{"id":16230,"library":"strong-soap","title":"strong-soap: Node.js SOAP Client and Server","description":"strong-soap provides a comprehensive Node.js module for interacting with SOAP web services, offering both client capabilities for invoking services and a mock-up server for testing. Currently at version 5.0.9, it maintains an active development pace with frequent patch and minor updates, typically on a monthly or bi-monthly schedule, and major versions released approximately annually to biennially, often aligning with Node.js version support. The library is built upon the `node-soap` module and distinguishes itself by supporting both RPC and Document styles, as well as SOAP 1.1 and 1.2 Faults. It includes utility APIs for converting XML to JSON and vice versa, describing WSDL documents, and handling both synchronous and asynchronous service method calls. A key feature is its built-in WS-Security support, specifically for UsernameToken and PasswordText encoding, enhancing its utility for enterprise integrations.","status":"active","version":"5.0.9","language":"javascript","source_language":"en","source_url":"https://github.com/loopbackio/strong-soap","tags":["javascript","soap"],"install":[{"cmd":"npm install strong-soap","lang":"bash","label":"npm"},{"cmd":"yarn add strong-soap","lang":"bash","label":"yarn"},{"cmd":"pnpm add strong-soap","lang":"bash","label":"pnpm"}],"dependencies":[{"reason":"This module is based on and extends the original `node-soap` module, providing the core SOAP communication logic.","package":"node-soap","optional":false},{"reason":"Required for using advanced WS-Security features like `WSSecurityCert` for X509 certificate handling.","package":"ursa","optional":true}],"imports":[{"note":"The primary entry point, `soap`, is a named export containing `createClient`, `listen`, and security classes. Though CJS `require('strong-soap').soap` is also common, ESM is preferred for Node.js >=20.","wrong":"import strongSoap from 'strong-soap'; // 'strong-soap' exports a named 'soap' object, not a default.","symbol":"soap","correct":"import { soap } from 'strong-soap';"},{"note":"Used for WS-Security UsernameToken and PasswordText authentication. It can also be accessed as `soap.WSSecurity` after importing the main `soap` object.","wrong":"const WSSecurity = require('strong-soap').WSSecurity; // While functional, ESM named import is preferred for modern Node.js.","symbol":"WSSecurity","correct":"import { WSSecurity } from 'strong-soap';"},{"note":"Used for X509 certificate-based WS-Security. Requires the optional `ursa` dependency to be installed. Can also be accessed as `soap.WSSecurityCert`.","wrong":"const WSSecurityCert = require('strong-soap').WSSecurityCert; // While functional, ESM named import is preferred for modern Node.js.","symbol":"WSSecurityCert","correct":"import { WSSecurityCert } from 'strong-soap';"}],"quickstart":{"code":"import { soap } from 'strong-soap';\nimport * as path from 'path';\n\n// A public WSDL for a stock quote service\nconst wsdlUrl = 'http://www.webservicex.net/stockquote.asmx?WSDL';\n\nasync function getStockQuote(symbol) {\n  return new Promise((resolve, reject) => {\n    soap.createClient(wsdlUrl, {}, (err, client) => {\n      if (err) {\n        return reject(new Error(`Failed to create SOAP client: ${err.message}`));\n      }\n\n      // Describe the service to see available methods and their signatures\n      // console.log('Service Description:', client.describe());\n\n      // Invoke the GetQuote method. The method structure might be nested\n      // depending on the WSDL (e.g., client.Service.Port.Method)\n      const serviceMethod = client.StockQuote.StockQuoteSoap.GetQuote;\n\n      const requestArgs = {\n        symbol: symbol\n      };\n\n      serviceMethod(requestArgs, (err, result, envelope, soapHeader) => {\n        if (err) {\n          console.error('SOAP Request Error:', err.message);\n          // Log SOAP envelope for debugging if available\n          if (client.lastRequest) {\n            console.error('Last SOAP Request Envelope:\\n', client.lastRequest);\n          }\n          return reject(err);\n        }\n\n        console.log(`Successfully fetched quote for ${symbol}`);\n        console.log('Result:', JSON.stringify(result, null, 2));\n        // console.log('Full SOAP Envelope:\\n', envelope);\n        resolve(result);\n      });\n    });\n  });\n}\n\n(async () => {\n  try {\n    console.log('Fetching stock quote for IBM...');\n    await getStockQuote('IBM');\n    console.log('\\nFetching stock quote for GOOG...');\n    await getStockQuote('GOOG');\n  } catch (error) {\n    console.error('Application Error:', error);\n  }\n})();","lang":"typescript","description":"This example demonstrates how to create a SOAP client from a WSDL URL and invoke a method (GetQuote) on a public stock quote web service. It highlights asynchronous client creation and method invocation using Promises for modern JavaScript patterns, showing how to pass arguments and handle responses or errors."},"warnings":[{"fix":"Upgrade your Node.js environment to version 20 or later, or pin `strong-soap` dependency to a 4.x version (`npm install strong-soap@^4`).","message":"strong-soap dropped official support for Node.js 18 with the release of version 5.x. Projects running on Node.js 18 or older should use strong-soap v4.x or upgrade their Node.js environment to version 20 or higher.","severity":"breaking","affected_versions":">=5.0.0"},{"fix":"Ensure `ursa` (or `node-forge` if `strong-soap` supports it in newer versions) is explicitly listed in your `package.json` dependencies and installs successfully. Refer to `ursa`'s documentation for platform-specific build prerequisites. If `ursa` fails, consider alternative security configurations or manually manage the dependency.","message":"When using `WSSecurityCert` for X509 certificate-based security, the optional native dependency `ursa` (or its modern alternative `node-forge`) is required. Installation of `ursa` can sometimes fail on certain environments or Node.js versions due to native compilation requirements.","severity":"gotcha","affected_versions":">=0.9.0"},{"fix":"Implement a timeout mechanism around `soap.createClient` to catch hanging operations. Debug the problematic WSDL for structural issues or very large inline schemas. Consider pre-processing WSDLs if possible or filing a detailed bug report with the `strong-soap` project.","message":"Parsing large or complex WSDL files, especially from local paths, can sometimes cause `createClient` to hang indefinitely without returning an error or a client instance, making debugging difficult.","severity":"gotcha","affected_versions":">=4.0.0"},{"fix":"Customize the `wsdl_options` in `soap.createClient` to override `attributesKey`, `valueKey`, and `xmlKey` to match your desired parsing behavior or the service's specific XML structure.","message":"The default parsing for XML attributes, values, and XML content uses keys like `$attributes`, `$value`, and `$xml`. If the SOAP service response uses different conventions or your application expects direct property access, this can lead to unexpected data structures.","severity":"gotcha","affected_versions":">=0.9.0"}],"env_vars":null,"last_verified":"2026-04-21T00:00:00.000Z","next_check":"2026-07-20T00:00:00.000Z","problems":[{"fix":"Ensure that your server-side implementation of `strong-soap` is compatible with attributes in the `Body` tag. Check for updates to `strong-soap` that address this. If unavailable, adjust the client to avoid sending attributes in the `Body` or modify the server's XML parsing logic if possible.","cause":"This error occurs on the server side when the SOAP `Body` tag contains attributes (e.g., `soap:encodingStyle`), especially when using RPC style or non-default attribute keys.","error":"TypeError: Cannot read properties of undefined (reading 'output') at Server._executeMethod"},{"fix":"Verify the WSDL URL and SOAP endpoint are correct and accessible from the environment where your Node.js application is running. Check network connectivity, firewall rules, and proxy settings if applicable.","cause":"The client could not establish a TCP connection to the WSDL URL or the SOAP endpoint, likely due to network issues, incorrect URL, or firewall restrictions.","error":"Failed to create SOAP client: connect ETIMEDOUT"},{"fix":"Inspect the raw `envelope` or `client.lastResponse` (if available in client events) to understand the actual response from the server. This can reveal if the service returned an error page, invalid XML, or an unexpected SOAP fault. Validate the service's WSDL and expected response structure.","cause":"The SOAP service returned a response that `strong-soap` could not successfully parse, often due to malformed XML, unexpected content, or a non-SOAP response (e.g., HTML error page).","error":"Cannot parse response"},{"fix":"Review the WSDL and the structure of your request arguments. Ensure that any custom headers or complex types requiring specific namespaces for attributes are correctly defined. This might require custom XML building or specific `wsdlOptions` to force namespace declarations.","cause":"The library is not correctly attaching XML namespaces to attributes within elements in the outgoing SOAP request, leading to validation errors on the server side.","error":"Using Strong-soap node module, It is not adding namespace to the attributes of the elements and due to which I am getting error -Invalid Attribute."}],"ecosystem":"npm"}