ChunWong
New Contributor
Joined 6 years ago
User Profile
User Widgets
Contributions
Re: Use fake SAML token with soap requests
Thanks for the reply We did the following: I add the WSDL to the project and let ReadyAPI generate the request Under Projects WS-Security config I add an outgoing ws-s config of the type saml (XML) in which I only put a property (the Token property used in the test case) Under SoapUI > Environments > SOAP Service I configure the Environmnet Endpoint Data Auth Profile "Inherit from Parent" Outgoing WSS: the saml (XML) When I send the request with the auth setting "Inherit from Parent", the token gets invoked in the header included in a wss node. This works well for real SAML tokens but the mocked token is ignored. This is the RAW request I get when I include the mock token manually (removed some sensitve data) POST EndPoint Accept-Encoding: gzip,deflate Content-Type: application/soap+xml;charset=UTF-8;action="Action" Content-Length: 1013 Host: HOST Connection: Keep-Alive User-Agent: Apache-HttpClient/4.5.2 (Java/1.8.0_162) <soap:Envelope xmlns:ns="NameSpace" xmlns:soap="http://www.w3.org/2003/05/soap-envelope"> <soap:Header xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:wsa="http://www.w3.org/2005/08/addressing"><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/> <saml2:NameID>UserName</saml2:NameID> <saml2:Conditions NotBefore="2016-01-01T01:00:00Z" NotOnOrAfter="2019-12-31T01:00:00Z"/> <wsa:Action>"Action"</wsa:Action><wsa:To>EndPoint</wsa:To></soap:Header> <soap:Body> <ns:Version> <ns:p_ManufacturerKey>MF-Key</ns:p_ManufacturerKey> </ns:Version> </soap:Body> </soap:Envelope>1.6KViews0likes0CommentsUse fake SAML token with soap requests
Hello all, I've stumbled upon a problem with fake SAML Tokens. I need to send a mock token to test our webservice which doesn't have access to a SAML Service. We implemented a a debug behaviour which allows invalid SAML Tokens. I'm trying to send the following token: <soap:Header xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:saml2="urn:oasis:names:tc:SAML:2.0:assertion"> <saml2:NameID>2000034</saml2:NameID> <saml2:Conditions NotBefore="2016-01-01T01:00:00Z" NotOnOrAfter="2017-12-31T01:00:00Z"/> </soap:Header> The request refuses to take the mock token. It works when I put it in manually into the request, but not if I inherit the authentication from parent. The endpoint is configured to use SAML. Any help is appreciated Best regards, Chun1.7KViews0likes2Comments