3.1.9 Responder out: soap = tas3_wsp_decorate(cf, ses, az_cred, soap_resp)

Add ID-WSF (and TAS3) specific headers and signatures to web service response. Simple and intuitive specification of XML as string: no need to build complex data structures.

Service responder should prepare application layer of the response and then call this function to decorate the response with TAS3 specifics, and to wrap it in SOAP envelope. This will

• add correlation headers

• possibly perform an application independent Responder Out PEP authorization step, calling a PDP behind the scenes using tas3_az().

• apply signature

If the string starts by "<e:Envelope", then string should be a complete SOAP envelope including <e:Header> and <e:Body> parts. This allows caller to specify custom SOAP headers, in addition to the ones that the underlying zxid_wsc_call() will add. Usually the payload service will be passed as the contents of the body. If the string starts by "<e:Body", then the <e:Envelope> and <e:Header> are automatically added. If the string does not start by "<e:Envelope" or "<e:Body", then it is assumed to be the payload content of the <e:Body> and the rest of the SOAP envelope is added.

cf

TAS³ configuration object, see tas3_new_conf()

ses

Session object that contains the EPR cache

az_cred

(Optional) Additional authorization credentials or attributes, query string format. These credentials will be populated to the attribute pool in addition to the ones obtained from token and other sources. Then a PDP is called to get an authorization decision (generating obligations). This implements generalized (application independent) Responder Out PEP. To implement application dependent PEP features you should call tas3_az() directly.

soap_resp

XML payload as a string

return

SOAP Envelope of the response, as a string, ready to be sent as HTTP response.