Just a Stab in the dark...
<wsse:UserName>' + %Trim(UserID) + '</wsse:UserName>'
should be
<wsse:Username>' + %Trim(UserID) + '</wsse:Username>'
________________________________
From: ftpapi-bounces@xxxxxxxxxxxxxxxxxxxxxx on behalf of Dan Nagel
Sent: Wed 11/07/2007 12:57 a.m.
To: ftpapi@xxxxxxxxxxxxx
Subject: HTTPAPI with Security Header requirements
All,
I've written several applications using the HTTPAPI examples as a guide with wonderful results. I thank Scott Klement for all the time and effort he has put forth in compiling these examples... they are priceless.
I am faced with a problem that I have never encountered before and hope someone can provide some insight.
The requirement is to send xml data from an iSeries to another system which uses OASIS Standard 200401 SOAP Message Security. As part of my soap message I must include a userid and password which is part of a Security Header.
I have been provided with a soap message that 'should work' but obviously it doesn't. Below is my soap message and the DEBUG error message I'm receiving during execution of the program.
Any help in solving this problem will be greatly appreciated.
--------------------------------- soap message I generate --------------------------------------
SOAP = '<SOAP-ENV:Envelope'
+ ' xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/";'
+ ' xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/";'
+ ' xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/'
+ 'oasis-200401-wss-wssecurity-secext-1.0.xsd"'
+ ' xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";'
+ ' xmlns:xsd="http://www.w3.org/2001/XMLSchema";>'
//---------------------------------------------------------------
+ '<SOAP-ENV:Header>'
+ ' <wsse:Security>'
+ ' <wsse:UsernameToken>'
+ ' <wsse:UserName>' + %Trim(UserID) + '</wsse:UserName>'
+ ' <wsse:Password>' + %Trim(Password) + '</wsse:Password>'
+ ' </wsse:UsernameToken>'
+ ' </wsse:Security>'
+ '</SOAP-ENV:Header>'
//---------------------------------------------------------------
+ '<SOAP-ENV:Body>'
+ '<m:submitProtectionOrder'
+ ' xmlns:m="http://hostname:9081";>'
+ %trim(CData)
+ '</m:submitProtectionOrder>'
+ '</SOAP-ENV:Body>'
+ '</SOAP-ENV:Envelope>';
------------------------------------------- Error Message from Debug -----------------------------
HTTPAPI Ver 1.15 released 2006-03-30
New XML iconv() objects set, xml_ASCII=1208. xml_EBCDIC=0
http_persist_open(): entered
http_long_ParseURL(): entered
http_persist_post(): entered
http_long_ParseURL(): entered
do_post(): entered
POST /cjis/ws/services/CJISWebServices HTTP/1.1
Host: itdintws6t1.itd.nd.gov
User-Agent: http-api/1.15
Content-Type: text/xml
SOAPAction:
Expect: 100-continue
Content-Length: 20286
recvresp(): entered
HTTP/1.1 100 Continue
SetError() #13: HTTP/1.1 100 Continue
senddoc(): entered
<SOAP-ENV:Envelope xmlns:SOAP-ENV=http://schemas.xmlsoap.org/soap/envelope/
recvresp(): entered
HTTP/1.1 500 Internal Server Error
Date: Tue, 10 Jul 2007 01:08:25 GMT
Server: IBM_HTTP_Server
Content-Length: 626
Connection: close
Content-Type: text/xml; charset=utf-8
Content-Language: en-US
SetError() #13: HTTP/1.1 500 Internal Server Error
recvdoc parms: identity 626
recvdoc(): entered
SetError() #0:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";
xmlns:soapenc=http://schemas.xmlsoap.org/soap/encoding/
xmlns:xsd=http://www.w3.org/2001/XMLSchema
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
<soapenv:Header/><soapenv:Body>
<soapenv:Fault>
<faultcode>soapenv:Server.securityException</faultcode><faultstring>
<![CDATA[com.ibm.wsspi.wssecurity.SoapSecurityException: WSEC5043E:
One "{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}Username"; element is required.]]></faultstring><detail encodingStyle=""/>
</soapenv:Fault></soapenv:Body></soapenv:Envelope>
SetError() #13: HTTP/1.1 500 Internal Server Error
http_close(): entered
Dan Nagel
Enterprise Solutions, Inc
e-Mail: dnagel@xxxxxxxxxx
The information contained in this email is privileged and confidential and
intended for the addressee only. If you are not the intended recipient, you
are asked to respect that confidentiality and not disclose, copy or make use
of its contents. If received in error you are asked to destroy this email
and contact the sender immediately. Your assistance is appreciated.
<<winmail.dat>>
----------------------------------------------------------------------- This is the FTPAPI mailing list. To unsubscribe, please go to: http://www.scottklement.com/mailman/listinfo/ftpapi -----------------------------------------------------------------------