This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Log in to ask a question
Get hands-on experience with 20+ free Google Cloud products and $300 in free credit for new customers.
Log in to ask a question

How to add ws security header to soap request

Posted on 06-04-2024 03:27 AM
nkumar
Bronze 1
Bronze 1
Reply posted on --/--/---- --:-- AM

@dino 
Need to add security header like below and hit proxy endpoint with soap input request along with security token in header.

Target endpoint will authenticate the request based on the SOAP Security header.Can you please help me how to add the ws security headers in apigee X.


<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns="http://docs.oasis-open.org/ns/cmis/messaging/200908/" xmlns:ns1="http://docs.oasis-open.org/ns/cmis/core/200908/">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:UsernameToken wsu:Id="UsernameToken-24274E83A">
<wsse:Username>username</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">password</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>

1 1 577
Topic Labels
1 REPLY 1

Posted on --/--/---- --:-- AM
dchiesa1
Staff
Reply posted on --/--/---- --:-- AM

Yes

Injecting a WS-Sec header into an existing SOAP document is pretty simple, using XSL, if your password uses TEXT format, as your example shows. "Pretty simple" is relative of course. It means you need to be comfortable using XSLT in your API Proxy, and comfortable maintaining the XSLT script going forward. 

For cases where you do not want to use XSLT, or for cases where you need a password DIGEST, you can use this callout to do the work.