views:

32

answers:

2

Working on a docuSign integration with Coldfusion and need assistance in making the SOAP request using WS security.

+2  A: 

Your question is a little short on detail, but I presume you mean the Web Services SOAP security extension.

We had to do this a few years back when communicating with a .NET web service. The basic idea is that you provide a set of extra SOAP headers that contains security info such as:

  • Timestamp
  • Username
  • Password
  • Etc

To do this you need to create a new XML document as per the standard defined here. Next you will need to write code to create the SOAP headers. This means:

  1. Create your remote web service object, e.g.

    var objWebSvc = createObject("webservice", "http://remoteURL?WSDL");

  2. Creating an XML document to represent the new headers

  3. Populating it with the required info (such as username and timestamp etc.)
  4. Adding the XML document to the web service object, using addSOAPRequestHeader()
  5. Call your remote web service

Then of course if and when they call your web service you'll need to parse out those headers from their SOAP request and validate them. That can be done by grabbing the XML using getSOAPRequestHeader() and parsing out the info.

I found this to be an error prone task and (basically) a royal pain. The web service we integrated with eventually dropped the requirement, apparently becuase the any web services trying to connect that were not native .NET were having a hard time implementing the specification.

Good luck!

Ciaran Archer
+1  A: 

I blogged this a while back. See if this helps:

http://onlineanthony.blogspot.com/2010/05/using-ws-security-for-soap-in.html

Anthony Israel-Davis