SOAPBelow is the example of using the OpenMetabase operation to connect to a repository using digital signature. The certificate with the SPCERT identifier must be saved in the repository. The requested block is signed using the PFX certificate named sp.pfx.
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"> <s:Body xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema"> <OpenMetabase xmlns="http://www.fsight.ru/PP.SOM.Som"> <tDef xmlns=" "> <tCreds xmlns=" "> <verifier> <mbUser> <user> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"> <soapenv:Body> <OpenMetabaseResult xmlns="http://www.fsight.ru/PP.SOM.Som" xmlns:q1="http://www.fsight.ru/PP.SOM.Som" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
{
"OpenMetabase" :
{
"tDef" :
{
"id" : "WAREHOUSE"
},
"tCreds" :
{
"pass" : "",
"verifier" :
{
"mbUser" :
{
"id" : "Warehouse"
},
"user" :
{
"id" : "user@test.ru"
},
"certificate" : "SPCERT",
"cookie" : "1437524055",
"signature" : "AjTHCXJx6hs28GFsUNqrQlHoRSM6Zrj6Ax40n1nO+uE5zhVL9c8e5WFq4FUalSLWGIVWU0ymkEfVu62gzSn35yAen1kbtjOeQagbX0kG5MQhjVYMk8IVV8bLRIAUbuDah4vxlqTBjvPRsTFy5QU1pr0cYZdmHwdQSPKu7kZ9jS\/b1TOkPyRm8QrywVAU5MdqqR5oCN9qzAvDktTJXPU2a4BL0lRCAJuy0aYTXRU07J0Z5Jek2rUTQpJ1Qn7+zxew23SG\/M1Ma8w6k9+YQn5pokh43xbkpKPScbQOeho+NNpHFP\/yGN6PmeCCvltjOiuiGyn2XeSkMvSpmGVP+Z4NCQ=="
}
},
"tArg" : ""
}
}
{
"OpenMetabaseResult" :
{
"id" : "S1!M"
}
}
The parameters required for connection are sent as input parameters of the function. The result of the operation is the result of the function.
public static MbId MetabaseConnectWithDigitalSign(string mbDefinitionId, string repoUser, string dbLoginUser)
{
var somClient = new SomPortTypeClient(); //Proxy object for operation execution
//Get data block that is signed with digital signature
var verifierCode = somClient.GetVerifierCode(new GetVerifierCode() { });
//Open pfx certificate and get signature key from it
var x509 = new X509Certificate2(@"../../sp.pfx");
RSACryptoServiceProvider rsa = x509.PrivateKey as RSACryptoServiceProvider;
//Calculate MD5 hash of previously obtained data and sign this hash with RSA digital signature
var sign = rsa.SignData(verifierCode.verifierCode, new MD5CryptoServiceProvider());
//Operation execution parameters
var tOpen = new OpenMetabase()
{
tArg = new OpenMetabaseArg() { },
tCreds = new UserCreds() //Credentials used for connection
{
verifier = new VerifierCodeLogonData()
{
//User used for logging in to repository. This user may be absent in DBMS
user = new UserId() { id = repoUser },
//User used for connecting to repository database. Password is stored in a protected form in BI server registry
mbUser = new UserId() { id = dbLoginUser },
//Previously obtained value used for setting correspondence between digital signature and data block
cookie = verifierCode.cookie,
//Digital signature that should be checked by server
signature = sign,
//Certificate that will be used to check digital signature. Should be saved in repository database
certificate = "SPCERT"
},
pass = string.Empty
},
tDef = new MbDef() //Description of repository, to which connection is established
{
id = mbDefinitionId
}
};
//Repository connection
MbId mb = somClient.OpenMetabase(tOpen);
return mb;
}
See also: