ATILIUS
11 years agoNew Contributor
How to sign a message with SoapUI
Hello!
Using a webservice with ws-security, I have a small java program, which signs by cxf messages send over the web service.
Now I would like to test some messages by using SoapUI.
Unfortunately, I am not able to configure SoapUI in order to sign the outgoing messages.
At the Outgoing WS-Security configurations tab, I have added an item Signature with Keystore, alias, password... and at the Keystores tab I have added the corresponding jks file with the key.
At the Auth tab of the request page, I have set the outgoing wss.
Still, all messages send from SoapUI are not signed.
Could anyone please let me know, how to configure SoapUI so, that it signs the outgoing messages?
Maybe I need to add some parts items at the Outgoing WS-Security configurations tab.
For more information, I list the corresponding policy file for signing below.
Cheers,
ATILIUS
policy file:
<?xml version="1.0" encoding="UTF-8"?>
<wsp:Policy
wsu:Id='Sig'
xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy
http://schemas.xmlsoap.org/ws/2005/07/s ... policy.xsd
http://schemas.xmlsoap.org/ws/2004/09/policy
http://schemas.xmlsoap.org/ws/2004/09/p ... policy.xsd
">
<wsp:ExactlyOne>
<wsp:All>
<sp:AsymmetricBinding xmlns:sp='http://schemas.xmlsoap.org/ws/2005/07/securitypolicy'>
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken='http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient'>
<wsp:Policy>
<sp:WssX509V3Token10 />
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken='http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always'>
<wsp:Policy>
<sp:WssX509V3Token10 />
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256 />
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict />
</wsp:Policy>
</sp:Layout>
<sp:OnlySignEntireHeadersAndBody />
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:Wss10 xmlns:sp='http://schemas.xmlsoap.org/ws/2005/07/securitypolicy'>
<wsp:Policy>
<sp:MustSupportRefEmbeddedToken />
</wsp:Policy>
</sp:Wss10>
<sp:SignedParts xmlns:sp='http://schemas.xmlsoap.org/ws/2005/07/securitypolicy'>
<sp:Body />
</sp:SignedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
Using a webservice with ws-security, I have a small java program, which signs by cxf messages send over the web service.
Now I would like to test some messages by using SoapUI.
Unfortunately, I am not able to configure SoapUI in order to sign the outgoing messages.
At the Outgoing WS-Security configurations tab, I have added an item Signature with Keystore, alias, password... and at the Keystores tab I have added the corresponding jks file with the key.
At the Auth tab of the request page, I have set the outgoing wss.
Still, all messages send from SoapUI are not signed.
Could anyone please let me know, how to configure SoapUI so, that it signs the outgoing messages?
Maybe I need to add some parts items at the Outgoing WS-Security configurations tab.
For more information, I list the corresponding policy file for signing below.
Cheers,
ATILIUS
policy file:
<?xml version="1.0" encoding="UTF-8"?>
<wsp:Policy
wsu:Id='Sig'
xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy
http://schemas.xmlsoap.org/ws/2005/07/s ... policy.xsd
http://schemas.xmlsoap.org/ws/2004/09/policy
http://schemas.xmlsoap.org/ws/2004/09/p ... policy.xsd
">
<wsp:ExactlyOne>
<wsp:All>
<sp:AsymmetricBinding xmlns:sp='http://schemas.xmlsoap.org/ws/2005/07/securitypolicy'>
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken='http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient'>
<wsp:Policy>
<sp:WssX509V3Token10 />
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken='http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always'>
<wsp:Policy>
<sp:WssX509V3Token10 />
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256 />
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict />
</wsp:Policy>
</sp:Layout>
<sp:OnlySignEntireHeadersAndBody />
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:Wss10 xmlns:sp='http://schemas.xmlsoap.org/ws/2005/07/securitypolicy'>
<wsp:Policy>
<sp:MustSupportRefEmbeddedToken />
</wsp:Policy>
</sp:Wss10>
<sp:SignedParts xmlns:sp='http://schemas.xmlsoap.org/ws/2005/07/securitypolicy'>
<sp:Body />
</sp:SignedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>