Sample code for 30+ languages & platforms
Java

HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication

See more HTTP Examples

Demonstrates how to build and send an HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication.

Chilkat Java Downloads

Java
import com.chilkatsoft.*;

public class ChilkatExample {

  static {
    try {
        System.loadLibrary("chilkat");
    } catch (UnsatisfiedLinkError e) {
      System.err.println("Native code library failed to load.\n" + e);
      System.exit(1);
    }
  }

  public static void main(String argv[])
  {
    boolean success = false;

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // See HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication

    // ------------------------------------
    // Step 1: Load the signing certificate
    // ------------------------------------
    CkCert cert = new CkCert();
    success = cert.LoadFromSmartcard("");
    if (success == false) {
        System.out.println(cert.lastErrorText());
        return;
        }

    // ---------------------------------------
    // Step 2: Build the SOAP XML to be signed
    // ---------------------------------------

    CkXml xml = new CkXml();
    xml.put_Tag("SOAP-ENV:Envelope");
    xml.AddAttribute("xmlns:SOAP-ENV","http://schemas.xmlsoap.org/soap/envelope/");
    xml.AddAttribute("xmlns:web","http://www.example.com/webservice/");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",true,"xmlns:ds","http://www.w3.org/2000/09/xmldsig#");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",true,"xmlns:wsse","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",true,"xmlns:wsu","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",true,"xmlns:xenc","http://www.w3.org/2001/04/xmlenc#");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security",true,"SOAP-ENV:mustUnderstand","1");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",true,"A1","");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",true,"EncodingType","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",true,"ValueType","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509");
    xml.UpdateAttrAt("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",true,"wsu:Id","x509cert00");
    xml.UpdateChildContent("SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",cert.getEncoded());
    xml.UpdateAttrAt("SOAP-ENV:Body",true,"xmlns:wsu","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
    xml.UpdateAttrAt("SOAP-ENV:Body",true,"wsu:Id","TheBody");
    xml.UpdateChildContent("SOAP-ENV:Body|web:MyRequest|web:Parameter","MyValue");

    // ---------------------------------------
    // Step 3: Sign the XML
    // ---------------------------------------

    CkXmlDSigGen gen = new CkXmlDSigGen();

    gen.put_SigLocation("SOAP-ENV:Envelope|SOAP-ENV:Header|wsse:Security");
    gen.put_SigLocationMod(0);
    gen.put_SigNamespacePrefix("ds");
    gen.put_SigNamespaceUri("http://www.w3.org/2000/09/xmldsig#");
    gen.put_SignedInfoPrefixList("ds wsu xenc SOAP-ENV ");
    gen.put_IncNamespacePrefix("c14n");
    gen.put_IncNamespaceUri("http://www.w3.org/2001/10/xml-exc-c14n#");
    gen.put_SignedInfoCanonAlg("EXCL_C14N");
    gen.put_SignedInfoDigestMethod("sha1");

    // -------- Reference 1 --------
    gen.AddSameDocRef("TheBody","sha1","EXCL_C14N","wsu SOAP-ENV","");

    gen.SetX509Cert(cert,true);

    gen.put_KeyInfoType("Custom");

    // Create the custom KeyInfo XML..
    CkXml xmlCustomKeyInfo = new CkXml();
    xmlCustomKeyInfo.put_Tag("wsse:SecurityTokenReference");
    xmlCustomKeyInfo.put_Content("5");
    xmlCustomKeyInfo.UpdateAttrAt("wsse:Reference",true,"URI","#x509cert00");
    xmlCustomKeyInfo.UpdateAttrAt("wsse:Reference",true,"ValueType","http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509");

    xmlCustomKeyInfo.put_EmitXmlDecl(false);
    gen.put_CustomKeyInfoXml(xmlCustomKeyInfo.getXml());

    // Load XML to be signed...
    CkStringBuilder sbXml = new CkStringBuilder();
    xml.put_EmitXmlDecl(false);
    xml.GetXmlSb(sbXml);

    gen.put_Behaviors("IndentedSignature");

    // Sign the XML...
    success = gen.CreateXmlDSigSb(sbXml);
    if (success == false) {
        System.out.println(gen.lastErrorText());
        return;
        }

    // ---------------------------------------------------------
    // Step 4: Send the HTTP POST containing the Signed SOAP XML
    // ---------------------------------------------------------

    CkHttp http = new CkHttp();

    http.SetRequestHeader("SOAPAction","\"http://www.example.com/MyWebService\"");
    http.SetRequestHeader("Host","www.example.com");
    http.SetRequestHeader("Content-Type","text/xml; charset=utf-8");

    CkHttpResponse resp = new CkHttpResponse();
    success = http.HttpSb("POST","https://example.com/MyWebService",sbXml,"utf-8","text/xml; charset=utf-8",resp);
    if (success == false) {
        System.out.println(http.lastErrorText());
        return;
        }

    System.out.println(resp.get_StatusCode());
    System.out.println(resp.bodyStr());

    System.out.println("Finished.");
  }
}