Sample code for 30+ languages & platforms
Tcl

HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication

See more HTTP Examples

Demonstrates how to build and send an HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication.

Chilkat Tcl Downloads

Tcl

load ./chilkat.dll

set success 0

# This example assumes the Chilkat API to have been previously unlocked.
# See Global Unlock Sample for sample code.

# See HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication

# ------------------------------------
# Step 1: Load the signing certificate
# ------------------------------------
set cert [new_CkCert]

set success [CkCert_LoadFromSmartcard $cert ""]
if {$success == 0} then {
    puts [CkCert_lastErrorText $cert]
    delete_CkCert $cert
    exit
}

# ---------------------------------------
# Step 2: Build the SOAP XML to be signed
# ---------------------------------------

set xml [new_CkXml]

CkXml_put_Tag $xml "SOAP-ENV:Envelope"
CkXml_AddAttribute $xml "xmlns:SOAP-ENV" "http://schemas.xmlsoap.org/soap/envelope/"
CkXml_AddAttribute $xml "xmlns:web" "http://www.example.com/webservice/"
CkXml_UpdateAttrAt $xml "SOAP-ENV:Header|wsse:Security" 1 "xmlns:ds" "http://www.w3.org/2000/09/xmldsig#"
CkXml_UpdateAttrAt $xml "SOAP-ENV:Header|wsse:Security" 1 "xmlns:wsse" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
CkXml_UpdateAttrAt $xml "SOAP-ENV:Header|wsse:Security" 1 "xmlns:wsu" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
CkXml_UpdateAttrAt $xml "SOAP-ENV:Header|wsse:Security" 1 "xmlns:xenc" "http://www.w3.org/2001/04/xmlenc#"
CkXml_UpdateAttrAt $xml "SOAP-ENV:Header|wsse:Security" 1 "SOAP-ENV:mustUnderstand" "1"
CkXml_UpdateAttrAt $xml "SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken" 1 "A1" ""
CkXml_UpdateAttrAt $xml "SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken" 1 "EncodingType" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
CkXml_UpdateAttrAt $xml "SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken" 1 "ValueType" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509"
CkXml_UpdateAttrAt $xml "SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken" 1 "wsu:Id" "x509cert00"
CkXml_UpdateChildContent $xml "SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken" [CkCert_getEncoded $cert]
CkXml_UpdateAttrAt $xml "SOAP-ENV:Body" 1 "xmlns:wsu" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
CkXml_UpdateAttrAt $xml "SOAP-ENV:Body" 1 "wsu:Id" "TheBody"
CkXml_UpdateChildContent $xml "SOAP-ENV:Body|web:MyRequest|web:Parameter" "MyValue"

# ---------------------------------------
# Step 3: Sign the XML
# ---------------------------------------

set gen [new_CkXmlDSigGen]

CkXmlDSigGen_put_SigLocation $gen "SOAP-ENV:Envelope|SOAP-ENV:Header|wsse:Security"
CkXmlDSigGen_put_SigLocationMod $gen 0
CkXmlDSigGen_put_SigNamespacePrefix $gen "ds"
CkXmlDSigGen_put_SigNamespaceUri $gen "http://www.w3.org/2000/09/xmldsig#"
CkXmlDSigGen_put_SignedInfoPrefixList $gen "ds wsu xenc SOAP-ENV "
CkXmlDSigGen_put_IncNamespacePrefix $gen "c14n"
CkXmlDSigGen_put_IncNamespaceUri $gen "http://www.w3.org/2001/10/xml-exc-c14n#"
CkXmlDSigGen_put_SignedInfoCanonAlg $gen "EXCL_C14N"
CkXmlDSigGen_put_SignedInfoDigestMethod $gen "sha1"

# -------- Reference 1 --------
CkXmlDSigGen_AddSameDocRef $gen "TheBody" "sha1" "EXCL_C14N" "wsu SOAP-ENV" ""

CkXmlDSigGen_SetX509Cert $gen $cert 1

CkXmlDSigGen_put_KeyInfoType $gen "Custom"

# Create the custom KeyInfo XML..
set xmlCustomKeyInfo [new_CkXml]

CkXml_put_Tag $xmlCustomKeyInfo "wsse:SecurityTokenReference"
CkXml_put_Content $xmlCustomKeyInfo "5"
CkXml_UpdateAttrAt $xmlCustomKeyInfo "wsse:Reference" 1 "URI" "#x509cert00"
CkXml_UpdateAttrAt $xmlCustomKeyInfo "wsse:Reference" 1 "ValueType" "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509"

CkXml_put_EmitXmlDecl $xmlCustomKeyInfo 0
CkXmlDSigGen_put_CustomKeyInfoXml $gen [CkXml_getXml $xmlCustomKeyInfo]

# Load XML to be signed...
set sbXml [new_CkStringBuilder]

CkXml_put_EmitXmlDecl $xml 0
CkXml_GetXmlSb $xml $sbXml

CkXmlDSigGen_put_Behaviors $gen "IndentedSignature"

# Sign the XML...
set success [CkXmlDSigGen_CreateXmlDSigSb $gen $sbXml]
if {$success == 0} then {
    puts [CkXmlDSigGen_lastErrorText $gen]
    delete_CkCert $cert
    delete_CkXml $xml
    delete_CkXmlDSigGen $gen
    delete_CkXml $xmlCustomKeyInfo
    delete_CkStringBuilder $sbXml
    exit
}

# ---------------------------------------------------------
# Step 4: Send the HTTP POST containing the Signed SOAP XML
# ---------------------------------------------------------

set http [new_CkHttp]

CkHttp_SetRequestHeader $http "SOAPAction" "\"http://www.example.com/MyWebService\""
CkHttp_SetRequestHeader $http "Host" "www.example.com"
CkHttp_SetRequestHeader $http "Content-Type" "text/xml; charset=utf-8"

set resp [new_CkHttpResponse]

set success [CkHttp_HttpSb $http "POST" "https://example.com/MyWebService" $sbXml "utf-8" "text/xml; charset=utf-8" $resp]
if {$success == 0} then {
    puts [CkHttp_lastErrorText $http]
    delete_CkCert $cert
    delete_CkXml $xml
    delete_CkXmlDSigGen $gen
    delete_CkXml $xmlCustomKeyInfo
    delete_CkStringBuilder $sbXml
    delete_CkHttp $http
    delete_CkHttpResponse $resp
    exit
}

puts [CkHttpResponse_get_StatusCode $resp]
puts [CkHttpResponse_bodyStr $resp]

puts "Finished."

delete_CkCert $cert
delete_CkXml $xml
delete_CkXmlDSigGen $gen
delete_CkXml $xmlCustomKeyInfo
delete_CkStringBuilder $sbXml
delete_CkHttp $http
delete_CkHttpResponse $resp