Copy link to clipboard
Copied
Copy link to clipboard
Copied
Copy link to clipboard
Copied
Copy link to clipboard
Copied
Copy link to clipboard
Copied
Copy link to clipboard
Copied
Copy link to clipboard
Copied
Copy link to clipboard
Copied
Sadly, byrning's reply ended with just "how to use CF with stupid WSSE security", which leads readers to wonder if he meant to share more. For instance, was that supposed to be a link to a blog entry?
I did some digging, and I found an old google cache of another version of this forum, and it showed that he had included the following code, which somehow never made it into the message here:
<cfset myUsername = "yourUsername" />
<cfset myPassword = "yourPassword" />
<cfset myDate = DateFormat(DateConvert("local2Utc", now()),
"yyyy-mm-ddThh:mm:ssZ")>
<cfset myNonce = createPIN(33)> <!--- this is just a random alpha numeric
string 33 chars long - got the function at cflib.org --->
<cfset myPasswordDigest = ToBase64(Hash(myNonce & myDate & myPassword ))>
<cfscript>
myObj = createObject("webservice", "http://urltoYourService?wsdl");
headerElement = createObject("java",
"org.apache.axis.message.SOAPHeaderElement");
headerElement.init("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wss
ecurity-secext-1.0.xsd", "wsse:Security");
headerElement.addChildElement("wsse:UsernameToken");
headerElement.getFirstChild().addChildElement("wsse:Username").setValue(myUsern
ame);
mypass = headerElement.getFirstChild().addChildElement("wsse:Password");
mypass.setValue(myPasswordDigest);
mypass.setAttribute("Type", "wsse:PasswordDigest");
headerElement.getFirstChild().addChildElement("wsse:Nonce").setValue(
ToBase64(Hash(myNonce, "SHA")) );
myCreated = headerElement.getFirstChild().addChildElement("wsu:Created");
myCreated.setValue(myDate);
myCreated.setAttribute("xmlns:wsu",
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-ut....
xsd");
headerElement.setMustUnderstand(1);
headerElement.setActor("");
myObj.setHeader(headerElement);
result = myObj.methodtoCall(param1="yadda", param2="yadda")
</cfscript>
Copy link to clipboard
Copied