Search code examples
sabresabredav

Sabre sessionless authentication

I am trying to get sessionless token. Following is the xml but its not working an throwing error. it is giving error. There are couple of things missing and I am not sure what to pass there e.g sec:BinarySecurityToken, SabreAth, mes:Role.

<StackTrace>com.sabre.universalservices.base.exception.InvalidEbXMLException: errors.xml.USG_EBXML_FIELD_TOO_LONG</StackTrace>

Request XML

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:sec="http://schemas.xmlsoap.org/ws/2002/12/secext" xmlns:mes="http://www.ebxml.org/namespaces/messageHeader" xmlns:web="http://webservices.sabre.com">
   <soapenv:Header>
      <sec:Security>
         <!--Optional:-->
         <sec:UsernameToken>
            <!--Optional:-->
            <sec:Username>123</sec:Username>
            <!--Optional:-->
            <sec:Password>mypass</sec:Password>
            <!--0 to 2 repetitions:-->
            <sec:NewPassword>mypass</sec:NewPassword>
            <!--Optional:-->
            <Organization>org1</Organization>
            <!--Optional:-->
            <Domain>AAA</Domain>
         </sec:UsernameToken>
         <!--Optional:-->
         <sec:SabreAth>?</sec:SabreAth>
         <!--Optional:-->
         <sec:BinarySecurityToken>?</sec:BinarySecurityToken>
      </sec:Security>
      <mes:MessageHeader mes:id="?" mes:version="?">
         <mes:From>
            <!--1 or more repetitions:-->
            <mes:PartyId mes:type="?">sastaticket.pk</mes:PartyId>
            <!--Optional:-->
            <mes:Role>?</mes:Role>
         </mes:From>
         <mes:To>
            <!--1 or more repetitions:-->
            <mes:PartyId mes:type="?">https://sws-crt.cert.havail.sabre.com</mes:PartyId>
            <!--Optional:-->
            <mes:Role>?</mes:Role>
         </mes:To>
         <mes:CPAId>?</mes:CPAId>
         <mes:ConversationId>1234</mes:ConversationId>
         <mes:Service mes:type="?">Session</mes:Service>
         <mes:Action>TokenCreateRQ</mes:Action>
         <mes:MessageData>
            <mes:MessageId>?</mes:MessageId>
            <mes:Timestamp>2018-01-28T00:00:00</mes:Timestamp>
            <!--Optional:-->
            <mes:RefToMessageId>?</mes:RefToMessageId>
            <!--Optional:-->
            <mes:TimeToLive>2018-01-28T00:00:00</mes:TimeToLive>
            <!--Optional:-->
            <mes:Timeout>2018-01-28T00:00:00</mes:Timeout>
         </mes:MessageData>
         <!--Optional:-->
         <mes:DuplicateElimination>?</mes:DuplicateElimination>
         <!--Zero or more repetitions:-->
         <mes:Description xml:lang="?">?</mes:Description>
         <!--You may enter ANY elements at this point-->
      </mes:MessageHeader>
   </soapenv:Header>
   <soapenv:Body>
      <web:TokenCreateRQ Version="?"/>
   </soapenv:Body>
</soapenv:Envelope>
Solution

  • It seems you are sending too much information in the MessageData node. If you follow the example Sabre shows in Dev Studio, only MessageId and TimesStamp make the trick. For Sabre WS, not all optional nodes are sometimes required, and in this case you are sending extra information which is not needed.

    You will want to remove this:

     <mes:TimeToLive>2018-01-28T00:00:00</mes:TimeToLive>
 <mes:Timeout>2018-01-28T00:00:00</mes:Timeout>

    Just something like this will do it:

     <mes:MessageData>
    <mes:MessageId>?</mes:MessageId>
    <mes:Timestamp>2018-01-28T00:00:00</mes:Timestamp>
 </mes:MessageData>

    Also be careful with the Domain, which should be either AA or DEFAULT, but not "AAA".

    Since you don't have a token, you will also have to remove this node:

    <sec:BinarySecurityToken>?</sec:BinarySecurityToken>

    The service is a bit different from those that already have a token.