Testing secure webservivce in SOAP UI

Question

Testing secure webservivce in SOAP UI

I use the AXIS2 framework to create web services. Now I am provided with my web services using ramprt. Now all requests and response will be signed and encrypted.

Now I doubt how I can test it in the SOAP user interface. When I upload the wsdl file, it gives me below.

<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soapenvelope" xmlns:sam="http://sample03.policy.samples.rampart.apache.org"> <soap:Header/> <soap:Body> <sam:echo> <!--Optional:--> <sam:args0>?</sam:args0> </sam:echo> </soap:Body> </soap:Envelope>

Now I can post the data associated with the digital certificate, and how can I encrypt the content that I want to send to the axis server.

Thank you Narendra

+4

security web-services axis soapui

Narendra Nov 16 '10 at 12:40

source share

1 answer

almightyBob · Accepted Answer · 2010-11-16T13:06:28+0000

certificate data is stored in two xml files Outflowsecurity.xml and Inflowsecurity.xml, they should look like this:

 <?xml version="1.0" encoding="UTF-8"?> <xs:schema xmlns:xs="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified" attributeFormDefault="unqualified"> <xs:element name="action"> <xs:annotation> <xs:documentation>Outflow security 'action' configuration</xs:documentation> </xs:annotation> <xs:complexType> <xs:sequence> <xs:element name="items" type="xs:string"/> <xs:element name="user" type="xs:string"/> <xs:element name="passwordCallbackClass" type="xs:string" minOccurs="0"/> <xs:element name="signaturePropFile" type="xs:string" minOccurs="0"/> <xs:element name="encryptionPropFile" type="xs:string" minOccurs="0"/> <xs:element name="encryptionPropFile" type="xs:string" minOccurs="0"/> <xs:element name="signatureKeyIdentifier" type="xs:string" minOccurs="0"/> <xs:element name="encryptionKeyIdentifier" type="xs:string" minOccurs="0"/> <xs:element name="encryptionUser" type="xs:string" minOccurs="0"/> <xs:element name="signatureParts" type="xs:string" minOccurs="0"/> <xs:element name="encryptionParts" type="xs:string" minOccurs="0"/> <xs:element name="optimizeParts" type="xs:string" minOccurs="0"/> <xs:element name="encryptionSymAlgorithm" type="xs:string" minOccurs="0"/> <xs:element name="EmbeddedKeyCallbackClass" type="xs:string" minOccurs="0"/> <xs:element name="encryptionKeyTransportAlgorithm" type="xs:string" minOccurs="0"/> <xs:element name="EmbeddedKeyName" type="xs:string" minOccurs="0"/> <xs:element name="timeToLive" type="xs:string" minOccurs="0"/> </xs:sequence> </xs:complexType> </xs:element>

go to the Apache man page for more details

To use authentication in a request, you need to add a tag to the soap: Header

 <soapenv:Header> <wsse:Security soapenv:mustUnderstand="1"> <wsu:Timestamp wsu:Id="Timestamp-31497899"> <wsu:Created>2008-02-06T13:39:50.943Z</wsu:Created> <wsu:Expires>2008-02-06T13:44:50.943Z</wsu:Expires> </wsu:Timestamp> <wsse:UsernameToken wsu:Id="UsernameToken-10697954"> <wsse:Username>apache</wsse:Username> <wsse:Password Type="http://...#PasswordText">password</wsse:Password> </wsse:UsernameToken> </wsse:Security> </soapenv:Header>

namespaces:

 xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"

Testing secure webservivce in SOAP UI

More articles: