Coldfusion - HTTPS error / X.509 ws-security - web-services

I'm very new to SOAP, and this is my first project. I am trying to connect to a HTTPS WSDL in order to pull some information on my webpage.
There is a certificate setup ready for both local server connect with the service provider server. There is a response when I try to connect the https webservice, so I believe there is no connection issue between both server :
Here is the SOAPUI sample given from the third party technical team :
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:soap="http://soap.ipr.tfp.com/">
<soapenv:Header/>
<soapenv:Body>
<soap:create>
<arg0>
<attribute_1>abc</attribute_1>
<attribute_2></attribute_2>
<attribute_3>abc123</attribute_3>
<attribute_4>abc234</attribute_4>
<attribute_5></attribute_5>
</arg0>
</soap:create>
</soapenv:Body>
</soapenv:Envelope>
Below is my cfm code used to connect the Webservice :
<cfscript>
ws = CreateObject("webservice", [HTTPS URL]?wsdl);
//show web service methods for debugging purposes
writeDump(ws);
// construct arguments
args = {attribute_1="abc"
, attribute_2=""
, attribute_3="abc123"
, attribute_4="abc234"
, attribute_5=""
};
// call the method
result = ws.create(arg0=args);
writeDump(result)
</cfscript>
Issue :
I'm getting below error message when execute my cfm script :
Cannot perform web service invocation create.
The fault returned when invoking the web service operation is:
AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server
faultSubcode:
faultString: These policy alternatives can not be satisfied:
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}AsymmetricBinding: Received Timestamp does not match the requirements
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token: The received token does not match the token inclusion requirement
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}X509Token
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}InitiatorToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}RecipientToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}IncludeTimestamp: Received Timestamp does not match the requirements
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SignedParts: {http://schemas.xmlsoap.org/soap/envelope/}Body not SIGNED
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}EncryptedParts: {http://schemas.xmlsoap.org/soap/envelope/}Body not ENCRY...
Questions :
Is this error related to the SSL certificate setup in the ColdFusion keystore?
Anything wrong with my CFM script? Refer to the SOAPUI sample, the xml format is `[arg0] --> [attribute_1], [attribute_2] and so on. Can I pass the attributes this way?
result = ws.create(arg0=args);
The same service works from SoapUI tool. Am I missing anything here?
Thank you for your time. Your help is appreciated.
2016-05-30 - Update -
I tried to use the CFHTTP tag to submit the XML, but it seemed to return a differenct error:
<cfhttp
url = "[HTTPS URL]?wsdl"
method ="post"
result ="httpResponse"
charset ="utf-8">
<cfhttpparam
type="header"
name="accept-encoding"
value="no-compression"
/>
<cfhttpparam
type="xml"
value="#trim( soapBody )#"
/>
</cfhttp>
Error:
Here is the error message in the file content :
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<soap:Fault>
<faultcode>soap:Server</faultcode>
<faultstring>These policy alternatives can not be satisfied:
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
AsymmetricBinding: Received Timestamp does not match the requirements
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
X509Token: The received token does not match the token inclusion requirement
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
X509Token
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
InitiatorToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
RecipientToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
IncludeTimestamp: Received Timestamp does not match the requirements
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
SignedParts: {http://schemas.xmlsoap.org/soap/envelope/}
Body not SIGNED
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}
EncryptedParts:
{http://schemas.xmlsoap.org/soap/envelope/}
Body not ENCRYPTED
</faultstring>
</soap:Fault>
</soap:Body>
</soap:Envelope>
The error message seems similar to cfobject tag. When I read closely in the error message, it seemed related with the X.509 ws-security encryption where the SOAP content needs to encrypted before send to the Web service request.
After did some research, the encryption flow seem work as below:
Save SOAP content into temp folder.
Used Java Class file to encrypt the SOAP content into X.509 ws-security format.
Sent new encrypted SOAP content to Webservice.
I have no idea how CF works with Java class files. Has anyone done the same encryption conversion before?

In your code to connect to web service, change
ws = CreateObject("webservice", [HTTPS URL]);
to
ws = CreateObject(
"webservice",
"[HTTPS URL]",
{wsversion="1"}
);
in case only Axis 1 works for you.
Also check at the other end, if your using ColdFusion to expose the web service make sure is set up for Axis 1.

Related

Delphi SOAP Request

I'm trying to send a SOAP Request to a webservice in Delphi XE5. Actually there is a WSDL available which I imported via WSDL Importer. I established a connection to this webservice with the components THTTPRIO (rio) and IdEncoderMIME1 for the HTTP Authentication Request.
The SOAP Request was build via TXMLDocument and has the following structure:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:cod=NS_Codelist>
<soapenv:Header/>
<soapenv:Body>
<cod:GetLatestChangeDatesRequest>
<!--Zero or more repetitions:-->
<CodeListID>1035</CodeListID>
</cod:GetLatestChangeDatesRequest>
</soapenv:Body>
</soapenv:Envelope>
Furthermore I received the Porttype of the webservice.
codeserv:= GetCodeListPortType(true,'',rio);
These are methods from the WSDL:
codeserv.GetLatestChangeDates(const body:GetLatestChangeDatesRequestType):GetLatestChangeDatesResponseType
GetLatestChangeDatesRequestType = array of Int64;
GetLatestChangeDatesRequest = GetLatestChangeDatesRequestType;
GetLatestChangeDatesResponseType = array of CodeListLatestChangeDateType;
GetLatestChangeDatesResponse = GetLatestChangeDatesResponseType;
CodeListLatestChangeDateType
property CodeListID: Int64
property LatestChangeDate: TXSDate
I have already tried to set an array of Int64 for the parameter but then it says "element CodeListID is missing".
Unfortunately I don't find a way to send this XML SOAP Request to the webservice and to receive the response. Any ideas?
EDIT: I have tried to use the WSDL methods
var
codeserv: CodeListPortType;
arrIDs: GetLatestChangeDatesRequest;
response: GetLatestChangeDatesResponse;
begin
codeserv:= GetCodeListPortType(true,'',rio);
SetLength(arrIDs,1);
arrIDs[0]:= 1035;
response:= codeserv.GetLatestChangeDates(arrIDs);
But then I receive the following error message: 'invalid content was found starting with element 'long'. One of '{CodeListID}' is expected.'
In the SOAP Request there have to be the element CodeListID. Unfortunately it seems the method GetLatestChangeDates isn't creating the elements in the SOAP Request. The SOAP Request posted above should have been created with this method (hopefully).

How to get WSDL by request to Siebel Inbound WebService?

Usually Web-services return WSDL by request like this:
http://web_server_host.com/WS_virtual_folder/?wsdl
I've created Siebel Inbound WS.
URL of my WS looks like this:
http://web_server_host/eai_enu/start.swe?SWEExtSource=WebService&SWEExtCmd=Execute&UserName=SADMIN&Password=passwrd
There is a possibility to generate WSDL in the Siebel UI by clicking the button "Generate WSDL".
I tried to make my WS to return WSDL: I added one more parameter &wsdl to URL of my WS.
It doesn't work:
When I request URL by web-browser (only URL is sending, there is no soap-message) - I get error like this:
<SOAP-ENV:Envelope>
<SOAP-ENV:Body>
<SOAP-ENV:Fault>
<faultcode>SOAP-ENV:Client</faultcode>
<faultstring>Supplied input is not well formed or does not contain the expected data.(SBL-EAI-00137)</faultstring>
<detail>
<siebelf:siebdetail>
<siebelf:logfilename>EAIObjMgr_enu_0026_27262989.log</siebelf:logfilename>
<siebelf:errorstack>
<siebelf:error>
<siebelf:errorcode>SBL-EAI-00137</siebelf:errorcode>
<siebelf:errorsymbol>IDS_EAI_WS_BAD_XML_DOCUMENT</siebelf:errorsymbol>
<siebelf:errormsg>Supplied input is not well formed or does not contain the expected data.(SBL-EAI-00137)</siebelf:errormsg>
</siebelf:error>
<siebelf:error>
<siebelf:errorcode>SBL-EAI-00246</siebelf:errorcode>
<siebelf:errorsymbol>IDS_XMLCNV_ERR_EMPTYMSG</siebelf:errorsymbol>
<siebelf:errormsg>XML Hierarchy Converter error - empty input message, expecting an XML document in <Value> of input arguments(SBL-EAI-00246)</siebelf:errormsg>
</siebelf:error>
</siebelf:errorstack>
</siebelf:siebdetail>
</detail>
</SOAP-ENV:Fault>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>
This response (error) is the same for both URL (with or without parameter &wsdl)
When I request URL by SoapUI (soap-message is sending) - I get again same response for both URL (with or without parametr &wsdl)
Is there such possibility: to get WSLD from Siebel Inbound WS by requesting URL?
I haven't found any mentions about it in the bookshelf.
Thanks in advance.
Sergey
Siebel WSDLs cannot be generated from URLs like an Axis service. The onlyway is to login to the application and click on the Generate WSDL button in the Webservices screen.

mule - web service consumer (soap) always returns null

I am using the Zuora soap API. I am attempting to perform a query. I don't get any errors but the results are always null when I output the payload to log. What am I doing wrong? (the query I provide below should return 320 records, which is what I get if I execute the same query in a local non-mule test script)
This is the section of the flow.
I set the zoql query to flowVars (flowVars.query). For example : select id from Account WHERE updatedDate > '2016-06-24T23:00:00-06:00'
I use dataweave to create the xml payload (dw provided below)
I execute the query (web service consumer app xml details provided below)
DataWeave to set payload:
%dw 1.0
%output application/xml
%namespace ns0 http://api.zuora.com/
---
{
ns0#query: {
ns0#queryString: flowVars.query
}
}
Web Service Consumer app xml
<ws:consumer config-ref="ZuoraWebServiceConsumer" operation="query" doc:name="query_zuora"/>
ZuoraWebServiceConsumer config details:
<ws:consumer-config name="ZuoraWebServiceConsumer" wsdlLocation="zuora.a.49.0-sandbox.wsdl" service="ZuoraService" port="Soap" serviceAddress="https://apisandbox-api.zuora.com" doc:name="Web Service Consumer">
<ws:security>
<ws:wss-username-token username="myusername.here" password="mypassword.here" passwordType="TEXT" />
</ws:security>
</ws:consumer-config>
And the WSDL:
https://www.dropbox.com/s/fkrppvv7i5s1a4w/zuora.a.49.0-sandbox.wsdl?dl=0
After working with MuleSoft Support, it was discovered there is a bug with the Zuora connector. When Zuora returns an invalid session error, the Zuora connector is not catching it, destroying the connection from the pool, and initiating a new connection. MuleSoft has confirmed the bug.

Mule CXF SOAP service - Validate against XSD and send custom response instead of Soap fault

I have a Mule flow where I exposed a SOAP service using Mule's CXF inbound endpoint. I configured validationEnabled="true" and also wsdlLocation="path-to\my\wsdl". With this configuration of CXF inbound endpoint, it is able to validate the incoming SOAP request and throw a SOAP fault in case there are schema validation errors. So far so good.
Now I want to customise the SOAP Fault response in case of schema validation errors.
I don't want to send SOAP Fault at all, instead I would like to send something like below in the response body
<errorCode>123</errorCode>
<errorDescription>some error description</errorDescription>
Can any one please tell me how I can achieve this?
If you are exposing a SOAP web service and want to have a validation of incoming SOAP message against the schema and put custom message, then one of the best way is to use mulexml:schema-validation-filter
for example the following code :-
<mulexml:schema-validation-filter name="Schema_Validation" schemaLocations="yourSchema.xsd" returnResult="true" doc:name="Schema Validation" />
<flow name="ServiceFlow" >
<http:listener config-ref="HTTP_Listener_Configuration" path="mainData" doc:name="HTTP Connector"/>
<message-filter onUnaccepted="ValidationFailFlow" doc:name="filter to validate xml against xsd" throwOnUnaccepted="true" >
<filter ref="Schema_Validation"/>
</message-filter>
<cxf:jaxws-service serviceClass="com.test.services.schema.maindata.v1.MainData" validationEnabled="true" doc:name="SOAP"/>
<component class="com.test.services.schema.maindata.v1.Impl.MainDataImpl" doc:name="JavaMain_ServiceImpl"/>
</flow>
and the create a sub flow to create your custom message
<errorCode>123</errorCode>
<errorDescription>some error description</errorDescription>
:-
<sub-flow name="ValidationFailFlow" >
<logger message="SOAP Request is not valid!!" level="INFO" doc:name="Logger"/>
<set-payload value="<errorCode>123</errorCode><errorDescription>Soap Validation fail!!!/errorDescription>" doc:name="Set Payload" mimeType="application/xml"/>
</sub-flow>
So now if validation is failing then it will route to your sub flow and show your custom message
note, you can create your custom message using set payload or Java class or XSLT or anything you wish :)
for more reference on mulexml:schema-validation-filter refer :- https://docs.mulesoft.com/mule-user-guide/v/3.7/schema-validation-filter

How do I create a Mule ESB Service to HTTP POST using name/value pairs?

I need to create a mule service that will POST data to a web service that expects name/value pairs (not xml), then process the XML response from that service. I cannot find a good example on how to prep the payload for an http POST.
Can someone provide some insight or examples?
What I have so far is (I don't know if 'PathToTransformerClass' is needed):
<service name="myService">
<inbound>
<vm:inbound-endpoint path="myService.request" synchronous="true">
<custom-transformer class="PathToTransformerClass" />
</vm:inbound-endpoint>
</inbound>
<outbound>
<pass-through-router>
<http:outbound-endpoint address="URIofWebServiceToPostTo" method="POST" synchronous="true">
<response-transformers>
<custom-transformer class="PathToClassToProcessTheResponse" />
</response-transformers>
</http:outbound-endpoint>
</pass-through-router>
</outbound>
</service>
The following might be helpful: http://comments.gmane.org/gmane.comp.java.mule.user/29342
I can't find any examples either, but it looks like the built-in HTTP transformers are
http-response-to-object-transformer A
transformer that converts an HTTP
response to a Mule Message. The
payload may be a String, stream, or
byte array.
http-response-to-string-transformer
Converts an HTTP response payload
into a string. The headers of the
response will be preserved on the
message.
object-to-http-request-transformer
This transformer will create a valid
HTTP request using the current message
and any HTTP headers set on the
current message.
message-to-http-response-transformer
This transformer will create a valid
HTTP response using the current
message and any HTTP headers set on
the current message.
object-to-http-request-transformer might be your best bet; perhaps you can create a map of key-value pairs and then convert that into URL encoded form? Not sure but hopefully this gives you some things to Google.
Are you asking about how to take XML and create key value pairs to send out via HTTP? For that you can use an XLST transformer where in the XSL you set the method output to be text.
1) Let variables=<map><entry><string>idEvent_Type</string><string>1</string></entry></map>&options=user:admin
be the Map body to post as HTTP request.
2) URL encode it (eg. using http://meyerweb.com/eric/tools/dencoder/)
which produce :
variables%3D%3Cmap%3E%3Centry%3E%3Cstring%3EidEvent_Type%3C%2Fstring%3E%3Cstring%3E1%3C%2Fstring%3E%3C%2Fentry%3E%3C%2Fmap%3E%26options%3Duser%3Aadmin
3) then create a Mule set-payload transformer :
<set-payload value="variables%3D%3Cmap%3E%3Centry%3E%3Cstring%3EidEvent_Type%3C%2Fstring%3E%3Cstring%3E1%3C%2Fstring%3E%3C%2Fentry%3E%3C%2Fmap%3E%26options%3Duser%3Aadmin
" doc:name="Set playload"/>
4) then create a Mule HTTP endpoint :
<http:outbound-endpoint exchange-pattern="request-response" host="..." port="..." path="..." user="..." password="..." contentType="application/x-www-form-urlencoded" doc:name="POSTHTTPRequest"/>
and it works
Maybe U can give a try using Object-to-http-request-transformer as this transformer will create a valid HTTP request using the message currently received and any HTTP headers set on the current message.
Have never tried it, but that is the only transformer I can get in my mind after reading ur query...hope it works.. :D