Can Katalon Studio include Webservice Security Sign (WSS) header for SOAP requests

Product Forums Katalon Studio
,
1

Hi All,

Can KS generate SIGNED WSS headers from java keystore (JKS) files along with timestamp and include them in run time to the SOAP headers of the SOAP request. How to do it in KS. I have explained the way we do it in SOAP UI and I was able to crack this in Jmeter as well. Looking through whether KS can support it.

In SOAP UI, we upload WSDL file while creating a New SOAP project. We do not have online WSDL of the service, “LOAD from WSDL” will not work in KS as it throws error. In SOAP UI, we add the JKS file with password in Keystore section of the project and create signature and timestamp from “Outgoing WS-Security Configuration” section in project. Please refer WS-SecurityConfig image file.

After completing this, we add this header by applying the WS security to the SOAP request. By default, this is added to the SOAP header. Apart from this we add the SOAP Action Header with the service or operation name. Then this request successfully works.

Questions in KS.

  1. No online WSDL in my case, Will adding the WSDL file helps me
  2. How to add the JKS and password. In project->settings->Network, I added the JKS file and password, but no effect
  3. After adding the JKS files, how to confirm the signature and timestamp are generated
  4. How to add this signature and timestamp to SOAP service under object repository dynamically during run time
  5. How to capture the output of one webservice and pass it as input to other webservice in KS API.

Appreciate your understanding and help.

Thanks
LK

KS_SOAPUI_OutgoingWS_Config_SignatureTimestamp
KS_SOAPUI_OutgoingWS_Config_SignatureTimestamp1610×1030 38.7 KB
KS_SOAPUI_Keystore
KS_SOAPUI_Keystore1936×544 79.4 KB

2

Hi,

We are facing same problem regarding Signature setting?Any update on above point 4 & 5
i.e.?

  1. How to add this signature and timestamp to SOAP service under object repository dynamically during run time?
  2. How to capture the output of one webservice and pass it as input to other webservice in KS API.

Any reference document is available?

Thanks.

3

@Katalon Developers - Can you please have a look at the query and advise. Thanks in advance

4

Found solution which works for me. In “Request Message” tab update “SOAP-ENV:Header” tag like this

  <SOAP-ENV:Header>
	<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
         <wsse:UsernameToken>
            <wsse:Username>put-your-username</wsse:Username>
            <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">put-your-password</wsse:Password>
         </wsse:UsernameToken>
      </wsse:Security>
  </SOAP-ENV:Header>
5

Thanks evgenly !!!
This works when the authentication header used is user credential.

In my case, the authentication is through certificate signage with timestamp. the certificate is accessed as a JKS file (Java Keystore). We can easily do it in soap ui.

Since no one has replied to this thread and my other thread, I assume KS cannot support certificate based signage in soap headers at this point of time. I will leave KS developers to confirm on this.

Thanks

6

Hi all,

Any update on this?

thanks