Layer7 API Management

  • Private Community

  • 1.  SOAP Service certification authentication Issue

    Posted Jul 03, 2017 04:06 AM

    Hi All,

     

    I got soap request which is sending WS-A headers in the input request to add soap security header in it before sending to target. Request has to send  .jks file to sign

     

     

     

     

    And I have tried to do develop soap service by adding below assertions, tested and getting error from back end due to not sending request properly .

     

     

    please help me on how to send request as is sending as in soap UI.

     

    Thanks,

    Suneel



  • 2.  Re: SOAP Service certification authentication Issue
    Best Answer

    Broadcom Employee
    Posted Jul 05, 2017 12:49 PM
      |   view attached

    Good afternoon,

     

    I've attached a sample policy that should mimic what you are attempting to do in SOAPUI.

     

    Sincerely,

     

    Stephen Hughes

    Director, CA Support

    Attachment(s)

    zip
    community_ws_addressing_signature.xml.zip   683 B 1 version


  • 3.  Re: SOAP Service certification authentication Issue

    Posted Jul 10, 2017 03:55 AM

    Hi Stephen,

     

    Thank you very much for replying.

     

    As suggested by you , I made changes in service and configured self-signed certificate in WS-Security Properties assertion by selecting it from gateway trust store. Even though API service is getting same error from back end.

    As I checked with relevant team on issue and they have reverted with below message.

     

    "The API Gateway does not add the wsa(Webservice Addressing) in the soapenv:Header."

     

    Back end expecting soapenv:Header and sent by SOAP UI as,

    <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">

     

    Actual soapenv:Header sent by gateway,

     <soapenv:Header>

     

     

    Let me know where I have to do configuration which request will send AS IS expected by target system.

     

     

    Thanks,

    Suneel



  • 4.  Re: SOAP Service certification authentication Issue

    Broadcom Employee
    Posted Jul 10, 2017 11:51 AM

    Suneel,

     

    Please add in the following policy snippet after the Apply WS-Security assertion:

     

    <?xml version="1.0" encoding="UTF-8"?>
    <wsp:Policy xmlns:L7p="http://www.layer7tech.com/ws/policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2002/12/policy">
        <wsp:All wsp:Usage="Required">
            <L7p:Regex>
                <L7p:AutoTarget booleanValue="false"/>
                <L7p:Regex stringValue="&lt;soapenv:Header>"/>
                <L7p:RegexName stringValue="Add in the WS Addressing namespace in the SOAP Header"/>
                <L7p:Replace booleanValue="true"/>
                <L7p:Replacement stringValue="&lt;soapenv:Header xmlns:wsa=&quot;http://www.w3.org/2005/08/addressing">"/>
            </L7p:Regex>
        </wsp:All>
    </wsp:Policy>

     

    Sincerely,

     

    Stephen Hughes

    Director, CA Support



  • 5.  Re: SOAP Service certification authentication Issue

    Posted Jul 11, 2017 04:03 AM

    Hi Stephen,

     

    Have tried to import policy but it's throwing below error.

    Kindly check once.

     

     

    Thanks in advance.

     

    Regards,

    Suneel



  • 6.  Re: SOAP Service certification authentication Issue

    Broadcom Employee
    Posted Jul 11, 2017 03:00 PM
      |   view attached

    Suneel,

     

    The policy snippet was not a complete policy but just to be pasted into the existing policy. I've attached an updated version with the update included.

     

    Sincerely,

     

    Stephen Hughes

    Director, CA Support

    Attachment(s)

    zip
    community_ws_addressing_signature_v2.xml.zip   799 B 1 version