tESBConsumer User-Name Token: WS-Security Nonce is missing

Four Stars

tESBConsumer User-Name Token: WS-Security Nonce is missing

Hi,

I am calling a web service with tESBConsumer component. Web service requires WS-Security. This is implemented in the tESBConsumer component with the "Use Authentication -> Username Token" setting. This adds WS-Security header to the Soap envelop but does not add the Nonce element. Web service also requires Nonce. 

 

This is generated from Talend DI v6.4.1

 

<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soap:mustUnderstand="1">
<wsse:UsernameToken wsu:Id="UsernameToken-6780c83f-ffc8-4588-a427-8f4a5eb41f77">
<wsse:Username>***</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">****</wsse:Password>
</wsse:UsernameToken> </wsse:Security> </soap:Header>

 

This generated from SoapUI;

<soapenv:Envelope xmlns:intf="http://intf.service.electronicaccountsummary.eho.hmn.ykb.com/" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-6C5C1C99C561657DAB15142383167429"><wsse:Username>***</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">***</wsse:Password>
<wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">N/+/XZhFKO9btrOs+chsBw==</wsse:Nonce>
<wsu:Created>2017-12-25T21:45:16.742Z</wsu:Created></wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>

This is the Talend generated code of the job;

 

Screen Shot 2017-12-27 at 22.31.08.png

 

This code should be added also to add Nonce header

// Automatically adds a Base64 encoded message nonce and a created timestamp
wssProps.put(WSHandlerConstants.ADD_UT_ELEMENTS, WSConstants.NONCE_LN + " " + WSConstants.CREATED_LN); 

Is there a easy way to change wss4j configuration to add nonce?

 

Thanks.

Moderator

Re: tESBConsumer User-Name Token: WS-Security Nonce is missing

Hello,

Could you please take a look at this work item jira issue :https://jira.talendforge.org/browse/TESB-14763

to see if it is what you are looking for?

Best regards

Sabrina

--
Don't forget to give kudos when a reply is helpful and click Accept the solution when you think you're good with it.
Four Stars

Re: tESBConsumer User-Name Token: WS-Security Nonce is missing

Thanks for the reply. It seems the same root cause (CXF configuration) but i don't have a problem in ESB. I am using Talend DI studio and the problem is with tESBConsumer component. By the way i found a solution by generating wssHeaders manually.

 

Here is my job design:

wssUserPwd component is calling a routine that creates wss header document. payload+header are merged with XmlMap and passed to tESBConsumer (callWS). 

 

Screen Shot 2018-01-08 at 23.17.51.pngjob design

 

routine code:

 

public static routines.system.Document create(String username, String pwd) throws Exception {
    	DocumentBuilderFactory dbf = DocumentBuilderFactory.newInstance();
    	DocumentBuilder builder = dbf.newDocumentBuilder();
    	Document doc = builder.newDocument();
    	
    	Element element = doc.createElement("root");
    	doc.appendChild(element);
    	
    	WSSecHeader hdr = new WSSecHeader(doc);
    	hdr.insertSecurityHeader();
    	
    	WSSecUsernameToken user = new WSSecUsernameToken();
    	user.setPasswordType(WSS4JConstants.PASSWORD_TEXT);
    	user.setUserInfo(username, pwd);
    	user.addCreated();
    	user.addNonce();
    	user.prepare(doc);
    	user.appendToHeader(hdr);
    	
    	routines.system.Document ret = new routines.system.Document();
    	ret.setDocument(new DOMReader().read(doc));
    	//printDocument(doc,System.out);
    	
    	return ret;
    }
Moderator

Re: tESBConsumer User-Name Token: WS-Security Nonce is missing

Hello,

Thanks for your feedback and sharing your solution with us.

Best regards

Sabrina

--
Don't forget to give kudos when a reply is helpful and click Accept the solution when you think you're good with it.

What’s New for Talend Spring ’19

Watch the recorded webinar!

Watch Now

Definitive Guide to Data Quality

Create systems and workflow to manage clean data ingestion and data transformation.

Download

Tutorial

Introduction to Talend Open Studio for Data Integration.

Watch

Downloads and Trials

Test drive Talend's enterprise products.

Downloads