search cancel

How does CA Gen Call External support runtime authentication

book

Article ID: 214861

calendar_today

Updated On:

Products

Gen

Issue/Introduction

How does the CA Gen Call External feature used for calling a SOAP web service support runtime authentication?

Environment

Release : 8.6

Component : CA Gen Workstation Toolset

Resolution

If the SOAP/WSDL has the option to capture the username and password then it could be passed in as a request body but most of the time username and password is abstracted from the WSDL and hence supported through the SOAP header.
So Call External supports authentication via the SOAP header user exit function ABRT_xcall_ws_soapheader_exit inside the file abrtexit.c (currently this is for C only):
CA Gen 8.6 > Reference > User Exits > Action Block Runtime User Exits > Windows Action Block Runtime User Exits > ABRT_xcall_ws_soapheader_exit

Here is a sample SOAP header example:
+++
void  ABRT_xcall_ws_soapheader_exit(const char *uri, char* customsoapheader, size_t MaxLen)
{
    /* below is one example of adding custom soap header */
    //strncpy(customsoapheader, "<wsse:Security xmlns:wsse=\"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd\"><wsse:UsernameToken><wsse:Username>USER</wsse:Username><wsse:Password>PASSWORD</wsse:Password></wsse:UsernameToken></wsse:Security>\0", MaxLen);
    return;
}
+++

The callexternal.ini file parameter SOAPHEADER_BUFFERSIZE should be updated before using this exit to let the runtime allocate enough buffer for the custom header. The default value is 3000.
CA Gen 8.6 > Developing > Designing > Using the Toolset > Working with Toolset > Use Action Diagram > Assignment Action Statements > Add a Call External Statement > Call External File