[Soap-Python] WSSE security

Paul Tomblin ptomblin at xcski.com
Mon Apr 27 21:02:56 CEST 2015 

This looks really promising, but when I try it with my self-signed
certificate, I get the following error:

DEBUG:suds.client:sending to (
https://xxx.service-now.com/u_cart_request.do?SOAP)
message:
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:ns0="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns1="
http://www.service-now.com/u_cart_request" xmlns:xsi="
http://www.w3.org/2001/XMLSchema-instance" xmlns:SOAP-ENV="
http://schemas.xmlsoap.org/soap/envelope/">
   <SOAP-ENV:Header>
      <wsse:Security mustUnderstand="true">
         <wsse:UsernameToken>
            <wsse:Username>aaaa</wsse:Username>
            <wsse:Password>bbbb</wsse:Password>
         </wsse:UsernameToken>
         <wsu:Timestamp>
            <wsu:Created>2015-04-27T18:55:22.714722+00:00</wsu:Created>
            <wsu:Expires>2015-04-27T18:56:52.714722+00:00</wsu:Expires>
         </wsu:Timestamp>
      </wsse:Security>
   </SOAP-ENV:Header>
   <ns0:Body>
      <ns1:insert>
         <u_cart_number>12345</u_cart_number>
         <u_servicenow_ritm_number>RMT12345</u_servicenow_ritm_number>
      </ns1:insert>
   </ns0:Body>
</SOAP-ENV:Envelope>
DEBUG:suds.client:headers = {'SOAPAction': '"
http://www.service-now.com/u_cart_request/insert"', 'Content-Type':
'text/xml; charset=utf-8'}
DEBUG:suds.client:HTTP failed - 500 - Internal Server Error:
<SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"><SOAP-ENV:Header/><SOAP-ENV:Body><SOAP-ENV:Fault><faultcode>wsse:FailedAuthentication</faultcode><faultstring>The
security token could not be authenticated or
authorized</faultstring><detail>WSSecurity login
failed</detail></SOAP-ENV:Fault></SOAP-ENV:Body></SOAP-ENV:Envelope>
ERROR:suds.plugin:No signature node found
Traceback (most recent call last):
  File "/usr/local/lib/python2.7/dist-packages/suds/plugin.py", line 254,
in __call__
    method(ctx)
  File "/usr/local/lib/python2.7/dist-packages/soap_wsse/suds_plugin.py",
line 20, in received
    valid = verify_envelope(context.reply, self.cert_filename)
  File "/usr/local/lib/python2.7/dist-packages/soap_wsse/signing.py", line
130, in verify_envelope
    raise CertificationError("No signature node found")
CertificationError: No signature node found
ERROR:suds.client:<suds.sax.document.Document instance at 0x7f4c8b4a45f0>
e = Server raised fault: 'The security token could not be authenticated or
authorized'


I don't see the BinarySecurityToken in the outgoing XML in the first debug
message. Shouldn't it be there? The "No signature node found" message seems
to be related to incoming not outgoing messages, so I'm confused why it's
happening.



On Mon, Apr 27, 2015 at 1:13 PM, Iuri <iurisilvio at gmail.com> wrote:

> I'm using suds-jurko [1] with soap_wsse [2] for this. It is simple. I
> never tried pysimplesoap.
>
> from soap_wsse.suds_plugin import WssePlugin
> from suds.client import Client
> from suds.wsse import Security, UsernameToken, Timestamp
>
> url = "http://example.com/service?WSDL"
> username = "test"
> password = "p at ssw0rd!"
> certificate = "/your/cert.pem"
>
> s = Security()
> s.tokens.extend([UsernameToken(username, password), Timestamp()])
>
> client = Client(url, plugins=[WssePlugin(certificate)])
> client.set_options(wsse=s)
>
> [1] https://pypi.python.org/pypi/suds-jurko
> [2] https://pypi.python.org/pypi/soap_wsse
>
> Cheers!
>
>
> On Mon, Apr 27, 2015 at 12:06 PM, Paul Tomblin <ptomblin at xcski.com> wrote:
>
>> I need to talk to a web service that requires wsse:BinarySecurityToken,
>> ds:Security, wsse:UsernameToken and wsu:Timestamp headers. I see that the
>> latest version of pysimplesoap on python.org has some sort of plugin
>> architecture and a wsse.py for at least some of these headers, but I don't
>> see any documentation on how to use them. The Google Code page doesn't have
>> the wsse.py file, and so obviously nothing in their Wiki.
>>
>> Can somebody point me to documentation or examples?
>>
>>
>> --
>> http://www.linkedin.com/in/paultomblin
>> http://careers.stackoverflow.com/ptomblin
>>
>> _______________________________________________
>> Soap mailing list
>> Soap at python.org
>> https://mail.python.org/mailman/listinfo/soap
>>
>>
>


-- 
http://www.linkedin.com/in/paultomblin
http://careers.stackoverflow.com/ptomblin
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/soap/attachments/20150427/a01651e9/attachment-0001.html>

More information about the Soap mailing list