Using Ruby to connect to a Microsoft SOAP web service that requires a username, password and a security certificate (.cer file) to connect to it

Question

First a little background:

I have already managed to connect to a Microsoft SOAP web service using C#. To use this web service, I have to supply a username and a password in the C# code. I also have to install a security certificate (in .cer format) into the "Root Certificate Authorities" section of the system's certificates. The service's address is a secure “https://” address.

(By the way, the C# class I use to connect to the service was automatically generated for me with the command line tool "svcutil.exe https://address.of.service")

Here is my question:

How can I connect to this web service using Ruby? I don't know where to even begin. I don't know where my .cer file, username and password should go exactly. Any ideas?

Further information:

Using these instructions for C#, I have been able to find out exactly what XML message is sent, and what XML message is received back. These XMLs are fairly straightforward, but “https://” never appears in them, even though the address of the web service is HTTPS. I’m not sure why that is. I suppose sending and receiving messages from a service is just a separate matter from actually connecting to the service.

can you post the address to the wsdl or a gist/pastie of it? — rubiii, Mar 27 '12 at 17:28
@Enchilada: Can you provide another web service that shows the same behaviour? — Niklas B., Mar 29 '12 at 19:27
@NiklasB. & rubii & everyone else: Unfortunately, I don't know of any other such service. I guess it's a difficult situation then. Can some of you be emailed for a private discussion? Perhaps some consultation work... — Enchilada, Mar 29 '12 at 21:03
@Enchilada: It would probably help if you included the essential C# code and maybe a dump of the communication between client and server. Of course you can't expect to get perfect answers then, if the code can't be tested. — Niklas B., Mar 29 '12 at 21:11

Björn Nilsson · Accepted Answer · 2012-03-31T13:19:39.063

4

I can warmly recommend using Savon for dealing with SOAP in Ruby!

I assume it is HTTP Basic authentication you are dealing with, in that case it should be pretty simple. Just:

client = Savon::Client.new do
  http.auth.basic "user_name", "password"

  # Use a local wsdl
  wsdl.document = File.expand_path("../wsdl/ebay.xml", __FILE__)
  # or from internet
  wsdl.document = "http://service.example.com?wsdl"

  # to list SOAP actions
  client.wsdl.soap_actions
end

(this is just from my head so it might be a bit off) Read the link i posted and msg me if you can't figure it out. :)

The certificate file is used for your computer to accept the identity of the server you want to connect to. If you have installed it to your computer, I don't think you have to do anything more on that part.

EDIT

If you can't use the WSDL file you will have to build the xml by hand, this is pretty ugly, but possible if the is no other way. Nokogiri can be used to construct a xml document, then you can simply POST the xml document to the correct url. I have good experiences using httpi-ntlm to deal with authentication.

edited Mar 31 '12 at 13:19

answered Mar 29 '12 at 21:30

Björn Nilsson

3,703
1
24
29

It appears there is some problem with parsing the WSDL file. It's a bit weird file -- it references some other WSDL files at some other https locations. All other wsdl parsers (outside of the Microsoft stuff), such as the php and cocoa ones fail as well, and I think it's because of the strangeness of this WSDL file. – Enchilada Mar 30 '12 at 18:47
Therefore: Can you perhaps append to your answer how I first connect to the service, and then just send to it a raw XML query and get a raw XML query back from it? That may be the way for me here if I'm unable to parse the WSDL (outside of Microsoft's .NET). – Enchilada Mar 30 '12 at 18:48
I updated my answer. Just out of curiosity, what kind of service are you talking to? – Björn Nilsson Mar 31 '12 at 13:21

score 1 · Answer 2 · answered Apr 05 '12 at 14:17

What you're talking about here is transport security, rather than message security. The certificate you installed on the Windows server is what is being used to encrypt the SSL connection. What you would need to do with Ruby is ensure that when the connection is made that the client certificate corresponding to the certificate you installed is used to encrypt the SSL connection you use.

This is half server management (SSL cert installation) and half code (making sure you use the proper certificate).

I'm no Ruby expert, but I think you'd need something like this to utilize the x509 certificate in your connection. WCF makes use of a configuration file to do the same thing, while traditional ASMX services use code to do it.

Are you available in private to help me connect to the service? How could I get in touch with you? — Enchilada, Apr 12 '12 at 13:15

Using Ruby to connect to a Microsoft SOAP web service that requires a username, password and a security certificate (.cer file) to connect to it

2 Answers2