Consume a soap web service using ws-security in PL/SQL

Question

I am trying to consume a SOAP web service that uses WS-Security for authentication in PL/SQL however i am having a bad time since i do not find any good information about it. So i would like to request how can i consume a sopa ewb service using ws_security in pl/sql (oracle)

Best regards, Alexandre

Answer 1

I had this same issue. It is possible however. As you have probably found out, it is very easy to set up a call in Java or even SoapUI because all of the WS-Security is either built in or is available in a library. When doing this from PL/SQL, you must build the WS-Security Headers by hand. However, This is very simple if your endpoint is expecting Username Token Authentication.

EXAMPLE

This example is a snippet from the function that I employed to build the SOAP Envelope to make a web service call to an endpoint in WSO2 ESB.

FUNCTION getSoapRequest RETURN CLOB
IS
   lUserName    VARCHAR2(100) := 'myuser';
   lPassword    VARCHAR2(100) := 'mypassword';
   lSoapRequest CLOB;
BEGIN
   --Get your Created and Expiration Timestamps for the Token (In this case it is 3 minutes)
   SELECT  TO_CHAR(SYSDATE + (4/24), 'YYYY-MM-DD')||'T'||TO_CHAR(SYSDATE + (4/24), 'HH24:MI:SS')||'Z'
          ,TO_CHAR(SYSDATE + (3/1440) + (4/24), 'YYYY-MM-DD')||'T'||TO_CHAR(SYSDATE + (3/1440) + (4/24), 'HH24:MI:SS')||'Z'
    INTO   lCreateTimestampString, 
          ,lExpireTimestampString
    FROM   dual;

       lSoapRequest :='<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:urn="urn:Cisco_IncidentCreateWS_ext">
                          <soapenv:Header>
                             <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
                               <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-14">
                                   <wsu:Created>'||lCreateTimestampString||'</wsu:Created>
                                   <wsu:Expires>'||lExpireTimestampString||'</wsu:Expires>
                                </wsu:Timestamp>
                               <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-13">
                                <wsse:Username>'||lUserName||'</wsse:Username>
                                <wsse:Password Type="wsse:PasswordText">'||lPassword||'</wsse:Password>
                               </wsse:UsernameToken>
                              </wsse:Security>
                           </soapenv:Header>
                           <soapenv:Body>
                           …
                           </soapenv:Body>
                        </soapenv:Envelope>';

   RETURN lSoapRequest;
END getSoapRequest;