By using this site, you agree to our updated Privacy Policy and our Terms of Use. Manage your Cookies Settings.
434,786 Members | 1,143 Online
Bytes IT Community
+ Ask a Question
Need help? Post your question and get tips & solutions from a community of 434,786 IT Pros & Developers. It's quick & easy.

RE: Removing Timestamp from a SOAP message with WSE 3.0

P: n/a
I had this exact problem using a vb.net client accessing a Java web service.
The solution takes 3 steps:

1.) Create custom ClientOutputFilter
2.) Create a custom Assertion that uses filter from step 1
3.) Bind service to custom Assertion

Step 1
Custom Filter(Called by Custom Assertion)
Class ClientOutputFilter
Inherits SendSecurityFilter
Private parentAssertion As UsernameClientAssertion
Private filterContext As FilterCreationContext

Public Sub New(ByVal parentAssertion As UsernameClientAssertion, ByVal
filterContext As FilterCreationContext)
MyBase.New(parentAssertion.ServiceActor, False,
parentAssertion.ClientActor)
Me.parentAssertion = parentAssertion
Me.filterContext = filterContext
End Sub
Public Overrides Function ProcessMessage(ByVal envelope As
Microsoft.Web.Services3.SoapEnvelope) As
Microsoft.Web.Services3.SoapFilterResult
Dim securityElement As XmlElement = envelope.CreateElement("wsse",
"Security", "http://schemas.xmlsoap.org/ws/2002/07/secext")
Dim mustUnderstandAttribute As XmlAttribute =
envelope.CreateAttribute(envelope.DocumentElement. Prefix, "mustUnderstand",
envelope.DocumentElement.NamespaceURI)
Dim userToken As New UsernameToken(parentAssertion.username,
parentAssertion.password, PasswordOption.SendPlainText)

mustUnderstandAttribute.Value = "true"
securityElement.AppendChild(userToken.GetXml(envel ope))
envelope.CreateHeader.AppendChild(securityElement)
Return SoapFilterResult.Continue
End Function
End Class

Step 2 Custom Assertion
Public Class UsernameClientAssertion
Inherits SecurityPolicyAssertion
Public username As String
Public password As String

Public Sub New(ByVal username As String, ByVal password As String)
Me.username = username
Me.password = password
End Sub

Public Overloads Overrides Function CreateClientOutputFilter(ByVal context
As FilterCreationContext) As SoapFilter
Return New ClientOutputFilter(Me, context)
End Function

Public Overrides Function CreateClientInputFilter(ByVal context As
FilterCreationContext) As SoapFilter
' we don't provide ClientInputFilter
Return Nothing
End Function

Public Overrides Function CreateServiceInputFilter(ByVal context As
FilterCreationContext) As SoapFilter
' we don't provide any processing for web service side
Return Nothing
End Function

Public Overrides Function CreateServiceOutputFilter(ByVal context As
FilterCreationContext) As SoapFilter
' we don't provide any processing for web service side
Return Nothing
End Function
End Class

Step 3: Bind proxy to custom assertion

Private WS As New Service.ServicenameWSE
Private token As UsernameToken = New UsernameToken(USERNAME, PASSWORD,
PasswordOption.SendPlainText)
ProvideUsernameToken.Assertions.Add(New UsernameClientAssertion(USERNAME,
PASSWORD))
WS.SetClientCredential(token)
WS.SetPolicy(ProvideUsernameToken)

Good luck, if anyone has a better way to do this I'm all ears

- Ed

"Sònia" wrote:
Hi,
I'm developping an WSE client application that calls a webservice with
WS-Security.
I'm sending a SOAP message like

************
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:tns="http://www.meteocatserveis.com/axis/services/ConsultaEstacions"
xmlns:types="http://www.meteocatserveis.com/axis/services/ConsultaEstacions/encodedTypes"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<soap:Header>
<wsa:Action>
</wsa:Action>

<wsa:MessageID>urn:uuid:65f4b395-f208-4286-9656-6239f096e26c</wsa:MessageID>
<wsa:ReplyTo>

<wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:Address>
</wsa:ReplyTo>

<wsa:To>http://www.meteocatserveis.com/axis/services/ConsultaEstacions</wsa:To>
<wsse:Security>
<wsu:Timestamp
wsu:Id="Timestamp-36736541-67a9-44fb-9779-9a422bc94c50">
<wsu:Created>2008-03-13T16:07:12Z</wsu:Created>
<wsu:Expires>2008-03-13T16:12:12Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-364b2ace-9b69-41cf-be74-a814910008fe">
<wsse:Username>tvc</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">cTPEB2dduqv9xOiuhOAAoKVfVtI=</wsse:Password>
<wsse:Nonce>cWkO9B6G3wY/AND1BRSUAg==</wsse:Nonce>
<wsu:Created>2008-03-13T16:07:12Z</wsu:Created>
</wsse:UsernameToken>
</wsse:Security>
</soap:Header>
<soap:Body
soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<q1:dades_ultimes xmlns:q1="http://consultaEstacions" />
</soap:Body>
</soap:Envelope>

*****************************************

But the webservice receiving that message don't undersand the "Timestamp" tag.
How can I remove it?
Jun 27 '08 #1
Share this question for a faster answer!
Share on Google+

This discussion thread is closed

Replies have been disabled for this discussion.