2

I need your valuable help/support in solving the below issue Im facing. I have a requirement to develop a service in Oracle SOA BPEL 11g(11.1.1.5) to invoke a SAML Assertion secured Webservice(ServiceB). The SAML Assertion will be the response from another Webservice(ServiceA) which will be invoked prior to invoking ServiceB. This SAML assertion which came as response from the ServiceA should be passed to enter code hereServiceB at the headers.

Below are the ways I tried but failed 1) created a header variable and assigned the SAML assertion to it and added it as a Header property while Invoking the ServiceB. Error Message:‘The token is missing or is of the wrong data type.’ 2) Added OWSM policy 'oracle/wss10_saml_token_client_policy' in the composite at Adapter binding level. And tried passing the Value of SAML by defining a variable at the binding level. Error Message: 'Unable to access the following endpoint(s): https://www.tpvs.hmrc.gov.uk/dps/dps.jws'

I tried testing the SOAP serviceB from SOAPUI passing the SAML details in headers and its successful. Request the community to please throw some light and help me in this regards. Please let me know if you need any further information from my end.

TIA Shan

Below is the Sample request with SAML assertion at the header:

<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/" xmlns:SOAP-ENC="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema">
<SOAP-ENV:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<saml:Assertion xmlns="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" AssertionID="cc36a795db335637b5b0da5c383e5a77" IssueInstant="2019-06-21T08:56:56.268Z" Issuer="http://online.hmrc.gov.uk/SAML" MajorVersion="1" MinorVersion="1"><saml:Conditions NotBefore="2019-06-21T09:56:56.268Z" NotOnOrAfter="2019-06-21T13:56:56.268Z"></saml:Conditions><saml:AuthenticationStatement AuthenticationInstant="2019-06-21T09:56:56.268Z" AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:unspecified"><saml:Subject><saml:NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" NameQualifier="SubjectNameQualifier">SubjectName</saml:NameIdentifier><saml:SubjectConfirmation><saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod></saml:SubjectConfirmation></saml:Subject><saml:SubjectLocality IPAddress="32.42.18.148"></saml:SubjectLocality></saml:AuthenticationStatement><saml:AttributeStatement><saml:Subject><saml:NameIdentifier Format="urn:oasis:names:tc:SAML:1.1:nameid-format:unspecified" NameQualifier="SubjectNameQualifier">SubjectName</saml:NameIdentifier><saml:SubjectConfirmation><saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</saml:ConfirmationMethod></saml:SubjectConfirmation></saml:Subject><saml:Attribute AttributeName="SESSION_ID" AttributeNamespace="http://online.hmrc.gov.uk/SAML"><saml:AttributeValue>28c0d81f-3385-4c45-b91e-3b80c5713bd9</saml:AttributeValue></saml:Attribute><saml:Attribute AttributeName="USER_AUTHENTICATION_TOKEN" AttributeNamespace="http://online.hmrc.gov.uk/SAML"><saml:AttributeValue>os0EEQtZLq6kfzm+57M6wbfaWXRGXKV63uV4RPqbd+SKvSS3DeqJ3922dAPw0xL0GQGJgqcTmtkcgHEfuf2jLnywuy427nWe7E0D4KRnz9g77PdH58bDCOV2vAuVHL9p9HFeyO1Oniy7ct9o143rvJ+o6GZtLhotWKnZ9Yi+IW3IbskIWEVIf7OOyHRLq5p3YnLawZnM6LY51wBhpUQCMkornRpjejcrUKTWjlwesKg=</saml:AttributeValue></saml:Attribute></saml:AttributeStatement><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"></ds:SignatureMethod><ds:Reference URI="#cc36a795db335637b5b0da5c383e5a77"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:Transform><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="code ds kind rw saml samlp typens #default"></ec:InclusiveNamespaces></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod><ds:DigestValue>8I/Ilid0fZIqHvXtCZESjgpw9h4=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>hCNEvtoRKxNDFFtuXmpzCcd4R5o=</ds:SignatureValue></ds:Signature></saml:Assertion>
</wsse:Security>
</SOAP-ENV:Header>
    <SOAP-ENV:Body>
        <m:DPSretrieve xmlns:m="https://tpvs.hmrc.gov.uk/dps">
            <m:version>1</m:version>
            <m:vendorID>your 4 digit vendorID</m:vendorID>
            <m:service>PAYE</m:service>
            <m:entityType>EmpRef</m:entityType>
            <m:entity>as advised by SDS Team</m:entity>
            <m:dataType>P6</m:dataType>
            <m:got>0</m:got>
            <m:nItems>0</m:nItems>
        </m:DPSretrieve>
    </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

==============================================================

Shankar
  • 53
  • 4
  • Hi Community.. Request you to provide some inputs on this issue. Any relevant lead is fine will execute and try my luck. TIA Shan – Shankar Jun 21 '19 at 09:30
  • Hi Shankar, Could you provide the raw xml of your header and variables in tries 1 and 2? Also, is this endpoint available to you in your browser or do you overwrite it with a configplan to enable it on a different server? – Jesper Vernooij Jun 24 '19 at 12:52
  • Hi Jesper.. Thanks for looking into the issue.. I will post the complete sample payload. And regarding endpoint for the service, 'https://www.tpvs.hmrc.gov.uk/dps/dps.jws' is the service endpoint. But if we try to load in SOAPUI for testing, it doesnt. So instead we need to load the complete WSDL file to access the service. I will try to attach the WSDL also for your reference. Thanks Shankar – Shankar Jun 25 '19 at 08:32
  • Hi @Shankar, I am experiencing the same issue I am using the PostMan as a tool to submit the xml request to hmrc testing server. I got the same Sample request but unfortunaltely getting the error ** The token is invalid or has expired. **. Can you plz help in that ? Thanks – A-Ali Dec 12 '19 at 12:15
  • 1
    Hi @A-Ali, Please check the format of the SAML token. We should remove the CDATA and the rest should be passed as string. No formatting. Let me know if you need more info – Shankar Dec 12 '19 at 20:59
  • hi @Shankar, Thanks , it is working now – A-Ali Dec 17 '19 at 03:50

0 Answers0