[DEPRECATED] Script: Class dw.rpc.SOAPUtil
Class SOAPUtil
- Object
- dw.rpc.SOAPUtil
Utility class for working with SOAP web services. This class provides methods for setting SOAP headers and a set of constants representing the supported header names.
If you want to use ws-security features, such as signing and encryption, with your RPC-style SOAP web service, use this class to construct a HashMap with security constants and values.
Note: this method handles sensitive security-related data. Pay special attention to PCI DSS v3. requirements 2, 4, and 12. The following example configures the ws-security actions taken for the request and response to a web service.
importPackage( dw.system );
importPackage( dw.util );
importPackage( dw.rpc );
function execute( args : PipelineDictionary ) : Number
{
var WSU_NS : String = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
try
{
// define a map with all the secrets
var secretsMap : Map = new HashMap();
secretsMap.put("myclientkey", "ckpass");
secretsMap.put("myservicekey", "ckpass");
secretsMap.put("username", "password");
var requestCfg : Map = new HashMap();
// define the ws actions to be performed
requestCfg.put(SOAPUtil.WS_ACTION, SOAPUtil.WS_USERNAME_TOKEN + " " +
SOAPUtil.WS_TIMESTAMP + " " +
SOAPUtil.WS_SIGNATURE + " " +
SOAPUtil.WS_ENCRYPT);
requestCfg.put(SOAPUtil.WS_USER, "username");
requestCfg.put(SOAPUtil.WS_PASSWORD_TYPE, SOAPUtil.WS_PW_DIGEST );
requestCfg.put(SOAPUtil.WS_SIG_DIGEST_ALGO, "http://www.w3.org/2001/04/xmlenc#sha256" );
// define signature properties
// the keystore file has the basename of the WSDL file and the
// file extension based on the keystore type (e.g. HelloWorld.jks).
// The keystore file has to be placed beside the WSDL file.
requestCfg.put(SOAPUtil.WS_SIG_PROP_KEYSTORE_TYPE, "jks");
requestCfg.put(SOAPUtil.WS_SIG_PROP_KEYSTORE_PW, "cspass");
requestCfg.put(SOAPUtil.WS_SIG_PROP_KEYSTORE_ALIAS, "myclientkey");
requestCfg.put(SOAPUtil.WS_SIGNATURE_USER, "myclientkey");
// define enrcryption properties
requestCfg.put(SOAPUtil.WS_ENC_PROP_KEYSTORE_TYPE, "jks");
requestCfg.put(SOAPUtil.WS_ENC_PROP_KEYSTORE_PW, "cspass");
requestCfg.put(SOAPUtil.WS_ENC_PROP_KEYSTORE_ALIAS, "myservicekey");
requestCfg.put(SOAPUtil.WS_ENCRYPTION_USER, "myservicekey");
requestCfg.put(SOAPUtil.WS_SIGNATURE_PARTS, "{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body");
requestCfg.put(SOAPUtil.WS_ENCRYPTION_PARTS,"{Element}{" + WSU_NS + "}
Timestamp;"+"{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body");
// set the secrets for the callback
requestCfg.put(SOAPUtil.WS_SECRETS_MAP, secretsMap);
var responseCfg : Map = new HashMap();
// define the ws actions to be performed for the response
responseCfg.put(SOAPUtil.WS_ACTION, SOAPUtil.WS_TIMESTAMP + " " +
SOAPUtil.WS_SIGNATURE + " " +
SOAPUtil.WS_ENCRYPT);
// define signature properties
responseCfg.put(SOAPUtil.WS_SIG_PROP_KEYSTORE_TYPE, "jks");
responseCfg.put(SOAPUtil.WS_SIG_PROP_KEYSTORE_PW, "cspass");
responseCfg.put(SOAPUtil.WS_SIG_PROP_KEYSTORE_ALIAS, "myservicekey");
responseCfg.put(SOAPUtil.WS_SIGNATURE_USER, "myservicekey");
// define decryption properties
responseCfg.put(SOAPUtil.WS_ENC_PROP_KEYSTORE_TYPE, "jks");
responseCfg.put(SOAPUtil.WS_ENC_PROP_KEYSTORE_PW, "cspass");
responseCfg.put(SOAPUtil.WS_ENC_PROP_KEYSTORE_ALIAS, "myclientkey");
responseCfg.put(SOAPUtil.WS_ENCRYPTION_USER, "myclientkey");
// set the secrets for the callback
responseCfg.put(SOAPUtil.WS_SECRETS_MAP, secretsMap);
// get the service and stub
var helloWorldService : WebReference = webreferences.HelloWorld;
var stub : Stub = helloWorldService.defaultService;
// set the security
SOAPUtil.setWSSecurityConfig(stub, requestCfg, responseCfg);
//var h : Hello = new helloWorldService.Hello();
var h = new helloWorldService.com.support.ws.security.test.Hello2();
h.setName('Send Text from client Axis ...');
// call the web service
var response = stub.hello2(h);
//var response = stub.hello(h);
var result = response.getHello2Return();
args.OutStr = result;
Logger.error("Hello World We Are SIGNED old version Send Text from client ...", result);
return PIPELET_NEXT;
}
catch (e)
{
Logger.error("Error in helloWorldRpc.ds is: " + e);
return PIPELET_ERROR;
}
}
Deprecated:
This class is deprecated, please use webreferences2 instead (see also WSUtil).
See Also:
Constants
WS_ACTION : String = "action"
WS-Security action property name. Allowed property values are WS_NO_SECURITY, WS_TIMESTAMP, WS_ENCRYPT, WS_SIGNATURE, WS_USERNAME_TOKEN or a space separated String with multiple values.
Deprecated:
use webreferences2 instead
WS_ENC_PROP_KEYSTORE_ALIAS : String = "__EncryptionPropKeystoreAlias"
WS-Security encryption: the encryption/decryption keystore alias name
Deprecated:
use webreferences2 instead
WS_ENC_PROP_KEYSTORE_PW : String = "__EncryptionPropKeystorePassword"
WS-Security encryption: the encryption/decryption keystore password
Deprecated:
use webreferences2 instead
WS_ENC_PROP_KEYSTORE_TYPE : String = "__EncryptionPropKeystoreType"
WS-Security encryption: the encryption/decryption keystore type ( jks or pkcs12 ), default is jks.
Note: the keystore file must have the basename of the WSDL file and the file extension based on the keystore type. For example: MyService.jks. The keystore file must be placed in the same cartridge directory as the WSDL file.
Deprecated:
use webreferences2 instead
WS_ENCRYPT : String = "Encrypt"
WS-Security action: encrypt the message. The encryption-specific parameters define how to encrypt, which keys to use, and other parameters.
Deprecated:
use webreferences2 instead
WS_ENCRYPTION_PARTS : String = "encryptionParts"
WS-Security encryption: defines which parts of the request are encrypted.
Deprecated:
use webreferences2 instead
WS_ENCRYPTION_USER : String = "encryptionUser"
WS-Security encryption: the user's name for encryption.
Deprecated:
use webreferences2 instead
WS_NO_SECURITY : String = "NoSecurity"
WS-Security action: no security
Deprecated:
use webreferences2 instead
WS_PASSWORD_TYPE : String = "passwordType"
WS-Security password type: parameter for UsernameToken action to define the encoding of the password. Allowed values are PW_DIGEST or PW_TEXT.
Deprecated:
use webreferences2 instead
WS_PW_DIGEST : String = "PasswordDigest"
WS-Security password of type digest: use a password digest to send the password information.
Deprecated:
use webreferences2 instead
WS_PW_TEXT : String = "PasswordText"
WS-Security password of type text: send the password information in clear text.
Deprecated:
use webreferences2 instead
WS_SECRETS_MAP : String = "__SecretsMap"
A secrets map with the username/password entries is needed to create the password callback object.
Deprecated:
use webreferences2 instead
WS_SIG_DIGEST_ALGO : String = "signatureDigestAlgorithm"
WS-Security signature: sets the signature digest algorithm to use.
Deprecated:
use webreferences2 instead
WS_SIG_PROP_KEYSTORE_ALIAS : String = "__SignaturePropKeystoreAlias"
WS-Security signature: the signature keystore alias name
Deprecated:
use webreferences2 instead
WS_SIG_PROP_KEYSTORE_PW : String = "__SignaturePropKeystorePassword"
WS-Security signature: the signature keystore password.
Deprecated:
use webreferences2 instead
WS_SIG_PROP_KEYSTORE_TYPE : String = "__SignaturePropKeystoreType"
WS-Security: the signature keystore type ( jks or pkcs12 ). The default is jks.
Note: The keystore file must have the basename of the WSDL file and the file extension of the keystore type. For example: MyService.jks. The keystore file must be placed in the same cartridge directory as the WSDL file.
Deprecated:
use webreferences2 instead
WS_SIGNATURE : String = "Signature"
WS-Security action: sign the message. The signature-specific parameters define how to sign, which keys to use, and other parameters.
Deprecated:
use webreferences2 instead
WS_SIGNATURE_PARTS : String = "signatureParts"
WS-Security signature: defines which parts of the request are signed.
Deprecated:
use webreferences2 instead
WS_SIGNATURE_USER : String = "signatureUser"
WS-Security signature: the user's name for signature.
Deprecated:
use webreferences2 instead
WS_TIMESTAMP : String = "Timestamp"
WS-Security action: add a timestamp to the security header.
Deprecated:
use webreferences2 instead
WS_USER : String = "user"
WS-Security user name.
Deprecated:
use webreferences2 instead
WS_USERNAME_TOKEN : String = "UsernameToken"
WS-Security action: add a UsernameToken identification.
Deprecated:
use webreferences2 instead
Properties
Constructor Summary
SOAPUtil()
Method Summary
static getHTTPRequestHeader(svc : Object, key : String) : String
Returns an HTTP request header property value using the specified key.
static getHTTPResponseHeader(svc : Object, key : String) : String
Returns an HTTP response header property value using the specified key.
static setHeader(svc : Object, xml : String) : void
Sets a new SOAPHeaderElement in the SOAP request with the namespace of the XML content.
static setHeader(svc : Object, xml : String, mustUnderstand : boolean) : void
Sets a new SOAPHeaderElement in the SOAP request with the namespace of the XML content.
static setHeader(svc : Object, namespace : String, name : String, xml : String) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
static setHeader(svc : Object, namespace : String, name : String, xml : String, mustUnderstand : boolean) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
static setHeader(svc : Object, namespace : String, name : String, xml : String, mustUnderstand : boolean, actor : String) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
static setHeader(svc : Object, namespace : String, name : String, xml : Object) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
static setHeader(svc : Object, namespace : String, name : String, xml : Object, mustUnderstand : boolean) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
static setHeader(svc : Object, namespace : String, name : String, xml : Object, mustUnderstand : boolean, actor : String) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
static setHTTPRequestHeader(svc : Object, key : String, value : String) : void
Sets an HTTP request header property using the specified key and value.
static setWSSecurityConfig(svc : Object, requestConfigMap : Object, responseConfigMap : Object) : void
Sets the WS-Security configuration for the request and response based on the constants defined.
Methods inherited from class Object
assign, create, create, defineProperties, defineProperty, entries, freeze, fromEntries, getOwnPropertyDescriptor, getOwnPropertyNames, getOwnPropertySymbols, getPrototypeOf, hasOwnProperty, is, isExtensible, isFrozen, isPrototypeOf, isSealed, keys, preventExtensions, propertyIsEnumerable, seal, setPrototypeOf, toLocaleString, toString, valueOf, values
Constructor Detail
SOAPUtil
publicSOAPUtil()
Method Detail
getHTTPRequestHeader
static getHTTPRequestHeader(svc : Object, key : String) : String
Returns an HTTP request header property value using the specified key. Null is returned if the key does not represent an HTTP header property.
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService().
key - the header property key.
Returns:
an HTTP request header property value using the specified key or null.
getHTTPResponseHeader
static getHTTPResponseHeader(svc : Object, key : String) : String
Returns an HTTP response header property value using the specified key. Null is returned if the key does not represent an HTTP response header property.
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService().
key - the header property key.
Returns:
an HTTP response header property value using the specified key or null.
setHeader
static setHeader(svc : Object, xml : String) : void
Sets a new SOAPHeaderElement in the SOAP request with the namespace of the XML content.
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService()
xml - a string with arbitrary XML content
setHeader
static setHeader(svc : Object, xml : String, mustUnderstand : boolean) : void
Sets a new SOAPHeaderElement in the SOAP request with the namespace of the XML content.
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService()
xml - a string with arbitrary XML content
mustUnderstand - sets the SOAP header attribute 'mustUnderstand'
setHeader
static setHeader(svc : Object, namespace : String, name : String, xml : String) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService()
namespace - the namespace of the header element
name - the element name for the header element
xml - a string with arbitrary XML content
setHeader
static setHeader(svc : Object, namespace : String, name : String, xml : String, mustUnderstand : boolean) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService()
namespace - the namespace of the header element
name - the element name for the header element
xml - a string with arbitrary XML content
mustUnderstand - sets the SOAP header attribute mustUnderstand
setHeader
static setHeader(svc : Object, namespace : String, name : String, xml : String, mustUnderstand : boolean, actor : String) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService()
namespace - the namespace of the header element
name - the element name for the header element
xml - a string with arbitrary XML content
mustUnderstand - sets the SOAP header attribute mustUnderstand
actor - the SOAP actor, which should be set for this header element. null removes any actor.
setHeader
static setHeader(svc : Object, namespace : String, name : String, xml : Object) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService()
namespace - the namespace of the header element
name - the element name for the header element
xml - a E4X XML object
setHeader
static setHeader(svc : Object, namespace : String, name : String, xml : Object, mustUnderstand : boolean) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService()
namespace - the namespace of the header element
name - the element name for the header element
xml - a E4X XML object
mustUnderstand - sets the SOAP header attribute mustUnderstand
setHeader
static setHeader(svc : Object, namespace : String, name : String, xml : Object, mustUnderstand : boolean, actor : String) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
var usernameToken : XML =
<wsse:UsernameToken xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<wsse:Username>{merchantID}</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">
{merchantPassword}
</wsse:Password>
</wsse:UsernameToken>
SOAPUtil.setHeader( service, "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd",
"Security", usernameToken, true, null
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService()
namespace - the namespace of the header element
name - the element name for the header element
xml - a E4X XML object
mustUnderstand - sets the SOAP header attribute 'mustUnderstand'
actor - the SOAP actor, which should be set for this header element. null removes any actor.
setHTTPRequestHeader
static setHTTPRequestHeader(svc : Object, key : String, value : String) : void
Sets an HTTP request header property using the specified key and value.
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService().
key - the header property key.
value - the header property value. If the value is null, the property identified by the key is removed from the HTTP request header.
setWSSecurityConfig
static setWSSecurityConfig(svc : Object, requestConfigMap : Object, responseConfigMap : Object) : void
Sets the WS-Security configuration for the request and response based on the constants defined.
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService()
requestConfigMap - the WS-Security request config
responseConfigMap - the WS-Security response config