问题
I am trying to Invoke IRS ACA 1095 B Ws through SOAP UI. I have configured Keystore in SOAP UI which when imported says OK. I have signed the 3 elements referring the IRS Doc, ACABusinessHeader, ACATransmitterManifestReqDtl and Timestamp. I have tried with and without, Gzip/ Wsa Header/ Attachment/ MTOM still for a simple SOAP Request without any file attachment I am having :
The WS Security Header in the message is invalid. Please review the transmission instructions outlined in Section 5 of the AIR Submission Composition and Reference Guide located at https://www.irs.gov/for-Tax-Pros/Software-Developers/Information-Returns/Affordable-Care-Act-Information-Return-AIR-Program, correct any issues, and try again.
Error Code: TPE 1122.
I have attached the complete SOAP Ui Request Message.
Any sort of Help is appreciated.
--->
enter code here
POST https://la.www4.irs.gov/airp/aca/a2a/1095BC_Transmission_AATS2016 HTTP/1.1
Content-Encoding: gzip
Accept-Encoding: gzip,deflate
Content-Type: multipart/related; type="application/xop+xml"; start="<rootpart@soapui.org>"; start-info="text/xml"; boundary="----=_Part_0_1488514502.1456157000203"
SOAPAction: "BulkRequestTransmitter"
MIME-Version: 1.0
Transfer-Encoding: chunked
Host: la.www4.irs.gov
Connection: Keep-Alive
User-Agent: Apache-HttpClient/4.1.1 (java 1.5)
<soapenv:Envelope xmlns:oas1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:urn="urn:us:gov:treasury:irs:msg:acabusinessheader" xmlns:urn1="urn:us:gov:treasury:irs:ext:aca:air:7.0" xmlns:urn2="urn:us:gov:treasury:irs:common" xmlns:urn3="urn:us:gov:treasury:irs:msg:acasecurityheader" xmlns:urn4="urn:us:gov:treasury:irs:msg:irsacabulkrequesttransmitter" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:xd="http://www.w3.org/2000/09/xmldsig#">
<soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<ds:Signature Id="SIG-F8EA5798DFE03264EF145615675816614" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="oas1 soapenv urn urn1 urn2 urn3 urn4 wsu xd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#id-E9877CA7A36541AA6A1455820267635274">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="oas1 soapenv urn1 urn2 urn3 urn4 xd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>REDACTED</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-E9877CA7A36541AA6A1455820267635275">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="oas1 soapenv urn urn2 urn3 urn4 xd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>REDACTED</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-E9877CA7A36541AA6A1455820267635276">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="oas1 soapenv urn urn1 urn2 urn3 urn4 xd" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>REDACTED</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>REDACTED</ds:SignatureValue>
<ds:KeyInfo Id="RE-Dacted">
<wsse:SecurityTokenReference wsu:Id="STR-abcdefghijklmnopqredacted">
<wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">REDACTED</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
<urn3:ACASecurityHeader/>
<urn:ACABusinessHeader wsu:Id="id-E9877CA7A36541AA6A1455820267635274">
<urn1:UniqueTransmissionId>abcd-efgh:1234</urn1:UniqueTransmissionId>
<urn2:Timestamp>2016-02-17T15:17:47Z</urn2:Timestamp>
</urn:ACABusinessHeader>
<urn1:ACATransmitterManifestReqDtl wsu:Id="id-E9877CA7A36541AA6A1455820267635275">
<urn1:PriorYearDataInd>0</urn1:PriorYearDataInd>
<urn2:EIN>12-34567</urn2:EIN>
<urn1:TestFileCd>T</urn1:TestFileCd>
<urn1:TransmitterNameGrp>
<urn1:BusinessNameLine1Txt>SOME VALUE</urn1:BusinessNameLine1Txt>
</urn1:TransmitterNameGrp>
<urn1:CompanyInformationGrp>
<urn1:MailingAddressGrp>
<urn1:USAddressGrp>
<urn1:AddressLine1Txt>SOME ADRESS</urn1:AddressLine1Txt>
<urn2:CityNm>SOME CITY</urn2:CityNm>
<urn1:USStateCd>AB</urn1:USStateCd>
<urn2:USZIPCd>12345</urn2:USZIPCd>
<urn2:USZIPExtensionCd>6789</urn2:USZIPExtensionCd>
</urn1:USAddressGrp>
</urn1:MailingAddressGrp>
<urn1:ContactNameGrp>
<urn2:PersonFirstNm>First</urn2:PersonFirstNm>
<urn2:PersonLastNm>Last</urn2:PersonLastNm>
</urn1:ContactNameGrp>
<urn1:ContactPhoneNum>123-456-7890</urn1:ContactPhoneNum>
</urn1:CompanyInformationGrp>
<urn1:VendorInformationGrp>
<urn1:VendorCd>Some Vendor</urn1:VendorCd>
<urn1:ContactNameGrp>
<urn2:PersonFirstNm>First</urn2:PersonFirstNm>
<urn2:PersonLastNm>Last</urn2:PersonLastNm>
</urn1:ContactNameGrp>
<urn1:ContactPhoneNum>Phone</urn1:ContactPhoneNum>
</urn1:VendorInformationGrp>
<urn1:TotalPayeeRecordCnt>1</urn1:TotalPayeeRecordCnt>
<urn1:TotalPayerRecordCnt>1</urn1:TotalPayerRecordCnt>
<urn1:SoftwareId>A12345678</urn1:SoftwareId>
<urn1:FormTypeCd>1094-1095B</urn1:FormTypeCd>
<urn2:BinaryFormatCd>application/xml</urn2:BinaryFormatCd>
<urn2:ChecksumAugmentationNum>garbage-value</urn2:ChecksumAugmentationNum>
<urn2:AttachmentByteSizeNum>1234</urn2:AttachmentByteSizeNum>
<urn1:DocumentSystemFileNm>some</urn1:DocumentSystemFileNm>
</urn1:ACATransmitterManifestReqDtl>
<wsu:Timestamp wsu:Id="id-E9877CA7A36541AA6A1455820267635276">
<wsu:Created>2016-02-17T15:41:09.678Z</wsu:Created>
<wsu:Expires>2016-02-20T10:21:09.678Z</wsu:Expires>
</wsu:Timestamp>
<wsa:Action>BulkRequestTransmitter</wsa:Action>
</soapenv:Header>
<soapenv:Body>
<urn4:ACABulkRequestTransmitter>
<urn2:BulkExchangeFile>
</urn2:BulkExchangeFile>
</urn4:ACABulkRequestTransmitter>
</soapenv:Body>
</soapenv:Envelope>
回答1:
I see the wsu:Timestamp is outside the wsse:Security, I have attached outgoing WS-Security configuration of my working SOAP UI, cross check with yours.
After applying the outgoing headers, submit the request as is and do not format the request!
My outgoing WS-Security configuration of SOAP UI
My outgoing WS-Security configuration of SOAP UI-TimeStamp
回答2:
SOAP UI KeyStore using pfx file. SOAP UI KeyStore
Request payload:
POST https://la.www4.irs.gov/airp/aca/a2a/1095BC_Transmission_AATS2016 HTTP/1.1
SOAPAction: BulkRequestTransmitter
Content-Type: multipart/related; type="application/xop+xml"; start="<rootpart@soapui.org>
"; start-info="text/xml"; boundary="----=_Part_26_1277305220.1456248891536"
Host: la.www4.irs.gov
Content-Length: 17728
Expect: 100-continue
Connection: Keep-Alive
------=_Part_26_1277305220.1456248891536
Content-Type: application/xop+xml; charset=UTF-8; type="text/xml"
Content-Transfer-Encoding: 8bit
Content-ID: <rootpart@soapui.org>
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/">
<s:Header>
<wsse:Security s:mustUnderstand="1" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<ds:Signature Id="SIG-3ED4996B507C9FE4891456248845324120" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#WithComments"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#TS-3ED4996B507C9FE4891456248845320116">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<InclusiveNamespaces PrefixList="wsse s" xmlns="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>....</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-D4CA0E52B9727D4C0A14551257302705">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<InclusiveNamespaces PrefixList="s" xmlns="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>....</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-1781945826">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<InclusiveNamespaces PrefixList="s" xmlns="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>.....</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>.....</ds:SignatureValue>
<ds:KeyInfo Id="KI-3ED4996B507C9FE4891456248845324118">
<wsse:SecurityTokenReference wsu:Id="STR-3ED4996B507C9FE4891456248845324119">
<wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">....</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
<wsu:Timestamp wsu:Id="TS-3ED4996B507C9FE4891456248845320116">
<wsu:Created>2016-02-23T17:34:05.320Z</wsu:Created>
<wsu:Expires>2016-05-26T04:27:12.320Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
<ns0:ACABusinessHeader ns1:Id="id-1781945826" ns2:anyAttr="anyAttrContents" xmlns:ns0="urn:us:gov:treasury:irs:msg:acabusinessheader" xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:ns2="urn:us:gov:treasury:irs:msg:acabusinessheaderanyAttr">
<ns3:UniqueTransmissionId xmlns:ns3="urn:us:gov:treasury:irs:ext:aca:air:7.0">5a79b747-f622-4fe0-b5a7-4ab52226bc70:SYS12:xxxxx::T</ns3:UniqueTransmissionId>
<ns4:Timestamp xmlns:ns4="urn:us:gov:treasury:irs:common">2016-02-09T12:34:33Z</ns4:Timestamp>
</ns0:ACABusinessHeader>
<ACATransmitterManifestReqDtl d1p1:Id="id-D4CA0E52B9727D4C0A14551257302705" xsi:schemaLocation="urn:us:gov:treasury:irs:msg:form1094-1095BCtransmitterreqmessage IRS-Form1094-1095BCTransmitterReqMessage.xsd" xmlns="urn:us:gov:treasury:irs:ext:aca:air:7.0" xmlns:d1p1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:irs="urn:us:gov:treasury:irs:common" xmlns:n1="urn:us:gov:treasury:irs:msg:form1094-1095BCtransmitterreqmessage" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
</ACATransmitterManifestReqDtl>
</s:Header>
<s:Body>
<ns0:ACABulkRequestTransmitter version="1.0" xmlns:ns0="urn:us:gov:treasury:irs:msg:irsacabulkrequesttransmitter">
<ns1:BulkExchangeFile xmlns:ns1="urn:us:gov:treasury:irs:common">
<inc:Include href="cid:1094B_Request_xxxxx_20160211T170145000Z.xml" xmlns:inc="http://www.w3.org/2004/08/xop/include"/>
</ns1:BulkExchangeFile>
</ns0:ACABulkRequestTransmitter>
</s:Body>
</s:Envelope>
------=_Part_26_1277305220.1456248891536
Content-Type: text/xml; charset=Cp1252;
name=1094B_Request_xxxxx_20160211T170145000Z.xml
Content-Transfer-Encoding: quoted-printable
Content-ID: <1094B_Request_xxxxx_20160211T170145000Z.xml>
Content-Disposition: attachment;name="1094B_Request_xxxxx_20160211T170145000Z.xml";
filename="1094B_Request_xxxxx_20160211T170145000Z.xml"
< 1094 Bulk file removed>
------=_Part_26_1277305220.1456248891536--
来源:https://stackoverflow.com/questions/35560875/irs-aca-1095b-bulkrequesttransmitter-invalid-ws-security-header-soap-ui