You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by "B. Nossing (JIRA)" <ji...@apache.org> on 2010/09/20 16:02:34 UTC
[jira] Created: (RAMPART-309) Incorrect XML Passed to Digest
Algorithm
Incorrect XML Passed to Digest Algorithm
----------------------------------------
Key: RAMPART-309
URL: https://issues.apache.org/jira/browse/RAMPART-309
Project: Rampart
Issue Type: Bug
Components: rampart-core
Affects Versions: 1.5
Environment: tomcat 6.0.24 / axis2 1.5.1 / rampart 1.5 (version 1.5 of rampart is incorrectly flagged as unreleased? : http://ws.apache.org/rampart/index.html)
Reporter: B. Nossing
Assignee: Ruchith Udayanga Fernando
Calling a signed webservice results in a "org.apache.axis2.AxisFault: The signature or decryption was invalid" due to the "Pre-digested input" being different from the actual incoming message. (See attached logs)
Specifically the following log content seems to be of interest:
Incoming message body:
<soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1661970439">
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring xmlns:axis2ns13="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">axis2ns13:FilingFault</faultstring>
<detail>
<axis2ns1:Receive__requestFilingFault xmlns:axis2ns1="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">
<ErrorMessage:foutOmschrijving xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">Uw gegevens komen niet voor in het register van de Certificate Service Provider (CSP). Uw identiteit kan niet worden vastgesteld.Het verzoek kan hierdoor niet door de infrastructurele voorzieningen worden verwerkt.</ErrorMessage:foutOmschrijving>
<ErrorMessage:foutCode xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">AUS210</ErrorMessage:foutCode>
<ErrorMessage:PI_Kenmerk xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">BTT-100920-0000002</ErrorMessage:PI_Kenmerk>
</axis2ns1:Receive__requestFilingFault>
</detail>
</soapenv:Fault>
</soapenv:Body>
Digested input during signature verification:
<soapenv:Body xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1661970439">
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring>axis2ns13:FilingFault</faultstring>
<detail>
<axis2ns1:Receive__requestFilingFault xmlns:axis2ns1="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">
<ErrorMessage:foutOmschrijving xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">Uw gegevens komen niet voor in het register van de Certificate Service Provider (CSP). Uw identiteit kan niet worden vastgesteld.Het verzoek kan hierdoor niet door de infrastructurele voorzieningen worden verwerkt.</ErrorMessage:foutOmschrijving>
<ErrorMessage:foutCode xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">AUS210</ErrorMessage:foutCode>
<ErrorMessage:PI_Kenmerk xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">BTT-100920-0000002</ErrorMessage:PI_Kenmerk>
</axis2ns1:Receive__requestFilingFault>
</detail>
</soapenv:Fault>
</soapenv:Body>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RAMPART-309) Incorrect XML Passed to Digest
Algorithm
Posted by "B. Nossing (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-309?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
B. Nossing updated RAMPART-309:
-------------------------------
Description:
Calling a signed webservice results in a "org.apache.axis2.AxisFault: The signature or decryption was invalid" due to the "Pre-digested input" being different from the actual incoming message. (See attached logs)
Specifically the following log content seems to be of interest:
Incoming message body:
<soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1661970439">
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring xmlns:axis2ns13="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">axis2ns13:FilingFault</faultstring>
<detail>
<axis2ns1:Receive__requestFilingFault xmlns:axis2ns1="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">
<ErrorMessage:foutOmschrijving xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">Uw gegevens komen niet voor in het register van de Certificate Service Provider (CSP). Uw identiteit kan niet worden vastgesteld.Het verzoek kan hierdoor niet door de infrastructurele voorzieningen worden verwerkt.</ErrorMessage:foutOmschrijving>
<ErrorMessage:foutCode xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">AUS210</ErrorMessage:foutCode>
<ErrorMessage:PI_Kenmerk xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">BTT-100920-0000002</ErrorMessage:PI_Kenmerk>
</axis2ns1:Receive__requestFilingFault>
</detail>
</soapenv:Fault>
</soapenv:Body>
Digested input during signature verification:
<soapenv:Body xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1661970439">
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring>axis2ns13:FilingFault</faultstring>
<detail>
<axis2ns1:Receive__requestFilingFault xmlns:axis2ns1="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">
<ErrorMessage:foutOmschrijving xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">Uw gegevens komen niet voor in het register van de Certificate Service Provider (CSP). Uw identiteit kan niet worden vastgesteld.Het verzoek kan hierdoor niet door de infrastructurele voorzieningen worden verwerkt.</ErrorMessage:foutOmschrijving>
<ErrorMessage:foutCode xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">AUS210</ErrorMessage:foutCode>
<ErrorMessage:PI_Kenmerk xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">BTT-100920-0000002</ErrorMessage:PI_Kenmerk>
</axis2ns1:Receive__requestFilingFault>
</detail>
</soapenv:Fault>
</soapenv:Body>
was:
Calling a signed webservice results in a "org.apache.axis2.AxisFault: The signature or decryption was invalid" due to the "Pre-digested input" being different from the actual incoming message. (See attached logs)
Specifically the following log content seems to be of interest:
Incoming message body:
<soapenv:Body xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1661970439">
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring>axis2ns13:FilingFault</faultstring>
<detail>
<axis2ns1:Receive__requestFilingFault xmlns:axis2ns1="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">
<ErrorMessage:foutOmschrijving xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">Uw gegevens komen niet voor in het register van de Certificate Service Provider (CSP). Uw identiteit kan niet worden vastgesteld.Het verzoek kan hierdoor niet door de infrastructurele voorzieningen worden verwerkt.</ErrorMessage:foutOmschrijving>
<ErrorMessage:foutCode xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">AUS210</ErrorMessage:foutCode>
<ErrorMessage:PI_Kenmerk xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">BTT-100920-0000002</ErrorMessage:PI_Kenmerk>
</axis2ns1:Receive__requestFilingFault>
</detail>
</soapenv:Fault>
</soapenv:Body>
Digested input during signature verification:
<soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1661970439">
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring xmlns:axis2ns13="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">axis2ns13:FilingFault</faultstring>
<detail>
<axis2ns1:Receive__requestFilingFault xmlns:axis2ns1="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">
<ErrorMessage:foutOmschrijving xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">Uw gegevens komen niet voor in het register van de Certificate Service Provider (CSP). Uw identiteit kan niet worden vastgesteld.Het verzoek kan hierdoor niet door de infrastructurele voorzieningen worden verwerkt.</ErrorMessage:foutOmschrijving>
<ErrorMessage:foutCode xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">AUS210</ErrorMessage:foutCode>
<ErrorMessage:PI_Kenmerk xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">BTT-100920-0000002</ErrorMessage:PI_Kenmerk>
</axis2ns1:Receive__requestFilingFault>
</detail>
</soapenv:Fault>
</soapenv:Body>
> Incorrect XML Passed to Digest Algorithm
> ----------------------------------------
>
> Key: RAMPART-309
> URL: https://issues.apache.org/jira/browse/RAMPART-309
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Affects Versions: 1.5
> Environment: tomcat 6.0.24 / axis2 1.5.1 / rampart 1.5 (version 1.5 of rampart is incorrectly flagged as unreleased? : http://ws.apache.org/rampart/index.html)
> Reporter: B. Nossing
> Assignee: Ruchith Udayanga Fernando
> Attachments: rampart_logs.txt
>
>
> Calling a signed webservice results in a "org.apache.axis2.AxisFault: The signature or decryption was invalid" due to the "Pre-digested input" being different from the actual incoming message. (See attached logs)
> Specifically the following log content seems to be of interest:
> Incoming message body:
> <soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1661970439">
> <soapenv:Fault>
> <faultcode>soapenv:Server</faultcode>
> <faultstring xmlns:axis2ns13="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">axis2ns13:FilingFault</faultstring>
> <detail>
> <axis2ns1:Receive__requestFilingFault xmlns:axis2ns1="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">
> <ErrorMessage:foutOmschrijving xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">Uw gegevens komen niet voor in het register van de Certificate Service Provider (CSP). Uw identiteit kan niet worden vastgesteld.Het verzoek kan hierdoor niet door de infrastructurele voorzieningen worden verwerkt.</ErrorMessage:foutOmschrijving>
> <ErrorMessage:foutCode xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">AUS210</ErrorMessage:foutCode>
> <ErrorMessage:PI_Kenmerk xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">BTT-100920-0000002</ErrorMessage:PI_Kenmerk>
> </axis2ns1:Receive__requestFilingFault>
> </detail>
> </soapenv:Fault>
> </soapenv:Body>
> Digested input during signature verification:
> <soapenv:Body xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1661970439">
> <soapenv:Fault>
> <faultcode>soapenv:Server</faultcode>
> <faultstring>axis2ns13:FilingFault</faultstring>
> <detail>
> <axis2ns1:Receive__requestFilingFault xmlns:axis2ns1="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">
> <ErrorMessage:foutOmschrijving xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">Uw gegevens komen niet voor in het register van de Certificate Service Provider (CSP). Uw identiteit kan niet worden vastgesteld.Het verzoek kan hierdoor niet door de infrastructurele voorzieningen worden verwerkt.</ErrorMessage:foutOmschrijving>
> <ErrorMessage:foutCode xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">AUS210</ErrorMessage:foutCode>
> <ErrorMessage:PI_Kenmerk xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">BTT-100920-0000002</ErrorMessage:PI_Kenmerk>
> </axis2ns1:Receive__requestFilingFault>
> </detail>
> </soapenv:Fault>
> </soapenv:Body>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RAMPART-309) Incorrect XML Passed to Digest
Algorithm
Posted by "B. Nossing (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-309?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
B. Nossing updated RAMPART-309:
-------------------------------
Description:
Calling a signed webservice which results in a SOAP fault being returned, results in a "org.apache.axis2.AxisFault: The signature or decryption was invalid" due to the "Pre-digested input" being different from the actual incoming message. (See attached logs)
Specifically the following log content seems to be of interest:
Incoming message body:
<soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1661970439">
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring xmlns:axis2ns13="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">axis2ns13:FilingFault</faultstring>
<detail>
<axis2ns1:Receive__requestFilingFault xmlns:axis2ns1="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">
<ErrorMessage:foutOmschrijving xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">Uw gegevens komen niet voor in het register van de Certificate Service Provider (CSP). Uw identiteit kan niet worden vastgesteld.Het verzoek kan hierdoor niet door de infrastructurele voorzieningen worden verwerkt.</ErrorMessage:foutOmschrijving>
<ErrorMessage:foutCode xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">AUS210</ErrorMessage:foutCode>
<ErrorMessage:PI_Kenmerk xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">BTT-100920-0000002</ErrorMessage:PI_Kenmerk>
</axis2ns1:Receive__requestFilingFault>
</detail>
</soapenv:Fault>
</soapenv:Body>
Digested input during signature verification:
<soapenv:Body xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1661970439">
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring>axis2ns13:FilingFault</faultstring>
<detail>
<axis2ns1:Receive__requestFilingFault xmlns:axis2ns1="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">
<ErrorMessage:foutOmschrijving xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">Uw gegevens komen niet voor in het register van de Certificate Service Provider (CSP). Uw identiteit kan niet worden vastgesteld.Het verzoek kan hierdoor niet door de infrastructurele voorzieningen worden verwerkt.</ErrorMessage:foutOmschrijving>
<ErrorMessage:foutCode xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">AUS210</ErrorMessage:foutCode>
<ErrorMessage:PI_Kenmerk xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">BTT-100920-0000002</ErrorMessage:PI_Kenmerk>
</axis2ns1:Receive__requestFilingFault>
</detail>
</soapenv:Fault>
</soapenv:Body>
This bug ONLY applies to the case where a SOAP fault is returned, regular operation (not resulting in SOAP fault) is working as intended.
It seems that the DOOM conversion is adding a "xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"" attribute to the "soapenv:Body" element.
It is also stripping the "xmlns:axis2ns13="http://servicelibrary.sbr-nl.nl/FilingProcess/Process"" attribute from the "faultstring" element.
was:
Calling a signed webservice results in a "org.apache.axis2.AxisFault: The signature or decryption was invalid" due to the "Pre-digested input" being different from the actual incoming message. (See attached logs)
Specifically the following log content seems to be of interest:
Incoming message body:
<soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1661970439">
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring xmlns:axis2ns13="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">axis2ns13:FilingFault</faultstring>
<detail>
<axis2ns1:Receive__requestFilingFault xmlns:axis2ns1="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">
<ErrorMessage:foutOmschrijving xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">Uw gegevens komen niet voor in het register van de Certificate Service Provider (CSP). Uw identiteit kan niet worden vastgesteld.Het verzoek kan hierdoor niet door de infrastructurele voorzieningen worden verwerkt.</ErrorMessage:foutOmschrijving>
<ErrorMessage:foutCode xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">AUS210</ErrorMessage:foutCode>
<ErrorMessage:PI_Kenmerk xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">BTT-100920-0000002</ErrorMessage:PI_Kenmerk>
</axis2ns1:Receive__requestFilingFault>
</detail>
</soapenv:Fault>
</soapenv:Body>
Digested input during signature verification:
<soapenv:Body xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1661970439">
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring>axis2ns13:FilingFault</faultstring>
<detail>
<axis2ns1:Receive__requestFilingFault xmlns:axis2ns1="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">
<ErrorMessage:foutOmschrijving xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">Uw gegevens komen niet voor in het register van de Certificate Service Provider (CSP). Uw identiteit kan niet worden vastgesteld.Het verzoek kan hierdoor niet door de infrastructurele voorzieningen worden verwerkt.</ErrorMessage:foutOmschrijving>
<ErrorMessage:foutCode xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">AUS210</ErrorMessage:foutCode>
<ErrorMessage:PI_Kenmerk xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">BTT-100920-0000002</ErrorMessage:PI_Kenmerk>
</axis2ns1:Receive__requestFilingFault>
</detail>
</soapenv:Fault>
</soapenv:Body>
> Incorrect XML Passed to Digest Algorithm
> ----------------------------------------
>
> Key: RAMPART-309
> URL: https://issues.apache.org/jira/browse/RAMPART-309
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Affects Versions: 1.5
> Environment: tomcat 6.0.24 / axis2 1.5.1 / rampart 1.5 (version 1.5 of rampart is incorrectly flagged as unreleased? : http://ws.apache.org/rampart/index.html)
> Reporter: B. Nossing
> Assignee: Ruchith Udayanga Fernando
> Attachments: rampart_logs.txt
>
>
> Calling a signed webservice which results in a SOAP fault being returned, results in a "org.apache.axis2.AxisFault: The signature or decryption was invalid" due to the "Pre-digested input" being different from the actual incoming message. (See attached logs)
> Specifically the following log content seems to be of interest:
> Incoming message body:
> <soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1661970439">
> <soapenv:Fault>
> <faultcode>soapenv:Server</faultcode>
> <faultstring xmlns:axis2ns13="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">axis2ns13:FilingFault</faultstring>
> <detail>
> <axis2ns1:Receive__requestFilingFault xmlns:axis2ns1="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">
> <ErrorMessage:foutOmschrijving xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">Uw gegevens komen niet voor in het register van de Certificate Service Provider (CSP). Uw identiteit kan niet worden vastgesteld.Het verzoek kan hierdoor niet door de infrastructurele voorzieningen worden verwerkt.</ErrorMessage:foutOmschrijving>
> <ErrorMessage:foutCode xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">AUS210</ErrorMessage:foutCode>
> <ErrorMessage:PI_Kenmerk xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">BTT-100920-0000002</ErrorMessage:PI_Kenmerk>
> </axis2ns1:Receive__requestFilingFault>
> </detail>
> </soapenv:Fault>
> </soapenv:Body>
> Digested input during signature verification:
> <soapenv:Body xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1661970439">
> <soapenv:Fault>
> <faultcode>soapenv:Server</faultcode>
> <faultstring>axis2ns13:FilingFault</faultstring>
> <detail>
> <axis2ns1:Receive__requestFilingFault xmlns:axis2ns1="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">
> <ErrorMessage:foutOmschrijving xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">Uw gegevens komen niet voor in het register van de Certificate Service Provider (CSP). Uw identiteit kan niet worden vastgesteld.Het verzoek kan hierdoor niet door de infrastructurele voorzieningen worden verwerkt.</ErrorMessage:foutOmschrijving>
> <ErrorMessage:foutCode xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">AUS210</ErrorMessage:foutCode>
> <ErrorMessage:PI_Kenmerk xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">BTT-100920-0000002</ErrorMessage:PI_Kenmerk>
> </axis2ns1:Receive__requestFilingFault>
> </detail>
> </soapenv:Fault>
> </soapenv:Body>
> This bug ONLY applies to the case where a SOAP fault is returned, regular operation (not resulting in SOAP fault) is working as intended.
> It seems that the DOOM conversion is adding a "xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"" attribute to the "soapenv:Body" element.
> It is also stripping the "xmlns:axis2ns13="http://servicelibrary.sbr-nl.nl/FilingProcess/Process"" attribute from the "faultstring" element.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RAMPART-309) Incorrect XML Passed to Digest
Algorithm
Posted by "B. Nossing (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-309?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
B. Nossing updated RAMPART-309:
-------------------------------
Attachment: rampart_logs.txt
> Incorrect XML Passed to Digest Algorithm
> ----------------------------------------
>
> Key: RAMPART-309
> URL: https://issues.apache.org/jira/browse/RAMPART-309
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Affects Versions: 1.5
> Environment: tomcat 6.0.24 / axis2 1.5.1 / rampart 1.5 (version 1.5 of rampart is incorrectly flagged as unreleased? : http://ws.apache.org/rampart/index.html)
> Reporter: B. Nossing
> Assignee: Ruchith Udayanga Fernando
> Attachments: rampart_logs.txt
>
>
> Calling a signed webservice results in a "org.apache.axis2.AxisFault: The signature or decryption was invalid" due to the "Pre-digested input" being different from the actual incoming message. (See attached logs)
> Specifically the following log content seems to be of interest:
> Incoming message body:
> <soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1661970439">
> <soapenv:Fault>
> <faultcode>soapenv:Server</faultcode>
> <faultstring xmlns:axis2ns13="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">axis2ns13:FilingFault</faultstring>
> <detail>
> <axis2ns1:Receive__requestFilingFault xmlns:axis2ns1="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">
> <ErrorMessage:foutOmschrijving xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">Uw gegevens komen niet voor in het register van de Certificate Service Provider (CSP). Uw identiteit kan niet worden vastgesteld.Het verzoek kan hierdoor niet door de infrastructurele voorzieningen worden verwerkt.</ErrorMessage:foutOmschrijving>
> <ErrorMessage:foutCode xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">AUS210</ErrorMessage:foutCode>
> <ErrorMessage:PI_Kenmerk xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">BTT-100920-0000002</ErrorMessage:PI_Kenmerk>
> </axis2ns1:Receive__requestFilingFault>
> </detail>
> </soapenv:Fault>
> </soapenv:Body>
> Digested input during signature verification:
> <soapenv:Body xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1661970439">
> <soapenv:Fault>
> <faultcode>soapenv:Server</faultcode>
> <faultstring>axis2ns13:FilingFault</faultstring>
> <detail>
> <axis2ns1:Receive__requestFilingFault xmlns:axis2ns1="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">
> <ErrorMessage:foutOmschrijving xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">Uw gegevens komen niet voor in het register van de Certificate Service Provider (CSP). Uw identiteit kan niet worden vastgesteld.Het verzoek kan hierdoor niet door de infrastructurele voorzieningen worden verwerkt.</ErrorMessage:foutOmschrijving>
> <ErrorMessage:foutCode xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">AUS210</ErrorMessage:foutCode>
> <ErrorMessage:PI_Kenmerk xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">BTT-100920-0000002</ErrorMessage:PI_Kenmerk>
> </axis2ns1:Receive__requestFilingFault>
> </detail>
> </soapenv:Fault>
> </soapenv:Body>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
[jira] Updated: (RAMPART-309) Incorrect XML Passed to Digest
Algorithm
Posted by "B. Nossing (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/RAMPART-309?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
B. Nossing updated RAMPART-309:
-------------------------------
Description:
Calling a signed webservice results in a "org.apache.axis2.AxisFault: The signature or decryption was invalid" due to the "Pre-digested input" being different from the actual incoming message. (See attached logs)
Specifically the following log content seems to be of interest:
Incoming message body:
<soapenv:Body xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1661970439">
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring>axis2ns13:FilingFault</faultstring>
<detail>
<axis2ns1:Receive__requestFilingFault xmlns:axis2ns1="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">
<ErrorMessage:foutOmschrijving xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">Uw gegevens komen niet voor in het register van de Certificate Service Provider (CSP). Uw identiteit kan niet worden vastgesteld.Het verzoek kan hierdoor niet door de infrastructurele voorzieningen worden verwerkt.</ErrorMessage:foutOmschrijving>
<ErrorMessage:foutCode xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">AUS210</ErrorMessage:foutCode>
<ErrorMessage:PI_Kenmerk xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">BTT-100920-0000002</ErrorMessage:PI_Kenmerk>
</axis2ns1:Receive__requestFilingFault>
</detail>
</soapenv:Fault>
</soapenv:Body>
Digested input during signature verification:
<soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1661970439">
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring xmlns:axis2ns13="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">axis2ns13:FilingFault</faultstring>
<detail>
<axis2ns1:Receive__requestFilingFault xmlns:axis2ns1="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">
<ErrorMessage:foutOmschrijving xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">Uw gegevens komen niet voor in het register van de Certificate Service Provider (CSP). Uw identiteit kan niet worden vastgesteld.Het verzoek kan hierdoor niet door de infrastructurele voorzieningen worden verwerkt.</ErrorMessage:foutOmschrijving>
<ErrorMessage:foutCode xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">AUS210</ErrorMessage:foutCode>
<ErrorMessage:PI_Kenmerk xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">BTT-100920-0000002</ErrorMessage:PI_Kenmerk>
</axis2ns1:Receive__requestFilingFault>
</detail>
</soapenv:Fault>
</soapenv:Body>
was:
Calling a signed webservice results in a "org.apache.axis2.AxisFault: The signature or decryption was invalid" due to the "Pre-digested input" being different from the actual incoming message. (See attached logs)
Specifically the following log content seems to be of interest:
Incoming message body:
<soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1661970439">
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring xmlns:axis2ns13="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">axis2ns13:FilingFault</faultstring>
<detail>
<axis2ns1:Receive__requestFilingFault xmlns:axis2ns1="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">
<ErrorMessage:foutOmschrijving xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">Uw gegevens komen niet voor in het register van de Certificate Service Provider (CSP). Uw identiteit kan niet worden vastgesteld.Het verzoek kan hierdoor niet door de infrastructurele voorzieningen worden verwerkt.</ErrorMessage:foutOmschrijving>
<ErrorMessage:foutCode xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">AUS210</ErrorMessage:foutCode>
<ErrorMessage:PI_Kenmerk xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">BTT-100920-0000002</ErrorMessage:PI_Kenmerk>
</axis2ns1:Receive__requestFilingFault>
</detail>
</soapenv:Fault>
</soapenv:Body>
Digested input during signature verification:
<soapenv:Body xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1661970439">
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring>axis2ns13:FilingFault</faultstring>
<detail>
<axis2ns1:Receive__requestFilingFault xmlns:axis2ns1="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">
<ErrorMessage:foutOmschrijving xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">Uw gegevens komen niet voor in het register van de Certificate Service Provider (CSP). Uw identiteit kan niet worden vastgesteld.Het verzoek kan hierdoor niet door de infrastructurele voorzieningen worden verwerkt.</ErrorMessage:foutOmschrijving>
<ErrorMessage:foutCode xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">AUS210</ErrorMessage:foutCode>
<ErrorMessage:PI_Kenmerk xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">BTT-100920-0000002</ErrorMessage:PI_Kenmerk>
</axis2ns1:Receive__requestFilingFault>
</detail>
</soapenv:Fault>
</soapenv:Body>
> Incorrect XML Passed to Digest Algorithm
> ----------------------------------------
>
> Key: RAMPART-309
> URL: https://issues.apache.org/jira/browse/RAMPART-309
> Project: Rampart
> Issue Type: Bug
> Components: rampart-core
> Affects Versions: 1.5
> Environment: tomcat 6.0.24 / axis2 1.5.1 / rampart 1.5 (version 1.5 of rampart is incorrectly flagged as unreleased? : http://ws.apache.org/rampart/index.html)
> Reporter: B. Nossing
> Assignee: Ruchith Udayanga Fernando
> Attachments: rampart_logs.txt
>
>
> Calling a signed webservice results in a "org.apache.axis2.AxisFault: The signature or decryption was invalid" due to the "Pre-digested input" being different from the actual incoming message. (See attached logs)
> Specifically the following log content seems to be of interest:
> Incoming message body:
> <soapenv:Body xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1661970439">
> <soapenv:Fault>
> <faultcode>soapenv:Server</faultcode>
> <faultstring>axis2ns13:FilingFault</faultstring>
> <detail>
> <axis2ns1:Receive__requestFilingFault xmlns:axis2ns1="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">
> <ErrorMessage:foutOmschrijving xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">Uw gegevens komen niet voor in het register van de Certificate Service Provider (CSP). Uw identiteit kan niet worden vastgesteld.Het verzoek kan hierdoor niet door de infrastructurele voorzieningen worden verwerkt.</ErrorMessage:foutOmschrijving>
> <ErrorMessage:foutCode xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">AUS210</ErrorMessage:foutCode>
> <ErrorMessage:PI_Kenmerk xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">BTT-100920-0000002</ErrorMessage:PI_Kenmerk>
> </axis2ns1:Receive__requestFilingFault>
> </detail>
> </soapenv:Fault>
> </soapenv:Body>
> Digested input during signature verification:
> <soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-1661970439">
> <soapenv:Fault>
> <faultcode>soapenv:Server</faultcode>
> <faultstring xmlns:axis2ns13="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">axis2ns13:FilingFault</faultstring>
> <detail>
> <axis2ns1:Receive__requestFilingFault xmlns:axis2ns1="http://servicelibrary.sbr-nl.nl/FilingProcess/Process">
> <ErrorMessage:foutOmschrijving xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">Uw gegevens komen niet voor in het register van de Certificate Service Provider (CSP). Uw identiteit kan niet worden vastgesteld.Het verzoek kan hierdoor niet door de infrastructurele voorzieningen worden verwerkt.</ErrorMessage:foutOmschrijving>
> <ErrorMessage:foutCode xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">AUS210</ErrorMessage:foutCode>
> <ErrorMessage:PI_Kenmerk xmlns:ErrorMessage="http://servicelibrary.sbr-nl.nl/errormessage">BTT-100920-0000002</ErrorMessage:PI_Kenmerk>
> </axis2ns1:Receive__requestFilingFault>
> </detail>
> </soapenv:Fault>
> </soapenv:Body>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.