The World Wide Web (WWW) is increasingly being used for communication between applications. The programme interfaces is available over the Web for application-to application communication named as Web services. There are various types of applications that can be considered Web services, however, interoperability between the applications is enhanced using the technologies such as XML and HTTP. These technologies allow applications using differing languages and platforms to interface in a familiar way.
These Web services are implemented based on The Organization for the Advancement of Structured Information Standards (OASIS) standards. This Web services stack supports WS- Security and WS- Security Policy to configure the security handling.
♠ To register the IP address, user must drop an email to e-Filing help desk team (firstname.lastname@example.org) mentioning the User ID and list of IP address. After successful registration, user can invoke the Web service using the Web Services Description Language (WSDL).
♠ The header of the Simple Object Access Protocol (SOAP) request must contain Username Token and Timestamp. Username Token provides a standard way of representing a username (User ID registered in e-Filing) and password pair with WS- Security.
♠ The Unique Request ID in the SOAP request must be unique for each request. The first 10 letters of Unique Request ID should be the user ID of the requester followed by a hyphen (-) and unique random number.
For example, if requester user ID is EXTA000000 and random number is 123456 then the Unique Request ID will be ‘EXTA000000-123456’.
♠ The request must be digitally signed using the private key of the user. Signature includes key info element that contains X.509 certificate details. To validate the signature details, the following elements must be signed in the SOAP:
- Username Token
After signing, the request has to be encrypted using the e-Filing’s public key. The following contents are encrypted using the e-Filing’s public key:
- Username Token
♠ To download the e-Filing public key, refer the given link:
Note: The e-Filing server validates the request in the following sequence:
- Check if the username and password is valid. If not, it displays error ‘Invalid user id / password’.
- Check whether user is authorised to access the Web service URL. If not, it displays error ‘You are not authorized to access this Web service’.
- The signature element is validated with e-Filing server, if it is invalid; it displays error ‘Invalid DSC. Please use the DSC registered with e-Filing’.
- If the Unique Request Id has been used previously then it will display an error `Duplicate Request. Please submit the request with valid request id’.
♠ To download the Web service client samples, refer the given link:
3 Common Verification Service-Introduction
The Web service is used for verifying multiple parameters spanning across different request types. This is applicable for registered External Agency users only.
To use this service the user needs to be registered in the e-Filing portal as an External Agency user and subscribe to Common Verification Service.
Read Full below-