SOAP Web Service Tutorials - Herong's Tutorial Examples - Version 5.02, by Dr. Herong Yang
Generating Digital Signature with SoapUI
This section provides a tutorial example on how to generate a digital signature on the 'soapenv:Body' and include the signature in the 'wsse:Security' SOAP header element using SoapUI.
With the "Signature" configuration created, we can continue to generate a SOAP request message that contains a digital signature with SoapUI.
1. Right-click on "Hello" and select "New Request". The request screen is displayed with a new SOAP test request message.
2. Click on "Auth" below the request message area on the request screen, The authorization area is displayed.
3. Select "Add a New Authorization". Then select "Basic" as the "Type". Basic authorization fields are displayed.
4. Set "Outgoing WSS" to "Signature", which represents the "Signature" WS-Security configuration created in the previous tutorial.
5. Click on "Submit request ..." icon in the icon bar on the request screen. The response message will be displayed.
6. Click on the "Raw" vertical tab. You should see "wsse:Security" SOAP header element added to the request message automatically with two sub elements: "wsse:BinarySecurityToken" and "ds:Signature":
<soapenv:Envelope xmlns:ser="..." xmlns:soapenv="..." xmlns:wsse="..." xmlns:wsu="..." xmlns:ds="..."> <soapenv:Header> <wsse:Security> <wsse:BinarySecurityToken wsu:Id="X509-2F79CD0E07E6607321140352609015051" ...> ... X.509 certificate ... </wsse:BinarySecurityToken> <ds:Signature ...> <ds:SignedInfo> <ds:CanonicalizationMethod>...</ds:CanonicalizationMethod> ... <ds:Reference URI="#id-2F79CD0E07E6607321140352609015154"> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue> ... DSA-SHA1 Signature ... </ds:SignatureValue> <ds:KeyInfo ...> <wsse:SecurityTokenReference ...> <wsse:Reference URI="#X509-2F79CD0E07E6607321140352609015051"/> </wsse:SecurityTokenReference> </ds:KeyInfo> </ds:Signature> </wsse:Security> </soapenv:Header> <soapenv:Body wsu:Id="id-2F79CD0E07E6607321140352609015154"> <ser:HelloRequest>Hello</ser:HelloRequest> </soapenv:Body> </soapenv:Envelope>
Note that the request message listed above has been simplified. See the next tutorial for the full request message. The "ds:Signature" element has 3 sub elements:
In this SOAP request example, the X.508 certificate passed in the "wsse:BinarySecurityToken" element can be used the SOAP message receiver for 2 purpose: authenticating the message sender and validating the digital signature.
Last update: 2014.
Table of Contents
Introduction to SOAP (Simple Object Access Protocol)
SOAP Message Transmission and Processing
SOAP Message Exchange Patterns
Perl SOAP::Lite - SOAP Server-Client Communication Module
Perl Socket Test Program for HTTP and SOAP
Perl SOAP::Lite for GetSpeech SOAP 1.1 Web Service
Perl SOAP::Lite 0.710 for SOAP 1.2 Web Services
Perl SOAP::Lite 0.710 for WSDL
PHP SOAP Extension Client Programs
PHP SOAP Extension Server Programs
Java Socket and HttpURLConnection for SOAP
SAAJ - SOAP with Attachments API for Java
SoapUI - SOAP Web Service Testing Tool
WS-Security - SOAP Message Security Extension
►WS-Security X.509 Certificate Token
What Is WS-Security X.509 Certificate Token Profile?
What Is XML Signature Syntax and Processing?
Generating a Self-Signed Certificate with "keytool"
SoapUI Configuration for Messaging Signing
►Generating Digital Signature with SoapUI
Validating ds:Signature with X.509 Certificate
Digital Signature Options Supported in SoapUI
What Is XML Encryption Syntax and Processing?
SoapUI Configuration for Messaging Encryption
"not an RSA key" - Encryption Failed in SoapUI
Encryption using RSA Public Key with SoapUI
2-Step Message Encryption - Symmetric and RSA
Decrypting Encrypted SOAP Message
Message Encryption Options Supported in SoapUI