web stats
Web Service sender and WSSE - Mirth Community

Go Back   Mirth Community > Mirth Connect > Support

Reply
 
Thread Tools Display Modes
  #1  
Old 05-16-2019, 01:07 PM
mitch_nchin mitch_nchin is offline
Mirth Newb
 
Join Date: Nov 2015
Posts: 17
mitch_nchin is on a distinguished road
Default Web Service sender and WSSE

We need to digitally sign a timestamp within a SOAP message. Is this doable from within Mirth? We have the SSH extension but I don't know whether it handles this.

Thanks.

Here's an example message we've been provided; presumably it is the Signature tag that we'll need to generate based on the message's timestamp:
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:urn="urn:cdc:iisb:2011">
<soap:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<ds:Signature Id="SIG-D8234953C823AFAE2415536312716865" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-excc14n#">
<ec:InclusiveNamespaces PrefixList="soap urn" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsasha1"/>
<ds:Reference URI="#TS-D8234953C823AFAE2415536312715641">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xmlexc-c14n#">
<ec:InclusiveNamespaces PrefixList="wsse soap urn" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transform>
</ds:Transforms>
<dsigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<dsigestValue>Content Redacted
</dsigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>Content Redacted</ds:SignatureValue>
<ds:KeyInfo Id="KI-D8234953C823AFAE2415536312716723">
<wsse:SecurityTokenReference wsu:Id="STRD8234953C823AFAE2415536312716744">
<wsse:KeyIdentifier EncodingType="http://docs.oasisopen.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasisopen.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">
Content Redacted
</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
<wsu:Timestamp wsu:Id="TS-D8234953C823AFAE2415536312715641">
<wsu:Created>2019-03-26T20:14:31Z</wsu:Created>
<wsu:Expires>2019-03-26T20:15:01Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</soap:Header>
<soap:Body>
<urn:submitSingleMessage>
<urn:username>Content Redacted User name provided by DOH</urn:username>
<urnassword>Content Redacted Password provided by DOH</urnassword>
<urn:facilityID>Content Redacted Facility ID provided by OHP</urn:facilityID>
<urn:hl7Message>Content Redacted Message content information available DOH
</urn:hl7Message>
</urn:submitSingleMessage>
</soap:Body>
</soap:Envelope

Thanks.
Reply With Quote
  #2  
Old 05-17-2019, 07:27 AM
agermano agermano is offline
Mirth Guru
 
Join Date: Apr 2017
Location: Indiana, USA
Posts: 771
agermano is on a distinguished road
Default

It's likely doable. Most things are.

I assume you meant the SSL (not SSH) extension, and as far as I know that is only for setting up encrypted tunnels, not for digital signatures.

I'm afraid I don't know enough about your requirements to give you a definite answer.
Reply With Quote
  #3  
Old 05-17-2019, 01:46 PM
mitch_nchin mitch_nchin is offline
Mirth Newb
 
Join Date: Nov 2015
Posts: 17
mitch_nchin is on a distinguished road
Default

Yes, SSL extension. Thank you so much. Is anyone else able to offer a definite answer?
Reply With Quote
  #4  
Old 05-17-2019, 02:08 PM
agermano agermano is offline
Mirth Guru
 
Join Date: Apr 2017
Location: Indiana, USA
Posts: 771
agermano is on a distinguished road
Default

You don't have the requirements of what you're trying to do?
Reply With Quote
  #5  
Old 05-20-2019, 06:07 AM
mitch_nchin mitch_nchin is offline
Mirth Newb
 
Join Date: Nov 2015
Posts: 17
mitch_nchin is on a distinguished road
Default

The requirement is to apply a digital signature to fields including the timestamp, as described in WSSE, and include it in the SOAP message.

As an aside, when you cannot actually be helpful, there is absolutely no need to post.
Reply With Quote
Reply

Tags
wsse ws security

Thread Tools
Display Modes

Posting Rules
You may not post new threads
You may not post replies
You may not post attachments
You may not edit your posts

BB code is On
Smilies are On
[IMG] code is On
HTML code is Off

Forum Jump


All times are GMT -8. The time now is 01:19 AM.


Powered by vBulletin® Version 3.8.7
Copyright ©2000 - 2019, vBulletin Solutions, Inc.
Mirth Corporation