1. You will need to add the following units to your Uses section: clSoapSecurity, clCertificate, clCertificateStore.
SOAP.BatchSize := 8192;
SOAP.EncodingStyle := 'http://schemas.xmlsoap.org/soap/encoding/';
//We have added a special SecurityConfig property and moved all security-related
//properties to this new property.
SOAP.SecurityConfig.CSP := 'Microsoft Base Cryptographic Provider v1.0';
SOAP.SecurityConfig.ProviderType := 1;
SOAP.SecurityConfig.IdName := 'Id';
SOAP.SecurityConfig.SignatureStyle := ssJava;
//An event handler for loading the signing certificate.
SOAP.OnGetSigningCertificate := GetSigningCertificateEventHandler;
//Build a new SOAP message. Alternatively,
//you can use the BuildSoapWSDL method to make a new RPC request.
SOAP.BuildSoapMessage('your_xml', '');
//The new version of TclSoapMessage can handle multiple signatures.
//This means, you need to add at least one signature item to the Signatures collection
//before using it.
SOAP.Signatures.Add();
SOAP.Signatures[0].ID := 'your_signature_id';
SOAP.Signatures[0].SignatureMethod := 'http://www.w3.org/2000/09/xmldsig#rsa-sha1';
//This value is used by default. You can choose the desired signature algorithm here.
SOAP.Signatures[0].KeyReferenceID := 'your_key_reference_id';
//SOAP.IsIncludeCertificate := True; //version 7.8 syntax
//The old version 7.8 supports the only one key information format.
//It inserts an X509 binary security token to the resulting XML.
//The new version supports different formats.
//Currently, the following formats are implemented:
//X509 binary security token, certificate subject key identifier, and certificate thumbprint.
//You can choose the desired key format using the KeyClassName property.
SOAP.Signatures[0].KeyClassName := 'TclXmlX509KeyInfo';
//By default, the X509 binary security token is used.
//The SignReferences property was moved to the signature item.
//Also, we have renamed it to Reference.
//Do not forget to add the '#' symbol to the reference IDs.
//The new version of TclSoapMessage requires the ID references to be prefixed with '#',
//according to the SOAP security specification.
//SOAP.SignReferences.Clear();
//SOAP.SignReferences.Add('your_enveloped_body_id'); //version 7.8 syntax
SOAP.Signatures[0].References.Clear();
SOAP.Signatures[0].References.Add('#your_enveloped_body_id');
SOAP.Signatures[0].References.Add('#your_timestamp_id');
//If you didn't specify the Timestamp parameters, do not add this reference.
SOAP.Signatures[0].References.Add('#your_address_id');
//The same for Addressing.
SOAP.BodyID := 'your_enveloped_body_id';
//Optional parameters. Depending on your task, you can leave it empty.
SOAP.Addressing.AddItem('To', 'your_address_id', 'your_address_value');
SOAP.Timestamp.ID := 'your_timestamp_id';
createdOn := LocalTimeToGlobalTime(Now());
SOAP.Timestamp.Created := DateTimeToXMLTime(createdOn);
SOAP.Timestamp.Expires := DateTimeToXMLTime(createdOn + EncodeTime(0, 30, 0, 0));
//this option is available in Clever Internet Suite 9.5 and higher
//SOAP.Timestamp.Mode := tmAutoCreate;
//Sign the message.
SOAP.Sign();
//You can access the signed XML using the RequestSource TStringList property:
SOAP.RequestSource.SaveToFile('request.xml');
Article ID: 108, Created: October 30, 2018 at 12:11 PM, Modified: March 3, 2020 at 8:28 PM