SOAP Request Settings
This command displays the SOAP Request Settings dialog (screenshot below), in which you can specify various settings of the SOAP request. These settings are described below.
1.Make the SOAP request document active.
2.Select the menu option Soap | SOAP Request Settings. This opens the SOAP Request Settings dialog box (screenshot below).
3.In the Address field, enter the desired connection endpoint. If the SOAP request was created from a WSDL file in XMLSpy, then the value of the Address field will be the location of the endpoint selected in the WSDL. Click Reset to obtain this endpoint. A connection timeout value can be specified in seconds. To set no timeout value, check the Infinite check box.
4.In the Action field, enter the SOAP action to perform. To send the request as SOAP 1.2, check the Send as SOAP+XML (SOAP 1.2) check box. If the SOAP request was created from a WSDL file in XMLSpy, then the SOAP action is received from the extensibility element under the corresponding SOAP binding operation in the WSDL file. In this case, the SOAP version is also pre-selected from the WSDL. (The SOAP version affects the value of the HTTP header Content-Type: text/xml or application/soap+xml.) Click Reset to obtain the SOAP action from the WSDL file.
5.The HTTP Security Settings pane provides a summary of the security settings lists. If the Store exceptions while sending request option is checked, then all the settings are saved when the request is sent, and can be re-used for the next request. Click the Edit button to display the HTTP Security Settings dialog (screenshot below). How to install server certificates is described below.
If you wish to allow a host name mismatch (between the host name in the server certificate and the actual address you use) or an expired server certificate, then check these options in the dialog. If the server requires a client certificate, you can specify the location of the client certificate. If authentication is required by the server, specify the user name and password for standard authentication. When the initial client request to the server contains the required authentication information, this process is referred to as preemptive authentication. If required by the server, select the Preemptive authentication option. Otherwise, leave the Preemptive authentication option unselected.
6.In addition to security on the transport layer (HTTP security settings), you can also specify web service security settings if these are required by the web service. Click the Edit button of the WS Security Settings pane to display the WS Security Settings dialog (screenshot below). The security information includes the username, password, the type of the password, an automatically generated nonce code string, and a timestamp. You can also specify the validity period of the security information (Add Timestamp). The dialog creates an XML fragment that contains the security information and embeds this fragment in the SOAP request. See listing below.
7.When you are done, click OK.
About trusted certificates
Altova products use Internet Explorer (IE) to access and manage trusted certificates of secure webservers. Installing the certificate of a webserver in IE allows IE to access the webserver without issuing a warning or aborting the process. In order to install the certificate of a secure webserver, do the following:
•In Internet Explorer 8, open the secure website.
•Select File | Properties, and click the Certificates button.
•Click Install Certificate and start the Import Certificate Wizard. (This Wizard can also be accessed via Tools | Internet Options| Content | Certificates | Import.)
•The certificate should be placed in the Trusted Root Certification Authorities store, for which you can browse manually.
•Finish the Wizard steps, close the Certificates and Properties dialogs respectively by clicking OK. You might need to restart Internet Explorer.
| Note: | Only change the SOAP action settings if you can access all the SOAP methods and their corresponding SOAP actions. |
Web service security information
Some web services require user authentication. (The web service security layer would be in addition to the HTTP security layer implemented by the server.) The web service authentication information is stored in the SOAP request as an XML fragment having a structure as listed below. This XML fragment is generated automatically in the SOAP request from the web service authentication information you enter in the WS Security Settings dialog.
<wsse:Security xmlns:wsse="…" xmlns:wsu="…" SOAP-ENV:mustUnderstand="true">
<wsse:UsernameToken>
<wsse:Username>usr</wsse:Username>
<wsse:Password Type="...#PasswordText">pwd</wsse:Password>
<wsse:Nonce EncodingType="…#Base64Binary">UqrtD963797WBRgWiJPu2w==</wsse:Nonce>
<wsu:Created>2014-11-17T16:08:07.016Z</wsu:Created>
</wsse:UsernameToken>
<wsu:Timestamp>
<wsu:Created>2014-11-17T16:08:07.016Z</wsu:Created>
<wsu:Expires>2014-11-17T16:09:07.016Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>