SOAP Integration - How to implement WS Security/Digital Signature for SOAP Response

Certified Associate Developer

Hi All

I have a requirement to implement a SOAP solution, I have exposed the web API from Appian to third party system(legacy system). This system sends the data to appian  through web API on daily basis and appian has to process the data and save in our database and in turn API should respond with SOAP Body. Since these are confidential data, I have to implement ws-security for the response. For the response body I have to generate the digest value and digital signature and send these in the same response.

Query: How to implement digital signature in appian probably configuring XML signature with X.509 tokens? Using hash function, I can generate the digest value but for digital signature I am not finding the approach/plugins in appian. Please anyone suggest. Thanks in advance 

Sample response snippet looks something like this:

<Signature xmlns="">www.w3.org/.../xmldsig
<SignedInfo>
<CanonicalizationMethod Algorithm="">www.w3.org/.../xml-exc-c14n
<SignatureMethod Algorithm="">www.w3.org/.../xmldsig
<Reference URI="#Body">
<Transforms>
<Transform Algorithm="">www.w3.org/.../xml-exc-c14n
</Transforms>
<DigestMethod Algorithm="">www.w3.org/.../xmldsig
<DigestValue>2otrm22z3xxgOGJpfuWUPBFYze8=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>MJyaiFEhLzZ5Ny13yj23zL91P8rRwtwAFVnyioTGWAniv4+DBlEW8Z+qDEER2awKgYwBHDyrgjbHBnr9+lVDKaGNQ9oxObOhjt6XFcatS9ExoPe5egbE5qM1N/XI8bNP4blMqUFuQt+El6WFK045+cG+iD5f1XasdTHQW9FB32G0HIgywAEc5x9i/cfJ8SiTwhaUP2wLR8lPxWY6fx9d/Hg/1ad64JKQnCfUX7APLkM2W4EboaUK++/xZntdXQvjIqeBRw8r59GcFvZlfhR6Rzf7tghSawXpnu+e7DduKStWDX8SeVXR6HA7n+N2T/qhGLUxpNNXB1ttS9V1/OOJPg==</SignatureValue>
<KeyInfo>
<X509Data>
<X509IssuerSerial>
<X509IssuerName>CN=SAMA Shared CA, OU=SAMA eTrust Center, O=SAMA, C=SA</X509IssuerName>
<X509SerialNumber>1565659987</X509SerialNumber>
</X509IssuerSerial>
<X509Certificate>

  Discussion posts and replies are publicly visible

Parents Reply Children
No Data