I am working on understanding how SOAP services work.My client is in Java and the service is using WCF (although in theory this shouldn't matter). If I am given an example of a SOAP envelope and do the following:
-Build a SOAP envelope that exactly follows the example
-Use an HttpPost object to post the data to www.service.com/service.svc
Is this a correct (although improper) way to call the service? Because when I do this, I receive a 400 response, even though my SOAP envelope is the exact same as the example.
It should work. You are probably missing some required headers. I suggest to use a TCP monitor, intercept a working request and analize its content.
I think the reason you are getting an HTTP 400 (Bad Request) is that your service is using BasicHttpBinding which is SOAP 1.1, and you are most likely sending a SOAP 1.2 message (as you indicated in the comments that you are using SOAP 1.2). The message formats are different between the two.
The simplest solution would be to use SOAP 1.1, but if you must (or want) to use SOAP 1.2, the following may help.
In your config file, you haven't defined any endpoints or bindings - which is ok, as WCF will use defaults in 4.0 and later.
However, the default binding for HTTP is BasicHttpBinding. You need to use a binding that supports SOAP 1.2 (or change your message to SOAP 1.1). You could use WSHttpBinding, which does support SOAP 1.2, but you mau have to change the security setting (by default it's Windows).
Another option is to use a custom binding that implements SOAP1.1.
I'll give a couple of examples (I've never written a non-.NET client for a WCF service, so I can't say for certain that it will work but it should at least get you going in the right direction.
WSHttpBinding
Change the default protocol mapping for HTTP requests from BasicHttpBinding to WsHttpBinding by overriding the protocol mapping in your config file:
<protocolMapping>
<addBinding protocol="wsHttpBinding" scheme="http" />
</protocolMapping>
Add a binding section to your config file so you can set the security mode to None. This goes under the <system.serviceModel> section:
<bindings>
<wsHttpBinding>
<binding>
<security mode="None" />
</binding>
</wsHttpBinding>
</bindings>
Notice that I didn't set a value for the name attribute on the binding. This will set the binding definition as the default, and in conjunction with changing the default protocol for HTTP to wsHttpBinding should enable you to send SOAP 1.2.
SECURITY NOTE* Setting security to none is fine if you're just trying to get a better understanding of SOAP, but I would highly recommend doing it in production.
Custom Binding
I've never used a custom binding, but something like this should work:
<bindings>
<customBinding>
<binding name="Custom">
<textMessageEncoding messageVersion="Soap12" />
<httTransport />
</binding>
</customBinding>
</bindings>
You will need to explicitly set this to your endpoint (using the bindingConfiguration attribute of the endpoint), which means you'll need to create an endpoint definition in your config file.
The custom binding idea is from SOAP 1.2 message format with BasicHttpBinding
Hopefully this will give you some ideas and get you going again.
Related
Last year I made JAX-WS client for a web service in this link
This webservice use a STS service to get SAML token and use it to access main webservice. I use wsdl2java of apache cxf to generate JAX-WS client for this webservice. Everything was just fine.
Recently they have updated their STS service endpoint. This new STS service endpoint. Which has different signature and digest algorithm. It has some extra element in request body.
I tried to modify current code so that it support new STS service. But my code is sending same RequestSecurityToken request.I mean it does not adopt for new requirement. I tried to adopt this but I could not do that.
New STS service required http://www.w3.org/2001/04/xmldsig-more#rsa-sha256 as new signature method and http://www.w3.org/2001/04/xmlenc#sha256 as new digest algorithm. Plus it required following element in request body:
<tr:ActAs xmlns:tr="http://docs.oasis-open.org/ws-sx/ws-trust/200802">
<v13:RelationshipToken xmlns:v13="http://vanguard.business.gov.au/2016/03" ID="1bc9a44e-dccd-49e2-8f29-40d7b1257325">
<v13:Relationship v13:Type="OSPfor">
<v13:Attribute v13:Name="SSID" v13:Value="1234567895"/>
</v13:Relationship>
<v13:FirstParty v13:Scheme="uri://abr.gov.au/ABN" v13:Value="27809366375"/>
<v13:SecondParty v13:Scheme="uri://abr.gov.au/ABN" v13:Value="89567587874"/>
</v13:RelationshipToken>
</tr:ActAs>
Plus there are minor differences here. I have two ways now I think:
If I can change old code to STS client send request with those value. which I tried and not succeeded.
They provide some code which support fetching SAML assertion token and proof token from STS client. If I can put SAML assertion token into my JAX-WS client directly then this problem is also solved.
Any help or suggestion will be appreciated to us
The SHA-256 digest algorithm is normally set by using an AlgorithmSuite policy that requires it (e.g. Basic256Sha256). I see in the policy they are still using "Basic256" however. CXF allows you to configure RSA-SHA256 via some configuration properties (see for example 'ws-security.asymmetric.signature.algorithm' here http://cxf.apache.org/docs/ws-securitypolicy.html). You can set ActAs Object/Element on the STSClient directly.
I was receiving "An error occurred when verifying security for the message". Two changes that I had to make to resolve this while using Metro 2.3.1 -
In the STS wsdl, need to mention the signature algorithm like this ---
sp:AlgorithmSuite signatureAlgorithm="SHA256withRSA"
In the USI wsdl, need to change the AlgorithmSuite to Basic256 from Basic256Sha256Rsa15
I have a .net 4.0 web app which needs to connect to a customer's web service, written in Java (it has cxf in the service endpoint)
Their service endpoint is https, and ultimately I will need to supply an x509 credential, but not yet.
They do not allow discovery, they dont expose a mex endpoint, they have supplied us with a wsdl and xsds, and I've managed to create a client proxy.
I'm struggling to set the right wcf client configuration. What I have so far is this: (names changed for obvious reasons).
<system.serviceModel>
<bindings>
<basicHttpsBinding>
<binding name="CUSwsBinding" />
</basicHttpsBinding>
</bindings>
<client>
<endpoint address="https://customer.com/cxf/customerMaintenance/"
binding="basicHttpsBinding" bindingConfiguration="CUSwsBinding"
contract="CUSCustomer.Customerxxx" name="CUSCustomerWS" />
</client>
</system.serviceModel>
When I try and execute, it says the basicHttpBinding extension is not recognised. I see there are some bindings that only are supported in .net 4.5, however my manager has Fear, Uncertainty and Doubt, and our web app has to stay on 4.0
Not an expert in WCF, so any help welcome.
As someone suggested, one can create an instance of the proxy class:
var client = new proxy.ClientClass();
At this line it throws a Configuration binding extension 'system.serviceModel/bindings/basicHttpsBinding' could not be found.
The endpointaddress needs to be in config, as its currently pointing at a test environment, will be poiting at production
I am trying to build a SOAP Web Service using Java, Axis v1.4 and Eclipse J2EE Helios.
I have a WSDL receiving two xsi:string input parameters and dispatching one complex type of three xsi:string elements.
According to Axis documentation (http://axis.apache.org/axis/java/user-guide.html#Encoding_Your_Beans_-_the_BeanSerializer), I need to modify the default deploy.wsdd and use a beanMapping entry.
The following entry has been appended to the aforementioned file inside service tag:
<beanMapping
qname="ns2:Complex_code"
xmlns:ns2="http://ext.system.gr/ExposeCallbackData"
languageSpecificType="java:com.system.ext.ExposeCallbackData.Complex_code"
/>
Nevertheless, the SOAP Response received when invoking the Web Service via soapUI does not contain the SOAP Envelope.
Please note that in case the WSDL specifies a standard XML type (e.g. xsi:int, xsi:string, etc.), the SOAP Envelope is retrieved as expected.
Is there any other configuration step I should perform in order to resolve the issue?
I'm having issues accessing a web service provided by a third party. Looking at the Axis2 wire trace I can see \r\n3ff8\r\n in the middle of my the XML tags coming back which is causing Axis2 to have a hissy fit when it tries to parse them.
As far as I can tell this has something to do with HTTP 1.1 chunking which Axis2 isn't handling very well.
The issue I'm having is Identical to the issue in this forum post
How can I change the my webservice code to make it use HTTP 1.0 to avoid the chunking issue? As far as I can tell Axis defaults to CommonsHTTPSender anyway so I'm unsure why the forum post linked above suggested changing to that.
Alternatively is there a better way to solve this problem?
You can directly turn off chunking:
stub._getServiceClient().getOptions().setProperty(HTTPConstants.CHUNKED, false);
You can also control both of these things through the axis2.xml config file, if you'd prefer. Find the following section:
<transportSender name="http"
class="org.apache.axis2.transport.http.CommonsHTTPTransportSender">
<parameter name="PROTOCOL">HTTP/1.1</parameter>
<parameter name="Transfer-Encoding">chunked</parameter>
</transportSender>
You can change the PROTOCOL parameter to "HTTP/1.0", or remove the Transfer-Encoding parameter to disable chunking.
Found out how to do it, get the stub object that you you will use to call the service and add the following code after it:
stub._getServiceClient().getOptions().setProperty(org.apache.axis2.transport.http.HTTPConstants.HTTP_PROTOCOL_VERSION,
org.apache.axis2.transport.http.HTTPConstants.HEADER_PROTOCOL_10);
I have an ASP.NET application hosting a few WCF services, using ASP.NET Membership for security. I've exposed the System.Web.ApplicationServices.AuthenticationService through an SVC file (AuthenticationService.svc) as shown below:
<%# ServiceHost Language="C#" Debug="true" Service="System.Web.ApplicationServices.AuthenticationService" %>
My WCF configuration for this service is as follows:
<service name="System.Web.ApplicationServices.AuthenticationService" behaviorConfiguration="AuthenticationServiceBehaviors">
<endpoint contract="System.Web.ApplicationServices.AuthenticationService" binding="basicHttpBinding"/>
</service>
...
<behavior name="AuthenticationServiceBehaviors">
<serviceMetadata httpGetEnabled="true"/>
<serviceDebug httpHelpPageEnabled="true" includeExceptionDetailInFaults="true"/>
</behavior>
...
<bindings>
<basicHttpBinding>
<binding allowCookies="true"></binding>
</basicHttpBinding>
</bindings>
I've enabled the authentication service in my web.config as shown below:
<system.web.extensions>
<scripting>
<webServices>
<authenticationService enabled="true" requireSSL="false"/>
</webServices>
</scripting>
</system.web.extensions>
I created a .NET console application to test the service. Visual Studio generated a client, and the service worked as expected. My problem is that I need to use this service from a Java application, but when I try to generate a client in Eclipse using Apache Axis, I get the following error:
IWAB0399E Error in generating Java from WSDL: java.io.IOException: Emitter failure.
There is an undefined portType (AuthenticationService) in the WSDL document
http://localhost:17637/Services/AuthenticationService.svc?wsdl=wsdl0.
Hint: make sure <binding type=".."> is fully qualified.
I've tracked it down to Apache Axis needing different namespace and name in the ServiceContract and ServiceBehavior, thanks to this post. I've changed other WCF services as that post shows, and they work just fine. The problem is that System.Web.ApplicationServices.AuthenticationService looks like this (from http://msdn.microsoft.com/en-us/library/system.web.applicationservices.authenticationservice.aspx):
[ServiceBehaviorAttribute(Namespace = "http://asp.net/ApplicationServices/v200", InstanceContextMode = InstanceContextMode.Single, ConcurrencyMode = ConcurrencyMode.Multiple)]
[AspNetCompatibilityRequirementsAttribute(RequirementsMode = AspNetCompatibilityRequirementsMode.Required)]
[ServiceContractAttribute(Namespace = "http://asp.net/ApplicationServices/v200")]
public class AuthenticationService
Notice the ServiceBehaviorAttribute namespace is the same as the ServiceContractAttribute namespace? I need them to be different so I can get Eclipse (Apache Axis) to generate a client. Any ideas?
I do not think is possible to change name of built-in service. You should be allowed for wrapping built-in service in other service or for writing custom service handle authentication.