SOAP Integration - How to implement WS Security/Digital Signature for SOAP Response

Certified Associate Developer

Hi All

I have a requirement to implement a SOAP solution, I have exposed the web API from Appian to third party system(legacy system). This system sends the data to appian  through web API on daily basis and appian has to process the data and save in our database and in turn API should respond with SOAP Body. Since these are confidential data, I have to implement ws-security for the response. For the response body I have to generate the digest value and digital signature and send these in the same response.

Query: How to implement digital signature in appian probably configuring XML signature with X.509 tokens? Using hash function, I can generate the digest value but for digital signature I am not finding the approach/plugins in appian. Please anyone suggest. Thanks in advance 

Sample response snippet looks something like this:

<Signature xmlns="">www.w3.org/.../xmldsig
<SignedInfo>
<CanonicalizationMethod Algorithm="">www.w3.org/.../xml-exc-c14n
<SignatureMethod Algorithm="">www.w3.org/.../xmldsig
<Reference URI="#Body">
<Transforms>
<Transform Algorithm="">www.w3.org/.../xml-exc-c14n
</Transforms>
<DigestMethod Algorithm="">www.w3.org/.../xmldsig
<DigestValue>2otrm22z3xxgOGJpfuWUPBFYze8=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>MJyaiFEhLzZ5Ny13yj23zL91P8rRwtwAFVnyioTGWAniv4+DBlEW8Z+qDEER2awKgYwBHDyrgjbHBnr9+lVDKaGNQ9oxObOhjt6XFcatS9ExoPe5egbE5qM1N/XI8bNP4blMqUFuQt+El6WFK045+cG+iD5f1XasdTHQW9FB32G0HIgywAEc5x9i/cfJ8SiTwhaUP2wLR8lPxWY6fx9d/Hg/1ad64JKQnCfUX7APLkM2W4EboaUK++/xZntdXQvjIqeBRw8r59GcFvZlfhR6Rzf7tghSawXpnu+e7DduKStWDX8SeVXR6HA7n+N2T/qhGLUxpNNXB1ttS9V1/OOJPg==</SignatureValue>
<KeyInfo>
<X509Data>
<X509IssuerSerial>
<X509IssuerName>CN=SAMA Shared CA, OU=SAMA eTrust Center, O=SAMA, C=SA</X509IssuerName>
<X509SerialNumber>1565659987</X509SerialNumber>
</X509IssuerSerial>
<X509Certificate>

  Discussion posts and replies are publicly visible

Parents
  • 0
    Certified Senior Developer

    Implementing WS-Security for SOAP responses in Appian generally requires a custom solution:

    1. Create a Java plugin to generate a digital signature using the XML Digital Signature API.
    2. Use the plugin within an Appian Integration object to sign the SOAP response with an X.509 certificate.
    3. Ensure proper security for key management and sensitive data handling.

    Appian doesn't provide out-of-the-box support for this, so you'll likely need assistance from someone with Java and security expertise.

Reply
  • 0
    Certified Senior Developer

    Implementing WS-Security for SOAP responses in Appian generally requires a custom solution:

    1. Create a Java plugin to generate a digital signature using the XML Digital Signature API.
    2. Use the plugin within an Appian Integration object to sign the SOAP response with an X.509 certificate.
    3. Ensure proper security for key management and sensitive data handling.

    Appian doesn't provide out-of-the-box support for this, so you'll likely need assistance from someone with Java and security expertise.

Children