tESBConsumer User-Name Token: WS-Security Nonce is missing

Four Stars

tESBConsumer User-Name Token: WS-Security Nonce is missing

Hi,

I am calling a web service with tESBConsumer component. Web service requires WS-Security. This is implemented in the tESBConsumer component with the "Use Authentication -> Username Token" setting. This adds WS-Security header to the Soap envelop but does not add the Nonce element. Web service also requires Nonce. 

 

This is generated from Talend DI v6.4.1

 

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soap:mustUnderstand="1">
<wsse:UsernameToken wsu:Id="UsernameToken-6780c83f-ffc8-4588-a427-8f4a5eb41f77">
<wsse:Username>***</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">****</wsse:Password>
</wsse:UsernameToken> </wsse:Security> </soap:Header>

 

This generated from SoapUI;

<soapenv:Envelope xmlns:intf="http://intf.service.electronicaccountsummary.eho.hmn.ykb.com/" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-6C5C1C99C561657DAB15142383167429"><wsse:Username>***</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">***</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">N/+/XZhFKO9btrOs+chsBw==</wsse:Nonce>
<wsu:Created>2017-12-25T21:45:16.742Z</wsu:Created></wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>

This is the Talend generated code of the job;

 

Screen Shot 2017-12-27 at 22.31.08.png

 

This code should be added also to add Nonce header

// Automatically adds a Base64 encoded message nonce and a created timestamp
wssProps.put(WSHandlerConstants.ADD_UT_ELEMENTS, WSConstants.NONCE_LN + " " + WSConstants.CREATED_LN); 

Is there a easy way to change wss4j configuration to add nonce?

 

Thanks.

Moderator

Re: tESBConsumer User-Name Token: WS-Security Nonce is missing

Hello,

Could you please take a look at this work item jira issue :https://jira.talendforge.org/browse/TESB-14763

to see if it is what you are looking for?

Best regards

Sabrina

--
Don't forget to give kudos when a reply is helpful and click Accept the solution when you think you're good with it.
Four Stars

Re: tESBConsumer User-Name Token: WS-Security Nonce is missing

Thanks for the reply. It seems the same root cause (CXF configuration) but i don't have a problem in ESB. I am using Talend DI studio and the problem is with tESBConsumer component. By the way i found a solution by generating wssHeaders manually.

 

Here is my job design:

wssUserPwd component is calling a routine that creates wss header document. payload+header are merged with XmlMap and passed to tESBConsumer (callWS). 

 

Screen Shot 2018-01-08 at 23.17.51.pngjob design

 

routine code:

 

public static routines.system.Document create(String username, String pwd) throws Exception {
    	DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    	DocumentBuilder builder = dbf.newDocumentBuilder();
    	Document doc = builder.newDocument();
    	
    	Element element = doc.createElement("root");
    	doc.appendChild(element);
    	
    	WSSecHeader hdr = new WSSecHeader(doc);
    	hdr.insertSecurityHeader();
    	
    	WSSecUsernameToken user = new WSSecUsernameToken();
    	user.setPasswordType(WSS4JConstants.PASSWORD_TEXT);
    	user.setUserInfo(username, pwd);
    	user.addCreated();
    	user.addNonce();
    	user.prepare(doc);
    	user.appendToHeader(hdr);
    	
    	routines.system.Document ret = new routines.system.Document();
    	ret.setDocument(new DOMReader().read(doc));
    	//printDocument(doc,System.out);
    	
    	return ret;
    }
Moderator

Re: tESBConsumer User-Name Token: WS-Security Nonce is missing

Hello,

Thanks for your feedback and sharing your solution with us.

Best regards

Sabrina

--
Don't forget to give kudos when a reply is helpful and click Accept the solution when you think you're good with it.

2019 GARNER MAGIC QUADRANT FOR DATA INTEGRATION TOOL

Talend named a Leader.

Get your copy

OPEN STUDIO FOR DATA INTEGRATION

Kickstart your first data integration and ETL projects.

Download now

What’s New for Talend Summer ’19

Watch the recorded webinar!

Watch Now

Best Practices for Using Context Variables with Talend – Part 4

Pick up some tips and tricks with Context Variables

Blog

How Media Organizations Achieved Success with Data Integration

Learn how media organizations have achieved success with Data Integration

Read

Downloads and Trials

Test drive Talend's enterprise products.

Downloads