Custom wsse:Security SOAP Header in Pega 8.4

Question

KarthikeyanN0370

Member since 2014

5 posts

American Express

Posted: May 9, 2020

Last activity: May 13, 2020

Posted: 9 May 2020 15:56 EDT
Last activity: 13 May 2020 22:34 EDT

Closed

Custom wsse:Security SOAP Header in Pega 8.4

Report

Our SOAP service provider expects 2 wsse:Security SOAP header ( 1 -> Signature, 2 -> Custom) as part of the request payload. I have configured the custom wsse:Security header in connector rule however it gets over overridden by Pega before sending it out. How can i ensure that whatever header is retained in addition to what Pega creates for Signature?.

Expected :

<soapenv:Envelope>
    <soapenv:Header>
        <wsse:Security>
            <wsse:BinarySecurityToken>XXXXXXX</wsse:BinarySecurityToken>
            <ds:Signature>
               XXXXXXXX
            </ds:Signature>
        </wsse:Security>
       <wsse:Security>
            <wsse:BinarySecurityToken></wsse:BinarySecurityToken>
        </wsse:Security>
    </soapenv:Header>
    <soapenv:Body>
    </soapenv:Body>
</soapenv:Envelope>

What is sent from Pega 8.4 :

Expected :

<soapenv:Envelope>
    <soapenv:Header>
        <wsse:Security>
            <wsse:BinarySecurityToken>XXXXXXX</wsse:BinarySecurityToken>
            <ds:Signature>
               XXXXXXXX
            </ds:Signature>
        </wsse:Security>
       <wsse:Security>
            <wsse:BinarySecurityToken></wsse:BinarySecurityToken>
        </wsse:Security>
    </soapenv:Header>
    <soapenv:Body>
    </soapenv:Body>
</soapenv:Envelope>

What is sent from Pega 8.4 :

<soapenv:Envelope>
    <soapenv:Header>
        <wsse:Security>
            <wsse:BinarySecurityToken>XXXXXXX</wsse:BinarySecurityToken>
            <ds:Signature>
               XXXXXXXX
            </ds:Signature>
        </wsse:Security>
    </soapenv:Header>
    <soapenv:Body>
    </soapenv:Body>
</soapenv:Envelope>

***Edited by Moderator: Pallavi to update platform capability tags***

Show Less

To see attachments, please log in.

Pega Platform 8.4

Security

Data Integration

Like (0)
Share this page Facebook Twitter LinkedIn Email Copying... Copied!

Posted: 4 years ago

Posted: 10 May 2020 2:07 EDT

pylaa replied to KarthikeyanN0370

Report

Hi,

Can you try to provide the actor & role attributes for both the security headers and post us the outcome.

as per Soap webe services Doc: (http://docs.oasis-open.org/wss-m/wss/v1.1.1/csprd01/wss-SOAPMessageSecurity-v1.1.1-csprd01.html)

message MAY have multiple <wsse:Security> header blocks if they are targeted for separate recipients. A message MUST NOT have multiple <wsse:Security> header blocks targeted (whether explicitly or implicitly) at the same recipient. However, only one <wsse:Security> header block MAY omit the S11:actor or S12:role attributes. Two <wsse:Security> header blocks MUST NOT have the same value for S11:actor or S12:role. Message security information targeted for different recipients MUST appear in different <wsse:Security> header blocks.

To see attachments, please log in.

Like (0)

Posted: 4 years ago

Posted: 10 May 2020 18:43 EDT

KarthikeyanN0370

American Express

replied to pylaa

Report

Hi Pylaa,

The custom header doesn't have actor/role in it however the other one does have it. Attaching the SOAP envelope. FYI. It is not a new integration. We are facing this problem when we did the uplift from 7.1.1 to 8.4. We customized InvokeAxis2 in 7.1.7 for the header.

Hi Pylaa,

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" 
    xmlns:xsd="http://www.w3.org/2001/XMLSchema" 
    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
    <soapenv:Header>
        <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" 
            xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soapenv:actor="http://schemas.xmlsoap.org/soap/actor/next">
            <wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#Xxx" wsu:Id="XXXX"></wsse:BinarySecurityToken>
            <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="SIG-XXX">
            </ds:Signature>
        </wsse:Security>
        <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
            <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="IntToken" wsu:Id="InternalToken"></wsse:BinarySecurityToken>
        </wsse:Security>
    </soapenv:Header>
    <soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-XXXXX">
    </soapenv:Body>
</soapenv:Envelope>

Show Less

To see attachments, please log in.

Like (0)

Posted: 4 years ago

Posted: 13 May 2020 22:34 EDT

pylaa replied to KarthikeyanN0370

Report

Hi ,

If it is upgraded one, please raise a ticket to GCS so it will investigate further.

To see attachments, please log in.

Like (0)

Question

Custom wsse:Security SOAP Header in Pega 8.4

Need help or want to help others?

Experience the benefits of Support Center when you log in.

Question

Custom wsse:Security SOAP Header in Pega 8.4

Related content:

Need help or want to help others?

Experience the benefits of Support Center when you log in.

We'd prefer it if you saw us at our best.