This article and the attached sample model included in the Download section below describe how to call a web service from a WPF model
that requires passing a Web Service Security BinaryToken containing an LTPA Token for the service to authenticate the caller.
Here are some of the techniques illustrated in this sample:
- Calling a Web Service from a WebSphere Portlet Factory model
- Adding a Web Service Security (WSS) LTPA based BinaryToken SOAP header to the web service call
The OASIS Web Service Security specifications (WSS) at http://www.oasis-open.org/home/index.php
describe how to secure web service calls, and define a core set of extensions to web service protocols, and then extensions for specific types of authentication data, signatures and encryption.
This article and sample model builds on the following developerWorks article which describes a web service running on WebSphere Application Server that requires use of the WSS BinaryToken authentication mechanism, where a SOAP header conforming to the WSS BinaryProfile must be sent in the SOAP envelope, including a valid LTPA (WebSphere Lightweight Third Party Authentication) token.
This LTPA token value is the same authentication data that is stored in the LTPA session cookie sent to your browser when you have authenticated to a WebSphere Application Server or Portal Server with global security enabled. In fact, this article retrieves the current LTPA token value from the LTPA cookie of an authenticated request, and passes that LTPA token along in a web service soap header, using the OASIS WS-Security BinaryToken Profile.
As shown and discussed in that developerWorks article, once you have the environment set up (WebSphere, security ...) and the secured web service deployed, the web service requires a SOAP envelope similar to the following (note, the WSS soap header):
After creating the Web Service Call for the web service that we wish to consume, we define an XML Variable with the structure that is defined by WSS BinaryToken profile, and specify that the ValueType is wsst:LTPA where wsst corresponds to an IBM defined namespace for the LTPA extension to the BinaryToken profile.
Then, specify this WPF Variable as a SOAP Header, in the Web Service Call builder's advanced inputs.
Notes on running the sample and prerequisites
Import the attached zip file into your project using the Import WebSphere Portlet Factory Archive command.
Note, the WPF sample model will only run successfully and to completion if you have deployed the web service described in the above developerWorks article, and the Service URL in the Web Service Call builder's advanced inputs is set to where you have deployed the web service described in the article.
If you have not deployed the service described in the developerWorks article, you may still download and review this sample WPF model in the Designer, and even run it to generate logging information. But the sample will fail with a connection error when it tries to call the nonexistent web service.
The Web Service Call builder in the sample model has Logging set to All, so that the generated SOAP envelope will be saved to your deployed web application's WEB-INF/logs folder in debugTracing.txt. After reviewing the builders and builder inputs in the model, try running it. Specify a username and password on the login page, and then a temperature (zero will do fine) on the conversion page. Then submit the temperature value to call the web service. Whether the service is available or not, you should then be able to inspect the SOAP Request envelope generated by the web service call in WEB-INF/logs/debugTracing.txt of your deployed web application.