Changing the SoapUI 4.5 BinarySecurityToken ValueType

Just curious in case if you tried setting the soap header in the request itself with the required value and whether it worked?

Hi Rao,

One way I tried was to right click on the SOAP request and select Outgoing WSS > Apply. I then tried to change the SOAP code as you suggested but the actual SOAP sent in the "http log" is shows SoapUI just forcing the value back to X509PKIPathv1. Was there another way I should try to make this change?

Ok. Saw some other case related to Must Understand property by one of our community member where it is not allowing to change with intended value. Looks this similar as both are under WS Security.


Do not have much inputs at the moment.

Please see if changing namespace as given below example helps? Looks you are using different namespace

Note :xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext"

Sample from http://schemas.xmlsoap.org/specs/ws-sec ... curity.htm

<?xml version="1.0" encoding="utf-8"?>
<S:Envelope xmlns:S="http://www.w3.org/2001/12/soap-envelope"
            xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
            xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext"
            xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
   <S:Header>
      <m:path xmlns:m="http://schemas.xmlsoap.org/rp">
         <m:action>http://fabrikam123.com/getQuote</m:action>
         <m:to>http://fabrikam123.com/stocks</m:to>
         <m:from>mailto:johnsmith@fabrikam123.com</m:from>
         <m:id>uuid:84b9f5d0-33fb-4a81-b02b-5b760641c1d6</m:id>
      </m:path>
      <wsse:Security>
         <wsse:BinarySecurityToken
                     ValueType="wsse:X509v3"
                     EncodingType="wsse:Base64Binary"
                     Id="X509Token">
                  MIIEZzCCA9CgAwIBAgIQEmtJZc0rqrKh5i...
         </wsse:BinarySecurityToken>
         <ds:Signature>
            <ds:SignedInfo>
               <ds:CanonicalizationMethod Algorithm=
                     "http://www.w3.org/2001/10/xml-exc-c14n#"/>
               <ds:SignatureMethod Algorithm=
                     "http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
               <ds:Reference>
                  <ds:Transforms>
                     <ds:Transform Algorithm=
                           "http://...#RoutingTransform"/>
                     <ds:Transform Algorithm=
                           "http://www.w3.org/2001/10/xml-exc-c14n#"/>
                  </ds:Transforms>
                  <ds:DigestMethod Algorithm=
                       "http://www.w3.org/2000/09/xmldsig#sha1"/>
                  <ds:DigestValue>EULddytSo1...</ds:DigestValue>
               </ds:Reference>
            </ds:SignedInfo>
            <ds:SignatureValue>
              BL8jdfToEb1l/vXcMZNNjPOV...
            </ds:SignatureValue>
            <ds:KeyInfo>
                <wsse:SecurityTokenReference>
                    <wsse:Reference URI="#X509Token"/>
                </wsse:SecurityTokenReference>
            </ds:KeyInfo>
         </ds:Signature>
      </wsse:Security>
   </S:Header>
   <S:Body>
      <tru:StockSymbol xmlns:tru="http://fabrikam123.com/payloads">
        QQQ
      </tru:StockSymbol>
   </S:Body>
</S:Envelope>

Hi Rao,

Turned 'must understand' off and changed the name space and now looks like (based on the http log) SoapUI is sending two sets of wsse:Security tags. Same error on the server side that it doesn't accept X509PKIPathv1

Thanks.

Hmm..do not have much input as one may does not seem to have control over it.

Thanks anyway for your help Rao. Looks like it's time to start saving up for a pro licence to get access to support. Shame they don't offer per incident pricing.