Discuss this help topic in SecureBlackbox Forum
SOAP: Add WSS signature to SOAP message
To add WS-Security (Web Services Security, WSS) signature you would need to create an instance of TElXMLWSSSignatureHandler component, add it to the SOAP message using TElXMLSOAPMessage.AddSignature() method, and finally call the TElXMLSOAPSignatureHandler.Sign() method to sign the message.
The sample code below signs the body element and places a signature into the first WS-Security header, if it exists. If the header does not exist, the handler will add one when executing Sign method. The certificate is placed in wsse:BinarySecurityToken element.
C#:
void SignWSS(TElXMLSOAPMessage SOAPMessage, TElX509Certificate Certificate)
{
TElXMLWSSSignatureHandler Handler = new TElXMLWSSSignatureHandler(null);
int HandlerIndex = SOAPMessage.AddSignature(Handler, true);
try
{
if (SOAPMessage.SecurityHeaderCount > 0)
Handler.SecurityHeader = SOAPMessage.get_SecurityHeaders(0);
Handler.AddReference(SOAPMessage.Envelope.Body, true);
Handler.Sign(Certificate, wecInBinarySecurityToken);
}
catch
{
SOAPMessage.RemoveSignature(HandlerIndex);
throw;
}
}
Delphi:
procedure SignWSS(SOAPMessage : TElXMLSOAPMessage; Certificate : TElX509Certificate);
var
Handler : TElXMLWSSSignatureHandler;
HandlerIndex : Integer;
begin
Handler := TElXMLWSSSignatureHandler.Create(nil);
HandlerIndex := SOAPMessage.AddSignature(Handler, true);
try
if SOAPMessage.SecurityHeaderCount > 0 then
Handler.SecurityHeader := SOAPMessage.SecurityHeaders[0];
Handler.AddReference(SOAPMessage.Envelope.Body, true);
Handler.Sign(Certificate, wecInBinarySecurityToken);
except
SOAPMessage.RemoveSignature(HandlerIndex);
raise;
end;
end;