使用ruby / savon消费自定义绑定oracle WCF Web服务

Question

我正在尝试使用带有ruby和savon的非basicthttp绑定来使用wfc Web服务。

WS的提供者实现了oracle / wss11_username_token_with_message_protection_service_policy（这里描述） http://www.oracle.com/technetwork/articles/soa/oracle-msft-interoperate-183511.html）

如果我理解正确，由于非基本的http绑定，此策略期望进行某种加密（根据此http://blog.raastech.com/2012/08/owsm-security-errors.html）

描述的WS实际上已经过了ssl，由于我执行得不好，可能是所有邪恶的根源。

甚至可以使用带有savon的非基本http绑定的WFC WS吗？

我的背景是ruby和rails，但我是WS（和savon）和ssl用法的新手。

现在WS的提供者没有提供太多支持。实际上他们的外出是他们只为java或.net中的实现提供支持（因为它是WS并因此与平台无关，所以甚至可能吗？）。

尝试运行相当简单的代码，如下所示

require 'savon'
client = Savon.client do 

  wsdl      "https://apps.ika.gr/hospitalisationWSS_TEST-hospitalisationWSS_TEST-context-root/MainWSClassPort?WSDL"
  wsse_auth "ΥΥΥΥ", "ΧΧΧΧ"     # ALTERED
  wsse_timestamp true

  pretty_print_xml true
  log_level :debug

  ssl_verify_mode :none
  ssl_cert_file       "files/ika.cer"  # provided by WS provider
end


save_admission_hl7_msg = "MSH|^~\&|||||201310111112||ADT^A13^ADT_A13|2013000012113|P|2.6|||||||||66645678912345678945|^^^^^^^^^10000\nEVN|A13|201310101122|||nosiliapap\nPID\nPV1||I|||||||||||||||||2013000012111|||||||||||||||||||||||||||||||2013000012113\n"

response = client.call(:save_admission_hl7,  
         :attributes => { :xmlns => "http://bean.intracom.com/" }, 
          :message => { :arg0 => {  :@xmlns=>'', :content! =>{ :hl7ADT =>     save_admission_hl7_msg     }    }  } )
end

puts response.body

Ι获得以下输出

D, [2013-12-04T08:21:20.445549 #3088] DEBUG -- : HTTPI GET request to apps.ika.gr (httpclient)
I, [2013-12-04T08:21:22.074643 #3088]  INFO -- : SOAP request: https://apps.ika.gr/hospitalisationWSS_TEST-hospitalisationWSS_TEST-context-root/MainWSClassPort
I, [2013-12-04T08:21:22.074643 #3088]  INFO -- : SOAPAction: "saveAdmissionHl7", Content-Type: text/xml;charset=UTF-8, Content-Length: 1363
D, [2013-12-04T08:21:22.075643 #3088] DEBUG -- : <?xml version="1.0" encoding="UTF-8"?>
<env:Envelope xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:tns="http://bean.intracom.com/" xmlns:env="http://schemas.xmlsoap.org/soap/envelope/">
  <env:Header>
    <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
      <wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-1">
        <wsse:Username>YYYY</wsse:Username>
        <wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">XXXX</wsse:Password>
      </wsse:UsernameToken>
      <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-2">
        <wsu:Created>2013-12-04T06:21:22Z</wsu:Created>
        <wsu:Expires>2013-12-04T06:22:22Z</wsu:Expires>
      </wsu:Timestamp>
    </wsse:Security>
  </env:Header>
  <env:Body>
    <tns:saveAdmissionHl7 xmlns="http://bean.intracom.com/">
      <arg0 xmlns="">
        <hl7ADT>MSH|^~&amp;|||||201310111112||ADT^A13^ADT_A13|2013000012113|P|2.6|||||||||66645678912345678945|^^^^^^^^^10000
EVN|A13|201310101122|||nosiliapap
PID
PV1||I|||||||||||||||||2013000012111|||||||||||||||||||||||||||||||2013000012113
</hl7ADT>
      </arg0>
    </tns:saveAdmissionHl7>
  </env:Body>
</env:Envelope>

D, [2013-12-04T08:21:22.076643 #3088] DEBUG -- : HTTPI POST request to apps.ika.gr (httpclient)
I, [2013-12-04T08:21:22.472665 #3088]  INFO -- : SOAP response (status 500)
D, [2013-12-04T08:21:22.473665 #3088] DEBUG -- : <?xml version="1.0" encoding="UTF-8"?>
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
  <S:Body>
    <ns2:Fault xmlns:ns2="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns3="http://www.w3.org/2003/05/soap-envelope">
      <faultcode xmlns:ns0="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">ns0:FailedCheck</faultcode>
      <faultstring>FailedCheck : failure in security check</faultstring>
    </ns2:Fault>
  </S:Body>
</S:Envelope>

f:/rubystack/ruby/lib/ruby/gems/1.9.1/gems/savon-2.3.0/lib/savon/response.rb:85:in `raise_soap_and_http_errors!': (ns0:FailedCheck) FailedCheck : failure in security check (Savon::SOAPFault)
        from f:/rubystack/ruby/lib/ruby/gems/1.9.1/gems/savon-2.3.0/lib/savon/response.rb:14:in `initialize'
        from f:/rubystack/ruby/lib/ruby/gems/1.9.1/gems/savon-2.3.0/lib/savon/operation.rb:64:in `new'
        from f:/rubystack/ruby/lib/ruby/gems/1.9.1/gems/savon-2.3.0/lib/savon/operation.rb:64:in `create_response'
        from f:/rubystack/ruby/lib/ruby/gems/1.9.1/gems/savon-2.3.0/lib/savon/operation.rb:55:in `call'
        from f:/rubystack/ruby/lib/ruby/gems/1.9.1/gems/savon-2.3.0/lib/savon/client.rb:36:in `call'
        from eopyy.rb:82:in `<main>'

现在由于我对WS和SSL使用的了解不足，我无法弄清楚错误。 是SSL吗？我应该使用ssl_ca_cert_file而不是ssl_cert_file吗？ （显然我已经尝试过了）。我是否还需要使用密钥文件？

提供程序实际上提供了一个.jks文件（在上面的“ika.cer”证书旁边），但也提到它应该只在java实现中使用（不是.net）。我已经解压缩了jks文件并尝试使用其包含的证书和文件，不成功。

任何帮助，线索，提示，非常感谢。