>
  </ClientContext>
  </AutHeader>
  </soap:Header>
  As I understand it, I need to add an element `pcimask="true` to the
  <ClientContext element, and it must be after the <ip>
  However the wsdl doesn't expose this as a property.
  So I have looked at the below resources:
   Bytes.com - how-add-soap-header-soap-message
   Stackoverflow: (18980689) adding-custom-soapheader-in-c-sharp-for-a-web-service-call
   Stackoverflow: (4035423) add-child-elements-to-custom-soap-header-in-spring-ws
  and I came up with a little class inside my `common.cs` as below:
  using System.Web.Services.Protocols;
  using System.Xml.Serialization;
  namespace EvryCardManagement
  [XmlRoot(Namespace = "http://edb.com/ws/WSCommon_v21")]
  [SoapHeader("EDBHeaderType", Direction = SoapHeaderDirection.In)]
  public class CardCreateEx : SoapHeader
  public string Value;
  public CardCreateEx pcimask;
  public static class Common
  public static bool closeMe { get; set; }
  public static int iMQRowID;
  public static string impNme;
  public static string impPwd;
  and I wanted to try and use it in my code that creates the SoapHeader as below:
  private EDBHeaderType wsSoapHeader()
  EDBHeaderType wsSoapHeader = new EDBHeaderType();
  /* ClientContext */
  ClientContextType clientContext = new ClientContextType();
  clientContext.userid = edb_service[0].userid;
  clientContext.credentials = Common.SOToken;
  //clientContext.pc
  clientContext.orgid = edb_service[0].orgid;
  clientContext.orgunit = edb_service[0].orgunit;
  clientContext.customerid = "";
  clientContext.channel = edb_service[0].channel;
  clientContext.ip = edb_service[0].ip;
  /* PCI MASK added to ClientContext in header; P-02925; Jan 2015 */
  CardCreateEx cardCreateExt = new CardCreateEx(); // P-02925; Jan 2015
  cardCreateExt.Value = "true";
  /* EDBHeader */
  wsSoapHeader.SourceApplication = edb_service[0].SourceApplication;
  wsSoapHeader.DestinationApplication = edb_service[0].DestinationApplication;
  wsSoapHeader.Function = edb_service[0].Function;
  wsSoapHeader.Version = edb_service[0].Version; // P-02925; Oct-Nov 2014
  wsSoapHeader.ClientContext = clientContext;
  return wsSoapHeader;
  but I get a build error:
      Attribute 'SoapHeader' is not valid on this declaration type. It is only valid on 'method' declarations.
  so what is the correct way to do this?

  Hi,
  >>Attribute 'SoapHeader' is not valid on this declaration type. It is only valid on 'method' declarations.
  Base on this situation, just as the error message says, the 'SoapHeader' attribute can only use on method, such as:
  [SoapHeader("myHeader", rection=SoapHeaderDirection.InOut)]
  //Receive any SOAP headers other than MyHeader.
  [SoapHeader("unknownHeaders",Required=false)]
  public string MyWebMethod() {
  return "Hello";
  For mire information:
  http://msdn.microsoft.com/en-us/library/system.web.services.protocols.soapheader(v=vs.110).aspx
  Besides, about Defining and Processing SOAP Headers:
  http://msdn.microsoft.com/en-us/library/77hkfhh8(v=vs.71).aspx
  http://stackoverflow.com/questions/18980689/adding-custom-soapheader-in-c-sharp-for-a-web-service-call
  Regards

• Namespace prefix for Security elements being removed from SOAP Header

  Hello, I'm seeing a strange problem when accessing a web service using two different Netbeans projects.
  If I use a Netbeans Java Application, add the Web Client Reference , add the web client code, all works fine and the wsse:Security element looks like this:
  <S:Header>
  <ns4:Security xmlns:ns2="IAMP" xmlns:ns3="urn:realops.com:amp:workflow" xmlns:ns4="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <ns4:UsernameToken>
  <ns4:Username>admin</ns4:Username>
  <ns4:Password>admin123</ns4:Password>
  </ns4:UsernameToken>
  </ns4:Security>
  However if I do a similar sort of thing but access the web service via a Web Application, the namespace prefix is removed from all child elements wsse:Security like so:
  <S:Header>
  <ns4:Security xmlns:ns2="IAMP" xmlns:ns3="urn:realops.com:amp:workflow" xmlns:ns4="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <UsernameToken>
  <Username>admin</Username>
  <Password>admin123</Password>
  </UsernameToken>
  </ns4:Security>
  Which causes an authentication exception.
  The question is, why, when the wsdl are exactly the same for both projects , is the namespace prefix removed from the web app?
  Thanks in advance,
  jsz.

  Hello, I'm seeing a strange problem when accessing a web service using two different Netbeans projects.
  If I use a Netbeans Java Application, add the Web Client Reference , add the web client code, all works fine and the wsse:Security element looks like this:
  <S:Header>
  <ns4:Security xmlns:ns2="IAMP" xmlns:ns3="urn:realops.com:amp:workflow" xmlns:ns4="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <ns4:UsernameToken>
  <ns4:Username>admin</ns4:Username>
  <ns4:Password>admin123</ns4:Password>
  </ns4:UsernameToken>
  </ns4:Security>
  However if I do a similar sort of thing but access the web service via a Web Application, the namespace prefix is removed from all child elements wsse:Security like so:
  <S:Header>
  <ns4:Security xmlns:ns2="IAMP" xmlns:ns3="urn:realops.com:amp:workflow" xmlns:ns4="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <UsernameToken>
  <Username>admin</Username>
  <Password>admin123</Password>
  </UsernameToken>
  </ns4:Security>
  Which causes an authentication exception.
  The question is, why, when the wsdl are exactly the same for both projects , is the namespace prefix removed from the web app?
  Thanks in advance,
  jsz.

• Query reg adding custom tags in SOAP Header - AXIS Receiver Adapter

  Hi All,
  I need to send custom tags as mentioned below to my traget webservice application. I think I can do this with Receiver AXIS adapter but not sure how it can be done. Can any of you suggest?
                                                <WSContext>
                 <FromAppId>ABC</FromAppId>
                 <ToAppId>XYZ</ToAppId>
            </WSContext>
  Thanks,

  If you want to add custom tags in the soap header, one possible solution is use XSLT mapping or Java mapping to create header first then do message mapping for mapping the payload structure between your source and target  as usual.
  So in operation mapping you sequence mapping like this... first XSLT mapping for custom tags for the SOAP Header followed by payload mapping.
  Hope that helps.
  Search SDN for XSLT Mapping for soap header. Already we have handled these issues.

• Unable to add custom SOAP header to consumer webservice in CRM( without using PI)

  Hello Experts,
  We have a requirement to consume webservice proxy in CRM without involving PI. We have WSDL file which has many services as depicted in the first screenshot.After checking old posts, I could add custom SOAP header by using if_wsprotocol_ws_header and there is no xml parsing error for ws_header.Have used if_ixml_stream_factory to check xml parsing error for header.
  '<soapenv:Header>'
  '<wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">'
  '<wsse:UsernameToken wsu:Id="UsernameToken-2">'
              '<wsse:Username>user id</wsse:Username>'
              '<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">paswd</wsse:Password>'
              '<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">MT0B9XFzsZJXXKmVKOsj/Q==</wsse:Nonce>'
              '<wsu:Created>2015-03-30T06:29:17.407Z</wsu:Created>'
  '</wsse:UsernameToken>'
  '</wsse:Security>'
  '</soapenv:Header>' INTO l_string.
  But when my ABAP program as a whole gets executed where consumer proxy is called, then it still throws XML parsing error - undeclared namespace prefix. As mentioned, there is no parsing error for header and WSDL file as a whole in SOAP UI tool works fine,by manually adding SOAP header.
  Have configured SOAMANAGER with logical port.Or any wrong setting in SOAMANAGER can cause this issue? When I tested webservice ping, it gave me attached error but I read in a SAP note that such error can be ignored.
  I want to know if some more setting/coding is required if we manually add custom header to a payload? Is PI really required to implement this requirement? Payload mapping has to be done to add custom header and if that can be taken care by ABAP coding and how?
  Can you please help?
  BR,
  Nisha Verma

  Hello Experts,
  I have not found the solution yet.
  Can anyone provide some insight??
  BR,
  Nisha Verma

• WS-Security SOAP Header does not include expected elements

  Our SAP R/3 Enterprise is sending messages to XI which then forwards them to third party applications withing our corporate firewall.
  One of these applications (Java) provides a Web Service  to which we are attempting to direct a message from XI.
  This Web Service requires WS-Security information be included in the SOAP header identifying Username, Password as described by the Oasis standards.
  <soapenv:Header>
      <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
        soapenv:mustUnderstand="1">
        <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
          wsu:Id="UsernameToken-21280292">
          <wsse:Username>test</wsse:Username>
          <wsse:Password
            Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest"
            >Zzqxojj3iKMfki45et4ZWqrAupQ=</wsse:Password>
          <wsse:Nonce>b6QiDyhP3Ds9z24NMI0r6w==</wsse:Nonce>
          <wsu:Created>2007-01-04T16:57:48.625Z</wsu:Created>
        </wsse:UsernameToken>
      </wsse:Security>
    </soapenv:Header>
  I have gone through a lot of documentation provided by SAP and SDN in an attempt to determine how and what to configure in order to generate the above SOAP header and although I am fairly sure SAP XI can perform this function I am at a loss on what needs to be done.
  Their are plenty of documents describing how to do this for a Web Service generated by an SAP (WAS, R/3, XI, etc) but other than references to doing so for a third party application nothing that is concrete. Yet I am fairly certain that it is a simple process.
  In one article of SAP Insider I found reference to this email address and am hoping that you will be able to assist.
  Our XI is currently running WAS Netweaver 04 (640) patched at SAPKB64017.

  Chris--
  OASIS WS-Security 1.0 has been supported by the XI SOAP adapter for a long time.
  However, what you're trying to do isn't possible in XI yet, because it isn't pure WS-Security.
  WS-Security provides definition for the wsse:UsernameToken element, but provides little in the way of content.  The standard allows for //wsse:UsernameToken/Username, and for //wsse:UsernameToken/<xsd:any> to support extensibility.  WS-Security does not define the existence of wsse:Password, wsse:Nonce, wsse:Created, etc.
  OASIS released a separate standard at the same time as WS-Security 1.0 to define a set of extensions for the wsse:UsernameToken element.  This standard includes //wsse:UsernameToken/Password and your other elements.  So, you need an application that has implemented WS-Security 1.0 as well as the "Web Services Security UsernameToken Profile 1.0" standard.
  XI does not appear to support this standard extension, so customers are frequently doing a custom implementation in order to implement the features they need from the UsernameToken Profile standard.  I've seen a customer do it in the plain HTTP adapter and use XSLT in the message mapping for receiver cases. 
  I've yet to see a sender case.  Adapter modules in the SOAP adapter might work, but I see this as a technical risk because I don't know if you can re-authenticate from within the adapter module, and I suspect that XI applies the business-service authorization rule (the user authorization to access that particular service) before the adapter modules are called.
  --Dan King
  Manager, SAP NetWeaver Integration
  Capgemini

• Calling A Secured webservice using Username and password in the Soap header

  I want to call a secured webservice.
  The Username and password should be sent with the payload in the SOAP Header
  as
  <wsse:Security S:mustunderstand="0" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsse:UsernameToken wsu:Id="SecurityToken-XXXXXXXXXXXXXXXXXXXXXXXXX" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <wsse:Username>uname</wsse:Username>
  <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">pwd</wsse:Password>
  </wsse:UsernameToken>
  </wsse:Security>
  Can you please send me the steps?
  I tried with giving the username and password under Service Account.
  I tried to create a wspolicy under business service. But nothing works...
  Please help me at the earliest.
  Also please give me steps in sequence.

  Now i made sure that the endpoint is available!
  Now am getting this error:
  <soapenv:Fault>
  <faultcode>soapenv:Server</faultcode>
  <faultstring>BEA-380002: localhost1</faultstring>
  <detail>
  <con:fault xmlns:con="http://www.bea.com/wli/sb/context">
  <con:errorCode>BEA-380002</con:errorCode>
  <con:reason>localhost1</con:reason>
  <con:location>
  <con:node>RouteNode1</con:node>
  <con:path>request-pipeline</con:path>
  </con:location>
  </con:fault>
  </detail>
  </soapenv:Fault>
  Also in the invocation trace i can observe the following things:
  Under Invocation Trace:-
  ========================
       Receiving request =====> Initial Message context
       ===============================================
       under added header:-
       ==================
       <soap:Header xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
       </soap:Header>
       under RouteNode1
  ================
       Route to "TargetMyService_BS"
  $header (request):-
  <soap:Header xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  </soap:Header>
  Under Message Context changes:-
  *===============================*
  I can find this element also:-
  con:security>
  *<con:doOutboundWss>false</con:doOutboundWss>*
  *</con:security>*
  eventhough we enabled ws security, how the above tag can be false?
  I think its getting failed to populate the header with the required login credentials.
  The other doubt i have is:-
  =================
  I have chosen the service account type is static...is this right?

• Webservice security: manipulating the SOAP Header

  Hi all,
  I need to call a web service for which the following XWSS security policy is specified:
  <xwss:SecurityConfiguration dumpMessages="false" xmlns:xwss="http://java.sun.com/xml/ns/xwss/config">
  <xwss:RequireUsernameToken passwordDigestRequired="true" nonceRequired="true"/>
  </xwss:SecurityConfiguration>
  Looking at the BPEL Admin guide, I tried to add the following to the bpel.xml file:
  <property name="wsseOASIS2004Compliant">true</property>
  <property name="wsseHeaders">credentials</property>
  <property name="wsseUsername">username</property>
  <property name="wssePassword">digestedPassword</property>
  I tried to encrypt the password using either Base64 or sha1. In any case, the following error is returned:
  com.sun.xml.wss.XWSSecurityException: Receiver Requirement for Digested Password has not been met
  Apparently, the following header format has to be constructed:
  <SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
  <SOAP-ENV:Header>
  <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
  SOAP-ENV:mustUnderstand="1">
  <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
  wsu:Id="XWSSGID-11553010711772067303919">
  <wsse:Username>username</wsse:Username>
  <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">digestedPassword</wsse:Password>
  <wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">aNonce</wsse:Nonce>
  <wsu:Created>2006-08-11T12:57:54Z</wsu:Created>
  </wsse:UsernameToken>
  </wsse:Security>
  </SOAP-ENV:Header>
  <SOAP-ENV:Body>
  theBody
  </SOAP-ENV:Body>
  </SOAP-ENV:Envelope>
  How can I achieve that using BPEL Designer (using 10.1.2.1.0)?
  E.g. are there ways to directly influence the SOAP Header?
  Thanks.
  Best regards, Sjoerd

  More info:
  By specifying the header properties in the bpel.xml BPEL generates the following header data in the SOAP message (obtained using obtunnel):
  <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
  xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <soapenv:Header>
  <wsse:Security soapenv:actor="http://schemas.xmlsoap.org/soap/actor/next"
  soapenv:mustUnderstand="1"
  xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
  <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
  <wsse:Username>username</wsse:Username>
  <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">clearTextPassword</wsse:Password>
  </wsse:UsernameToken>
  </wsse:Security>
  </soapenv:Header>
  <soapenv:Body>
  theBody
  </soapenv:Body>
  </soapenv:Envelope>
  As you can see it uses the #PasswordText which indicates the use of a cleartext password.
  Thus the question remains: how to get the Nonce, the CreationTime and the PasswordDigest in the SOAP Header of the message (BPEL 10.1.2.1.0)?
  Thanks, Sjoerd

• How to set wsse:security SOAP header in soa 11g?

  Hi,
  we are facing an issue with invoking a secured webservice.
  we tried 3 things
  1.) set the username/password in em under reference properties
  2.) Created a schema, set the username/password and included it in partner link header tab.
  3.) added a client token policy in em and then set http authentication field.
  all these not working.
  the error we are facing is :
  Non Recoverable System Fault :
  javax.xml.ws.soap.SOAPFaultException: Missing <wsse:Security> in SOAP Header
  complete payload is below:
  <bpelFault>
  <faultType>0</faultType>
  <remoteFault>
  <part name="summary">
  <summary>Missing <wsse:Security> in SOAP Header</summary>
  </part>
  <part name="detail">
  <detail>javax.xml.ws.soap.SOAPFaultException: Missing <wsse:Security> in SOAP Header</detail>
  </part>
  <part name="code">
  <code>wsse:InvalidSecurity</code>
  </part>
  </remoteFault>
  </bpelFault>
  Please let us know how to proceed with this?
  Thanks in advance
  Regards

  You need to attach the below policy in security section (Select your partnerlink in the references section of composite.xml and the click on "Configure WS policies")
  oracle/wss_username_token_client_policy
  if it is Secured Webservice, then attach this policy
  oracle/wss_username_token_over_ssl_client_policy
  After attaching policy, click edit and configure the key(out of box, u see one key csf-key) . This key should be setup with the required username and password that matches with the Webservice expected username and pwd.
  Thanks,
  Satish
  http://soadiscovery.blogspot.com

• WSSE usename token not in the SOAP Header

  Background:
  Webservice with four methods; OpGet, OpCreate, OpGetList, OpSet. Setup a jcx with this webservice URL, generate a test harness from workshop, and running this test harness and looking at the SOAP messages being send and received to verify that the web services are working. The OpGet is working since it doesn't require user credentials. But the OpCreate is currently not working. Remedy is rejecting it because of access control.
  Problem #1:
  Need to pass the user credential in the SOAP header. Here's the required information in WSDL regarding Authentication.
  <wsdl:operation name="OpCreate">
  <soap:operation soapAction="urn:SimpleWebService/OpCreate" style="document"/>
  <wsdl:input>
  <soap:header message="s:ARAuthenticate" part="parameters" use="literal">
  </soap:header>
  <soap:body use="literal"/>
  </wsdl:input>
  <wsdl:output>
  <soap:body use="literal"/>
  </wsdl:output>
  </wsdl:operation>
  Solution that I have implemented so far:
  I have setup a WSSE file with the simple username/password in the <wsSecurityOut> element and was expecting to see this in the SOAP Header element in the WSDL message. When I look at the SOAP message in the test harness that I have generated in Workshop, I don't see this credential information. I have set the "ws-security-service property to the wsse file. I know that the harness has seen the wsse file since it gives me warning about having the password in simple text without encryption.
  Shouldn't I be seeing this userNameToken information in the SOAP Header when I run the test harness (jws) from workshop? As you can see below (Problem #2) no SOAP header is being generated.
  Problem #2:
  I see that in the SOAP message that test harness is sending wrong "xsi:type" information. It seems to be sending the "StatusType" for all the parameters except the one "Status" where it needs to?
  SOAP-ENV:Envelope xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
  <SOAP-ENV:Body>
  <ns:OpCreate xmlns:ns="urn:SimpleWebService">
  <ns:Assigned_To xsi:type="ns:StatusType">donnab</ns:Assigned_To>
  <ns:Short_Description xsi:type="ns:StatusType">testing from weblogic 8.1 SP3 Workshop</ns:Short_Description>
  <ns:Status>New</ns:Status>
  <ns:Submitter xsi:type="ns:StatusType">donnab</ns:Submitter>
  </ns:OpCreate>
  </SOAP-ENV:Body>
  </SOAP-ENV:Envelope>
  Here's the WSDL where the OpCreate is defined:
  <xsd:element name="OpCreate" type="s:CreateInputMap"/>
  <xsd:complexType name="CreateInputMap">
  <xsd:sequence>
  <xsd:element name="Assigned_To" type="xsd:string"/>
  <xsd:element name="Short_Description" type="xsd:string"/>
  <xsd:element name="Status" type="s:StatusType"/>
  <xsd:element name="Submitter" type="xsd:string"/>
  </xsd:sequence>
  </xsd:complexType>

  I've never been able to see that information because I assume Weblogic server strips it out the minute it receives it and uses it to authenticate the user against a principal in the server.
  You can get ahold of this info, though. In your .jws file, in workshop, add this as a context:
  /** @common:context */
  JwsContext context;
  In your web services method, access the context to get the username:
  context.getCallerPrincipal().getName();
  That will return a String w/ the username passed in the username token.
  -Becky

• Adding WS Security in SOAP header for calling soap services from PI

  When i am calling a wss enabled webservice from soapui with the header parameters
  Username , Password and Password Type - PasswordText , it is able to get results. The soapui tool automatically adds the following in the soap header -
       <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
           <wsse:UsernameToken wsu:Id="UsernameToken-9368150" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
              <wsse:Username>xxxxx</wsse:Username>
              <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">xxxxx</wsse:Password>
              <wsse:Nonce>aOA1P6t2hJPRyuraQ/IliQ==</wsse:Nonce>
              <wsu:Created>2009-07-10T14:58:33.781Z</wsu:Created>
           </wsse:UsernameToken>
        </wsse:Security>
  However , in PI when the following configurations are made -
  Web Services Security option selected in soap receiver adapter
  In Receiver Agrrement -
  Security Standard -  http://docs.oasis ....
  Security Procedure (Request) - None
  Security Procedure (response) - None
  the user tokens don't seem to generated and it is giving an authentication error . Is there any process of generating this in the outgoing soap header from PI.
  SOAP Axis framework is not installed at present  and working on PI 7.1 SP6.
  Looking forward for your replies

  same issue for me too.
  Try using WS adapter on receiver side .
  If you are able to attach SOAP header with WSSE fields using SOAP adapter at reciever channel let me know how you did it.

• WS-security Need to Get Username and Password and time Stamp in SOAP Header

  HI ALL,
  i need to get USERNAME and PWD in my Soap header for consuming Webservice using SAP PI ,
  and my SOAP Header should look like this
  <soapenv:Header>
  <wsse:Security soapenv:mustUnderstand="1"
  xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
  xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurityutility-
  1.0.xsd"
  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
  xmlns:xsd="http://www.w3.org/2001/XMLSchema"
  xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wsswssecurity-
  secext-1.0.xsd">
  <wsu:Timestamp wsu:Id="Timestamp-296915943">
  <wsu:Created>2008-06-05T18:30:59.904Z</wsu:Created>
  <wsu:Expires>2009-06-05T18:35:59.904Z</wsu:Expires>
  </wsu:Timestamp>
  <wsse:UsernameToken wsu:Id="UsernameToken-192809888">
  <wsse:Username>midtier-service</wsse:Username>
  xxxxxxxx: Confidential Green 10
  <wsse:Password Type="http://docs.oasisopen.
  org/wss/2004/01/oasis-200401-wss-username-token-profile-
  1.0#PasswordText">password</wsse:Password>
  </wsse:UsernameToken>
  </wsse:Security>
  </soapenv:Header>
  should i need to get some certificates from client and deploy it or should we do anything in SAP PI and send to soap header or can hard code it and send to webservice, please help me in this t
  hanking you
  Sridhar

  i need to get USERNAME and PWD in my Soap header for consuming Webservice using SAP PI ,
  Can be achieved by XSL Mapping or SOAP Axis Adapter. Search on SDN for further details as this has been discussed many a times on the forum.
  should i need to get some certificates from client and deploy it or should we do anything in SAP PI and send to soap header or can hard code it and send to webservice, please help me in this t
  First you need to confirm whether certificates are required or not. Might be the web service is using user id / password security (basic authorization).
  How to use certificates in PI - Search on SAP Help, this has been explained in great details over there.

• Accessing SOAP header information in a custom adaptor module

  Hi Guys,
  Could anyone point me in the direction of information on how to access the SOAP:Header element when writing a custom adaptor module for a http/ SOAP communication channel?
  I'm trying to add some WS-Security stuff which isn't available in XI 3.0.
  Many thanks,
  John

  The solution is as follows:
  Mark as Do Not Use SOAPEnvelope in the communication channel.
  It may be possible to use the SAP implementation of MessageFactory, SOAPEnvelope etc., I forced XI the Apache Axis implementation, a thread on which can be found here Link: [Accessing SOAP header information in a custom adaptor module;
  The SOAP Envelope is created by
  javax.xml.soap.MessageFactory mf= org.apache.axis.soap.MessageFactoryImpl.newInstance();
  This doesn't work it creates a com.sap.engine.services.webservices.jaxm.soap.SOAPMessageImpl
  org.apache.axis.message.SOAPEnvelope env = new org.apache.axis.message.SOAPEnvelope();
  org.apache.axis.Message iSoapMessage = new org.apache.axis.Message(env);
  SOAPMessage sm = iSoapMessage;
  SOAPBody iBody = se.getBody();
  if(iBody!=null)
       iBody.addDocument(iDoc);
       addDocument failed for some reason when called in XI returning
       Exception caught by adapter framework: Exception in method process.
       The code below is copied straight from the addDocument method, but it works.
       org.w3c.dom.Element iDocRoot= iDoc.getDocumentElement();
       org.apache.axis.message.SOAPBodyElement bodyElement = new org.apache.axis.message.SOAPBodyElement(iDocRoot);
       iBody.addChildElement(bodyElement);
  In order to get a document representation of the Envelope you can use
  Document iEnvelopeDoc = ((org.apache.axis.message.SOAPEnvelope)env).getAsDocument();
  You are now in a position to add or adjust the SOAP Envelope as your require. It enabled me to add WS-Security information to a message.
  It is normally possible to use javax.xml.transform.Transformer on the various classes SOAPEnvelope, SOAPBody etc. as they implement Node. However doing this in XI caused a crash.
  The final document can be then be set in the xmlPayload before being sent out the door.
  Hope this helps someone,
  John

• Unable to process SOAP Header child element 'wsse:Security' with 'mustUnder

  Hello everyone.
  In have created project in Jdeveloper. In this one i have one external reference for Siebel Service.
  At composite, for external reference service(Siebel Service) i have added a security policy i.e. *"oracle_wss_username_token_client_policy"*.
  [Right click on SiebelService->configure WS policies->under security tab i have selected above policy]
  So apart from this i have added property for the policy
  <property name="oracle.webservices.auth.username" type="xs:string"
  many="false" override="may">SADMIN</property>
  <property name="oracle.webservices.auth.password" type="xs:string"
  many="false" override="may">SADMIN</property>
  But its returning following error,
  Unable to process SOAP Header child element 'wsse:Security' with 'mustUnderstand="1"'(SBL-EAI-08000)
  This really pushed back me in development.
  Really i am in need of help. Help me out of this issue.
  Thanks in advance,
  Shridhar

  Unable to process SOAP Header child element 'wsse:Security' with 'mustUnderstand="1"'(SBL-EAI-08000)The problem is at Siebel side. It is not able to understand the security mechanism being used at SOA side. There are two options -
  1. Use the custom policy and assertion at SOA side (please refer to metalink note - 1419373.1)
  2. Write your own custom message handler class and use it at Siebel side to negotiate security gap
  Regards,
  Anuj