I am not encrypting anything as of yet. The SSL cert (web server cert) have has only been used by Apache. A client asked if I had an x509 certificate so I gave them the public key. Now I need to send that public key in the header of my Soap request so he can verify it. I found the following documentation, but nothing on any of Perl's sites. So, to date, I have not encrypted anything using Perl.
s:Envelope xmlns:s="http://www.w3.org/2001/12/soap-envelope"
xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext">
<s:Header>
...
<wsse:Security>
<wsse:UsernameToken>
<wsse:Username>PaulK</wsse:Username>
<wsse:Password>GooReria</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
...
</s:Header>
...
</s:Envelope>
To generate this header using the SOAP::Lite module, use the following
+ code:
use SOAP::Lite maptype => { };
my $wsse = "http://schemas.xmlsoap.org/ws/2002/04/secext";
my $securityHeader = SOAP::Header->name(Security => {
UsernameToken => {
Username => SOAP::Data->type('' => 'PaulK'),
Password => SOAP::Data->type('' => 'GooReria'),
}
})->uri($wsse)->prefix('');
my $result = SOAP::Lite
# include header as an additional parameter
->securedMethod(@parameters, $securityHeader);
...
A BinarySecurityToken element might be used instead of the UsernameTok
+en element to allow binary or other non-XML formats to be included in
+ the message:
<wsse:BinarySecurityToken
xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext"
ValueType="wsse:X509v3"
EncodingType="wsse:Base64Binary">
A0CD...
</wsse:BinarySecurityToken>
In this example, ValueType identifies the type of the security token (
+X.509v3 certificate), and EncodingType describes the method used to e
+ncode the data: Base64 or hex.
I can not find a reference anywhere to securedMethod. I found this document at http://www.shebeen.com/securews/
|