You are viewing a plain text version of this content. The canonical link for it is here.

Posted to wss4j-dev@ws.apache.org by Dalys Sebastian <se...@yahoo.com> on 2006/02/14 17:47:30 UTC

Axis2+WSS4J: WSSecurityException - Check Signature confirmation

I am running Axis2 (version 0.93) with WSS4J enabled. The service is running under
Tomcat5. I have JKS keystores setup for both client and server. 
I am able to send a secure message from the client to the server and the server responds
with a return message. But when the client reads the response, it's giving the following
exception:

WSHandler: Check Signature confirmation: got a SC element, but no stored SV; nested
exception is: 
        org.apache.ws.security.WSSecurityException: WSHandler: Check Signature
confirmation: got a SC element, but no stored SV

I fired up tcpmon and monitored the messages. I can find that in the message that is send
from the client to server, there is a signature value element.
And in the response, I can find a signature confirmation with one of its attributes as
the same value that the server send as 'signatureValue'.
Then, why does the client respond with this exception?

Please help me to solve this problem.
Thanks,
Dalys

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org

Re: Axis2+WSS4J: WSSecurityException - Check Signature confirmation

Posted by Dalys Sebastian <se...@yahoo.com>.

Hi Ruchith, Werner,

Thankyou both for your input. I am using Axis2 (0.93) and I checked the configuration
file for the client in its sample security example, and could not find the element you
both mentioned, <enableSignatureConfirmation>.

But I was using asynchronous web services with 0.93 and I switched to synchronous and I
could get rid of that exception.

Thanks a lot.
Dalys

--- Ruchith Fernando <ru...@gmail.com> wrote:

> Hi Dalys,
> 
> Have you set : <enableSignatureConfirmation>false</enableSignatureConfirmation>
> 
> anywhere in the client side configuration? If so please try removing it.
> 
> By default signature confirmation is "on". Therefore when you don't
> need signature confirmation you have to turn it off.
> 
> Also please note that the 0.93 secuity module will work only with sync
> operations.
> 
> Thanks,
> Ruchith
> 
> On 2/14/06, Dalys Sebastian <se...@yahoo.com> wrote:
> > I am running Axis2 (version 0.93) with WSS4J enabled. The service is running under
> > Tomcat5. I have JKS keystores setup for both client and server.
> > I am able to send a secure message from the client to the server and the server
> responds
> > with a return message. But when the client reads the response, it's giving the
> following
> > exception:
> >
> > WSHandler: Check Signature confirmation: got a SC element, but no stored SV; nested
> > exception is:
> >         org.apache.ws.security.WSSecurityException: WSHandler: Check Signature
> > confirmation: got a SC element, but no stored SV
> >
> > I fired up tcpmon and monitored the messages. I can find that in the message that is
> send
> > from the client to server, there is a signature value element.
> > And in the response, I can find a signature confirmation with one of its attributes
> as
> > the same value that the server send as 'signatureValue'.
> > Then, why does the client respond with this exception?
> >
> > Please help me to solve this problem.
> > Thanks,
> > Dalys
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Tired of spam?  Yahoo! Mail has the best spam protection around
> > http://mail.yahoo.com
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> > For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> >
> >
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org

Re: Axis2+WSS4J: WSSecurityException - Check Signature confirmation

Posted by Dalys Sebastian <se...@yahoo.com>.

Hi Ruchith, Werner,

Thankyou both for your input. I am using Axis2 (0.93) and I checked the configuration
file for the client in its sample security example, and could not find the element you
both mentioned, <enableSignatureConfirmation>.

But I was using asynchronous web services with 0.93 and I switched to synchronous and I
could get rid of that exception.

Thanks a lot.
Dalys

--- Ruchith Fernando <ru...@gmail.com> wrote:

> Hi Dalys,
> 
> Have you set : <enableSignatureConfirmation>false</enableSignatureConfirmation>
> 
> anywhere in the client side configuration? If so please try removing it.
> 
> By default signature confirmation is "on". Therefore when you don't
> need signature confirmation you have to turn it off.
> 
> Also please note that the 0.93 secuity module will work only with sync
> operations.
> 
> Thanks,
> Ruchith
> 
> On 2/14/06, Dalys Sebastian <se...@yahoo.com> wrote:
> > I am running Axis2 (version 0.93) with WSS4J enabled. The service is running under
> > Tomcat5. I have JKS keystores setup for both client and server.
> > I am able to send a secure message from the client to the server and the server
> responds
> > with a return message. But when the client reads the response, it's giving the
> following
> > exception:
> >
> > WSHandler: Check Signature confirmation: got a SC element, but no stored SV; nested
> > exception is:
> >         org.apache.ws.security.WSSecurityException: WSHandler: Check Signature
> > confirmation: got a SC element, but no stored SV
> >
> > I fired up tcpmon and monitored the messages. I can find that in the message that is
> send
> > from the client to server, there is a signature value element.
> > And in the response, I can find a signature confirmation with one of its attributes
> as
> > the same value that the server send as 'signatureValue'.
> > Then, why does the client respond with this exception?
> >
> > Please help me to solve this problem.
> > Thanks,
> > Dalys
> >
> > __________________________________________________
> > Do You Yahoo!?
> > Tired of spam?  Yahoo! Mail has the best spam protection around
> > http://mail.yahoo.com
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> > For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> >
> >
> 


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org

Re: Axis2+WSS4J: WSSecurityException - Check Signature confirmation

Posted by Ruchith Fernando <ru...@gmail.com>.

Hi Dalys,

Have you set : <enableSignatureConfirmation>false</enableSignatureConfirmation>

anywhere in the client side configuration? If so please try removing it.

By default signature confirmation is "on". Therefore when you don't
need signature confirmation you have to turn it off.

Also please note that the 0.93 secuity module will work only with sync
operations.

Thanks,
Ruchith

On 2/14/06, Dalys Sebastian <se...@yahoo.com> wrote:
> I am running Axis2 (version 0.93) with WSS4J enabled. The service is running under
> Tomcat5. I have JKS keystores setup for both client and server.
> I am able to send a secure message from the client to the server and the server responds
> with a return message. But when the client reads the response, it's giving the following
> exception:
>
> WSHandler: Check Signature confirmation: got a SC element, but no stored SV; nested
> exception is:
>         org.apache.ws.security.WSSecurityException: WSHandler: Check Signature
> confirmation: got a SC element, but no stored SV
>
> I fired up tcpmon and monitored the messages. I can find that in the message that is send
> from the client to server, there is a signature value element.
> And in the response, I can find a signature confirmation with one of its attributes as
> the same value that the server send as 'signatureValue'.
> Then, why does the client respond with this exception?
>
> Please help me to solve this problem.
> Thanks,
> Dalys
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org

Re: Axis2+WSS4J: WSSecurityException - Check Signature confirmation

Posted by Werner Dittmann <We...@t-online.de>.

Dalys,

maybe the client is not configured to support signatureConfirmation.
It's  "on" per default, but it could be switched off using a WSDD
setting. Can you check (or mail) the client's WSDD file?

Regards,
Werner

Dalys Sebastian wrote:
> I am running Axis2 (version 0.93) with WSS4J enabled. The service is running under
> Tomcat5. I have JKS keystores setup for both client and server. 
> I am able to send a secure message from the client to the server and the server responds
> with a return message. But when the client reads the response, it's giving the following
> exception:
> 
> WSHandler: Check Signature confirmation: got a SC element, but no stored SV; nested
> exception is: 
>         org.apache.ws.security.WSSecurityException: WSHandler: Check Signature
> confirmation: got a SC element, but no stored SV
> 
> I fired up tcpmon and monitored the messages. I can find that in the message that is send
> from the client to server, there is a signature value element.
> And in the response, I can find a signature confirmation with one of its attributes as
> the same value that the server send as 'signatureValue'.
> Then, why does the client respond with this exception?
> 
> Please help me to solve this problem.
> Thanks,
> Dalys
> 
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around 
> http://mail.yahoo.com 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org

Re: Axis2+WSS4J: WSSecurityException - Check Signature confirmation

Posted by Ruchith Fernando <ru...@gmail.com>.

Hi Dalys,

Have you set : <enableSignatureConfirmation>false</enableSignatureConfirmation>

anywhere in the client side configuration? If so please try removing it.

By default signature confirmation is "on". Therefore when you don't
need signature confirmation you have to turn it off.

Also please note that the 0.93 secuity module will work only with sync
operations.

Thanks,
Ruchith

On 2/14/06, Dalys Sebastian <se...@yahoo.com> wrote:
> I am running Axis2 (version 0.93) with WSS4J enabled. The service is running under
> Tomcat5. I have JKS keystores setup for both client and server.
> I am able to send a secure message from the client to the server and the server responds
> with a return message. But when the client reads the response, it's giving the following
> exception:
>
> WSHandler: Check Signature confirmation: got a SC element, but no stored SV; nested
> exception is:
>         org.apache.ws.security.WSSecurityException: WSHandler: Check Signature
> confirmation: got a SC element, but no stored SV
>
> I fired up tcpmon and monitored the messages. I can find that in the message that is send
> from the client to server, there is a signature value element.
> And in the response, I can find a signature confirmation with one of its attributes as
> the same value that the server send as 'signatureValue'.
> Then, why does the client respond with this exception?
>
> Please help me to solve this problem.
> Thanks,
> Dalys
>
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around
> http://mail.yahoo.com
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org

Re: Axis2+WSS4J: WSSecurityException - Check Signature confirmation

Posted by Werner Dittmann <We...@t-online.de>.

Dalys,

maybe the client is not configured to support signatureConfirmation.
It's  "on" per default, but it could be switched off using a WSDD
setting. Can you check (or mail) the client's WSDD file?

Regards,
Werner

Dalys Sebastian wrote:
> I am running Axis2 (version 0.93) with WSS4J enabled. The service is running under
> Tomcat5. I have JKS keystores setup for both client and server. 
> I am able to send a secure message from the client to the server and the server responds
> with a return message. But when the client reads the response, it's giving the following
> exception:
> 
> WSHandler: Check Signature confirmation: got a SC element, but no stored SV; nested
> exception is: 
>         org.apache.ws.security.WSSecurityException: WSHandler: Check Signature
> confirmation: got a SC element, but no stored SV
> 
> I fired up tcpmon and monitored the messages. I can find that in the message that is send
> from the client to server, there is a signature value element.
> And in the response, I can find a signature confirmation with one of its attributes as
> the same value that the server send as 'signatureValue'.
> Then, why does the client respond with this exception?
> 
> Please help me to solve this problem.
> Thanks,
> Dalys
> 
> __________________________________________________
> Do You Yahoo!?
> Tired of spam?  Yahoo! Mail has the best spam protection around 
> http://mail.yahoo.com 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org