2

I need to consume a 3rd party SOAP webservice from a Rails 5 app running Ruby 2.3.x. The SOAP webservice requires the use of XML signatures and XML encryption on all requests/responses.

There appear to be adequate ruby gems that add XML signatures to SOAP requests (e.g. Savon with the Akami gem). However, i can't find anything that will transparently handle XML encryption of SOAP requests and decryption of SOAP responses. There are a few gems that work with XML encryption to various degrees.

The xmlsec gem, a nokogiri extension, claims to support XML-Enc and XML-Sig but hasn't been updated in 4 years. The xmlenc gem only supports decryption at this time. The few gems I have found that implement specs with encrypted XML, like the ruby-saml gem, only have to deal with decryption and have hand rolled their solution. Moreover, the XML-enc metadata that needs to be injected into the XML document is substantively different between SOAP and SAML.

Like XML-Sig, the XML-Enc spec is more far reaching than just encrypting the contents of an XML element with a private key. There is a lot of additional metadata that must be injected into the XML doc that complicates the implementation and facilitates document exchange.

Before i spend a few days walking down dead ends ... I was wondering if someone could point me in the right direction.

carlos
  • 313
  • 2
  • 8
  • Please read "[ask]". Your question is basically asking us to recommend an off-site resource and asking for opinions without us knowing your expertise, your system or whose API you're using, which results in broad answers. The SO way is for you to identify the gems, decide which works for you, then try writing code, then ask about a specific problem when you encounter one. "Before i spend a few days walking down dead ends..." is basically your prep work before asking. "[How much research effort is expected of Stack Overflow users?](http://meta.stackoverflow.com/questions/261592)" – the Tin Man May 17 '17 at 19:49
  • 1
    Same problem here, any chance you have come up with a solution in the past couple of months that you could share here? – krsyoung Oct 04 '17 at 21:43
  • 1
    @krsyoung I never found a complete solution. Another dev ended up creating a microservice running on the JVM that handled it pretty easily - Java tends to have library support for any protocol you can think of. We considered accessing those libs via jruby, but decided not to muddle the issue even more. Let me know if you were able to find a pure ruby solution. – carlos Jun 01 '18 at 15:40
  • @carlos Wow, I need to dust off my memory here. I did get it working, pure ruby but I know it wasn't pretty! Unfortunately I don't have access to the code base any more ... so possible but I think the path you took makes more sense. – krsyoung Jun 07 '18 at 18:34

0 Answers0