how to add security info in wsdl

[ajitjaiswal]

Hi,

I am having problem to add security info in wsdl so that client should know about this.I am using org.springframework.ws.wsdl.wsdl11.DefaultWsdl11De finition which generated wsdl from xsd.


My web service expects this kind of security




<SOAP-ENV:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
SOAP-ENV:mustUnderstand="1">
<wsse:BinarySecurityToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
wsu:Id="CertId-1BC7C7CC8C1DC237A312742702475786"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">MIIBoTCCAQqgAwIBAgIES+Jf0jANBgkqhkiG9w0BA QUFADAVMRMwEQYDVQQDEwpkaXNwYXJ0bmVyMB4XDTEwMDUwNjA 2MjEwNloXDTM3MDkyMDA2MjEwNlowFTETMBEGA1UEAxMKZGlzc GFydG5lcjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAiSz YcGY6SZvtyX/HzIT9zgzlf1/stzTo2WN2/zikebOY+K8pOfc8IU2vxsDp+b4Jc/KSMzZIocPejHhyRXKKuf36TckHclkZCpIil24gHZdARUQXRrm0 izFwMkACEeHoTv6/35FjSiQpntBxbaTLmGZ4U93Pjuko2jlBheiFeq0CAwEAATANBg kqhkiG9w0BAQUFAAOBgQAepQ1pXeyveQCPRQSnjcJKnXBbLiPq l+UeScmaqXBqBOrUGFRe8AX4PEh28qmomwWfdJ7abV1yShFvnA cZBP5gM6KrS1fZ2lCQu7sLyk8YW3zBLqs1Bm6bf4GTfywd2+mU RJZuTwx/vqe2d5xNsfD9BOEJ6hlxzdzKlZR111O4IQ==
</wsse:BinarySecurityToken>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
Id="Signature-7">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
<ds:Reference URI="#id-8">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<dsigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<dsigestValue>O+wONgrnKflVXuIf/QqMIVPHICg=</dsigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
cPLtiHI8a3Ay7lCau0wosF7pakNPaOkFdmjC8osUqkUUECjQvS PCoVyWZldPxheWIEEM1qUAR7X2
1cOFNn2YUfTu9c3ElEgfRycDUTpcvF5hs37Er+ssR3QBKQ9Jmd 76MHcc8LW12KNGGWZn/grUMhnR
uuOzSrfAtOHYK22wPvE=
</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-1BC7C7CC8C1DC237A312742702475787">
<wsse:SecurityTokenReference
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="STRId-1BC7C7CC8C1DC237A312742702475788"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Reference URI="#CertId-1BC7C7CC8C1DC237A312742702475786"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" />
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="UsernameToken-6"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Username>115394</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">bmkWaU4qDZK7B/DPXqoHysN4LaQ=</wsse:Password>
<wsse:Nonce
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">dvSBmtESEOGb96pQIZJZWw==</wsse:Nonce>
<wsu:Created>2010-05-19T11:57:24.561Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</SOAP-ENV:Header>



Regards,
Ajit

[spierobi]

Same issue, no solution yet....

[spierobi]

After continuing the investigation, we concluded that security header is not supposed to be exposed in the service wsdl. Generation and inclusion of the security header is the responsability of the consummer of the webservice. We have a .NET client, consumming Java/Spring services, and we had to enable generation of security headers by configuring Visual Studio to use Web Service Enhancements (WSE 3.0) as presented here:

http://www.vbdotnetheaven.com/Upload...yProtocol.aspx.