Reputation: 123
I'm trying to consume a SOAP WS-Security service using Node and the request must to have a summary structure like:
<soapenv:Envelope xmlns:soapenv="" xmlns:v1="">
<wsse:Security xmlns:wsse="" xmlns:wsu="">
<wsse:BinarySecurityToken EncodingType="" ValueType="" wsu:Id="X509-F9932E49C67837D88415342820380929"><!--DATA--></wsse:BinarySecurityToken>
<ds:Signature Id="SIG-F9932E49C67837D884153428203810212" xmlns:ds="">
<wsse:UsernameToken wsu:Id="UsernameToken-F9932E49C67837D88415342820380868">
<wsse:Password Type=""><!--DATA--></wsse:Password>
<wsse:Nonce EncodingType=""><!--DATA--></wsse:Nonce>
<wsu:Timestamp wsu:Id="TS-F9932E49C67837D88415342820380867">
<soapenv:Body wsu:Id="id-E40CE4DF6628FFDAE615320042127276" xmlns:wsu="">
Please notice the header only contains the security
tag that contains 4 elements:
With node soap module I only have been able to generate a header with:
and Timestamp
, Signature
, Timestamp
(and I'm not sure about these are correct)But I have not been able to generate a header with the 4 security elements.
So, how can I consume a SOAP WS-Security Service with these four restrictions in Node? Or Maybe in PHP?
I had read that Java and C# generate this header easily but I have no chance (knowledge and experience) to work with them in my server.
PS: I'm have a password and four files with extension .p12/.cer with the names:
and I'm not sure if I am using these files properly.
My code:
const soap = require('soap');
const fs = require('fs');
const url = '';
let request = require('request');
const options = {
headers: {
"content-type": "application/json",
agentOptions: {
pfx: fs.readFileSync(__dirname + '/certs/domain.p12'),
passphrase: 'pass',
securityOptions: 'SSL_OP_NO_SSLv2'
request = request.defaults(options);
soap.createClient(url, {
request: request
}, function(err, client) {
if (err) throw err;
// SSL securty PFX
client.setSecurity(new soap.ClientSSLSecurityPFX(
__dirname + '/certs/cert.p12',
strictSSL: false,
secureOptions: 'SSL_OP_NO_TLSv1_2'
// WS Security
var wsSecurity = new soap.WSSecurity('user', 'password', {
hasNonce: true,
hasTokenCreated: true,
passwordType: 'PasswordText',
hasTimeStamp: true,
mustUnderstand: false
// WS Security Cert
const privateKey = fs.readFileSync(__dirname + '/certs/domain.p12'); //I also convert this file to .pem
const publicKey = fs.readFileSync(__dirname + '/certs/domain.crt');
const password = 'experian'; // optional password
const wsSecurity2 = new soap.WSSecurityCert(privateKey, publicKey, password);
const args = {
client.ServicioHistoriaCreditoPlus.other.consultarHC2(args, function(err, result){
if (err) console.log(err);;
Most complete Header I need:
<wsse:Security xmlns:wsse="" xmlns:wsu="">
<wsse:BinarySecurityToken EncodingType="" ValueType="" wsu:Id="X509-F9932E49C67837D88415342820380929"><!--DATA--></wsse:BinarySecurityToken>
<ds:Signature Id="SIG-F9932E49C67837D884153428203810212" xmlns:ds="">
<ds:CanonicalizationMethod Algorithm="">
<ec:InclusiveNamespaces PrefixList="soapenv v1" xmlns:ec=""/>
<ds:SignatureMethod Algorithm=""/>
<ds:Reference URI="#id-E40CE4DF6628FFDAE615320042127276">
<ds:Transform Algorithm="">
<ec:InclusiveNamespaces PrefixList="v1" xmlns:ec=""/>
<ds:DigestMethod Algorithm=""/>
<ds:Reference URI="#UsernameToken-F9932E49C67837D88415342820380868">
<ds:Transform Algorithm="">
<ec:InclusiveNamespaces PrefixList="soapenv v1" xmlns:ec=""/>
<ds:DigestMethod Algorithm=""/>
<ds:Reference URI="#TS-F9932E49C67837D88415342820380867">
<ds:Transform Algorithm="">
<ec:InclusiveNamespaces PrefixList="wsse soapenv v1" xmlns:ec=""/>
<ds:DigestMethod Algorithm=""/>
<ds:KeyInfo Id="KI-F9932E49C67837D884153428203809210">
<wsse:SecurityTokenReference wsu:Id="STR-F9932E49C67837D884153428203809211">
<wsse:Reference URI="#X509-F9932E49C67837D88415342820380929" ValueType=""/>
<wsse:UsernameToken wsu:Id="UsernameToken-F9932E49C67837D88415342820380868">
<wsse:Password Type=""><!--DATA--></wsse:Password>
<wsse:Nonce EncodingType=""><!--DATA--></wsse:Nonce>
<wsu:Timestamp wsu:Id="TS-F9932E49C67837D88415342820380867">
Upvotes: 5
Views: 2454