AnsweredAssumed Answered

Using SoapUI to access the CMIS web services

Question asked by eliseosoto on Mar 11, 2009
Latest reply on Oct 3, 2013 by jyothsnareddy
Here's an overview of what I've done so far in order to use the CMIS Web Service implementation using the SoapUItool.

This assumes that you have the Alfresco Labs 3 Server running with the default admin/admin username.

The first thing I do is add this WSDL to SoapUI: http://localhost:8080/alfresco/wsdl/authentication-service.wsdl
And then I call startSession like this:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns="http://www.alfresco.org/ws/service/authentication/1.0">
   <soapenv:Header/>
   <soapenv:Body>
      <ns:startSession>
         <ns:username>admin</ns:username>
         <ns:password>admin</ns:password>
      </ns:startSession>
   </soapenv:Body>
</soapenv:Envelope>
This returns a different ticket every time, here's an example:
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
   <soapenv:Body>
      <startSessionResponse xmlns="http://www.alfresco.org/ws/service/authentication/1.0">
         <startSessionReturn>
            <username>admin</username>
            <ticket>TICKET_610f5e78c8e4932181abb7ef7f8a405719ec07b6</ticket>
            <sessionid>FF7AD69527D3E12D7A16852F608A3D34</sessionid>
         </startSessionReturn>
      </startSessionResponse>
   </soapenv:Body>
</soapenv:Envelope>

Then I add the RepositoryService WSDL (http://localhost:8080/alfresco/cmis/RepositoryService?wsdl) and configure WS-Security by double-clicking the Project Name in the Navigator like this:
[img]http://www.postimage.org/Pq1purHA.jpg[/img]

Username: admin
Password: The ticket (i.e. TICKET_610f5e78c8e4932181abb7ef7f8a405719ec07b6)
Must Understand: Checked
Add Nonce: Checked
Add Created: Checked
Password Type: PasswordDigest (as seen in some other topics in this forums, please search)

Then I set this to be used in the Outgoing WSS of the Aut section of the Request:
[img]http://www.postimage.org/aV1nmbzA.jpg[/img]

However when I invoke getRepositories like this (raw request):
<soapenv:Envelope xmlns:ns="http://www.cmis.org/2008/05" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
   <soapenv:Header>
      <wsse:Security soapenv:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
         <wsse:UsernameToken wsu:Id="UsernameToken-26993204" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
            <wsse:Username>admin</wsse:Username>
            <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">ITpkPgLw8IrNtexohxt4WhVlpUM=</wsse:Password>
            <wsse:Nonce>MW7JmYsaQIrM8DD63cdN3Q==</wsse:Nonce>
            <wsu:Created>2009-03-11T21:31:13.284Z</wsu:Created>
         </wsse:UsernameToken>
      </wsse:Security>
   </soapenv:Header>
   <soapenv:Body>
      <ns:getRepositories/>
   </soapenv:Body>
</soapenv:Envelope>

I get this error:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
   <soap:Header>
      <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
         <wsu:Timestamp wsu:Id="Timestamp-31502959" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
            <wsu:Created>2009-03-11T21:31:13.299Z</wsu:Created>
            <wsu:Expires>2009-03-11T21:36:13.299Z</wsu:Expires>
         </wsu:Timestamp>
      </wsse:Security>
   </soap:Header>
   <soap:Body>
      <soap:Fault>
         <faultcode xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">ns1:FailedAuthentication</faultcode>
         <faultstring>The security token could not be authenticated or authorized</faultstring>
      </soap:Fault>
   </soap:Body>
</soap:Envelope>

The security token could not be authenticated or authorized, this is the problem I have right now. What am I doing wrong? Why isn't Alfresco accepting my password?

Please help  8)

Outcomes