You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by Barry McGann <ba...@thb.scot.nhs.uk> on 2006/03/13 17:23:29 UTC

re: UsernameToken issue

Hi,

I am having a problem with the response that I get back from a .NET web 
service. I can successfully call the service adding a UsernameToken, 
Encrypting the body and signing the message but the response I get back 
fails with :

- Using Crypto Engine [org.apache.ws.security.components.crypto.Merlin]
- Verification successful for URI "#id-886220"

{http://xml.apache.org/axis/}stackTrace:java.lang.NullPointerException

    at 
org.apache.ws.security.message.token.UsernameToken.&lt;init&gt;(UsernameToken.java:110)
    at org.apache.ws.security.WSSecurityEngine.handleUsernameToken
    at 
org.apache.ws.security.WSSecurityEngine.handleUsernameToken(WSSecurityEngine.java:832)
    at 
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:379)
    at 
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:259)
    at 
org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:183)
    ...........

Here is the wsdd file I am using:

<deployment xmlns="http://xml.apache.org/axis/wsdd/" 
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
    <transport name="http" 
pivot="java:org.apache.axis.transport.http.HTTPSender"/>  
<globalConfiguration >   
<requestFlow >
    <handler name="EcsResponseHandler" 
type="java:ict.ecs.EcsResponseHandler" >
    </handler>
    <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
        <parameter name="passwordCallbackClass" 
value="ict.ecs.PWCallback"/>       
        <parameter name="action" value="Encrypt Timestamp Signature"/>
        <parameter name="decryptionPropFile" value="key.properties" />
        <parameter name="signaturePropFile" value="key.properties" />
        <parameter name="encryptionKeyIdentifier" value="DirectReference" />
        <parameter name="signatureKeyIdentifier" value="DirectReference" />
    </handler>
   </requestFlow  >
</globalConfiguration >
</deployment>


I build the outgoing message manually.
I can see that the digital signature is verified successfully but how do 
I setup the wsdd file to ignore the fact that no UsernameToken is being 
passed back in the response?

Any help is appreciated.

Thanks



---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org