You need to sign in to do that
Don't have an account?
WebService Callout: Sending Username/Password as part of SOAP Header.
I have a Web Service that is expecting it as a part of SOAP header. How do I send it?
<soapenv:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-
secext-1.0.xsd">
<wsse:UsernameToken>
<wsse:Username>username</wsse:Username>
<wsse:Password>password</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<actual callout method here>
</soapenv:Body>
The only documentation I see is for inputHttpHeaders_x which can send http header and can send username password as part of 'Authorization' Header.
Hi,
I would like to know how did you pass username and password in the security header.
Were you able to get a solution for your question?
I did. I don't fully remember.
The WSDL had a schema for Security Information (e.g called securityHeader)
The SOAP binding referred to this header with <soap:header> tag.
The Apex code has a class for SecurityHeader. You just new on it, and set the username/password.
Thanks for the response,
I checked my WSDL and do not have any schema for security information.
How OasisSecurityHeader class are generated.
Are they generated from WSDL?
Can you add little more information on how i can get the above classes and also let me know with your suggestions?
yes, they are generated from WSDL. The WSDL had schema that looked like.
Thanks for your answer. It really helped me move further.
I am stuck with an issue and would like some assistance.
My Webservice code is
public static void setupSecurity(Object service) {
org.apache.cxf.endpoint.Client client = org.apache.cxf.frontend.ClientProxy.getClient(service);
org.apache.cxf.endpoint.Endpoint cxfEndpoint = client.getEndpoint();
Map<String, Object> outProps= new HashMap<String, Object>();
outProps.put(WSHandlerConstants.ACTION,
WSHandlerConstants.USERNAME_TOKEN + ' ' + WSHandlerConstants.TIMESTAMP);
outProps.put(WSHandlerConstants.PASSWORD_TYPE, WSConstants.PW_TEXT);
outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, ClientPasswordHandler.class.getName());
outProps.put(WSHandlerConstants.USER, "Admin");
PhaseInterceptor<SoapMessage> wssOut = new WSS4JOutInterceptor(outProps);
cxfEndpoint.getOutInterceptors().add(wssOut);
cxfEndpoint.getOutInterceptors().add(new SAAJOutInterceptor());
}
As PasswordType also has to be sent as part of SOAP header i updated the WSDL.
Below is partial WSDL
<xsd:schema elementFormDefault="qualified" targetNamespace="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" >
<xsd:element name="Security" type="s3:SecurityHeaderType"/>
<xsd:complexType name="SecurityHeaderType">
<xsd:sequence>
<xsd:element minOccurs="1" maxOccurs="1" name="UsernameToken" type="s3:UsernameToken"/>
<xsd:element minOccurs="1" maxOccurs="1" name="TimeStamp" type="s3:TimeStamp"/>
</xsd:sequence>
</xsd:complexType>
<xsd:complexType name="UsernameToken">
<xsd:sequence>
<xsd:element minOccurs="0" maxOccurs="1" name="Username" type="xsd:string"/>
<xsd:element minOccurs="1" maxOccurs="1" name="Password">
<xsd:complexType>
<xsd:simpleContent>
<xsd:extension base="xsd:string">
<xsd:attribute name="Type" type="xsd:string"/>
</xsd:extension>
</xsd:simpleContent>
</xsd:complexType>
</xsd:element>
</xsd:sequence>
</xsd:complexType>
<xsd:complexType name="TimeStamp">
<xsd:sequence>
<xsd:element minOccurs="0" maxOccurs="1" name="Created" type="xsd:dateTime"/>
<xsd:element minOccurs="0" maxOccurs="1" name="Expires" type="xsd:dateTime"/>
</xsd:sequence>
</xsd:complexType>
</xsd:schema>
I added attribute Type for the Password element in WSDL. The Webservice is using PasswordText as the type.
Below is the generated code of the security class
public class OasisSecurity {
public class Password_element {
public String Type_x;
private String[] Type_x_att_info = new String[]{'Type'};
private String[] apex_schema_type_info = new String[]{'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd','true','false'};
private String[] field_order_type_info = new String[]{};
}
public class TimeStamp {
public DateTime Created;
public DateTime Expires;
private String[] Created_type_info = new String[]{'Created','http://www.w3.org/2001/XMLSchema','dateTime','0','1','false'};
private String[] Expires_type_info = new String[]{'Expires','http://www.w3.org/2001/XMLSchema','dateTime','0','1','false'};
private String[] apex_schema_type_info = new String[]{'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd','true','false'};
private String[] field_order_type_info = new String[]{'Created','Expires'};
}
public class UsernameToken {
public String Username;
public OasisSecurity.Password_element Password;
private String[] Username_type_info = new String[]{'Username','http://www.w3.org/2001/XMLSchema','string','0','1','false'};
private String[] Password_type_info = new String[]{'Password','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd','Password_element','1','1','false'};
private String[] apex_schema_type_info = new String[]{'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd','true','false'};
private String[] field_order_type_info = new String[]{'Username','Password'};
}
public class SecurityHeaderType {
public OasisSecurity.UsernameToken UsernameToken;
public OasisSecurity.TimeStamp TimeStamp;
private String[] UsernameToken_type_info = new String[]{'UsernameToken','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd','UsernameToken','1','1','false'};
private String[] TimeStamp_type_info = new String[]{'TimeStamp','http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd','TimeStamp','1','1','false'};
private String[] apex_schema_type_info = new String[]{'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd','true','false'};
private String[] field_order_type_info = new String[]{'UsernameToken','TimeStamp'};
}
}
The problem i am facing is, i am able to assign value to the Type_x of the Password_element class.
But i am unable to set the value to the Password .
This is how the header part of my request looks like
<?xml version="1.0" encoding="UTF-8"?><env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><env:Header><Security xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" ><UsernameToken><Username>Admin</Username><PasswordType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText" /></UsernameToken><TimeStamp><Created>2010-07-28T17:42:25.966Z</Created><Expires>2010-11-25T17:42:25.966Z</Expires></TimeStamp></Security></env:Header>
And it can be seen in header that i am just able to pass the attribute Type of Password tag and unable to set Value for Password.
I am getting the below error message after the webservice callout.
System.CalloutException: Web service callout failed: WebService returned a SOAP Fault: Fault occurred while processing. faultcode=ns1:client faultactor=
Any help on this will be highly appreciated.
GoForceGo,
Any thoughts on the issue i am facing.
Let me know if anything is not clear in previous post.
Hi Imran,
Am facing a similar problem. Can you share the whole WSDL? Maybe we can work something between ourselves...
Thanks,
LVS
I realize this discussion took place a long time ago, but it seems relevant to my current situation. I've tried to mimic what you suggested, but I'm getting the following error:
Error: Failed to parse wsdl: Failed to parse WSDL: No message found for:PUTOasisSecurity
when I try to Parse WSDL on the "New Apex Code from WSDL" screen.
The WSDL I've been provided didn't originally include references to the OASIS security extension, so I've used the snippets in this thread to try to modify it:
Any ideas what I'm missing?
Thanks for any help,
pjmsfdc
Hi pjmsfdc,
Here's the route I went. I took the original WSDL and let SFDC generate the class for me. To this, I added a few parameters like Security_hns etc (as explained earlier in this thread). Also, I had to modify a class called Security to take the username/password as parameters.
Some constants I'd used:
XML_SCHEMA_NS = 'http://www.w3.org/2001/XMLSchema';
SECURITY_HEADER_SCHEMA_NS = 'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd';
It turns out that the WSSE security headers are a standard and not usually mentioned in the WSDL. Here's my modified class http://pastebin.com/X2dtncba
This was quite a while back, so I don't remember all the details, so excuse me :)
Thanks,
LVS
Hi LVS/pjmsfdc,
I am new in sfdc and i need to do integration using webservice callouts to BOSS DB through EAI but the problem is that the wsdl that i have i not consumed by Salesforce . Can you people suggest me any other way to proceed further in integration
Hi,
Have you been able to sort this out in the end?
Regards,
Guy
I need to pass the below XML for my API ...WSDL is not having Login Method ....They want me to pass thru HTTP post ..How do i do that .......Any solutions will be appreciated .Need it bit Urgent............
Mr_Khan,
What do you mean the WSDL is not consumed by SFDC?
Chinni123,
Can you add more detail? You could use the XmlDom class (comes with DE) to parse your object into XML before sending it over HTTP...
I am facing same issue : please check my comment here http://boards.developerforce.com/t5/Apex-Code-Development/WebServiceCallout-and-WSSE-Authentiction/m...
Hello Imran,
Did you get any solution for this problem?... Even I am facing it...
Did you read this response? http://boards.developerforce.com/t5/Apex-Code-Development/WebService-Callout-Sending-Username-Password-as-part-of-SOAP/m-p/383449/highlight/true#M68651
I having an issue passing a URL value into the header.
I have added this code:
CustomerFieldscheduling.CFSPartnerSlotsServiceImplPort cfsPort = new CustomerFieldscheduling.CFSPartnerSlotsServiceImplPort();
Blob headerValue = Blob.valueOf('LOGIN' + ':' + 'LOGINPWD');
String authorizationHeader = 'Basic ' +EncodingUtil.base64Encode(headerValue);
String sURL = 'https:/testURL';
System.debug('***authorizationHeader***'+authorizationHeader);
cfsPort.inputHttpHeaders_x = new Map<String,String>();
cfsPort.inputHttpHeaders_x.put('URL',sURL);
cfsPort.inputHttpHeaders_x.put('Authorization',authorizationHeader);
When i tried to invoked the webservice, able to connect to the operation that i need to call but getting the error of the URL not being part of the request that i sent
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<env:Header/>
</env:Header><env:Body>....</env:Body>
the web service is expecting a request in this format
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<env:Header>
<URL>https:/testURL</URL>
</env:Header><env:Body>
Can you please share idea on how i could attain the said format.
I having an issue passing a URL value into the header.
I have added this code:
CustomerFieldscheduling.CFSPartnerSlotsServiceImplPort cfsPort = new CustomerFieldscheduling.CFSPartnerSlotsServiceImplPort();
Blob headerValue = Blob.valueOf('LOGIN' + ':' + 'LOGINPWD');
String authorizationHeader = 'Basic ' +EncodingUtil.base64Encode(headerValue);
String sURL = 'https:/testURL';
System.debug('***authorizationHeader***'+authorizationHeader);
cfsPort.inputHttpHeaders_x = new Map<String,String>();
cfsPort.inputHttpHeaders_x.put('URL',sURL);
cfsPort.inputHttpHeaders_x.put('Authorization',authorizationHeader);
When i tried to invoked the webservice, able to connect to the operation that i need to call but getting the error of the URL not being part of the request that i sent
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<env:Header/>
</env:Header><env:Body>....</env:Body>
the web service is expecting a request in this format
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<env:Header>
<URL>https:/testURL</URL>
</env:Header><env:Body>
Can you please share idea on how i could attain the said format.
I having an issue passing a URL value into the header.
I have added this code:
CustomerFieldscheduling.CFSPartnerSlotsServiceImplPort cfsPort = new CustomerFieldscheduling.CFSPartnerSlotsServiceImplPort();
Blob headerValue = Blob.valueOf('LOGIN' + ':' + 'LOGINPWD');
String authorizationHeader = 'Basic ' +EncodingUtil.base64Encode(headerValue);
String sURL = 'https:/testURL';
System.debug('***authorizationHeader***'+authorizationHeader);
cfsPort.inputHttpHeaders_x = new Map<String,String>();
cfsPort.inputHttpHeaders_x.put('URL',sURL);
cfsPort.inputHttpHeaders_x.put('Authorization',authorizationHeader);
When i tried to invoked the webservice, able to connect to the operation that i need to call but getting the error of the URL not being part of the request that i sent
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<env:Header/>
</env:Header><env:Body>....</env:Body>
the web service is expecting a request in this format
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<env:Header>
<URL>https:/testURL</URL>
</env:Header><env:Body>
Can you please share idea on how i could attain the said format.