515 views

Description

After upgrading to Helsinki, integrations relying on deprecated SoapMessage API for outbound SOAP Message functions with WS security enabled (like Verizon Ebonding) are failing with a WSSecurity exception.

Verizon Ebonding Web Service functions appear to lose their configuration (Certificate, Key Store, Key Store Alias, and Key Store password) in Helsinki. Opening the web service function record and then closing it causes the function configuration to disappear. Since the deprecated SoapMessage API is using this SOAP message function configuration (Certificate, Key Store, Key Store Alias, and Key Store password), integrations relying on the deprecated SoapMessage API are failing.

Steps to Reproduce

  1. Upgrade from Fuji to Helsinki
  2. Navigate to Verizon eBroker WebServices.
  3. Select any of the functions.
  4. View Verizon eBroker Functions again.
    The following values are no longer populated: Key Store, Key Store Alias, Key Store Password, and Certificate.
  5. Use the deprecated SoapMessage API: 
    s = new SOAPMessage('Verizon eBroker', 'createTicket');
    s.post();

Workaround

Because SOAP message functions only lose their configuration (Certificate, Key Store, Key Store Alias, and Key Store password) when you open the function, there are 2 possible scenarios. The workaround depends on if the user has opened the SOAP message function record.

 

If the user has opened the SOAP message function, the Certificate, Key Store, Key Store Alias, and Key Store password has migrated to WS-Security X.509 profile.

  1. Deactivate the business rule named Move X.509 fields into a new record.
  2. On the SOAP message function, ensure that the Use WS-Security option is selected.
  3. Populate the columns Certificate, Key Store, Key Store Alias, and Key Store password in the Soap Message Function table using the script below (the script is used because the column Keystore password is encrypted and these columns are no longer part of Default view):

var gr = new GlideRecord('sys_soap_message_function');

gr.get('<replace with soap message function sys id>');

//copy configuration values from table 'ws_security_x509_profile_outbound' to 'sys_soap_message_function'

var x509ProfileGR = new GlideRecord("ws_security_x509_profile_outbound");

x509ProfileGR.get(gr.ws_security_x509_profile);

gr.key_store = x509ProfileGR.key_store;

gr.key_store_alias = x509ProfileGR.key_store_alias;

gr.key_store_password = x509ProfileGR.key_store_password;

gr.certificate = x509ProfileGR.certificate;

gr.update();

If the user has not opened the SOAP message function, the Certificate, Key Store, Key Store Alias, and Key Store password is still in the SOAP message function.

  • Deactivate the business rule named Move X.509 fields into a new record

Related Problem: PRB710320

Seen In

Eureka Patch 13 Hot Fix 2
Fuji Patch 11 Hot Fix 1
Fuji Patch 12 Hot Fix 1
Fuji Patch 13 Hot Fix 1
Helsinki Patch 2
Helsinki Patch 3
Helsinki Patch 4
Helsinki Patch 5

Fixed In

Jakarta
Kingston

Associated Community Threads

There is no data to report.

Article Information

Last Updated:2017-05-10 10:08:12
Published:2016-09-28