Gents,
We have a B2B interface that uses XI SOAP adapter to exchange messages
with another partner who is using webMethods 7.X.
The problem only happens when we apply the WS-Security to the interface.
Our WS-Security requirements is to sign the outgoing message and verify
the incoming. When applying the WS-Security we noticed a duplicate tag
<wsse:BinarySecurityToken> with the exact same value . Hence, our partner is unable to process the SOAP message
and returns and error message
(com.sap.aii.af.ra.ms.api.DeliveryException: Unexpected element in
SOAP:Fault; HTTP 500 Internal Server Error).
Below is the signed soap message we are sending to webmethods
- <SOAP:Envelope xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/">
- <SOAP:Header>
- <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" SOAP:mustUnderstand="1">
<wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="sap-1" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">MIIFSjCCB.................</wsse:BinarySecurityToken>
- <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
- <ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
- <ds:Reference URI="#wsuid-body-9e8bbf90-274c-11de-a3a2-00145ebca23f">
- <ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>XAx72ptHDLnGEJhrfZN4GVZoWGA=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>iHO2r1EV40Nl3SqJfBZndvZGK2w2LcBwZyCwwDUdAlMMjKX+2aD4EJ3mbF80v55A/Yb1+dm3d4SZ7OX+JyMrNZrb4/Xm3gB6OIx0He5bDazojiYU6PbjXHfSTw681Gh1qN6OrvSOnA4cBeAHkV1DzqNYqJhQiDyoTUw3u9zBKbA=</ds:SignatureValue>
- <ds:KeyInfo>
- <wsse:SecurityTokenReference>
<wsse:Reference URI="#sap-1" />
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
<wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="sap-1" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">MIIF.........</wsse:BinarySecurityToken>
<wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="sap-1" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">MIIF...........</wsse:BinarySecurityToken>
</wsse:Security>
</SOAP:Header>
- <SOAP:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="wsuid-body-9e8bbf90-274c-11de-a3a2-00145ebca23f">
- <ns0:MasterData xmlns:ns0="http://s24dh043/SA2SEC/WSD/SATOSEC">
- <MasterData_Input>
<PARTNER_ID>SAUDI-ELE-CO</PARTNER_ID>
</MasterData_Input>
</ns0:MasterData>
</SOAP:Body>
</SOAP:Envelope>
Your help is highly appreicated
Regards,
Santhosh
You must be a registered user to add a comment. If you've already registered, sign in. Otherwise, register and sign in.