Glad I can be of assistance. The web service I am working on now at work processes millions of dollars worth of transactions a month and it is all based on Java WSSE (very similar to what CF uses). You shouldn't find any real problems with talking to it through CF (as far as security goes). The only thing to look out for is if they pass DataTables and things like that back through instead of standard SOAP data types.
I guess the bottom line is your biggest worry would be dealing with a .net web service's data types, not the security. From memory someone else on the list had problems with .net DataTables. Shane On 4/5/07, Mike Kear <[EMAIL PROTECTED]> wrote: > > > Thanks Shane, this is indeed very helpful. > > The plan is at business plan stage now. I was asked "does this WSE > Security thing mean it's going to be doable if we go ahead or not?" > The management people are discussing all the business and legal > aspects of the two sites working together, and if they go ahead, then > the two sites are going to have to pass a lot of info back and forth > including money and personal information. Their site is much bigger > than ours and they use WSE Security. > > So we needed to know up front if it's going to be doable or not. The > deal they're talking about is far bigger in impact than the technical > issue of the web site. If it comes down to it, the It guys are goign > to be told "make it happen, dont give me reasons why it cant be done. > If you have problems, get around them!" So at this point we needed > to know if 'they", a much bigger site than ours will need to be asked > to change the way they handle security. Not a good look for this > deal. > > The bottom line, for now, is that it's tricky and messy but doable, I > think. > > When/if the deal proceeds it'll be some late nights and studying I think. > > > Cheers > Mike Kear > Windsor, NSW, Australia > Adobe Certified Advanced ColdFusion Developer > AFP Webworks > http://afpwebworks.com > ColdFusion, PHP, ASP, ASP.NET hosting from AUD$15/month > > > > On 4/5/07, Shane Farmer <[EMAIL PROTECTED]> wrote: > > Hi Mike, > > > > Not sure how you would deal with this without packaging the message in a > > SOAP envelop manually through XML objects, but in Java you just have to > make > > sure you use the right security namespaces. What you are dealing with is > a > > Microsoft implementation of the SOAP Security standard. > > > > Seeing as the CF SOAP stuff is just a wrapper around Axis, it should be > able > > to handle it fine. Try adding the SOAP headers through CF (7 can handle > this > > just not sure of the syntax off the top of my head). MX 6.1 can't handle > > this very easily though. Try comparing the XML generated by doing this > to a > > cal to the web service from SOAP UI. If you can make SOAP UI talk to the > web > > service, you will have a copy of the XML to work with and compare > against. > > > > Here is an example of a SOAP request that uses WSSE > > > > <soap:Envelope xmlns:soap="..." > > xmlns:wsse="http://schemas.xmlsoap.org/ws/2002/07/secext";> > > <soap:Header> > > <wsse:Security soap:mustUnderstand="true"> > > <UsernameToken> > > <Username>MyName</Username> > > <Password Type="PasswordText">MyPass</Password> > > </UsernameToken> > > </wsse:Security> > > </soap:Header> > > <soap:Body Id="MsgBody"> > > <!- SOAP Body data --> > > </soap:Body> > > </soap:Envelope> > > > > You can get more information from the XSD's relating to the WSSE and > SOAP > > namespaces etc. > > > > Hope this helps, > > Shane > > > > > > > > --~--~---------~--~----~------------~-------~--~----~ You received this message because you are subscribed to the Google Groups "cfaussie" group. To post to this group, send email to cfaussie@googlegroups.com To unsubscribe from this group, send email to [EMAIL PROTECTED] For more options, visit this group at http://groups.google.com/group/cfaussie?hl=en -~----------~----~----~----~------~----~------~--~---
