0

i have a request like this;

`

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Header>
      <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
         <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
         **<wsse:BinarySecurityToken wsu:Id="SecurityToken-1376a7ee-a69d-46cc-8a82-4ac91d38c98d" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="wsst:LTPA" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsst="http://www.ibm.com/websphere/appserver/tokentype/5.0.2">fxF7xARH4GIlsGDy9nEAqK6lAwqW5uKoMJnZm12e88eVBxw9fDK4+pvkUlwzxZ+wDl4HEmU8M2125MDS/v5cX8LtOQDAqN8iEHgEJql/NYhxV9eQFiJaKHQT85y8PKII10O10k8KU1ZZwu2AXBgrA1/gVvZ2mzj7isUdIwdwb3q3rmigJSTPQ41uE2JHWvAGM+TqFOfGXkVIJLj1V79n2tZ5URXjse9sop2wLULhi5o6kDI6sQKDdvc5cPZq7TVXJMhl79f0wqg4F50LY2iEvt5ZO49nlMqTaBGTcpBkE5nNaT0DobxAjxTE7znWLh6/n9lfvz15OvexSX/D7h4Cam1wQWJ8QjLwxOqo9R1FrH0=</wsse:BinarySecurityToken>**
      </wsse:Security>
         <wsse:UsernameToken>
            <wsse:Username>Test_TurkiyeIsBankasi_222_1A9B</wsse:Username>
            <wsse:Password>Test_TurkiyeIsBankasi_222_1A9B_01</wsse:Password>
         </wsse:UsernameToken>
      </wsse:Security>
   </soapenv:Header>
   <soapenv:Body>
      <ns2:MuvafakatVer xmlns:ns2="http://tempuri.org/" xmlns="http://schemas.datacontract.org/2004/07/EGM.ASBIS.Servisler.BankaServisleri">
         <ns2:pMuvafakatVerRequest>
            <Aciklama>test test</Aciklama>
            <BankaAd>Türkiye İş Bankası</BankaAd>
            <EGMReferansNo>2022080809310596010</EGMReferansNo>
            <EvrakSayisi>be16b8f7</EvrakSayisi>
            <KurumKodu>222</KurumKodu>
            <MotorNo xsi:nil="true" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
            <MuvafakatBitisTarihi>20240508</MuvafakatBitisTarihi>
            <MuvafakatTarihi>20230714</MuvafakatTarihi>
            <MuvafakatTuru>2</MuvafakatTuru>
            <Plaka xsi:nil="true" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
            <SaseNo xsi:nil="true" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
            <SubeAd>4299</SubeAd>
            <TcKimlikNo xsi:nil="true" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>
            <UserId>Test_TurkiyeIsBankasi_222_1A9B</UserId>
            <VergiNo>3010002488</VergiNo>
         </ns2:pMuvafakatVerRequest>
      </ns2:MuvafakatVer>
   </soapenv:Body>
</soapenv:Envelope>

`

i want to remove wsse:BinarySecurityToken header from request in the Client To Server rule.

is that possible? Any suggestions?

if i can remove that BinarySecurityToken header from request I can access backend service successfully but this header is preventing me

Erhan
  • 13
  • 7
  • In what way is `wsse:BinarySecurityToken` a "header"? It's just an element with no child elements. Removing it in XSLT is trivial - just add an empty template matching it to the identity transform template. – michael.hor257k Jul 31 '23 at 11:45
  • I don't understand what you want to say. I have a service and this service adds this header automatically. When I forward it to datapower in this way, I get an error and I need to remove it in Datapower. – Erhan Jul 31 '23 at 11:59
  • To focus on the DataPower side of things here: what are the current actions in your Client-to-Server rule? Are you currently performing any XSL transforms? If so, you can add the no-op template as suggested to your existing XSL source. If not, you can add a transform action with the XSL posted here. – bjimba Jul 31 '23 at 19:30

1 Answers1

0

As one commenter mentions, you can add an "empty" template to an XSLT to match the BinarySecurityToken and then do "nothing" with it, effectively removing it from the output stream w.r.t. the input stream.

<?xml version="1.0" encoding="utf-8"?>
<xsl:stylesheet 
  xmlns:xsl="http://www.w3.org/1999/XSL/Transform"
  xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
  version="2.0"
  exclude-result-prefixes="#all">

  <xsl:output indent="yes" />

  <xsl:template match="/" >
    <xsl:apply-templates />
  </xsl:template>
  
  <xsl:template match="attribute()|node()" >
    <xsl:copy>
        <xsl:apply-templates select="@*,node()" />
    </xsl:copy>
  </xsl:template>
  
  <xsl:template match="wsse:BinarySecurityToken" />
  
</xsl:stylesheet>

This elides this particular element from the copy.

al.truisme
  • 450
  • 2
  • 11
  • i tried that xsl but i m gettin "Improperly formed XPath expression" error. its looks like "" about this. – Erhan Aug 08 '23 at 14:29
  • You can try replacing that with ```select="@*|node()""``` instead. This works fine in an XSLT3.0 processor, not sure what you are using. It should also be find for a XSLT2.0 processor. – al.truisme Aug 09 '23 at 14:51