This module offers a set of APIs that facilitate the transmission of XML requests to a SOAP backend. It excels in managing security policies within SOAP requests, ensuring the transmission of secured SOAP envelopes. Moreover, it possesses the capability to efficiently extract data from security-applied SOAP responses.
SOAP module abstracts out the details of the creation of a SOAP envelope, headers, and the body in a SOAP message.
The Client
is used to connect to and interact with SOAP
endpoints.
import ballerina/soap.soap11;
soap11:Client soapClient = check new ("http://www.dneonline.com/calculator.asmx?WSDL");
import ballerina/soap.soap12;
soap12:Client soapClient = check new ("http://www.dneonline.com/calculator.asmx?WSDL");
- Send & Receive: Sends SOAP request and receives a response.
- Send Only: Fires and forgets requests. Sends the request without the possibility of any response from the service.
The SOAP 1.1 specification requires the inclusion of the action
parameter as a mandatory component within its APIs. In contrast, SOAP 1.2 relaxes this requirement, making the action parameter optional.
import ballerina/soap.soap11;
public function main() returns error? {
soap11:Client soapClient = check new ("http://www.dneonline.com/calculator.asmx?WSDL");
xml envelope = xml `<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<soap:Body>
<quer:Add xmlns:quer="http://tempuri.org/">
<quer:intA>2</quer:intA>
<quer:intB>3</quer:intB>
</quer:Add>
</soap:Body>
</soap:Envelope>`;
xml response = check soapClient->sendReceive(envelope, "http://tempuri.org/Add");
}
import ballerina/soap.soap11;
public function main() returns error? {
soap11:Client soapClient = check new ("http://www.dneonline.com/calculator.asmx?WSDL");
xml envelope = xml `<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<soap:Body>
<quer:Add xmlns:quer="http://tempuri.org/">
<quer:intA>2</quer:intA>
<quer:intB>3</quer:intB>
</quer:Add>
</soap:Body>
</soap:Envelope>`;
check soapClient->sendOnly(envelope, "http://tempuri.org/Add");
}
The SOAP client module introduces a robust framework for configuring security measures in SOAP communication. Security is a critical concern when exchanging data via web services, and this module offers comprehensive options to fortify SOAP requests and responses.
There are two primary security configurations available for SOAP clients:
-
outboundSecurity
: This configuration applies ws-security policies to outgoing SOAP messages. It supports multiple security options, such as Username Token, Timestamp Token, X.509 Token, Symmetric Binding, Asymmetric Binding, and Transport Binding. These can be used individually or in combination to secure the message. -
inboundSecurity
: This configuration handles the security of incoming SOAP messages. It decrypts encrypted data and verifies the digital signature to confirm the authenticity of the message.
This library currently supports the following WS Security policies:
- Username Token: Provides authentication through username and password credentials.
- Timestamp Token: Enhances message integrity by incorporating timestamp information.
- X509 Token: Allows the use of X.509 certificates for secure communication.
- Symmetric Binding: Enables symmetric key-based security mechanisms.
- Asymmetric Binding: Facilitates the use of asymmetric cryptography for enhanced security.
These policies empower SOAP clients to enhance the security of their web service communications by selecting and implementing the appropriate security mechanisms to safeguard their SOAP envelopes.
-
TimestampTokenConfig
: Represents the record for Timestamp Token policy.- Fields:
int
timeToLive : The time to get expired
- Fields:
-
UsernameTokenConfig
: Represents the record for Username Token policy.- Fields:
string
username : The name of the userstring
password : The password of the userPasswordType
passwordType : The password type of the username token
- Fields:
-
SymmetricBindingConfig
: Represents the record for Symmetric Binding policy.- Fields:
crypto:PrivateKey
symmetricKey : The key to sign and encrypt the SOAP envelopecrypto:PublicKey
servicePublicKey : The key to encrypt the symmetric keySignatureAlgorithm
signatureAlgorithm : The algorithm to sign the SOAP envelopeEncryptionAlgorithm
encryptionAlgorithm : The algorithm to encrypt the SOAP envelopestring
x509Token : The path or token of the X509 certificate
- Fields:
-
AsymmetricBindingConfig
: Represents the record for Asymmetric Binding policy.- Fields:
SignatureConfig
signatureConfig : Configuration for applying digital signaturesEncryptionConfig
encryptionConfig : Configuration for applying encryptionstring
x509Token : The path or token of the X509 certificate
- Fields:
InboundSecurityConfig
: Represents the record for outbound security configurations to verify and decrypt SOAP envelopes.- Fields:
crypto:KeyStore
decryptKeystore - The keystore to decrypt the SOAP envelopecrypto:KeyStore
signatureKeystore - The keystore to verify the signature of the SOAP envelope
- Fields:
import ballerina/crypto;
import ballerina/mime;
import ballerina/soap;
import ballerina/soap.soap11;
public function main() returns error? {
soap11:Client soapClient = check new ("https://www.secured-soap-endpoint.com",
{
outboundSecurity: [
{
username: "username",
password: "password",
passwordType: soap:TEXT
},
TRANSPORT_BINDING
]
});
xml envelope = xml `<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<soap:Body>
<quer:Add xmlns:quer="http://tempuri.org/">
<quer:intA>2</quer:intA>
<quer:intB>3</quer:intB>
</quer:Add>
</soap:Body>
</soap:Envelope>`;
xml response = check soapClient->sendReceive(envelope, "http://tempuri.org/Add");
}
import ballerina/crypto;
import ballerina/mime;
import ballerina/soap;
import ballerina/soap.soap12;
public function main() returns error? {
soap12:Client soapClient = check new ("http://www.secured-soap-endpoint.com",
{
outboundSecurity: {
signatureConfig: {
keystore: {
path: KEY_STORE_PATH,
password: PASSWORD
},
privateKeyAlias: ALIAS,
privateKeyPassword: PASSWORD,
signatureAlgorithm: wssec:RSA_SHA1
},
encryptionConfig: {
keystore: {
path: KEY_STORE_PATH_2,
password: PASSWORD
},
publicKeyAlias: ALIAS,
encryptionAlgorithm: wssec:AES_128
}
},
inboundSecurity: {
decryptKeystore: {
path: KEY_STORE_PATH_2,
password: PASSWORD
},
signatureKeystore: {
path: KEY_STORE_PATH_2,
password: PASSWORD
}
}
});
xml envelope = xml `<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" soap:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<soap:Body>
<quer:Add xmlns:quer="http://tempuri.org/">
<quer:intA>2</quer:intA>
<quer:intB>3</quer:intB>
</quer:Add>
</soap:Body>
</soap:Envelope>`;
xml response = check soapClient->sendReceive(envelope, "http://tempuri.org/Add");
}
The Issues and Projects tabs are disabled for this repository as this is part of the Ballerina Standard Library. To report bugs, request new features, start new discussions, view project boards, etc., go to the Ballerina Standard Library parent repository.
This repository contains only the source code of the package.
-
Download and install Java SE Development Kit (JDK) version 21 (from one of the following locations).
-
Export your Github Personal access token with the read package permissions as follows.
export packageUser=<Username> export packagePAT=<Personal access token>
Execute the commands below to build from source.
-
To build the library:
./gradlew clean build
-
To run the integration tests:
./gradlew clean test
-
To build the module without the tests:
./gradlew clean build -x test
-
To debug module implementation:
./gradlew clean build -Pdebug=<port> ./gradlew clean test -Pdebug=<port>
-
To debug the module with Ballerina language:
./gradlew clean build -PbalJavaDebug=<port> ./gradlew clean test -PbalJavaDebug=<port>
-
Publish ZIP artifact to the local
.m2
repository:./gradlew clean build publishToMavenLocal
-
Publish the generated artifacts to the local Ballerina central repository:
./gradlew clean build -PpublishToLocalCentral=true
-
Publish the generated artifacts to the Ballerina central repository:
./gradlew clean build -PpublishToCentral=true
As an open source project, Ballerina welcomes contributions from the community.
For more information, go to the contribution guidelines.
All contributors are encouraged to read the Ballerina Code of Conduct.
- Chat live with us via our Discord server.
- Post all technical questions on Stack Overflow with the #ballerina tag.
- For more information go to the
soap
library. - For example demonstrations of the usage, go to Ballerina By Examples.