Member
add soap header
hello,
i try to create a web service with AbstractDomPayloadEndpoint.
i need to sign the payload with xmldsig and add the signature to a soap header.
how access to MessageContext? have i use other class instead AbstractDomPayloadEndpoint?
thanks in advance,
César.
Senior Member
Spring Team
You most definitely want to do so in an EndpointInterceptor, because:Originally Posted by cesar
- It has full access to the MessageContext, and
- Signing messages is an AOP-like cross-cutting concern, that has little to do with the actual endpoint code, but can be applied to multiple endpoints (using DOM or not).
The basic idea should be that you:
- implement SoapEndpointInterceptor
- implement handleResponse(); all other methods should be no-ops
- cast the MessageContext to SoapMessageContext (since you want to add a SOAP header)
- get the response SoapMessage from the soap message context
- sign the payload from the response using a xmldsig library
- add a SoapHeaderElement with the signature to the SoapHeader of the response
I must say that I am very much interested in your solution for this, since XML signatures is also something on my TODO list. If you need any more help, please contact me.
Cheers,
Member
hello poutsma,
thanks for your help.
i'll try do it like you said.
Member
hello,
like poutsma said, i has implement SoapEndpointInterceptor.handleResponse()
i wanted to add an attribute Id to the soap body (to sign the body later), but when i add it:
when in the client look the response, the body hasn't the attribute Id, and not verify the sign.Code:SoapMessageContext soapMessageContext = (SoapMessageContext)messageContext; SoapMessage messageResponse = soapMessageContext.getSoapResponse(); SoapEnvelope envelope = messageResponse.getEnvelope(); Source envelopeSource = envelope.getSource(); Document docEnvelopeSource = toDomMessagePayload(envelopeSource); //Id attribute creation Element body = (Element)docEnvelopeSource.getElementsByTagNameNS("http://schemas.xmlsoap.org/soap/envelope/", "Body").item(0); logger.info("[SignatureInterceptor.handleResponse] body.getTagName(): " + body.getTagName()); body.setAttribute("Id", identificador);
another question, i add the Signature (firmaSource) to the header so:
and the soap header is:Code:QName signature = QNameUtils.toQName("http://...", "tns:firma"); SoapHeader header = messageResponse.getSoapHeader(); SoapHeaderElement headerElement = header.addHeaderElement(signature); Result headerResult = headerElement.getResult(); transform(firmaSource, headerResult);
how can i add the Signature without firma element??? like this:Code:<SOAP-ENV:Header><tns:firma xmlns:tns="http://..."><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> ...
thanks in advance,Code:<SOAP-ENV:Header><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> ...
César.
Senior Member
Spring Team
When you are transforming the envelope source to a DOM document, you are basically creating a copy. And adding the id attribute to that copy obviously doesn't change the original.
I will add code to add attributes to SoapElements today. I haven't done so in the past, because I want to keep the API as small as possible. Until so far, I had no need for attributes on SoapElements, but obviously, we do so now :-).
You cannot do this yet. I will try and think of a way to accomplish this without breaking the whole SoapMessage abstraction. Not every message is based on DOM (some are based on streaming APIs), so you can't just put everything in there.
However, are you sure you want to add the d:Signature element as a top-level header? WS-Security indicates that you should put it under a special <wsse:Security/> block.
I am writing some WS-Security code right now, perhaps we can help each other out? My MSN and Skype ids are above this message, and I sent you a private message with my email address.
Cheers,
Arjen
Posting Permissions
Reply With Quote