In IdP definition that the bundle uses, among other things, to generate AuthnRequest:
HOW/WHERE do I specify that I want the AuthnRequest signed e.g. with ECDSA-SHA256?
Do I have to override a factory service to achieve that?
<?xml version="1.0"?>
<md:EntityDescriptor
xmlns:mdalg="urn:oasis:names:tc:SAML:metadata:algsupport"
xmlns:md="urn:oasis:names:tc:SAML:2.0:metadata"
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
entityID="some-entity">
<md:IDPSSODescriptor protocolSupportEnumeration="urn:oasis:names:tc:SAML:2.0:protocol" WantAuthnRequestsSigned="true">
<md:KeyDescriptor use="signing">
<mdalg:SigningMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha256"/>
<ds:X509Data>
I tried adding mdalg:SigningMethod and ds:SignatureMethod, as above, but I don't really know what I'm doing, as the config schema is not really well-defined in the documentation.
It seems like your placement of mdalg:SigningMethod is wrong. It is an extension to the original SAML2 standard and as such needs to live in an block. Take this as hearsay from me as I don't actually use that myself.
Here is the mailing list post regarding simpleSAMLphp software, and credit for the content goes to Peter Schober:
https://groups.google.com/forum/#!msg/simplesamlphp/HSdZXaYUuRI/bdz7mQJLBgAJ
An example of the placement in the XML is in there.
Related
I would like to get the invoice link from the purchase order implementing Sage Intacct API via Postman.
I suppose it can be done by following sequences(or by only one api request? not sure about this).
Order a purchase
Create a purchase receipt
Get an invoice link from it
Please refer to this API document (https://developer.intacct.com/api).
i.e. This is the body of a request to create a purchase transaction.
<?xml version="1.0" encoding="UTF-8"?>
<request>
<control>
<senderid>{{sender_id}}</senderid>
<password>{{sender_password}}</password>
<controlid>{{$timestamp}}</controlid>
<uniqueid>false</uniqueid>
<dtdversion>3.0</dtdversion>
<includewhitespace>false</includewhitespace>
</control>
<operation>
<authentication>
<sessionid>{{temp_session_id}}</sessionid>
</authentication>
<content>
<function controlid="{{$guid}}">
<create_potransaction>
<transactiontype>Purchase Requisition</transactiontype>
<datecreated>
<year>2013</year>
<month>6</month>
<day>19</day>
</datecreated>
<vendorid>1001</vendorid>
<referenceno>1234</referenceno>
<vendordocno>vendordocno001</vendordocno>
<datedue>
<year>2013</year>
<month>6</month>
<day>20</day>
</datedue>
<payto>
<contactname>Jameson Company</contactname>
</payto>
<exchratetype>Intacct Daily Rate</exchratetype>
<customfields/>
<potransitems>
<potransitem>
<itemid>75300GL</itemid>
<quantity>100</quantity>
<unit>Each</unit>
<price>1</price>
<locationid>MGMT-US</locationid>
<departmentid>IT</departmentid>
</potransitem>
</potransitems>
</create_potransaction>
</function>
</content>
</operation>
</request>
Thank you in advance.
You can download the Postman collection file (API) from the developer docs.
And then just refer to Purchasing/Purchasing Transactions/Create Transaction (Legacy).
You can change the body (SOAP) content.
I'm sure you can manage it.
I must create new cartridge for integration in BM but I don't want use pipelines. Can I use the controllers for this? If yes, please provide information on how to do this.
.
Yes, you can. You need to create the bm_extensions.xml and add all the actions/entries.
Note: The file mention pipeline but It can actually be a Controller as you can see in the example I linked below.
<?xml version="1.0" encoding="ISO-8859-1" ?>
<extensions xmlns="http://www.demandware.com/xml/bmmodules/2007-12-11"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.demandware.com/xml/bmmodules/2007-12-11 bmext.xsd">
<menuaction id="paypal_transactions_manager" menupath="orders" position="200" site="true">
<name xml:lang="x-default">PayPal Transactions</name>
<short_description xml:lang="x-default">Manage the PayPal transactions related with this site orders.</short_description>
<description xml:lang="x-default">Manage the PayPal transactions related with this site orders.</description>
<exec pipeline="PaypalAdmin" node="Orders" />
<sub-pipelines>
<pipeline name="PaypalAdmin-Orders" />
<pipeline name="PaypalAdmin-OrderTransaction" />
<pipeline name="PaypalAdmin-Action" />
<pipeline name="PaypalAdmin-CreateNewTransaction" />
</sub-pipelines>
<icon>paypalbm/images/icon_transactions.png</icon>
</menuaction>
</extensions>
PayPal Cartridge bm_paypal is a good example to understand how is done: https://github.com/SalesforceCommerceCloud/link_paypal/tree/master/cartridges/bm_paypal/cartridge
Ps: Let me know if you cannot access the link.
I am really having a hard time finding a tutorial that can validate an xml signature using cxf.
I have a signed xml request like this: (NOTE: Signature value, digest value and X509 certificates are dummy values)
<?xml version="1.0" encoding="UTF-8"?><soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:ns="http://namespaces.gsma.org/esim-messaging/1">
<soap:Header/>
<soap:Body>
<ns:Request>
<ns:ParentNode>
<ns:TobeSignedInfo>
<ns:id>010203</ns:id>
<ns:oid>1.3.6.1.4.1.31746</ns:oid>
</ns:TobeSignedInfo>
<ns:SampleAdditionalProperties>
<ns:Property key="myProperty" value="aValue"/>
</ns:SampleAdditionalProperties>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
<ds:DigestValue>rE7suDc1EdUOJx6auQsTp8kGfZEe+pq2zaDvsKDMc/A=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
NXwOjw6ZT3NJRGqOluY8lF5/dkrTE89OjgB3z+kI4qmnTka0/hU6y9uihiRsrP+BZAMowhbwnPfy
ThEmTvMr0GGVB/w2pp0635Y8R672KNxZf2j48yFuz6ksyC5eBXVRAEswAt9lRh2ikcC9sULzLnSr
eA6rHNWiEm5v8OH708uZ/GWq4NlxQc8oLkrR634OY53ghPr2K+84vN99yxtGzYDHlTEFFJAyTqif
aUjYEQqcszKcbvf/XvriNcjHlk3kM8AwaQMePngxJatY3rlYWbykZhmwdqBgWrknRkjr5GAWVPEU
Q3aRlfbRYi66LV0UeGrzkinV2z5pwmBNxqc9GNnWMsvq0sWyF0BLSDY7yIz4HZVaeySytmZC21fI
PktCIfv+NRmOtFznkg3utX27Iwmc4kYGfeBXxmPMLOIkhf3dItOtV/8KNA4jW5dJNxnOEXiVXEV+
FJZbeAIet4wBvAfQb6QXcrfuwBp2kCmoYtmObH5Y+AgEf5KxPiGb1kLX
</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIExDCCAywCCQC0bmU6MB8PuTANBgkqhkiG9w0BAQUFADCBozELMAkGA1UEBhMCUEgxEDAOBgNV
BAgTB0J1ZW5kaWExDzANBgNVBAcTBk1ha2F0aTEeMBwGA1UEChMVT2JlcnRodXIgVGVjaG5vbG9n
aWVzMSEwHwYDVQQLExhSZXNlYXJjaCBhbmQgRGV2ZWxvcG1lbnQxCzAJBgNVBAMTAk9UMSEwHwYJ
KoZIhvcNAQkBFhJlbWFpbEBvYmVydGh1ci5jb20wHhcNMTQxMDI1MDgzMzE5WhcNMTUxMDI1MDgz
MzE5WjCBozELMAkGA1UEBhMCUEgxEDAOBgNVBAgTB0J1ZW5kaWExDzANBgNVBAcTBk1ha2F0aTEe
MBwGA1UEChMVT2JlcnRodXIgVGVjaG5vbG9naWVzMSEwHwYDVQQLExhSZXNlYXJjaCBhbmQgRGV2
ZWxvcG1lbnQxCzAJBgNVBAMTAk9UMSEwHwYJKoZIhvcNAQkBFhJlbWFpbEBvYmVydGh1ci5jb20w
ggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQDEaJeQaBruoMMG5LEdLc6D4aQq/4IXc6tk
kbEyO+2o3Ey3dU/WFSS7DNy86DKPWTG0VKinpFinwic+Be+A36K/eei8wyyv2YuhI1UuKWPsvmkV
mb/klra899jKvid1Jd0oMG8ViQGkpveYdoAfg5IR9k2NSgV1cn3ab26CmwwIpbDuPcMhW0bEXxG+
El67hrLQqpDjIuWRpbxs5prBdG4V79NrR6Pu1goLq9FmHsmKujPAu1gSnNmx61rab8zzVcEG19Fd
huG7ysilzDSeo2YTKs7Lzwp4Zu94T+IJYHYrV4iiB4jVLO7IQCUKB3T4y+9VYHI1fhasRGB1t8eR
CScsKg8IvtMMwjvKv4XK0EdBaLADzvpRVGAiV1hlo3sJ+D+tr/gkJ/ElVjC/90gIVxESwg5XQtPG
kQImde6GDZquEcT5URyvkq/WuMu+3J4NUSMpHDXeel2R8UkiSXs5ONxRyT3Ai3IjXUFhO9EGjFpe
eM1gqSYx3l6DyPSBF1rKHmkCAwEAATANBgkqhkiG9w0BAQUFAAOCAYEAaDkvLk/tzIMJA/3q2zJL
M+N5cPc+OVG8kPJK3aMInXciZRrY+uSyTflVaOpJJu038fN07kMzQePDyRJQENOZK0JsDz2bX1h5
6Z03b34/UdgFR5z3NC++iQNbBFaXjsfcAo45UgEgn7wPdqXQ8bdViHakmCMG43vPzLgp2ZSK0GMt
Pt1Q2qnbWz04Gkjog284RZZ4mpxSA3g8sVypoDTjw3HJhNRCPjq+tTXkOqWK4nNJH5tbwqq9uUjJ
6nTISN5WJ3OIvdLejPNmjMBBcaGVmFkGIBqlfyMZ+SuJiqMJfW/Ccqf640U3tyZDJNeTxMmaqerE
mnihf+sIdPf2RfwbdBPiHdLmmU65yi89b6Bz
</ds:X509Certificate>
</ds:X509Data>
</ds:KeyInfo>
</ds:Signature>
</ns:ParentNode>
</ns:Request>
</soap:Body>
</soap:Envelope>
How can I validate signature using cxf? I saw an implementation of WSPolicy and WSS4JInterceptors and it think it is not fit for this situation because the request doesn't have <wsse:Security> tag. Any thoughts are very much welcome.. Thanks in advance
The WS-Security standard mandates that XML Signature must be in the security header of the request (and not in the SOAP Body as per your example). So your best bet is to grab the SOAP Body (e.g. in a SOAP Handler), and use the Apache Santuario API to validate the signature yourself. Here is some sample code that shows you how to do the latter:
https://github.com/coheigea/testcases/blob/master/apache/santuario/santuario-xml-signature/src/test/java/org/apache/coheigea/santuario/xmlsignature/SignatureDOMTest.java
Colm.
I experience something rather strange and I would like to know if other people have experienced the same...
I am currently working on a project using jboss fuse (previously fuse esb) and we are using blueprint for our configuration files.
We use property place holders and have the following files under src/main/resources/OSGI-INF/blueprint:
blueprint.xml
properties.xml
In blueprint.xml we have something like this:
<bean id="myBean" class="com.test.MyClass">
<property name="prop1" value="${my.prop}" />
<∕bean>
Then in properties.xml I have this:
<cm:property-placeholder persistent-id="my.properties" update-strategy="reload">
<cm:default-properties>
<cm:property name="my.prop" value="true" />
</cm:default-properties>
</cm:property-placeholder>
And I obviously have a setter for prop1 (which is a String) in MyClass.
But what I see is that when I deploy this, prop1 is set to "${my.prop}" instead of "true", i.e the variable never gets replaced with its defined value!
But now if I call the properties file aaa_properties.xml, it works!!
Is this a bug in the blueprint container?
Did any one else experience the same behaviour?
Thanks for your feedback :)
JM.
I found some information about Blueprint Configuration in Fuse ESB
It states:
If you need to place your blueprint configuration files in a non-standard location (that is, somewhere other than OSGI-INF/blueprint/*.xml), you can specify a comma-separated list of alternative locations in the Bundle-Blueprint header in the manifest
For Example:
Bundle-Blueprint: lib/account.xml, security.bp, cnf/*.xml
I suggest, can you please give this a try, and specify your xml files here, naturally in the correct ordering.
I'm trying to write validation rules for my data objects in a WPF application. I'm writing them in the configuration file, and so far they are working fine.
I'm stumped on how to localize the messages using messageTemplateResourceName and messageTemplateResourceType. What I know is that the strings can be writen in a resource file, given a name and referenced by that name. I get the idea, but i haven't been able to make this work.
<ruleset name="Rule Set">
<properties>
<property name="StringValue">
<validator lowerBound="0" lowerBoundType="Ignore" upperBound="25"
upperBoundType="Inclusive" negated="false" messageTemplate=""
messageTemplateResourceName="msg1" messageTemplateResourceType="Resources"
tag=""
type="Microsoft.Practices.EnterpriseLibrary.Validation.Validators.StringLengthValidator, Microsoft.Practices.EnterpriseLibrary.Validation"
name="String Length Validator" />
</property>
</properties>
</ruleset>
Where is the resource file and what value do I pass to messageTemplateResourceType?
I have tried writing the messages in the shell project's resource file but no sucess trying to retrieve the value. I only get the default built-in message.
I've tried
messageTemplateResourceType="typeof(Resources)"
messageTemplateResourceType="Resources"
messageTemplateResourceType="Resources.resx"
messageTemplateResourceType="typeof(Shell)"
messageTemplateResourceType="Shell"
messageTemplateResourceType="Shell,
Version=1.0.0.0, Culture=neutral,
PublicKeyToken=null"
I've also tried adding a new resource file in the shell project, and adding a resource file to the data object's library. I'm all out of ideas Does anyone have any suggestions? I'm not even married to the idea of resource files, so if there are other ways to localize these messages I'd love to know!
thanks
You need to create your own resource file and then point the messageTemplateResourceType attribute to your fully qualified resource type. As long as the resource file can be loaded at runtime you should be fine.
<ruleset name="Rule Set">
...
messageTemplateResourceName="msg1"
messageTemplateResourceType="My.Fully.Qualified.ResourceType, My.AssemblyName, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null"
...
</ruleset>
An alternate way to do it would be use the messageTemplate as a key and write custom code to look up the actual localized string based on the messageTemplate key (either from a resource file or from a database or wherever else you are storing it).