Signing of SOAP message, upgrading from version 7.x to 9.2

 
1. You will need to add the following units to your Uses section: clSoapSecurity, clCertificate, clCertificateStore.
SOAP.BatchSize := 8192;
SOAP.EncodingStyle := 'http://schemas.xmlsoap.org/soap/encoding/';

//We have added a special SecurityConfig property and moved all security-related properties to this new property.
SOAP.SecurityConfig.CSP := 'Microsoft Base Cryptographic Provider v1.0';
SOAP.SecurityConfig.ProviderType := 1;
SOAP.SecurityConfig.IdName := 'Id';
SOAP.SecurityConfig.SignatureStyle := ssJava;

//An event handler for loading the signing certificate.
SOAP.OnGetSigningCertificate := GetSigningCertificateEventHandler;

//Build a new SOAP message. Alternatively, you can use the BuildSoapWSDL method to make a new RPC request.
SOAP.BuildSoapMessage('your_xml', '');

//The new version of TclSoapMessage can handle multiple signatures. This means, you need to add at least one signature item to the Signatures collection before using it.
SOAP.Signatures.Add();
SOAP.Signatures[0].ID := 'your_signature_id';
SOAP.Signatures[0].SignatureMethod := 'http://www.w3.org/2000/09/xmldsig#rsa-sha1'; //This value is used by default. You can choose the desired signature algorithm here.
SOAP.Signatures[0].KeyReferenceID := 'your_key_reference_id';

//SOAP.IsIncludeCertificate := True; //version 7.8 syntax
//The old version 7.8 supports the only one key information format. It inserts an X509 binary security token to the resulting XML.
//The new version supports different formats. Currently, the following formats are implemented: X509 binary security token, certificate subject key identifier, and certificate thumbprint.
//You can choose the desired key format using the KeyClassName property.
SOAP.Signatures[0].KeyClassName := 'TclXmlX509KeyInfo'; //By default, the X509 binary security token is used.

//The SignReferences property was moved to the signature item. Also, we have renamed it to Reference.
//Do not forget to add the '#' symbol to the reference IDs. The new version of TclSoapMessage requires the ID references to be prefixed with '#', according to the SOAP security specification.
//SOAP.SignReferences.Clear();
//SOAP.SignReferences.Add('your_enveloped_body_id'); //version 7.8 syntax
SOAP.Signatures[0].References.Clear();
SOAP.Signatures[0].References.Add('#your_enveloped_body_id');
SOAP.Signatures[0].References.Add('#your_timestamp_id'); //If you didn't specify the Timestamp parameters, do not add this reference.
SOAP.Signatures[0].References.Add('#your_address_id'); //The same for Addressing.

SOAP.BodyID := 'your_enveloped_body_id';

//Optional parameters. Depending on your task, you can leave it empty.
SOAP.Addressing.AddItem('To', 'your_address_id', 'your_address_value');
SOAP.Timestamp.ID := 'your_timestamp_id';
createdOn := Now();
SOAP.Timestamp.Created := DateTimeToXMLTime(createdOn);
SOAP.Timestamp.Expires := DateTimeToXMLTime(createdOn + EncodeTime(0, 30, 0, 0));

//Sign the message.
SOAP.Sign();

//You can access the signed XML using the RequestSource TStringList property:
SOAP.RequestSource.SaveToFile('request.xml');
 

Add Feedback