Workday Soap API - 用户名/密码

Question

我正在尝试调用 Workday 集成 API。我能够连接，但收到无效的用户名或密码消息。我的问题是——我把这些信息放在哪里？我在 wsdl 中看不到任何可以输入用户名或密码的内容。

Launch_Integration

感谢您的帮助！ 沃伦

Answer 1

由于某种原因，在 Workday 文档中很难找到正确的身份验证方法，事实上，即使在任何地方都提到过，我也不确定。 如果您使用的是 Workday Studio，则可以使用 Web Service Tester。这通常允许您自定义和形成您的请求，并将向您显示各种身份验证选项。

但是，如果您不这样做，您可以使用以下信封来满足您的要求。 在 BODY 中，您需要添加要使用的特定 WS 请求（例如 Launch Integration）。

<env:Envelope
    xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
    xmlns:xsd="http://www.w3.org/2001/XMLSchema"
    xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
    <env:Header>
        <wsse:Security env:mustUnderstand="1">
            <wsse:UsernameToken>
                <wsse:Username>yourusername@yourtenant</wsse:Username>
                <wsse:Password
                    Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">**YOURPASSWORD***</wsse:Password>
            </wsse:UsernameToken>
        </wsse:Security>
    </env:Header>
    <env:Body>

    </env:Body>
</env:Envelope>

Answer 2

我发现以下博客文章在使用 Workday 服务时非常有用。它涵盖了许多问题，包括处理安全方面。

http://dovetailsoftware.com/hr/gcox/2014/06/13/getting-started-workday-web-services-using-c/

Answer 3

我没有使用过集成 API，但可以想象它就像我使用过的其他 API 一样工作，例如薪酬、福利…… 请参阅我对this question 的回答。您应该在存根中生成一个“IntegrationPortClient”对象，您可以使用它来进行身份验证。

Answer 4

如果您使用的是 Java，这里是处理凭据的代码。不记得我最初是从哪里得到的，也许是在 Workday 社区网站的某个地方。

示例用法，hrPort 和 hrService 来自 wsdl 生成的类：

HumanResourcesPort hrPort = hrService.getHumanResources();

BindingProvider bp = (BindingProvider) hrPort;

WorkdayCredentials.addWorkdayCredentials(bp, 
            config.getWdIntegrationUsername(), 
            config.getWdIntegrationPassword());

这是课程：

/**
 * 
 */
package com.mycompany.workdayservice.data;

import java.util.List;

import javax.xml.soap.SOAPElement;
import javax.xml.soap.SOAPException;
import javax.xml.soap.SOAPHeader;
import javax.xml.soap.SOAPMessage;
import javax.xml.ws.BindingProvider;
import javax.xml.ws.handler.Handler;
import javax.xml.ws.handler.MessageContext;
import javax.xml.ws.handler.soap.SOAPHandler;
import javax.xml.ws.handler.soap.SOAPMessageContext;
import javax.xml.namespace.QName;
import java.util.Set;

/**
 * This class creates a handler that will add the WS-Security username and
 * password to the to the SOAP request messages for a client side proxy.
 * 
 */
public class WorkdayCredentials implements SOAPHandler<SOAPMessageContext> {

    /** Namespace for the SOAP Envelope. */
    private static String SOAPENVNamespace = "http://schemas.xmlsoap.org/soap/envelope/";

/** The prefix that will be used for the SOAP Envelope namespace. */
private static String SOAPENVPrefix = "soapenv";

/** Namespace for the WS-Security SOAP header elements. */
private static String WSSENamespace = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";

/** The prefix that will be used for the WS-Security namespace. */
private static String WSSEPrefix = "wsse";

/**
 * The WS-Security URI that specifies that the password will be transmitted
 * as plain text.
 */
private static String WSSEPasswordText = "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText";

/**
 * The user name that will be sent in the WS-Security header on the SOAP
 * request message. This is of the form systemid@tenant.
 */
private String username;

/**
 * The password that will be sent in the WS-Security header on the SOAP
 * request message.
 */
private String password;

/**
 * This method created an instance of the WorkdayCredentials class and adds
 * it as a handler to the bindingProvider supplied.
 * 
 * @param bindingProvider
 *            The client stub to which the handler will be added. The most
 *            convenient way to obtain the required bindingProvvider is to
 *            call one of the getPort methods on the Service class for the
 *            Web service and then cast the returned object to a
 *            BindingProvider.
 * @param username
 *            The id and tenant name for the user. This is of the form
 *            systemid@tenant.
 * @param password
 *            The password for the system user.
 */
public static void addWorkdayCredentials(BindingProvider bindingProvider,
        String username, String password) {
    List<Handler> handlerChain = bindingProvider.getBinding().getHandlerChain();
    handlerChain.add(new WorkdayCredentials(username, password));
    bindingProvider.getBinding().setHandlerChain(handlerChain);
}

/**
 * Creates a WorkdayCredentials handler and initialises the member
 * variables. In most cases, the addWorkdayCredentials static method should
 * be used instead.
 * 
 * @param username
 *            The id and tenant name for the user. This is of the form
 *            systemid@tenant.
 * @param password
 *            The password for the system user.
 */
public WorkdayCredentials(String username, String password) {
    this.username = username;
    this.password = password;
}

/**
 * Returns null as this handler doesn't process any Headers, it just adds
 * one.
 */
public Set<QName> getHeaders() {
    return null;
}

/**
 * Adds WS-Security header to request messages.
 */
public boolean handleMessage(SOAPMessageContext smc) {
    Boolean outboundProperty = (Boolean) smc
            .get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);
    if (outboundProperty.booleanValue()) {
        addWSSecurityHeader(smc, username, password);
    }
    return true;
}

/**
 * Returns true, no action is taken for faults messages.
 */
public boolean handleFault(SOAPMessageContext smc) {
    return true;
}

public void close(MessageContext messageContext) {
}

/**
 * Adds a WS-Security header containing a UsernameToken to a SOAP message.
 * 
 * @param smc
 *            The SOAPMessageContent to which the WS-Security header will be
 *            added.
 * @param username
 *            The WS-Security username.
 * @param password
 *            The WS-Security password.
 * 
 * @throws java.lang.RuntimeException
 *             This exception will be thrown if a SOAPException occurs when
 *             modifying the message.
 */
private void addWSSecurityHeader(SOAPMessageContext smc, String username,
        String password) throws java.lang.RuntimeException {

    try {
        // Get the SOAP Header
        SOAPMessage message = smc.getMessage();
        SOAPHeader header = message.getSOAPHeader();
        if (header == null) {
            // Create header as it doesn't already exist
            message.getSOAPPart().getEnvelope().addHeader();
            header = message.getSOAPHeader();
        }

        // Add WS-Security SOAP Header
        SOAPElement heSecurity = header.addChildElement("Security",
                WSSEPrefix, WSSENamespace);
        heSecurity.addAttribute(message.getSOAPPart().getEnvelope()
                .createName("mustUnderstand", SOAPENVPrefix,
                        SOAPENVNamespace), "1");

        // Add the Usernametoken element to the WS-Security Header
        SOAPElement heUsernameToken = heSecurity.addChildElement(
                "UsernameToken", WSSEPrefix, WSSENamespace);

        // Add the Username element to the UsernameToken Element
        heUsernameToken.addChildElement("Username", WSSEPrefix,
                WSSENamespace).addTextNode(username);

        // Add the Password element to the UsernameToken Element
        SOAPElement hePassword = heUsernameToken.addChildElement(
                "Password", WSSEPrefix, WSSENamespace);
        hePassword.addAttribute(message.getSOAPPart().getEnvelope()
                .createName("Type"), WSSEPasswordText);
        hePassword.addTextNode(password);

    } catch (SOAPException e) {
        throw new RuntimeException(
                "Failed to add WS-Security header to request", e);
    }
  }
  }