Monday, March 15, 2010

SOAP UI and WS-Security

http://www.soapui.org/userguide/projects/wss.html

in SOAPUI, right click on project, and "show project view"

"security configurations" tab

"keystores/certificates"

add your keystore and specify keystore password, default alias and alias password (should match store password)

then go to "Outgoing WS-Security Configurations" and create a profile (e.g. "signed") putting the default alias and password.
Then in the same tab add "WSS entry" for signature (I know, the UI really sucks), select keystore, alias etc

Now CLOSE AND REOPEN SOAPUI (little bug here), then open the Request and look for a tiny "Aut" tab on the bottom (as I said, the UI really sucks). In "outgoing WSS" choose the configuration you have created.


If you get this:

Unable to decode certificate: java.security.cert.CertificateException: Unable to initialize, java.io.IOException: DerInputStream.getLength(): lengthTag=127, too big

then it means you have survived so far to this terrible horrible mess which is WS-Security.

3 comments:

legmar said...

So, I got to the last step with the "127, too big" message. I agree that I have survived this far. But, any idea how to resolve the too big error? I'd like to continue surviving. :)

vernetto said...

no, sorry mate, it was loong time ago....

legmar said...

No worries, I actually figured it out! I am using SoapUI 5.2.1 (free version) and had to go to the Project WS-Security Configurations > Outgoing WS-Security Configurations tab. For my specific outgoing configuration, I had a WSS Entry for "Signature". For the Signature options, there is a checkbox to "Use single certificate for signing". I had to check that box, and it resolved my issue. Cheers!