Using Ruby to connect to a Microsoft SOAP web service that requires a username, password and a security certificate (.cer file) to connect to it

Question

First a little background:

I have already managed to connect to a Microsoft SOAP web service using C#. To use this web service, I have to supply a username and a password in the C# code. I also have to install a security certificate (in .cer format) into the "Root Certificate Authorities" section of the system's certificates. The service's address is a secure “https://” address.

(By the way, the C# class I use to connect to the service was automatically generated for me with the command line tool "svcutil.exe https://address.of.service ")

Here is my question:

How can I connect to this web service using Ruby? I don't know where to even begin. I don't know where my .cer file, username and password should go exactly. Any ideas?

Further information:

Using these instructions for C#, I have been able to find out exactly what XML message is sent, and what XML message is received back. These XMLs are fairly straightforward, but “https://” never appears in them, even though the address of the web service is HTTPS. I'm not sure why that is. I suppose sending and receiving messages from a service is just a separate matter from actually connecting to the service.

Answer 1

I can warmly recommend using Savon for dealing with SOAP in Ruby!

I assume it is HTTP Basic authentication you are dealing with, in that case it should be pretty simple. Just:

client = Savon::Client.new do
  http.auth.basic "user_name", "password"

  # Use a local wsdl
  wsdl.document = File.expand_path("../wsdl/ebay.xml", __FILE__)
  # or from internet
  wsdl.document = "http://service.example.com?wsdl"

  # to list SOAP actions
  client.wsdl.soap_actions
end

(this is just from my head so it might be a bit off) Read the link i posted and msg me if you can't figure it out. :)

The certificate file is used for your computer to accept the identity of the server you want to connect to. If you have installed it to your computer, I don't think you have to do anything more on that part.

EDIT

If you can't use the WSDL file you will have to build the xml by hand, this is pretty ugly, but possible if the is no other way. Nokogiri can be used to construct a xml document, then you can simply POST the xml document to the correct url. I have good experiences using httpi-ntlm to deal with authentication.

Answer 2

What you're talking about here is transport security, rather than message security. The certificate you installed on the Windows server is what is being used to encrypt the SSL connection. What you would need to do with Ruby is ensure that when the connection is made that the client certificate corresponding to the certificate you installed is used to encrypt the SSL connection you use.

This is half server management (SSL cert installation) and half code (making sure you use the proper certificate).

I'm no Ruby expert, but I think you'd need something like this to utilize the x509 certificate in your connection. WCF makes use of a configuration file to do the same thing, while traditional ASMX services use code to do it.