Sample code for 30+ languages & platforms
Unicode C++

HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication

See more HTTP Examples

Demonstrates how to build and send an HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication.

Chilkat Unicode C++ Downloads

Unicode C++
#include <CkCertW.h>
#include <CkXmlW.h>
#include <CkXmlDSigGenW.h>
#include <CkStringBuilderW.h>
#include <CkHttpW.h>
#include <CkHttpResponseW.h>

void ChilkatSample(void)
    {
    bool success = false;

    // This example assumes the Chilkat API to have been previously unlocked.
    // See Global Unlock Sample for sample code.

    // See HTTP request for a SOAP web service using WS-Security 1.0 with a digital certificate for authentication

    // ------------------------------------
    // Step 1: Load the signing certificate
    // ------------------------------------
    CkCertW cert;
    success = cert.LoadFromSmartcard(L"");
    if (success == false) {
        wprintf(L"%s\n",cert.lastErrorText());
        return;
    }

    // ---------------------------------------
    // Step 2: Build the SOAP XML to be signed
    // ---------------------------------------

    CkXmlW xml;
    xml.put_Tag(L"SOAP-ENV:Envelope");
    xml.AddAttribute(L"xmlns:SOAP-ENV",L"http://schemas.xmlsoap.org/soap/envelope/");
    xml.AddAttribute(L"xmlns:web",L"http://www.example.com/webservice/");
    xml.UpdateAttrAt(L"SOAP-ENV:Header|wsse:Security",true,L"xmlns:ds",L"http://www.w3.org/2000/09/xmldsig#");
    xml.UpdateAttrAt(L"SOAP-ENV:Header|wsse:Security",true,L"xmlns:wsse",L"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
    xml.UpdateAttrAt(L"SOAP-ENV:Header|wsse:Security",true,L"xmlns:wsu",L"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
    xml.UpdateAttrAt(L"SOAP-ENV:Header|wsse:Security",true,L"xmlns:xenc",L"http://www.w3.org/2001/04/xmlenc#");
    xml.UpdateAttrAt(L"SOAP-ENV:Header|wsse:Security",true,L"SOAP-ENV:mustUnderstand",L"1");
    xml.UpdateAttrAt(L"SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",true,L"A1",L"");
    xml.UpdateAttrAt(L"SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",true,L"EncodingType",L"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary");
    xml.UpdateAttrAt(L"SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",true,L"ValueType",L"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509");
    xml.UpdateAttrAt(L"SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",true,L"wsu:Id",L"x509cert00");
    xml.UpdateChildContent(L"SOAP-ENV:Header|wsse:Security|wsse:BinarySecurityToken",cert.getEncoded());
    xml.UpdateAttrAt(L"SOAP-ENV:Body",true,L"xmlns:wsu",L"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
    xml.UpdateAttrAt(L"SOAP-ENV:Body",true,L"wsu:Id",L"TheBody");
    xml.UpdateChildContent(L"SOAP-ENV:Body|web:MyRequest|web:Parameter",L"MyValue");

    // ---------------------------------------
    // Step 3: Sign the XML
    // ---------------------------------------

    CkXmlDSigGenW gen;

    gen.put_SigLocation(L"SOAP-ENV:Envelope|SOAP-ENV:Header|wsse:Security");
    gen.put_SigLocationMod(0);
    gen.put_SigNamespacePrefix(L"ds");
    gen.put_SigNamespaceUri(L"http://www.w3.org/2000/09/xmldsig#");
    gen.put_SignedInfoPrefixList(L"ds wsu xenc SOAP-ENV ");
    gen.put_IncNamespacePrefix(L"c14n");
    gen.put_IncNamespaceUri(L"http://www.w3.org/2001/10/xml-exc-c14n#");
    gen.put_SignedInfoCanonAlg(L"EXCL_C14N");
    gen.put_SignedInfoDigestMethod(L"sha1");

    // -------- Reference 1 --------
    gen.AddSameDocRef(L"TheBody",L"sha1",L"EXCL_C14N",L"wsu SOAP-ENV",L"");

    gen.SetX509Cert(cert,true);

    gen.put_KeyInfoType(L"Custom");

    // Create the custom KeyInfo XML..
    CkXmlW xmlCustomKeyInfo;
    xmlCustomKeyInfo.put_Tag(L"wsse:SecurityTokenReference");
    xmlCustomKeyInfo.put_Content(L"5");
    xmlCustomKeyInfo.UpdateAttrAt(L"wsse:Reference",true,L"URI",L"#x509cert00");
    xmlCustomKeyInfo.UpdateAttrAt(L"wsse:Reference",true,L"ValueType",L"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509");

    xmlCustomKeyInfo.put_EmitXmlDecl(false);
    gen.put_CustomKeyInfoXml(xmlCustomKeyInfo.getXml());

    // Load XML to be signed...
    CkStringBuilderW sbXml;
    xml.put_EmitXmlDecl(false);
    xml.GetXmlSb(sbXml);

    gen.put_Behaviors(L"IndentedSignature");

    // Sign the XML...
    success = gen.CreateXmlDSigSb(sbXml);
    if (success == false) {
        wprintf(L"%s\n",gen.lastErrorText());
        return;
    }

    // ---------------------------------------------------------
    // Step 4: Send the HTTP POST containing the Signed SOAP XML
    // ---------------------------------------------------------

    CkHttpW http;

    http.SetRequestHeader(L"SOAPAction",L"\"http://www.example.com/MyWebService\"");
    http.SetRequestHeader(L"Host",L"www.example.com");
    http.SetRequestHeader(L"Content-Type",L"text/xml; charset=utf-8");

    CkHttpResponseW resp;
    success = http.HttpSb(L"POST",L"https://example.com/MyWebService",sbXml,L"utf-8",L"text/xml; charset=utf-8",resp);
    if (success == false) {
        wprintf(L"%s\n",http.lastErrorText());
        return;
    }

    wprintf(L"%d\n",resp.get_StatusCode());
    wprintf(L"%s\n",resp.bodyStr());

    wprintf(L"Finished.\n");
    }