This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
FAQ
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

WS-Security Authentication with a X509 certificate for Soap call

mhlamine
Guide

‎22 Jun 2022 01:44 PM - last edited on ‎04 Oct 2022 10:02 AM by Community Team

We would like to configure a HTTP monitor for a SOAP request but this request has WS-Security Authentication with a X509 certificate. Does any one knows if it is possible and how to do it?

0 Kudos
Reply
6 REPLIES 6

AntonioSousa
DynaMight Guru
DynaMight Guru

‎22 Jun 2022 03:51 PM

@mhlamine,

Check out at the end of https://www.dynatrace.com/support/help/how-to-use-dynatrace/synthetic-monitoring/general-information...

AntonioSousa_0-1655909481452.png

 

Antonio Sousa
0 Kudos
Reply

mhlamine
Guide

‎23 Jun 2022 09:19 AM

Thanks @AntonioSousa ,

does dynatrace add the needed headers using that certificate?

how dynatrace uses that certificate?

do i need to add some other headers or inputs?

0 Kudos
Reply

AntonioSousa
DynaMight Guru
DynaMight Guru
In response to mhlamine

‎23 Jun 2022 09:51 AM

@mhlamine,

Now that you make that questions, I've figured out that my reply might not be your use-case. I was referring to the configuration of client-certificates, which is a different topic...

Antonio Sousa
0 Kudos
Reply

techean
Dynatrace Champion
Dynatrace Champion

‎23 Jun 2022 09:28 AM

@mhlamine  answer to your second question would be it uses credential vaults to check for trusted certs. Yes it does add needed headers using certs for request.

It will be completely optional for additional header values.

KG
0 Kudos
Reply

mhlamine
Guide

‎24 Jun 2022 09:55 AM

Here is the header that must be added for WS security :

     <wsse:Security soapenv:mustUnderstand="1"
        xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
         <wsu:Timestamp wsu:Id="Timestamp-1"
            xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
             <wsu:Created>${=new java.text.SimpleDateFormat("yyyy-MM-dd'T'HH:mm:ss'Z'").format(new Date())}</wsu:Created>
         </wsu:Timestamp>
         <wsse:UsernameToken wsu:Id="UsernameToken-1"
            xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
             <wsse:Username>USER</wsse:Username>
             <wsse:Password Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0#PasswordText'>PASSWORD</wsse:Password>
         </wsse:UsernameToken>
     </wsse:Security>

 

in the executions i don't see any header added by dynatrace.

 

0 Kudos
Reply

AntonioSousa
DynaMight Guru
DynaMight Guru
In response to mhlamine

‎24 Jun 2022 11:38 PM

You are referring to the WS-Security header, and not an HTTP header.

While you do have the capability of defining the request body, it might not be easy to construct the payload. I have not done it before.

You might have a better chance contacting support. They should be able to provide you with a more definitive answer regarding this specific payload.

 

Antonio Sousa
0 Kudos
Reply
Ask a question

Featured Posts