cancel
Showing results for 
Search instead for 
Did you mean: 

Authentication when calling a method

fgeorges
Champ in-the-making
Champ in-the-making
Hi,

I try to call a service method from SoapUI.  So I call startSession on the authentication service first, then I use the ticket to create the WS-Security header for the method I want to call.  The header looks like:

     <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"                    xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">         <wsu:Timestamp>            <wsu:Created>2008-12-29T02:50:00+01:00</wsu:Created>            <wsu:Expires>2008-12-29T03:00:00+01:00</wsu:Expires>         </wsu:Timestamp>         <wsse:UsernameToken>            <wsse:Username>xxx</wsse:Username>            <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">TICKET_xxxxx</wsse:Password>         </wsse:UsernameToken>      </wsse:Security>‍‍‍‍‍‍‍‍‍‍‍‍‍

But I get an exception:

      <soapenv:Fault>         <faultcode>soapenv:Server.generalException</faultcode>         <faultstring>WSDoAllReceiver: The timestamp could not be validated</faultstring>         <detail>            …‍‍‍‍‍‍‍

How should I use the token to create the header?  What should I use as timestamps?  I didn't find any simple example that didn't use some API (Java, .NET…) instead of showing the SOAP messages themselves.

Best regards,


Florent Georges
http://www.fgeorges.org/
1 REPLY 1

vsuarez
Champ in-the-making
Champ in-the-making
I let here the created security headers by WSS4J in one of my projects. Anyway, alfresco.log could give us more clues about this error.

<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">   <S:Header>      <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" S:mustUnderstand="1">         <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-10202458">            <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2008-12-29T13:11:27.515Z</wsu:Created>            <wsu:Expires xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2008-12-29T13:21:27.515Z</wsu:Expires>         </wsu:Timestamp>         <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-23953814" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">            <wsse:Username xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">xxx</wsse:Username>            <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">TICKET_c4d446a747b0f2e9603f642901d8d73db444d21f</wsse:Password>         </wsse:UsernameToken>      </wsse:Security>   </S:Header>   <S:Body>[[Message body]]   </S:Body></S:Envelope>‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍‍

NOTE: you must use UTC time format (ISO 8601).
Welcome to the new Hyland Connect. Get started or submit feedback.