cancel
Showing results for 
Search instead for 
Did you mean: 

soap receiver adapter payload with certficate signature

Former Member
0 Kudos

I have a requirement.. where XI calls external webservice using SOAP.

I have configured SOAP receiver adapter, but the webservice wants the certificate authentication.. From XI we sent the certficate to external webservice and then in the comm channel I did activate the 'certficate' check box. It did not work.

For test purpose now they have deactivated the certficate authentication in their end.. it works if they deactivate. It means there is no issue with request structure.. purely the issue is when I use the certficate.

External webservice sent me the copy of the soap request which works for them.. <b>that has security signature inside the payload.</b> ( I have atteched below).

If anybody has done it have an idea how to do it please let me know.

-


- <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

- <soapenv:Header>

- <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">

<wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="CertId-62149565">MIIGOzCCBaSgAwIBAgIQIKVRaj76KNaG5Dl6P5X7wzANBgkqhkiG9w0BAQUFADCBnjEPMA0GA1UEChMGaHAuY29tMRowGAYDVQQLExFJVCBJbmZyYXN0cnVjdHVyZTELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF0hld2xldHQtUGFja2FyZCBDb21wYW55MUAwPgYDVQQDEzdIZXdsZXR0LVBhY2thcmQgUHJpbWFyeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MB4XDTA3MDMyMzAwMDAwMFoXDTA4MDMyMjIzNTk1OVowUDEgMB4GA1UEChQXSGV3bGV0dC1QYWNrYXJkIENvbXBhbnkxEDAOBgNVBAsUB1NlcnZlcnMxGjAYBgNVBAMTEWl0Zy5lcHJpbWUuaHAuY29tMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDVGa1x5j/RJHHkqYzEb9NIQGChffTb1D0LiYAP5arbxz0trCp8ZeG4FCH71jc6x9Ks3gC4YdWgQbOCz64wnpM8NvEVCZBHuxvdnPZpziPWQqDr0yvwSoCXg8mkeJrHql0MSm7TNiyhzCAzlmB9JgmoHrRtArJdXMRpHjdZQK3QIDAQABo4IDxTCCA8EwDAYDVR0TAQH/BAIwADAOBgNVHQ8BAf8EBAMCBaAwHwYDVR0jBBgwFoAUSlYfvIpRj/SDE8naXHlUyAK6q58wHQYDVR0OBBYEFE99o7D6AITUcqWVmeYzu/2k66VEMIIBKAYDVR0fBIIBHzCCARswggEXoIIBE6CCAQGUWh0dHA6Ly9vbnNpdGVjcmwudmVyaXNpZ24uY29tL0hld2xldHRQYWNrYXJkQ29tcGFueUlUSW5mcmFzdHJ1Y3R1cmUvTGF0ZXN0Q1JMLmNybIaBuWxkYXA6Ly9sZGFwLmhwLmNvbS9DTj1IZXdsZXR0LVBhY2thcmQlMjBQcmltYXJ5JTIwQ2xhc3MlMjAyJTIwQ2VydGlmaWNhdGlvbiUyMEF1dGhvcml0eSxPPUhld2xldHQtUGFja2FyZCUyMENvbXBhbnksQz1VUyxPVT1JVCUyMEluZnJhc3RydWN0dXJlLE89aHAuY29tP2NlcnRpZmljYXRlcmV2b2NhdGlvbmxpc3Q7YmluYXJ5MCoGA1UdJQEB/wQgMB4GCCsGAQUFBwMBBggrBgEFBQcDAgYIKwYBBQUHAwQwggEWBgNVHSAEggENMIAwgAYKKwYBBAELBAMCATCAMCkGCCsGAQUFBwIBFh1odHRwOi8vZGlnaXRhbGJhZGdlLmhwLmNvbS9jcDCABggrBgEFBQcCAjCAMB4WF0hld2xldHQtUGFja2FyZCBDb21wYW55MAMCAQIagZVBdXRob3JpdHkgdG8gYmluZCBIZXdsZXR0LVBhY2thcmQgQ29tcGFueSBkb2VzIG5vdCBjb3JyZXNwb25kIHdpdGggdXNlIG9yIHBvc3Nlc3Npb24gb2YgdGhpcyBjZXJ0aWZpY2F0ZS4gSXNzdWVkIHRvIGZhY2lsaXRhdGUgY29tbXVuaWNhdGlvbiB3aXRoIEhQLgAAAAAAAAAAAAAwge4GCCsGAQUFBwEBBIHhMIHeMCsGCCsGAQUFBzABhh9odHRwOi8vb25zaXRlLW9jc3AudmVyaXNpZ24uY29tMIGuBggrBgEFBQcwAqSBoTCBnjEPMA0GA1UEChMGaHAuY29tMRowGAYDVQQLExFJVCBJbmZyYXN0cnVjdHVyZTELMAkGA1UEBhMCVVMxIDAeBgNVBAoTF0hld2xldHQtUGFja2FyZCBDb21wYW55MUAwPgYDVQQDEzdIZXdsZXR0LVBhY2thcmQgUHJpbWFyeSBDbGFzcyAyIENlcnRpZmljYXRpb24gQXV0aG9yaXR5MA0GCSqGSIb3DQEBBQUAA4GBAMB3vOFZYe26MaZ8mpnoZwhWbLBFV/lxtefZT1uT7mKZiaHjVqwu3tN1eAYAUXtJQHVJTnCnbDm9zFunlvuEzGMt9PwXS61MK6GwPmtjEsevRnGIA7arvpjSJ1/EQlD620I7icM9BNXbElYFfsnZjlWKFTZz3VX1OT2qmJtVWpD</wsse:BinarySecurityToken>

- <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">

- <ds:SignedInfo>

<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />

<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />

- <ds:Reference URI="#id-24819136">

- <ds:Transforms>

<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />

</ds:Transforms>

<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />

<ds:DigestValue>6Mzpm7P8k3f8UuxbBMP4ZTC83Yc=</ds:DigestValue>

</ds:Reference>

</ds:SignedInfo>

<ds:SignatureValue>HcqMChOzlHFXTRRAf7kyTSQ5Jd53Yiu7oFLjkh5P3vayo2G4sjFv/qFKHX0E6a5xkBMTIRrW+30t7IdB4X0x35FPO1dTulz37KM1/jpLSGVxnjnWWeFZvseVjJsk5NTPiSE6GAjO7rFW/Vled2djATTmZsIgJCIfhLYVp112Uis=</ds:SignatureValue>

- <ds:KeyInfo Id="KeyId-21369792">

- <wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-29015968">

<wsse:Reference URI="#CertId-62149565" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" />

</wsse:SecurityTokenReference>

</ds:KeyInfo>

</ds:Signature>

</wsse:Security>

Accepted Solutions (1)

Accepted Solutions (1)

prateek
Active Contributor

Have a look here

[Removed by the moderator.]

Regards,

Prateek

Answers (3)

Answers (3)

Former Member
0 Kudos

Yes.. certificate is deployed and configured in comm channel.. what I want is wss:Security tag inside the payload

Former Member
0 Kudos

go through this webinar and follow the steps...It will solve your problem..

https://www.sdn.sap.com/irj/sdn/go/portal/prtroot/docs/library/uuid/1b657d59-0c01-0010-4fa8-f792fa41...

Regards,

Ravi

justin_santhanam
Active Contributor
0 Kudos

Venkat,

In order to use those certificates u have to deploy them using Visual Admin. Have u done those steps?

Best regards,

raj.