Problem Statement:
Consumer invokes the Apigee proxy with SOAP payload with attachment (zip). The SOAP payload has <wsse:security> section to hold credentials. We need to scrub the <wsse:security> section before invoking the backend API.
Solution Tried:
below link has a pointer on parsing the text (password) using Java callout, however not sure how to just scrub the security header without tampering the attachment.
https://community.apigee.com/articles/60050/multipart-multipartform-data-creation-and-parsing.html
Approach#2.
This is what is available in the input stream for request.content in Java Maven project
Hi,
maybe try this
https://github.com/DinoChiesa/ApigeeEdge-Java-XOP-Editor
This callout transforms this:
--MIME_boundary Content-Type: application/soap+xml; charset=UTF-8 Content-Transfer-Encoding: 8bit Content-ID: <rootpart@soapui.org> <S:Envelope xmlns:S='http://schemas.xmlsoap.org/soap/envelope/'> <S:Header> <wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'> <wsse:UsernameToken xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'> <wsse:Username xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'>XXXXXX</wsse:Username> <wsse:Password xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'>XXXXXX</wsse:Password> </wsse:UsernameToken> </wsse:Security> </S:Header> <S:Body> <GenericRequest xmlns='http://www.oracle.com/UCM' webKey='cs'> <Service IdcService='CHECKIN_UNIVERSAL'> <Document> <Field name='UserDateFormat'>iso8601</Field> <Field name='UserTimeZone'>UTC</Field> <Field name='dDocName'>201807111403445918-1-464</Field> <Field name='dSecurityGroup'>FAFusionImportExport</Field> <Field name='dDocAccount'>hcm$/dataloader$/import$</Field> <Field name='dDocType'>Application</Field> <Field name='dDocTitle'>201807111403445918_76_I228_1_ValueSet_Budget_Center_ID_Independent.zip</Field> <File name='primaryFile' href='201807111403445918_76_I228_1_ValueSet_Budget_Center_ID_Independent.zip'> <Contents> <Include xmlns='http://www.w3.org/2004/08/xop/include' href='cid:0b83cd6b-af15-45d2-bbda-23895de2a73d'/> </Contents> </File> </Document> </Service> </GenericRequest> </S:Body> </S:Envelope> --MIME_boundary Content-Type: application/zip Content-Transfer-Encoding: binary Content-ID: <0b83cd6b-af15-45d2-bbda-23895de2a73d> ...binary zip data... --MIME_boundary--
Into this:
--MIME_boundary Content-Type: application/soap+xml; charset=UTF-8 Content-Transfer-Encoding: 8bit Content-ID: <rootpart@soapui.org> <S:Envelope xmlns:S='http://schemas.xmlsoap.org/soap/envelope/'> <S:Header> <wsse:Security xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'> </wsse:Security> </S:Header> <S:Body> <GenericRequest xmlns='http://www.oracle.com/UCM' webKey='cs'> <Service IdcService='CHECKIN_UNIVERSAL'> <Document> <Field name='UserDateFormat'>iso8601</Field> <Field name='UserTimeZone'>UTC</Field> <Field name='dDocName'>201807111403445918-1-464</Field> <Field name='dSecurityGroup'>FAFusionImportExport</Field> <Field name='dDocAccount'>hcm$/dataloader$/import$</Field> <Field name='dDocType'>Application</Field> <Field name='dDocTitle'>201807111403445918_76_I228_1_ValueSet_Budget_Center_ID_Independent.zip</Field> <File name='primaryFile' href='201807111403445918_76_I228_1_ValueSet_Budget_Center_ID_Independent.zip'> <Contents> <Include xmlns='http://www.w3.org/2004/08/xop/include' href='cid:0b83cd6b-af15-45d2-bbda-23895de2a73d'/> </Contents> </File> </Document> </Service> </GenericRequest> </S:Body> </S:Envelope> --MIME_boundary Content-Type: application/zip Content-Transfer-Encoding: binary Content-ID: <0b83cd6b-af15-45d2-bbda-23895de2a73d> ...binary zip data... --MIME_boundary--
The hard work is done by relying on the multipart handler library, from danieln. Basically it
Thanks this works as expected, however the logic that's written to parse the XML doesn't go well with SOAP 1.2 message.
Example:
Content-Type:
Error:
Error: ContentType parameter value has garbage after quoted string at 98: boundary="uuid:7c569c20-7d75-4791-ad80-5f8dd65584aa"; start-info="application/soap+xml; action=\"urn:xyz.SendMessage\""; type="application/xop+xml"; start="<root.message@cxf.apache.org>"
User | Count |
---|---|
7 | |
2 | |
2 | |
2 | |
1 |