PolicyException when using NhinPatientDiscovery service

classic Classic list List threaded Threaded
4 messages Options
Reply | Threaded
Open this post in threaded view
|

PolicyException when using NhinPatientDiscovery service

kostepanych
I'm trying to create Test Case for NhinPatientDiscovery service in SoapUi:

I've created new soapUi project with Initial WSDL https://localhost:8181/Gateway/PatientDiscovery/1_0/NhinService/NhinPatientDiscovery?wsdl  and added request example from nhin-patient-discovery-production-specification-v2.0-1.pdf
to this test case:
PD-request.xml

But when I submit this request I receive message:
<soap:Text xml:lang="en">These policy alternatives can not be satisfied: 
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}HttpsToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}EndorsingSupportingTokens: The received token does not match the endorsing supporting token requirement
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SamlToken: The received token does not match the token inclusion requirement</soap:Text>

So is there any examples, how to set up these security policies?
Reply | Threaded
Open this post in threaded view
|

Re: PolicyException when using NhinPatientDiscovery service

matthew weaver
We've never been able to get secured services working in SOAPUI. There are a number of challenges which dovetail exactly with the policies that CONNECT (via CXF) is complaining about. 

1) HttpsToken - you aren't doing SSL with client authentication
2) EndorsingSupportingTokens - you don't have a timestamp signature
3) SamlToken - you are missing the saml assertion


On Tue, Mar 18, 2014 at 9:13 AM, kostepanych [via CONNECT Forums] <[hidden email]> wrote:
I'm trying to create Test Case for NhinPatientDiscovery service in SoapUi:

I've created new soapUi project with Initial WSDL https://localhost:8181/Gateway/PatientDiscovery/1_0/NhinService/NhinPatientDiscovery?wsdl  and added request example from nhin-patient-discovery-production-specification-v2.0-1.pdf
to this test case:
PD-request.xml

But when I submit this request I receive message:
<soap:Text xml:lang="en">These policy alternatives can not be satisfied: 
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}HttpsToken
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}EndorsingSupportingTokens: The received token does not match the endorsing supporting token requirement
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SamlToken: The received token does not match the token inclusion requirement</soap:Text>

So is there any examples, how to set up these security policies?


If you reply to this email, your message will be added to the discussion below:
http://forums.connectopensource.org/PolicyException-when-using-NhinPatientDiscovery-service-tp7579460.html
To start a new topic under CONNECT Users, email [hidden email]
To unsubscribe from CONNECT Forums, click here.
NAML

Matthew Weaver
Lead Developer - CONNECT Product Team
Reply | Threaded
Open this post in threaded view
|

Re: PolicyException when using NhinPatientDiscovery service

kostepanych
In reply to this post by kostepanych
So if there is no possibility to get secured services working in SOAPUI, what is the best way to test NhinPatientDiscovery service?
I've created custom MPI module, and I want to assure that service works good.
Reply | Threaded
Open this post in threaded view
|

Re: PolicyException when using NhinPatientDiscovery service

greggurr
One way we have tested NhinPatientDiscovery service is to have the SOAP UI test call the "Entity" patient discovery service on a Requesting gateway. The "Entity" PD service is unsecured and it bypasses the issues you have listed with the NhinPatientDiscovery service. The "Entity" patient discovery service will in turn call the NhinPatientDiscovery service on the Requesting gateway to send out a PD request to your other responding gateway which has the MPI service you want to test.