none
wsse Security Header with SAML RRS feed

  • Question

  • Hi Genius,

    I need to consume the web service which is exposed by my service provider. I got the WSDL file from them. In SOAP request header I have to add the wsse:Security header with SAML assertion.

    Please have a look at the below wsse:Security header. I have searched a lot and tried with WSE 3.0, WIF and WCF. Help me to move further spent around 15 days and I'm running out of time.

    I don't need a code. If you give me clues it's more than enough.

    <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
      <wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="CertId-2205212A7CE172EDAD136396070929096">MIIGOzCCBSOgAwIBAgIRAMLHEnngSJwPhUBrQD7Wau</wsse:BinarySecurityToken>
      <saml2:Assertion ID="2205212A7CE172EDAD136396070923593" IssueInstant="2013-03-22T13:58:29.235Z" Version="2.0" xsi:type="saml2:AssertionType" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
        <saml2:Issuer>Test.com</saml2:Issuer>
        <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
          <ds:SignedInfo>
            <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
            <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
            <ds:Reference URI="#2205212A7CE172EDAD136396070923593">
              <ds:Transforms>
                <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
                <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
              </ds:Transforms>
              <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
              <ds:DigestValue>NI1mY4izfZO9cTmY9RQ1wc=</ds:DigestValue>
            </ds:Reference>
          </ds:SignedInfo>
          <ds:SignatureValue>PPiZmdZRnUNl5XLT</ds:SignatureValue>
          <ds:KeyInfo>
            <ds:X509Data>
              <ds:X509Certificate>
                MIIGOzCCBSOgAwIBAgIRAMLHEnngSJwPhUBrQD7Wa
                uEwDQYJKoZIhvcNAQEFBQAwgYkxCzAJBgNV
                BAYTAkdCMRswGQYDVQQIExJHcmVhdGVyIE1hbmNoZXN0ZXIxEDAOBgNVBAcTB1NhbGZvcmQxGjAY            
                r7A/P/13q1BRTPvLM6CYNzb4wvAgBxiuBV97OoVSnMPxYVtW03OoOCquyXDrq8bLYuR5+l1YGahY
                D5nJfSXiCb9PCf5m+hZh6smWp1rMcafMLdr5+JbZEPPk36S1q1aokpoeEo2N0Hmg9mt2GOg6Z+Qu
                ya9s
              </ds:X509Certificate>
            </ds:X509Data>
          </ds:KeyInfo>
        </ds:Signature>
        <saml2:Subject>
          <saml2:NameID Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" NameQualifier="Qualifier">CN=Test.com,OU=PlatinumSSL,OU=Test Company,OU=Test,O=Test</saml2:NameID>
          <saml2:SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:cm:sender-vouches"/>
        </saml2:Subject>
        <saml2:Conditions NotBefore="2013-03-22T13:58:29.235Z" NotOnOrAfter="2013-03-22T14:03:29.235Z"/>
        <saml2:AuthnStatement>
          <saml2:AuthnContext>
            <saml2:AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:Password</saml2:AuthnContextClassRef>
          </saml2:AuthnContext>
        </saml2:AuthnStatement>
      </saml2:Assertion>
      <wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0" wsu:Id="STRSAMLId-2205212A7CE172EDAD136396070929097" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
        <wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLID">2205212A7CE172EDAD136396070923593</wsse:KeyIdentifier>
      </wsse:SecurityTokenReference>
      <ds:Signature Id="SIG-19" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <ds:SignedInfo>
          <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
            <ec:InclusiveNamespaces PrefixList="head pros soapenv" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
          </ds:CanonicalizationMethod>
          <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
          <ds:Reference URI="#id-1">
            <ds:Transforms>
              <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                <ec:InclusiveNamespaces PrefixList="head pros" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
              </ds:Transform>
            </ds:Transforms>
            <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
            <ds:DigestValue>yBGE2mVOFnzQPTA9v/7yIvq0CIk=</ds:DigestValue>
          </ds:Reference>
          <ds:Reference URI="#STRSAMLId-2205212A7CE172EDAD136396070929097">
            <ds:Transforms>
              <ds:Transform Algorithm="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform">
                <wsse:TransformationParameters>
                  <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                </wsse:TransformationParameters>
              </ds:Transform>
            </ds:Transforms>
            <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
            <ds:DigestValue>/2QpTYDtLM4GnZIVq5/RihtL6Ug=</ds:DigestValue>
          </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>
          Yx4SB76RTGcrll18wYlwvLAWHgNeckPcO9be1opcAL99dzDe5RspWkmLjXJ0rY7wh+RPW+wzaJyI
          r0ezOByRNCFWHFNjZOdN5wj++h7pnJRFLe70WGNktREOckaQ/U/O5NLH8adkWFm+Q/wZApw2WLI6
          6uWmQ+l8rOaWPg8gsBS8sjn1S55W2MYPtnwSew==
        </ds:SignatureValue>
        <ds:KeyInfo Id="KeyId-2205212A7CE172EDAD136396070929094">
          <wsse:SecurityTokenReference wsu:Id="STRId-2205212A7CE172EDAD136396070929095">
            <wsse:Reference URI="#CertId-2205212A7CE172EDAD136396070929096" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
          </wsse:SecurityTokenReference>
        </ds:KeyInfo>
      </ds:Signature>
    </wsse:Security>

    Thanks and regards,

    P.Ponkarthik

    Tuesday, March 26, 2013 3:22 PM

Answers