views:

66

answers:

0

Below is the style of header I need to create. I am expected to use either a public/private key or a SSL style certificate.

I don't know for certain, but I think my counter-party is using some form of Java.

 <soap-env:Header>
   <wsse:Security xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/04/secext"&gt;
     <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"&gt;
       <ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"&gt;
         <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
         <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
         <ds:Reference URI="#secinfo">
           <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
           <ds:DigestValue>xxxxxxxxxxxxx</ds:DigestValue>
           <ds:Transforms>
             <ds:Transform Algorithm="http://www.w3.org/TR/1999/REC-xpath-19991116"&gt;
               <ds:XPath>//*[@id='secinfo']/child::*/text()</ds:XPath>
             </ds:Transform>
           </ds:Transforms>
         </ds:Reference>
       </ds:SignedInfo>
       <ds:SignatureValue>xxxxxxxxxxds:SignatureValue>
       <ds:KeyInfo>
         <ds:KeyName>xxxxxxx</ds:KeyName>
       </ds:KeyInfo>
     </ds:Signature>
     <t:UsernameToken xmlns:t="http://schemas.xmlsoap.org/ws/2002/04/secext" id="secinfo">
       <t:UserInfo>USER=xxxx;CORR=xxxx;TIMESTAMP=201003161916</t:UserInfo>
     </t:UsernameToken>
   </wsse:Security>
 </soap-env:Header>