Calling a SOAP 1.1 Web Service using WS-Security and HTTPS

I recently had to update an .NET application to enable support for calling SOAP 1.1 Web Services using the WS-Security UsernameToken support over HTTPS with a self-signed TLS certificate. In the end, I had to use a custom binding, since there wasn’t a built in one that suited my requirements; for example, basicHttpBinding supports SOAP 1.1 but not HTTPS while wsHttpBinding supports HTTPS but only using SOAP 1.2.

Let’s break it down into steps:

Adding SOAP headers to send the username and password

The simplest way of adding credentials to every request is to add the SOAP header XML in your App.config:

<system.serviceModel>
  <client>
    <endpoint address="http://example.com/MyWebService" binding="basicHttpBinding" contract="IMyWebService">
      <headers>
        <wsse:UsernameToken xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' >
          <wsse:Username>Username</wsse:Username>
          <wsse:Password>Password</wsse:Password>
        </wsse:UsernameToken>
      </headers>
    </endpoint>
  </client>
</system.serviceModel>

Specify HTTPS and SOAP 1.1

In your App.config:

<system.serviceModel>
  <bindings>
    <customBinding>
      <binding name="wsHttpSoap11">
        <textMessageEncoding messageVersion="Soap11"/>
        <httpsTransport/>
      </binding>
    </customBinding>
  </bindings>
  <client>
    <endpoint address="https://example.com/MyWebService" binding="customBinding" bindingConfiguration="wsHttpSoap11"  contract="IMyWebService">
...
    </endpoint>
  </client>
</system.serviceModel>

At this point, I received the error message “Could not establish trust relationship for the SSL/TLS secure channel with authority” because I was using a self-signed certificate. I had designated the certificate as trusted, and importantly, import it as a Trusted Root Certification Authority. This can be done using the following steps:

  1. Start -> Run -> mmc.exe
  2. File -> Add/Remove Snap-in…
  3. Add Certificates snap-in
  4. Select the Trusted Root Certification Authority folder
  5. Action -> All Tasks -> Import…

GUS Gives

I was approached two years ago by a colleague from the Queensland Department of Education and Training (DET) to help set up a web application for GUS Gives – a charity portal that collects payments from members and provides detailed analytics for charity organisations. My role was to provide data management support and the first task on the list was creating sample data sets in order to test the report generation functions of the website.

I had done similar work when I was working at DET of rule-based generation of staff and student data sets. Using the same technique, I developed an application that generated random people/members as a CSV file (file type choice by the application developers). The reference data of first and last names, locations, phone number prefixes, salaries, etc. were from public sources – US Census Bureau, Australian Bureau of Statistics, OpenStreetMap, and Wikipedia.

Now that GUS Gives looks like it’s a non-starter, I have uploaded the source to Github. The project also contains the data requirements and the collated reference data so the application can run without further dependencies.

Parallel Bible

My 85 year old grandma has been getting into reading various bible translations from her iPad. In order to improve her Hindi reading skills, she was looking for a side-by-side translation of a Malayalam bible and Hindi bible. While we could find Malayalam-English and Hindi-English versions, we couldn’t find a Malayalam-Hindi one that she could access on her computer or iPad.

I decided to help her out and the result is Parallel Bible. I have also uploaded the source code to Github.

The application is static site generator using Razor templates – I took this approach as I couldn’t host a Ruby on Rails or .NET website using my current hosting provider. It uses jQuery Mobile as my grandma uses her iPad for the majority of her browsing, and I wanted the site to be reasonably usable on a mobile. To run the application, the bible data itself must be downloaded for the English version, but is screen scraped for the Indian translations. The translations are then merged during the template execution process.

I did find it interesting that the number of chapters and verses did vary per translation. It was more frequent with the English vs Malayalam where there were quite a few instances of ±1 verse.