Adding ws-security to wsdl

1.4k views Asked by At

Here I'm handling requests and responses from paga payment gateway(https://mypaga.atlassian.net/wiki/spaces/PMNA/pages/42865033/Services).I'm struggling to add security to webservices.My merchant site is Joomla website. Here the wsdl,

    <wsdl:definitions targetNamespace="http://pagatech.com/merchant/messages" 
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-
1.0.xsd" xmlns:sch="http://pagatech.com/merchant/messages" xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:tns="http://pagatech.com/merchant/messages">
   <wsdl:types>
      <schema attributeFormDefault="unqualified" elementFormDefault="qualified" targetNamespace="http://pagatech.com/merchant/messages" xmlns="http://www.w3.org/2001/XMLSchema">
         <element name="getIntegrationServicesRequest">
            <complexType>
               <sequence>
                  <element name="isTest" type="boolean"/>
               </sequence>
            </complexType>
         </element>
      </schema>
   </wsdl:types>
   <wsdl:message name="getIntegrationServicesRequest">
      <wsdl:part element="tns:getIntegrationServicesRequest" name="getIntegrationServicesRequest"></wsdl:part>
   </wsdl:message>
    <wsdl:message name="getIntegrationServicesResponse">
      <wsdl:part element="tns:getIntegrationServicesResponse" name="getIntegrationServicesResponse"></wsdl:part>
   </wsdl:message>

   <wsdl:portType name="MerchantService">
      <wsdl:operation name="getIntegrationServices">
         <wsdl:input message="tns:getIntegrationServicesRequest" name="getIntegrationServicesRequest"></wsdl:input>
         <wsdl:output message="tns:getIntegrationServicesResponse" name="getIntegrationServicesResponse"></wsdl:output>
      </wsdl:operation>

   </wsdl:portType>
   <wsdl:binding name="MerchantServiceSoap12" type="tns:MerchantService">
      <soap12:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
     <wsdl:operation name="getIntegrationServices">
             <soap12:operation soapAction=""/>
             <wsdl:input name="getIntegrationServicesRequest">
                <soap12:body use="literal"/>
             </wsdl:input>
             <wsdl:output name="getIntegrationServicesResponse">
                <soap12:body use="literal"/>
             </wsdl:output>
          </wsdl:operation>
   </wsdl:binding>
   <wsdl:service name="MerchantService">
      <wsdl:port binding="tns:MerchantServiceSoap12" name="MerchantServiceSoap12">
         <soap12:address location="http://localhost:8080/paga-test/merchantService/"/>
      </wsdl:port>
   </wsdl:service>
</wsdl:definitions>

This is what I need to implement

Username/Password Digest Token All merchant web-services integrated with the Paga Merchant Services Web-Services must implement the standard Web-Service Security Web Services Security: SOAP Message Security 1.0 Standard 200401, March 2004 which provides a specification for SOAP web-service header username/token authentication credentials. Within this specification, the service will employ the Password Digest authentication MS-WSP password will be provided along with the username to authenticate the merchant. The merchant's username and MS-WSP password credentials will be provided to the Merchant a part of their Merchant Services registration process.

And the request as below

<?xml version='1.0' encoding='UTF-8'?>
<soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">      
    <soapenv:Header>
        <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="true">
            <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-188">
                <wsse:Username>XXXX</wsse:Username>
                <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">YYYY</wsse:Password>
            </wsse:UsernameToken>
        </wsse:Security>
    </soapenv:Header>
    <soapenv:Body>
        <mes:getIntegrationServicesRequest>
            <mes:isTest>false</mes:isTest>
        </mes:getIntegrationServicesRequest> 
    </soapenv:Body>
</soapenv:Envelope>

If I run in SOAP UI it saying procedure not found.Please tell me how can I implement security in wsdl ?

0

There are 0 answers