Class SOAPUtil
dw.rpc
Class SOAPUtil
Object
dw.rpc.SOAPUtil
Utility class for working with SOAP web services. This class provides methods for setting SOAP headers and a set of constants representing the supported header names.
If you want to use ws-security features, such as signing and encryption, with your RPC-style SOAP web service, use this class to construct a HashMap with security constants and values.
Note: this method handles sensitive security-related data. Pay special attention to PCI DSS v3. requirements 2, 4, and 12. The following example configures the ws-security actions taken for the request and response to a web service.

 importPackage( dw.system );
 importPackage( dw.util );
 importPackage( dw.rpc );


 function execute( args : PipelineDictionary ) : Number
 {
     var WSU_NS : String = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";

     try
     {

     // define a map with all the secrets
     var secretsMap   : Map = new HashMap();
     secretsMap.put("myclientkey", "ckpass");
     secretsMap.put("myservicekey", "ckpass");
     secretsMap.put("username", "password");

     var requestCfg   : Map = new HashMap();

     // define the ws actions to be performed
     requestCfg.put(SOAPUtil.WS_ACTION, SOAPUtil.WS_USERNAME_TOKEN + " " +
                                        SOAPUtil.WS_TIMESTAMP + " " +
                                        SOAPUtil.WS_SIGNATURE + " " +
                                        SOAPUtil.WS_ENCRYPT);
     requestCfg.put(SOAPUtil.WS_USER, "username");
     requestCfg.put(SOAPUtil.WS_PASSWORD_TYPE, SOAPUtil.WS_PW_DIGEST );
     requestCfg.put(SOAPUtil.WS_SIG_DIGEST_ALGO, "http://www.w3.org/2001/04/xmlenc#sha256" );

     // define signature properties
     // the keystore file has the basename of the WSDL file and the
     // file extension based on the keystore type (e.g. HelloWorld.jks).
     // The keystore file has to be placed beside the WSDL file.
     requestCfg.put(SOAPUtil.WS_SIG_PROP_KEYSTORE_TYPE, "jks");
     requestCfg.put(SOAPUtil.WS_SIG_PROP_KEYSTORE_PW, "cspass");
     requestCfg.put(SOAPUtil.WS_SIG_PROP_KEYSTORE_ALIAS, "myclientkey");

     requestCfg.put(SOAPUtil.WS_SIGNATURE_USER, "myclientkey");

     // define enrcryption properties
     requestCfg.put(SOAPUtil.WS_ENC_PROP_KEYSTORE_TYPE, "jks");
     requestCfg.put(SOAPUtil.WS_ENC_PROP_KEYSTORE_PW, "cspass");
     requestCfg.put(SOAPUtil.WS_ENC_PROP_KEYSTORE_ALIAS, "myservicekey");

     requestCfg.put(SOAPUtil.WS_ENCRYPTION_USER, "myservicekey");
     requestCfg.put(SOAPUtil.WS_SIGNATURE_PARTS, "{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body");
     requestCfg.put(SOAPUtil.WS_ENCRYPTION_PARTS,"{Element}{" + WSU_NS + "}
      Timestamp;"+"{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body");

     // set the secrets for the callback
     requestCfg.put(SOAPUtil.WS_SECRETS_MAP, secretsMap);

     var responseCfg : Map = new HashMap();

     // define the ws actions to be performed for the response
     responseCfg.put(SOAPUtil.WS_ACTION, SOAPUtil.WS_TIMESTAMP + " " +
                                         SOAPUtil.WS_SIGNATURE + " " +
                                         SOAPUtil.WS_ENCRYPT);

     // define signature properties
     responseCfg.put(SOAPUtil.WS_SIG_PROP_KEYSTORE_TYPE, "jks");
     responseCfg.put(SOAPUtil.WS_SIG_PROP_KEYSTORE_PW, "cspass");
     responseCfg.put(SOAPUtil.WS_SIG_PROP_KEYSTORE_ALIAS, "myservicekey");

     responseCfg.put(SOAPUtil.WS_SIGNATURE_USER, "myservicekey");

     // define decryption properties
     responseCfg.put(SOAPUtil.WS_ENC_PROP_KEYSTORE_TYPE, "jks");
     responseCfg.put(SOAPUtil.WS_ENC_PROP_KEYSTORE_PW, "cspass");
     responseCfg.put(SOAPUtil.WS_ENC_PROP_KEYSTORE_ALIAS, "myclientkey");

     responseCfg.put(SOAPUtil.WS_ENCRYPTION_USER, "myclientkey");

     // set the secrets for the callback
     responseCfg.put(SOAPUtil.WS_SECRETS_MAP, secretsMap);

     // get the service and stub
     var helloWorldService : WebReference = webreferences.HelloWorld;
     var stub : Stub = helloWorldService.defaultService;
     // set the security
     SOAPUtil.setWSSecurityConfig(stub, requestCfg, responseCfg);
         //var h : Hello = new helloWorldService.Hello();
         var h = new helloWorldService.com.support.ws.security.test.Hello2();

         h.setName('Send Text from client Axis ...');

         // call the web service
         var response  = stub.hello2(h);
         //var response = stub.hello(h);
         var result = response.getHello2Return();


     args.OutStr = result;
     Logger.error("Hello World We Are SIGNED old version Send Text from client ...", result);

     return PIPELET_NEXT;

     }
     catch (e)
     {
         Logger.error("Error in helloWorldRpc.ds is: " + e);
         return PIPELET_ERROR;
     }

 }
 

Deprecated:
This class is deprecated, please use webreferences2 instead (see also WSUtil).
See Also:
Constants
WS_ACTION  :  String = "action"
WS-Security action property name. Allowed property values are WS_NO_SECURITY, WS_TIMESTAMP, WS_ENCRYPT, WS_SIGNATURE, WS_USERNAME_TOKEN or a space separated String with multiple values.
Deprecated:
use webreferences2 instead
WS_ENC_PROP_KEYSTORE_ALIAS  :  String = "__EncryptionPropKeystoreAlias"
WS-Security encryption: the encryption/decryption keystore alias name
Deprecated:
use webreferences2 instead
WS_ENC_PROP_KEYSTORE_PW  :  String = "__EncryptionPropKeystorePassword"
WS-Security encryption: the encryption/decryption keystore password
Deprecated:
use webreferences2 instead
WS_ENC_PROP_KEYSTORE_TYPE  :  String = "__EncryptionPropKeystoreType"
WS-Security encryption: the encryption/decryption keystore type ( jks or pkcs12 ), default is jks.
Note: the keystore file must have the basename of the WSDL file and the file extension based on the keystore type. For example: MyService.jks. The keystore file must be placed in the same cartridge directory as the WSDL file.
Deprecated:
use webreferences2 instead
WS_ENCRYPT  :  String = "Encrypt"
WS-Security action: encrypt the message. The encryption-specific parameters define how to encrypt, which keys to use, and other parameters.
Deprecated:
use webreferences2 instead
WS_ENCRYPTION_PARTS  :  String = "encryptionParts"
WS-Security encryption: defines which parts of the request are encrypted.
Deprecated:
use webreferences2 instead
WS_ENCRYPTION_USER  :  String = "encryptionUser"
WS-Security encryption: the user's name for encryption.
Deprecated:
use webreferences2 instead
WS_NO_SECURITY  :  String = "NoSecurity"
WS-Security action: no security
Deprecated:
use webreferences2 instead
WS_PASSWORD_TYPE  :  String = "passwordType"
WS-Security password type: parameter for UsernameToken action to define the encoding of the password. Allowed values are PW_DIGEST or PW_TEXT.
Deprecated:
use webreferences2 instead
WS_PW_DIGEST  :  String = "PasswordDigest"
WS-Security password of type digest: use a password digest to send the password information.
Deprecated:
use webreferences2 instead
WS_PW_TEXT  :  String = "PasswordText"
WS-Security password of type text: send the password information in clear text.
Deprecated:
use webreferences2 instead
WS_SECRETS_MAP  :  String = "__SecretsMap"
A secrets map with the username/password entries is needed to create the password callback object.
Deprecated:
use webreferences2 instead
WS_SIG_DIGEST_ALGO  :  String = "signatureDigestAlgorithm"
WS-Security signature: sets the signature digest algorithm to use.
Deprecated:
use webreferences2 instead
WS_SIG_PROP_KEYSTORE_ALIAS  :  String = "__SignaturePropKeystoreAlias"
WS-Security signature: the signature keystore alias name
Deprecated:
use webreferences2 instead
WS_SIG_PROP_KEYSTORE_PW  :  String = "__SignaturePropKeystorePassword"
WS-Security signature: the signature keystore password.
Deprecated:
use webreferences2 instead
WS_SIG_PROP_KEYSTORE_TYPE  :  String = "__SignaturePropKeystoreType"
WS-Security: the signature keystore type ( jks or pkcs12 ). The default is jks.
Note: The keystore file must have the basename of the WSDL file and the file extension of the keystore type. For example: MyService.jks. The keystore file must be placed in the same cartridge directory as the WSDL file.
Deprecated:
use webreferences2 instead
WS_SIGNATURE  :  String = "Signature"
WS-Security action: sign the message. The signature-specific parameters define how to sign, which keys to use, and other parameters.
Deprecated:
use webreferences2 instead
WS_SIGNATURE_PARTS  :  String = "signatureParts"
WS-Security signature: defines which parts of the request are signed.
Deprecated:
use webreferences2 instead
WS_SIGNATURE_USER  :  String = "signatureUser"
WS-Security signature: the user's name for signature.
Deprecated:
use webreferences2 instead
WS_TIMESTAMP  :  String = "Timestamp"
WS-Security action: add a timestamp to the security header.
Deprecated:
use webreferences2 instead
WS_USER  :  String = "user"
WS-Security user name.
Deprecated:
use webreferences2 instead
WS_USERNAME_TOKEN  :  String = "UsernameToken"
WS-Security action: add a UsernameToken identification.
Deprecated:
use webreferences2 instead
Properties
Constructor Summary
Method Summary
static getHTTPRequestHeader(svc : Object, key : String) : String
Returns an HTTP request header property value using the specified key.
static getHTTPResponseHeader(svc : Object, key : String) : String
Returns an HTTP response header property value using the specified key.
static setHeader(svc : Object, xml : String) : void
Sets a new SOAPHeaderElement in the SOAP request with the namespace of the XML content.
static setHeader(svc : Object, xml : String, mustUnderstand : boolean) : void
Sets a new SOAPHeaderElement in the SOAP request with the namespace of the XML content.
static setHeader(svc : Object, namespace : String, name : String, xml : String) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
static setHeader(svc : Object, namespace : String, name : String, xml : String, mustUnderstand : boolean) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
static setHeader(svc : Object, namespace : String, name : String, xml : String, mustUnderstand : boolean, actor : String) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
static setHeader(svc : Object, namespace : String, name : String, xml : Object) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
static setHeader(svc : Object, namespace : String, name : String, xml : Object, mustUnderstand : boolean) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
static setHeader(svc : Object, namespace : String, name : String, xml : Object, mustUnderstand : boolean, actor : String) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
static setHTTPRequestHeader(svc : Object, key : String, value : String) : void
Sets an HTTP request header property using the specified key and value.
static setWSSecurityConfig(svc : Object, requestConfigMap : Object, responseConfigMap : Object) : void
Sets the WS-Security configuration for the request and response based on the constants defined.
Constructor Detail
SOAPUtil
public SOAPUtil()

Method Detail
getHTTPRequestHeader
static getHTTPRequestHeader(svc : Object, key : String) : String
Returns an HTTP request header property value using the specified key. Null is returned if the key does not represent an HTTP header property.
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService().
key - the header property key.
Returns:
an HTTP request header property value using the specified key or null.

getHTTPResponseHeader
static getHTTPResponseHeader(svc : Object, key : String) : String
Returns an HTTP response header property value using the specified key. Null is returned if the key does not represent an HTTP response header property.
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService().
key - the header property key.
Returns:
an HTTP response header property value using the specified key or null.

setHeader
static setHeader(svc : Object, xml : String) : void
Sets a new SOAPHeaderElement in the SOAP request with the namespace of the XML content.
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService()
xml - a string with arbitrary XML content

setHeader
static setHeader(svc : Object, xml : String, mustUnderstand : boolean) : void
Sets a new SOAPHeaderElement in the SOAP request with the namespace of the XML content.
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService()
xml - a string with arbitrary XML content
mustUnderstand - sets the SOAP header attribute 'mustUnderstand'

setHeader
static setHeader(svc : Object, namespace : String, name : String, xml : String) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService()
namespace - the namespace of the header element
name - the element name for the header element
xml - a string with arbitrary XML content

setHeader
static setHeader(svc : Object, namespace : String, name : String, xml : String, mustUnderstand : boolean) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService()
namespace - the namespace of the header element
name - the element name for the header element
xml - a string with arbitrary XML content
mustUnderstand - sets the SOAP header attribute mustUnderstand

setHeader
static setHeader(svc : Object, namespace : String, name : String, xml : String, mustUnderstand : boolean, actor : String) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService()
namespace - the namespace of the header element
name - the element name for the header element
xml - a string with arbitrary XML content
mustUnderstand - sets the SOAP header attribute mustUnderstand
actor - the SOAP actor, which should be set for this header element. null removes any actor.

setHeader
static setHeader(svc : Object, namespace : String, name : String, xml : Object) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService()
namespace - the namespace of the header element
name - the element name for the header element
xml - a E4X XML object

setHeader
static setHeader(svc : Object, namespace : String, name : String, xml : Object, mustUnderstand : boolean) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService()
namespace - the namespace of the header element
name - the element name for the header element
xml - a E4X XML object
mustUnderstand - sets the SOAP header attribute mustUnderstand

setHeader
static setHeader(svc : Object, namespace : String, name : String, xml : Object, mustUnderstand : boolean, actor : String) : void
Creates a new SOAPHeaderElement with the name and namespace and places the given XML into it.

 var usernameToken : XML =
   <wsse:UsernameToken xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
       <wsse:Username>{merchantID}</wsse:Username>
       <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">
           {merchantPassword}
       </wsse:Password>
   </wsse:UsernameToken>
 SOAPUtil.setHeader( service, "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd",
  "Security", usernameToken, true, null
  
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService()
namespace - the namespace of the header element
name - the element name for the header element
xml - a E4X XML object
mustUnderstand - sets the SOAP header attribute 'mustUnderstand'
actor - the SOAP actor, which should be set for this header element. null removes any actor.

setHTTPRequestHeader
static setHTTPRequestHeader(svc : Object, key : String, value : String) : void
Sets an HTTP request header property using the specified key and value.
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService().
key - the header property key.
value - the header property value. If the value is null, the property identified by the key is removed from the HTTP request header.

setWSSecurityConfig
static setWSSecurityConfig(svc : Object, requestConfigMap : Object, responseConfigMap : Object) : void
Sets the WS-Security configuration for the request and response based on the constants defined.
Deprecated:
use webreferences2 instead
Parameters:
svc - a service stub returned from getService()
requestConfigMap - the WS-Security request config
responseConfigMap - the WS-Security response config