Reference
Examplesπ
Logical sender is provided by the callerπ
Example of an externalAuthorization request when the web service caller has provided a logical sedex ID. See Use of Logical Participants for details on extracting a sedex ID in the web service call.
Click to expand request to externalAuthorization
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ns="http://sedex.admin.ch/sedexExternalAuthorisationSchema/1">
<soapenv:Header />
<soapenv:Body>
<ns:sedexExternalAuthorisationRequest>
<!-- messageType for webservice -->
<ns:messageType>4711</ns:messageType>
<ns:logicalSender>
<!-- logical sender from HTTP header -->
<ns:participantSedexId>3-CH-9901</ns:participantSedexId>
</ns:logicalSender>
<ns:sender>
<!-- sedex participant certificate from tls handshake, here it is from 3-CH-9900 -->
<ns:participantX509Certificate>
MIIHQTCCBSmgAwIBAgIQWfBUGujtAqohvLTDgx9ZKTANBgkqhkiG9w0BAQsFADB9
MQswCQYDVQQGEwJDSDEOMAwGA1UEChMFQWRtaW4xETAPBgNVBAsTCFNlcnZpY2Vz
MSIwIAYDVQQLExlDZXJ0aWZpY2F0aW9uIEF1dGhvcml0aWVzMScwJQYDVQQDEx5T
d2lzcyBHb3Zlcm5tZW50IFJlZ3VsYXIgQ0EgMDEwHhcNMTkxMDMwMTc0MDQxWhcN
MjIxMDMwMTc0MDQxWjCBjzELMAkGA1UEBhMCQ0gxOzA5BgNVBAoMMlRoZSBGZWRl
cmFsIEF1dGhvcml0aWVzIG9mIHRoZSBTd2lzcyBDb25mZWRlcmF0aW9uMRQwEgYD
VQQLDAtBbndlbmR1bmdlbjEOMAwGA1UECwwFU0VERVgxHTAbBgNVBAMMFDMtQ0gt
OTkwMCBUZXN0IEJJVCBBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
2YCd/S6Q1PhwelzR7cYD3QYRqQGPMVrgk7DHFG2s8ivG7E1aIA0VwGEmPd0AMxvD
pHZ2y7ZcWDTWPhwy0J5IVA8GzSPLKKcEIvHRUKic7FTvw5noClxFp37V5HsJSFVF
REEwxh8UK0S+qb56uJAZzIseSSFPPipdCqeXZwkGxUChFKmNH9J0YH7yEkWKOiJb
eLToLFEKu0USgI2aDbAXhULGTfhVK58iJMWaD5JMwDfr9PgWc5zX3skIPlZYBAPk
u4H/WNeFL6V7VFnXtYMjpc/fS3YS+1pl6I7EsUPuDlnPZVSEog2HBV5NMUBiVMGm
6THj3J0LnxyrV4YIoC0K2QIDAQABo4ICqDCCAqQwJwYIYIV0AREDFwgEGzAZBglg
hXQBEQMXCAoBAf8MCTMtQ0gtOTkwMDCB2QYDVR0gBIHRMIHOMIHLBghghXQBEQMW
FDCBvjBEBggrBgEFBQcCARY4aHR0cDovL3d3dy5wa2kuYWRtaW4uY2gvY3BzL0NQ
U18yXzE2Xzc1Nl8xXzE3XzNfMjFfMS5wZGYwdgYIKwYBBQUHAgIwahpoVGhpcyBp
cyB0aGUgU3dpc3MgR292ZXJubWVudCBSZWd1bGFyIENBIDAxIENQUyBmb3IgU0VE
RVggc3lzdGVtcy4gQ1BTIGZvciBTRURFWCBhdXRoZW50aWNhdGlvbiBwdXJwb3Nl
cy4wDgYDVR0PAQH/BAQDAgSwMHUGCCsGAQUFBwEBBGkwZzA3BggrBgEFBQcwAoYr
aHR0cDovL3d3dy5wa2kuYWRtaW4uY2gvYWlhL1JlZ3VsYXJDQTAxLmNydDAsBggr
BgEFBQcwAYYgaHR0cDovL3d3dy5wa2kuYWRtaW4uY2gvYWlhL29jc3AwgccGA1Ud
HwSBvzCBvDAxoC+gLYYraHR0cDovL3d3dy5wa2kuYWRtaW4uY2gvY3JsL1JlZ3Vs
YXJDQTAxLmNybDCBhqCBg6CBgIZ+bGRhcDovL2FkbWluZGlyLmFkbWluLmNoOjM4
OS9jbj1Td2lzcyUyMEdvdmVybm1lbnQlMjBSZWd1bGFyJTIwQ0ElMjAwMSxvdT1D
ZXJ0aWZpY2F0aW9uJTIwQXV0aG9yaXRpZXMsb3U9U2VydmljZXMsbz1BZG1pbixj
PUNIMB8GA1UdIwQYMBaAFE13teTvbZzDm6A6h+Gm7ginOeeLMB0GA1UdDgQWBBSx
rxCQC5JcKCItYt+QlzlHwzrNSTAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUA
A4ICAQAyvo63mwQvrTvHnSrlxXjp/OZ4EOP4vHQZQ7yuqLDSjTfXNSZcXj6s/IiW
oyoWyWfXb30mN7jOxJmmN693FIJi19A2C36N4NnLQlP5oS1Sg1O/vkq1W0h6nOGj
m7FbSNNiM7Z2zjbvyjCbx/Q8M8ArqqwLJ87wjw4lYatUQzvp7VQeNw5LJ/YKDhVF
Xh4t9w2a8MEzTrWREPY3y+KSb/IZDD1wMNQt8EV7jZpfbZ8LrC0MpLCHjziUrAu/
64ZXQ7VNNZq15OMW8P733ajWQttIVFqkEL1me+z0ur6kf+kzPQ8HtxLu4q/YRB/y
XJV0Abyn8+D5olhcze1oIptdpyj8vhTb/5MRbVZNE3Fpmx4RiMuVR815JTbUgI+Q
/qQdI9wIu14tx1CkZ3Fdt+Q1PnGyrCBYMcs9Mj5CqG5Jsc+fur2pomaIaBPPOuoY
iKneWanB83tU5rIEzWSyBsOPYY0Y1NzcJOLTivUUfOxk/0oDsmQ6hGrYtI2CrP/b
ApErwDuUS19ebVY+ioCG6REmAEbdJXr/fYQXxRYW/Rm3GNf4Scsa8C7tTP2yiODD
jy44iBqoAzngbvJm7Ogfg73R3K22abuDKiFVCiaaU7itPB/yCGnQ3Mc+dWMXpg/M
6QHAuF6c8MS3oLg+1/h9tq/0DFNNdZMoHb7B+KH6aSxF26Xb9g==
</ns:participantX509Certificate>
</ns:sender>
<ns:recipient>
<!-- sedex participant id of the webservice -->
<ns:participantSedexId>2-102-4</ns:participantSedexId>
</ns:recipient>
<!-- request the resolved sedex ID of the certificte in response -->
<ns:requestSenderSedexId>true</ns:requestSenderSedexId>
</ns:sedexExternalAuthorisationRequest>
</soapenv:Body>
</soapenv:Envelope>
Click to expand response from externalAuthorization
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
<S:Body>
<sedexExternalAuthorisationResponse xmlns="http://sedex.admin.ch/sedexExternalAuthorisationSchema/1">
<isAuthorised>true</isAuthorised>
<resultErrorCode>0</resultErrorCode>
<resultErrorMessage>OK - is authorised (LogicalSender SedexId=3-CH-9901, Sender SedexId=3-CH-9900, Recipient SedexId=2-102-4, internal errorMessage: 100, null)</resultErrorMessage>
<!-- resolved sedex ID of certificate (physical sender) -->
<senderSedexId>3-CH-9900</senderSedexId>
</sedexExternalAuthorisationResponse>
</S:Body>
</S:Envelope>
Logical sender is not provided by the callerπ
Example of an externalAuthorization request when the web service caller has not provided a logical sedex ID.
Click to expand request to externalAuthorization
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ns="http://sedex.admin.ch/sedexExternalAuthorisationSchema/1">
<soapenv:Header />
<soapenv:Body>
<ns:sedexExternalAuthorisationRequest>
<!-- messageType for webservice -->
<ns:messageType>4711</ns:messageType>
<ns:sender>
<!-- sedex participant certificate from tls handshake, here it is from 3-CH-9900 -->
<ns:participantX509Certificate>
MIIHQTCCBSmgAwIBAgIQWfBUGujtAqohvLTDgx9ZKTANBgkqhkiG9w0BAQsFADB9
MQswCQYDVQQGEwJDSDEOMAwGA1UEChMFQWRtaW4xETAPBgNVBAsTCFNlcnZpY2Vz
MSIwIAYDVQQLExlDZXJ0aWZpY2F0aW9uIEF1dGhvcml0aWVzMScwJQYDVQQDEx5T
d2lzcyBHb3Zlcm5tZW50IFJlZ3VsYXIgQ0EgMDEwHhcNMTkxMDMwMTc0MDQxWhcN
MjIxMDMwMTc0MDQxWjCBjzELMAkGA1UEBhMCQ0gxOzA5BgNVBAoMMlRoZSBGZWRl
cmFsIEF1dGhvcml0aWVzIG9mIHRoZSBTd2lzcyBDb25mZWRlcmF0aW9uMRQwEgYD
VQQLDAtBbndlbmR1bmdlbjEOMAwGA1UECwwFU0VERVgxHTAbBgNVBAMMFDMtQ0gt
OTkwMCBUZXN0IEJJVCBBMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA
2YCd/S6Q1PhwelzR7cYD3QYRqQGPMVrgk7DHFG2s8ivG7E1aIA0VwGEmPd0AMxvD
pHZ2y7ZcWDTWPhwy0J5IVA8GzSPLKKcEIvHRUKic7FTvw5noClxFp37V5HsJSFVF
REEwxh8UK0S+qb56uJAZzIseSSFPPipdCqeXZwkGxUChFKmNH9J0YH7yEkWKOiJb
eLToLFEKu0USgI2aDbAXhULGTfhVK58iJMWaD5JMwDfr9PgWc5zX3skIPlZYBAPk
u4H/WNeFL6V7VFnXtYMjpc/fS3YS+1pl6I7EsUPuDlnPZVSEog2HBV5NMUBiVMGm
6THj3J0LnxyrV4YIoC0K2QIDAQABo4ICqDCCAqQwJwYIYIV0AREDFwgEGzAZBglg
hXQBEQMXCAoBAf8MCTMtQ0gtOTkwMDCB2QYDVR0gBIHRMIHOMIHLBghghXQBEQMW
FDCBvjBEBggrBgEFBQcCARY4aHR0cDovL3d3dy5wa2kuYWRtaW4uY2gvY3BzL0NQ
U18yXzE2Xzc1Nl8xXzE3XzNfMjFfMS5wZGYwdgYIKwYBBQUHAgIwahpoVGhpcyBp
cyB0aGUgU3dpc3MgR292ZXJubWVudCBSZWd1bGFyIENBIDAxIENQUyBmb3IgU0VE
RVggc3lzdGVtcy4gQ1BTIGZvciBTRURFWCBhdXRoZW50aWNhdGlvbiBwdXJwb3Nl
cy4wDgYDVR0PAQH/BAQDAgSwMHUGCCsGAQUFBwEBBGkwZzA3BggrBgEFBQcwAoYr
aHR0cDovL3d3dy5wa2kuYWRtaW4uY2gvYWlhL1JlZ3VsYXJDQTAxLmNydDAsBggr
BgEFBQcwAYYgaHR0cDovL3d3dy5wa2kuYWRtaW4uY2gvYWlhL29jc3AwgccGA1Ud
HwSBvzCBvDAxoC+gLYYraHR0cDovL3d3dy5wa2kuYWRtaW4uY2gvY3JsL1JlZ3Vs
YXJDQTAxLmNybDCBhqCBg6CBgIZ+bGRhcDovL2FkbWluZGlyLmFkbWluLmNoOjM4
OS9jbj1Td2lzcyUyMEdvdmVybm1lbnQlMjBSZWd1bGFyJTIwQ0ElMjAwMSxvdT1D
ZXJ0aWZpY2F0aW9uJTIwQXV0aG9yaXRpZXMsb3U9U2VydmljZXMsbz1BZG1pbixj
PUNIMB8GA1UdIwQYMBaAFE13teTvbZzDm6A6h+Gm7ginOeeLMB0GA1UdDgQWBBSx
rxCQC5JcKCItYt+QlzlHwzrNSTAMBgNVHRMBAf8EAjAAMA0GCSqGSIb3DQEBCwUA
A4ICAQAyvo63mwQvrTvHnSrlxXjp/OZ4EOP4vHQZQ7yuqLDSjTfXNSZcXj6s/IiW
oyoWyWfXb30mN7jOxJmmN693FIJi19A2C36N4NnLQlP5oS1Sg1O/vkq1W0h6nOGj
m7FbSNNiM7Z2zjbvyjCbx/Q8M8ArqqwLJ87wjw4lYatUQzvp7VQeNw5LJ/YKDhVF
Xh4t9w2a8MEzTrWREPY3y+KSb/IZDD1wMNQt8EV7jZpfbZ8LrC0MpLCHjziUrAu/
64ZXQ7VNNZq15OMW8P733ajWQttIVFqkEL1me+z0ur6kf+kzPQ8HtxLu4q/YRB/y
XJV0Abyn8+D5olhcze1oIptdpyj8vhTb/5MRbVZNE3Fpmx4RiMuVR815JTbUgI+Q
/qQdI9wIu14tx1CkZ3Fdt+Q1PnGyrCBYMcs9Mj5CqG5Jsc+fur2pomaIaBPPOuoY
iKneWanB83tU5rIEzWSyBsOPYY0Y1NzcJOLTivUUfOxk/0oDsmQ6hGrYtI2CrP/b
ApErwDuUS19ebVY+ioCG6REmAEbdJXr/fYQXxRYW/Rm3GNf4Scsa8C7tTP2yiODD
jy44iBqoAzngbvJm7Ogfg73R3K22abuDKiFVCiaaU7itPB/yCGnQ3Mc+dWMXpg/M
6QHAuF6c8MS3oLg+1/h9tq/0DFNNdZMoHb7B+KH6aSxF26Xb9g==
</ns:participantX509Certificate>
</ns:sender>
<ns:recipient>
<!-- sedex participant id for webservice -->
<ns:participantSedexId>2-102-4</ns:participantSedexId>
</ns:recipient>
<!-- request resolved sedex ID of sender in response -->
<ns:requestSenderSedexId>true</ns:requestSenderSedexId>
</ns:sedexExternalAuthorisationRequest>
</soapenv:Body>
</soapenv:Envelope>
Click to expand response from externalAuthorization
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
<S:Body>
<sedexExternalAuthorisationResponse xmlns="http://sedex.admin.ch/sedexExternalAuthorisationSchema/1">
<isAuthorised>true</isAuthorised>
<resultErrorCode>0</resultErrorCode>
<resultErrorMessage>OK - is authorised (LogicalSender SedexId=3-CH-9900, Sender SedexId=3-CH-9900, Recipient SedexId=2-102-4, internal errorMessage: 100, null)</resultErrorMessage>
<senderSedexId>3-CH-9900</senderSedexId>
</sedexExternalAuthorisationResponse>
</S:Body>
</S:Envelope>
WSDL Schemaπ
Click to expand sedexExternalAuthorisationService.wsdl
<?xml version="1.0" encoding="UTF-8"?>
<!-- Published by JAX-WS RI (http://jax-ws.java.net). RI's version is JAX-WS RI 2.3.0-wls122140-b230824.1031 svn-revision#e4bad6ac24018736698e2952f77e76e7f403a9f1. -->
<wsdl:definitions xmlns:tns="http://sedex.admin.ch/sedexExternalAuthorisationServiceSchema/1" xmlns:eas="http://sedex.admin.ch/sedexExternalAuthorisationSchema/1" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/" xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" targetNamespace="http://sedex.admin.ch/sedexExternalAuthorisationServiceSchema/1">
<wsdl:documentation>
Version 1.0
This WSDL definition describes the Sedex Authorisation Web Service interface allowing external users to access
the Sedex authorisation information.
The interface is supposed to be compliant to the WS-I Basic Profile 1.1 for interoperable Web Services
(http://www.ws-i.org/Profiles/BasicProfile-1.1.html).
Author: Thomas Wenger, BIT
Change history: 2009-05-18 created version 1.0 (Thomas Wenger)
</wsdl:documentation>
<wsdl:types>
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" elementFormDefault="qualified">
<xsd:import schemaLocation="sedexExternalAuthorisation.xsd" namespace="http://sedex.admin.ch/sedexExternalAuthorisationSchema/1"/>
</xsd:schema>
</wsdl:types>
<wsdl:message name="sedexExternalAuthorisationRequestMsg">
<wsdl:part name="body" element="eas:sedexExternalAuthorisationRequest"/>
</wsdl:message>
<wsdl:message name="sedexExternalAuthorisationResponseMsg">
<wsdl:part name="body" element="eas:sedexExternalAuthorisationResponse"/>
</wsdl:message>
<wsdl:portType name="sedexExternalAuthorisationServicePortType">
<wsdl:operation name="checkAuthorisation">
<wsdl:input message="tns:sedexExternalAuthorisationRequestMsg"/>
<wsdl:output message="tns:sedexExternalAuthorisationResponseMsg"/>
</wsdl:operation>
</wsdl:portType>
<wsdl:binding name="sedexExternalAuthorisationServiceBinding" type="tns:sedexExternalAuthorisationServicePortType">
<soap:binding style="document" transport="http://schemas.xmlsoap.org/soap/http"/>
<wsdl:operation name="checkAuthorisation">
<soap:operation soapAction="http://sedex.admin.ch/externalServices/sedexExternalAuthorisationService" style="document"/>
<wsdl:input>
<soap:body use="literal"/>
</wsdl:input>
<wsdl:output>
<soap:body use="literal"/>
</wsdl:output>
</wsdl:operation>
</wsdl:binding>
<wsdl:service name="sedexExternalAuthorisationService">
<wsdl:port name="sedexExternalAuthorisationServicePort" binding="tns:sedexExternalAuthorisationServiceBinding">
<soap:address location="https://localhost:8443/wsproxy/services/sedexExternalAuthorisationService"/>
</wsdl:port>
</wsdl:service>
</wsdl:definitions>
Click to expand sedexExternalAuthorisation.xsd
<?xml version="1.0" encoding="UTF-8"?>
<!-- Published by JAX-WS RI (http://jax-ws.java.net). RI's version is JAX-WS RI 2.3.0-wls122140-b230824.1031 svn-revision#e4bad6ac24018736698e2952f77e76e7f403a9f1. -->
<xsd:schema xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:tns="http://sedex.admin.ch/sedexExternalAuthorisationSchema/1" targetNamespace="http://sedex.admin.ch/sedexExternalAuthorisationSchema/1" elementFormDefault="qualified" attributeFormDefault="unqualified" version="1.0">
<xsd:element name="sedexExternalAuthorisationRequest">
<xsd:annotation>
<xsd:documentation xml:lang="en">
The request message containing the input parameters for the authorisation check against the Sedex
system.
</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:sequence>
<xsd:element name="messageType" type="xsd:int">
<xsd:annotation>
<xsd:documentation xml:lang="en">Identifier of the Sedex message type to be authorised.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="logicalSender" type="tns:SedexParticipantSedexIdIdentifierType" minOccurs="0">
<xsd:annotation>
<xsd:documentation xml:lang="en">Optional: Logical Sender identifier of the message to be authorised.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="sender" type="tns:SedexParticipantIdentifierType">
<xsd:annotation>
<xsd:documentation xml:lang="en">Sender identifier of the message to be authorised.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="recipient" type="tns:SedexParticipantIdentifierType">
<xsd:annotation>
<xsd:documentation xml:lang="en">Recipient identifier of the message to be authorised.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="requestSenderSedexId" type="xsd:boolean" minOccurs="0">
<xsd:annotation>
<xsd:documentation xml:lang="en">If set to true, the result will contain the sedexId of the sender. Can be used to determine the sedexId of a sender identified by its certificate.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:complexType>
</xsd:element>
<xsd:element name="sedexExternalAuthorisationResponse">
<xsd:annotation>
<xsd:documentation xml:lang="en">
The response message containing the result of the authorisation check against the Sedex
system.
</xsd:documentation>
</xsd:annotation>
<xsd:complexType>
<xsd:sequence>
<xsd:element name="isAuthorised" type="xsd:boolean" nillable="false" />
<xsd:element name="resultErrorCode" type="xsd:int" nillable="false" />
<xsd:element name="resultErrorMessage" type="xsd:string" nillable="true" />
<xsd:element name="senderSedexId" type="xsd:string" minOccurs="0">
<xsd:annotation xml:lang="en">
<xsd:documentation xml:lang="en">Sedex identifier of the sender. Optional field that is available only if requested.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:complexType>
</xsd:element>
<xsd:complexType name="SedexParticipantIdentifierType">
<xsd:annotation>
<xsd:documentation xml:lang="en">
Type identifying a Sedex participant either by its SedexId or by an X.509 Sedex certificate.
</xsd:documentation>
</xsd:annotation>
<xsd:choice>
<xsd:element name="participantSedexId" type="xsd:string">
<xsd:annotation xml:lang="en">
<xsd:documentation xml:lang="en">Sedex identifier of the participant.</xsd:documentation>
</xsd:annotation>
</xsd:element>
<xsd:element name="participantX509Certificate" type="xsd:base64Binary">
<xsd:annotation>
<xsd:documentation xml:lang="en">
Certificate of the participant in the base64 binary format.
</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:choice>
</xsd:complexType>
<xsd:complexType name="SedexParticipantSedexIdIdentifierType">
<xsd:annotation>
<xsd:documentation xml:lang="en">
Type identifying a Sedex participant by its SedexId.
</xsd:documentation>
</xsd:annotation>
<xsd:sequence>
<xsd:element name="participantSedexId" type="xsd:string">
<xsd:annotation xml:lang="en">
<xsd:documentation xml:lang="en">Sedex identifier of the participant.</xsd:documentation>
</xsd:annotation>
</xsd:element>
</xsd:sequence>
</xsd:complexType>
</xsd:schema>
Downloadπ
sedexExternalAuthorisationService.wsdl
sedexExternalAuthorisation.xsd