Overview

API Versioning

Deprecated

dw.rpc

Class SOAPUtil

Object

dw.rpc.SOAPUtil

Utility class for working with SOAP web services. This class provides methods for setting SOAP headers and a set of constants representing the supported header names.
If you want to use ws-security features, such as signing and encryption, with your RPC-style SOAP web service, use this class to construct a HashMap with security constants and values.
Note: this method handles sensitive security-related data. Pay special attention to PCI DSS v3. requirements 2, 4, and 12. The following example configures the ws-security actions taken for the request and response to a web service.

 importPackage( dw.system );
 importPackage( dw.util );
 importPackage( dw.rpc );


 function execute( args : PipelineDictionary ) : Number
 {
     var WSU_NS : String = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";

     try
     {

     // define a map with all the secrets
     var secretsMap   : Map = new HashMap();
     secretsMap.put("myclientkey", "ckpass");
     secretsMap.put("myservicekey", "ckpass");
     secretsMap.put("username", "password");

     var requestCfg   : Map = new HashMap();

     // define the ws actions to be performed
     requestCfg.put(SOAPUtil.WS_ACTION, SOAPUtil.WS_USERNAME_TOKEN + " " +
                                        SOAPUtil.WS_TIMESTAMP + " " +
                                        SOAPUtil.WS_SIGNATURE + " " +
                                        SOAPUtil.WS_ENCRYPT);
     requestCfg.put(SOAPUtil.WS_USER, "username");
     requestCfg.put(SOAPUtil.WS_PASSWORD_TYPE, SOAPUtil.WS_PW_DIGEST );
     requestCfg.put(SOAPUtil.WS_SIG_DIGEST_ALGO, "http://www.w3.org/2001/04/xmlenc#sha256" );

     // define signature properties
     // the keystore file has the basename of the WSDL file and the
     // file extension based on the keystore type (e.g. HelloWorld.jks).
     // The keystore file has to be placed beside the WSDL file.
     requestCfg.put(SOAPUtil.WS_SIG_PROP_KEYSTORE_TYPE, "jks");
     requestCfg.put(SOAPUtil.WS_SIG_PROP_KEYSTORE_PW, "cspass");
     requestCfg.put(SOAPUtil.WS_SIG_PROP_KEYSTORE_ALIAS, "myclientkey");

     requestCfg.put(SOAPUtil.WS_SIGNATURE_USER, "myclientkey");

     // define enrcryption properties
     requestCfg.put(SOAPUtil.WS_ENC_PROP_KEYSTORE_TYPE, "jks");
     requestCfg.put(SOAPUtil.WS_ENC_PROP_KEYSTORE_PW, "cspass");
     requestCfg.put(SOAPUtil.WS_ENC_PROP_KEYSTORE_ALIAS, "myservicekey");

     requestCfg.put(SOAPUtil.WS_ENCRYPTION_USER, "myservicekey");
     requestCfg.put(SOAPUtil.WS_SIGNATURE_PARTS, "{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body");
     requestCfg.put(SOAPUtil.WS_ENCRYPTION_PARTS,"{Element}{" + WSU_NS + "}
      Timestamp;"+"{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body");

     // set the secrets for the callback
     requestCfg.put(SOAPUtil.WS_SECRETS_MAP, secretsMap);

     var responseCfg : Map = new HashMap();

     // define the ws actions to be performed for the response
     responseCfg.put(SOAPUtil.WS_ACTION, SOAPUtil.WS_TIMESTAMP + " " +
                                         SOAPUtil.WS_SIGNATURE + " " +
                                         SOAPUtil.WS_ENCRYPT);

     // define signature properties
     responseCfg.put(SOAPUtil.WS_SIG_PROP_KEYSTORE_TYPE, "jks");
     responseCfg.put(SOAPUtil.WS_SIG_PROP_KEYSTORE_PW, "cspass");
     responseCfg.put(SOAPUtil.WS_SIG_PROP_KEYSTORE_ALIAS, "myservicekey");

     responseCfg.put(SOAPUtil.WS_SIGNATURE_USER, "myservicekey");

     // define decryption properties
     responseCfg.put(SOAPUtil.WS_ENC_PROP_KEYSTORE_TYPE, "jks");
     responseCfg.put(SOAPUtil.WS_ENC_PROP_KEYSTORE_PW, "cspass");
     responseCfg.put(SOAPUtil.WS_ENC_PROP_KEYSTORE_ALIAS, "myclientkey");

     responseCfg.put(SOAPUtil.WS_ENCRYPTION_USER, "myclientkey");

     // set the secrets for the callback
     responseCfg.put(SOAPUtil.WS_SECRETS_MAP, secretsMap);

     // get the service and stub
     var helloWorldService : WebReference = webreferences.HelloWorld;
     var stub : Stub = helloWorldService.defaultService;
     // set the security
     SOAPUtil.setWSSecurityConfig(stub, requestCfg, responseCfg);
         //var h : Hello = new helloWorldService.Hello();
         var h = new helloWorldService.com.support.ws.security.test.Hello2();

         h.setName('Send Text from client Axis ...');

         // call the web service
         var response  = stub.hello2(h);
         //var response = stub.hello(h);
         var result = response.getHello2Return();


     args.OutStr = result;
     Logger.error("Hello World We Are SIGNED old version Send Text from client ...", result);

     return PIPELET_NEXT;

     }
     catch (e)
     {
         Logger.error("Error in helloWorldRpc.ds is: " + e);
         return PIPELET_ERROR;
     }

 }
  

Deprecated:

This class is deprecated, please use webreferences2 instead (see also WSUtil).

See Also:

Stub

WebReference

Constants

WS_ACTION  :  String = "action"

WS-Security action property name. Allowed property values are WS_NO_SECURITY, WS_TIMESTAMP, WS_ENCRYPT, WS_SIGNATURE, WS_USERNAME_TOKEN or a space separated String with multiple values.

Deprecated:

use webreferences2 instead

WS_ENC_PROP_KEYSTORE_ALIAS  :  String = "__EncryptionPropKeystoreAlias"

WS-Security encryption: the encryption/decryption keystore alias name

Deprecated:

use webreferences2 instead

WS_ENC_PROP_KEYSTORE_PW  :  String = "__EncryptionPropKeystorePassword"

WS-Security encryption: the encryption/decryption keystore password

Deprecated:

use webreferences2 instead

WS_ENC_PROP_KEYSTORE_TYPE  :  String = "__EncryptionPropKeystoreType"

WS-Security encryption: the encryption/decryption keystore type ( jks or pkcs12 ), default is jks.
Note: the keystore file must have the basename of the WSDL file and the file extension based on the keystore type. For example: MyService.jks. The keystore file must be placed in the same cartridge directory as the WSDL file.

Deprecated:

use webreferences2 instead

WS_ENCRYPT  :  String = "Encrypt"

WS-Security action: encrypt the message. The encryption-specific parameters define how to encrypt, which keys to use, and other parameters.

Deprecated:

use webreferences2 instead

WS_ENCRYPTION_PARTS  :  String = "encryptionParts"

WS-Security encryption: defines which parts of the request are encrypted.

Deprecated:

use webreferences2 instead

WS_ENCRYPTION_USER  :  String = "encryptionUser"

WS-Security encryption: the user's name for encryption.

Deprecated:

use webreferences2 instead

WS_NO_SECURITY  :  String = "NoSecurity"

WS-Security action: no security

Deprecated:

use webreferences2 instead

WS_PASSWORD_TYPE  :  String = "passwordType"

WS-Security password type: parameter for UsernameToken action to define the encoding of the password. Allowed values are PW_DIGEST or PW_TEXT.

Deprecated:

use webreferences2 instead

WS_PW_DIGEST  :  String = "PasswordDigest"

WS-Security password of type digest: use a password digest to send the password information.

Deprecated:

use webreferences2 instead

WS_PW_TEXT  :  String = "PasswordText"

WS-Security password of type text: send the password information in clear text.

Deprecated:

use webreferences2 instead

WS_SECRETS_MAP  :  String = "__SecretsMap"

A secrets map with the username/password entries is needed to create the password callback object.

Deprecated:

use webreferences2 instead

WS_SIG_DIGEST_ALGO  :  String = "signatureDigestAlgorithm"

WS-Security signature: sets the signature digest algorithm to use.

Deprecated:

use webreferences2 instead

WS_SIG_PROP_KEYSTORE_ALIAS  :  String = "__SignaturePropKeystoreAlias"

WS-Security signature: the signature keystore alias name

Deprecated:

use webreferences2 instead

WS_SIG_PROP_KEYSTORE_PW  :  String = "__SignaturePropKeystorePassword"

WS-Security signature: the signature keystore password.

Deprecated:

use webreferences2 instead

WS_SIG_PROP_KEYSTORE_TYPE  :  String = "__SignaturePropKeystoreType"

WS-Security: the signature keystore type ( jks or pkcs12 ). The default is jks.
Note: The keystore file must have the basename of the WSDL file and the file extension of the keystore type. For example: MyService.jks. The keystore file must be placed in the same cartridge directory as the WSDL file.

Deprecated:

use webreferences2 instead

WS_SIGNATURE  :  String = "Signature"

WS-Security action: sign the message. The signature-specific parameters define how to sign, which keys to use, and other parameters.

Deprecated:

use webreferences2 instead

WS_SIGNATURE_PARTS  :  String = "signatureParts"

WS-Security signature: defines which parts of the request are signed.

Deprecated:

use webreferences2 instead

WS_SIGNATURE_USER  :  String = "signatureUser"

WS-Security signature: the user's name for signature.

Deprecated:

use webreferences2 instead

WS_TIMESTAMP  :  String = "Timestamp"

WS-Security action: add a timestamp to the security header.

Deprecated:

use webreferences2 instead

WS_USER  :  String = "user"

WS-Security user name.

Deprecated:

use webreferences2 instead

WS_USERNAME_TOKEN  :  String = "UsernameToken"

WS-Security action: add a UsernameToken identification.

Deprecated:

use webreferences2 instead

Properties

Constructor Summary

SOAPUtil()

Method Summary

static getHTTPRequestHeader(svc : Object, key : String) : String

Returns an HTTP request header property value using the specified key.

static getHTTPResponseHeader(svc : Object, key : String) : String

Returns an HTTP response header property value using the specified key.

static setHeader(svc : Object, xml : String) : void

Sets a new SOAPHeaderElement in the SOAP request with the namespace of the XML content.

static setHeader(svc : Object, xml : String, mustUnderstand : boolean) : void

Sets a new SOAPHeaderElement in the SOAP request with the namespace of the XML content.

static setHeader(svc : Object, namespace : String, name : String, xml : String) : void

Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.

static setHeader(svc : Object, namespace : String, name : String, xml : String, mustUnderstand : boolean) : void

Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.

static setHeader(svc : Object, namespace : String, name : String, xml : String, mustUnderstand : boolean, actor : String) : void

Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.

static setHeader(svc : Object, namespace : String, name : String, xml : Object) : void

Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.

static setHeader(svc : Object, namespace : String, name : String, xml : Object, mustUnderstand : boolean) : void

Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.

static setHeader(svc : Object, namespace : String, name : String, xml : Object, mustUnderstand : boolean, actor : String) : void

Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.

static setHTTPRequestHeader(svc : Object, key : String, value : String) : void

Sets an HTTP request header property using the specified key and value.

static setWSSecurityConfig(svc : Object, requestConfigMap : Object, responseConfigMap : Object) : void

Sets the WS-Security configuration for the request and response based on the constants defined.

Methods inherited from class Object

assign, create, create, defineProperties, defineProperty, entries, freeze, fromEntries, getOwnPropertyDescriptor, getOwnPropertyNames, getOwnPropertySymbols, getPrototypeOf, hasOwnProperty, is, isExtensible, isFrozen, isPrototypeOf, isSealed, keys, preventExtensions, propertyIsEnumerable, seal, setPrototypeOf, toLocaleString, toString, valueOf, values

Constructor Detail

SOAPUtil

public SOAPUtil()

---

Method Detail

getHTTPRequestHeader

static getHTTPRequestHeader(svc : Object, key : String) : String

Returns an HTTP request header property value using the specified key. Null is returned if the key does not represent an HTTP header property.

Deprecated:

use webreferences2 instead

Parameters:

svc - a service stub returned from getService().

key - the header property key.

Returns:

an HTTP request header property value using the specified key or null.

---

getHTTPResponseHeader

static getHTTPResponseHeader(svc : Object, key : String) : String

Returns an HTTP response header property value using the specified key. Null is returned if the key does not represent an HTTP response header property.

Deprecated:

use webreferences2 instead

Parameters:

svc - a service stub returned from getService().

key - the header property key.

Returns:

an HTTP response header property value using the specified key or null.

---

setHeader

static setHeader(svc : Object, xml : String) : void

Sets a new SOAPHeaderElement in the SOAP request with the namespace of the XML content.

Deprecated:

use webreferences2 instead

Parameters:

svc - a service stub returned from getService()

xml - a string with arbitrary XML content

---

setHeader

static setHeader(svc : Object, xml : String, mustUnderstand : boolean) : void

Sets a new SOAPHeaderElement in the SOAP request with the namespace of the XML content.

Deprecated:

use webreferences2 instead

Parameters:

svc - a service stub returned from getService()

xml - a string with arbitrary XML content

mustUnderstand - sets the SOAP header attribute 'mustUnderstand'

---

setHeader

static setHeader(svc : Object, namespace : String, name : String, xml : String) : void

Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.

Deprecated:

use webreferences2 instead

Parameters:

svc - a service stub returned from getService()

namespace - the namespace of the header element

name - the element name for the header element

xml - a string with arbitrary XML content

---

setHeader

static setHeader(svc : Object, namespace : String, name : String, xml : String, mustUnderstand : boolean) : void

Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.

Deprecated:

use webreferences2 instead

Parameters:

svc - a service stub returned from getService()

namespace - the namespace of the header element

name - the element name for the header element

xml - a string with arbitrary XML content

mustUnderstand - sets the SOAP header attribute mustUnderstand

---

setHeader

static setHeader(svc : Object, namespace : String, name : String, xml : String, mustUnderstand : boolean, actor : String) : void

Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.

Deprecated:

use webreferences2 instead

Parameters:

svc - a service stub returned from getService()

namespace - the namespace of the header element

name - the element name for the header element

xml - a string with arbitrary XML content

mustUnderstand - sets the SOAP header attribute mustUnderstand

actor - the SOAP actor, which should be set for this header element. null removes any actor.

---

setHeader

static setHeader(svc : Object, namespace : String, name : String, xml : Object) : void

Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.

Deprecated:

use webreferences2 instead

Parameters:

svc - a service stub returned from getService()

namespace - the namespace of the header element

name - the element name for the header element

xml - a E4X XML object

---

setHeader

static setHeader(svc : Object, namespace : String, name : String, xml : Object, mustUnderstand : boolean) : void

Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.

Deprecated:

use webreferences2 instead

Parameters:

svc - a service stub returned from getService()

namespace - the namespace of the header element

name - the element name for the header element

xml - a E4X XML object

mustUnderstand - sets the SOAP header attribute mustUnderstand

---

setHeader

static setHeader(svc : Object, namespace : String, name : String, xml : Object, mustUnderstand : boolean, actor : String) : void

Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.

 var usernameToken : XML =
   <wsse:UsernameToken xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
       <wsse:Username>{merchantID}</wsse:Username>
       <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">
           {merchantPassword}
       </wsse:Password>
   </wsse:UsernameToken>
 SOAPUtil.setHeader( service, "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd",
  "Security", usernameToken, true, null
  

Deprecated:

use webreferences2 instead

Parameters:

svc - a service stub returned from getService()

namespace - the namespace of the header element

name - the element name for the header element

xml - a E4X XML object

mustUnderstand - sets the SOAP header attribute 'mustUnderstand'

actor - the SOAP actor, which should be set for this header element. null removes any actor.

---

setHTTPRequestHeader

static setHTTPRequestHeader(svc : Object, key : String, value : String) : void

Sets an HTTP request header property using the specified key and value.

Deprecated:

use webreferences2 instead

Parameters:

svc - a service stub returned from getService().

key - the header property key.

value - the header property value. If the value is null, the property identified by the key is removed from the HTTP request header.

---

setWSSecurityConfig

static setWSSecurityConfig(svc : Object, requestConfigMap : Object, responseConfigMap : Object) : void

Sets the WS-Security configuration for the request and response based on the constants defined.

Deprecated:

use webreferences2 instead

Parameters:

svc - a service stub returned from getService()

requestConfigMap - the WS-Security request config

responseConfigMap - the WS-Security response config

---