You are viewing a plain text version of this content. The canonical link for it is here.

Posted to wss4j-dev@ws.apache.org by Davide Romanini <d....@cineca.it> on 2006/06/15 12:15:17 UTC

[WSS4J 1.5] SignatureConfirmation not supported by .NET client

Hi,

I've developed a Web service secured with WSS4J. The client is a .NET
client using WSE. I'm using X509 tokens and the current configuration
works fine since early CVS releases of WSS4J. I recently upgraded to
1.5.0 and my java clients works fine. But the .NET client stopped
working with this message:

 Message "WSE535: The following SecurityToken QName is unsupported:
http://docs.oasis-open.org/wss/2005/xx/oasis-2005xx-wss-wssecurity-secext-1.1.xsd:SignatureConfirmation. Please check your configuration for registered SecurityToken qnames."

It seems to me that the new version works in WSS1.1 compliance so
following the specification sends the SignatureConfirmation. .NET is not
1.1 compliant so it doesn't expect that element.
I think anyway should exists a way to force WSS4J work in 1.0 mode
anyway, or to be backward compatible.

Someone can help?

Bye,
Davide Romanini

Re: [WSS4J 1.5] SignatureConfirmation not supported by .NET client

Posted by Davide Romanini <d....@cineca.it>.

Il giorno gio, 15/06/2006 alle 16.07 +0530, Ashutosh Shahi ha scritto:
> Hello,
> I am not sure .NET is wss11 compliant or not, but the wss11 namespace
> used by WSS4J is outdated. The new namespace is:
> "http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1"
> I think this needs correction in WSS4J.
> 
> Thanks,
> Ashutosh

I resolved setting ENABLE_SIGNATURE_CONFIRMATION to false. I think it's
wrong that WSS4J enables it by default since it's still based on
outdated specs...

Bye,
Davide Romanini
>         
>

Re: [WSS4J 1.5] SignatureConfirmation not supported by .NET client

Posted by Davide Romanini <d....@cineca.it>.

Il giorno gio, 15/06/2006 alle 16.07 +0530, Ashutosh Shahi ha scritto:
> Hello,
> I am not sure .NET is wss11 compliant or not, but the wss11 namespace
> used by WSS4J is outdated. The new namespace is:
> "http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1"
> I think this needs correction in WSS4J.
> 
> Thanks,
> Ashutosh

I resolved setting ENABLE_SIGNATURE_CONFIRMATION to false. I think it's
wrong that WSS4J enables it by default since it's still based on
outdated specs...

Bye,
Davide Romanini
>         
>

Re: [WSS4J 1.5] SignatureConfirmation not supported by .NET client

Posted by Ashutosh Shahi <as...@gmail.com>.

Hello,
I am not sure .NET is wss11 compliant or not, but the wss11 namespace used
by WSS4J is outdated. The new namespace is: "
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1"
I think this needs correction in WSS4J.

Thanks,
Ashutosh

On 6/15/06, Davide Romanini <d....@cineca.it> wrote:
>
> Hi,
>
> I've developed a Web service secured with WSS4J. The client is a .NET
> client using WSE. I'm using X509 tokens and the current configuration
> works fine since early CVS releases of WSS4J. I recently upgraded to
> 1.5.0 and my java clients works fine. But the .NET client stopped
> working with this message:
>
> Message "WSE535: The following SecurityToken QName is unsupported:
>
> http://docs.oasis-open.org/wss/2005/xx/oasis-2005xx-wss-wssecurity-secext-1.1.xsd:SignatureConfirmation.
> Please check your configuration for registered SecurityToken qnames."
>
> It seems to me that the new version works in WSS1.1 compliance so
> following the specification sends the SignatureConfirmation. .NET is not
> 1.1 compliant so it doesn't expect that element.
> I think anyway should exists a way to force WSS4J work in 1.0 mode
> anyway, or to be backward compatible.
>
> Someone can help?
>
> Bye,
> Davide Romanini
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2.2 (GNU/Linux)
>
> iD8DBQBEkTMx0+cDn9e+QqwRAo4WAKCpMCGazEE2GelhopQsjJ3EPWYACACeLoQf
> FREiIVtY0Y9p0+YRATnIQrM=
> =ijiA
> -----END PGP SIGNATURE-----
>
>
>

Re: [WSS4J 1.5] SignatureConfirmation not supported by .NET client

Posted by Ashutosh Shahi <as...@gmail.com>.

Hello,
I am not sure .NET is wss11 compliant or not, but the wss11 namespace used
by WSS4J is outdated. The new namespace is: "
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1"
I think this needs correction in WSS4J.

Thanks,
Ashutosh

On 6/15/06, Davide Romanini <d....@cineca.it> wrote:
>
> Hi,
>
> I've developed a Web service secured with WSS4J. The client is a .NET
> client using WSE. I'm using X509 tokens and the current configuration
> works fine since early CVS releases of WSS4J. I recently upgraded to
> 1.5.0 and my java clients works fine. But the .NET client stopped
> working with this message:
>
> Message "WSE535: The following SecurityToken QName is unsupported:
>
> http://docs.oasis-open.org/wss/2005/xx/oasis-2005xx-wss-wssecurity-secext-1.1.xsd:SignatureConfirmation.
> Please check your configuration for registered SecurityToken qnames."
>
> It seems to me that the new version works in WSS1.1 compliance so
> following the specification sends the SignatureConfirmation. .NET is not
> 1.1 compliant so it doesn't expect that element.
> I think anyway should exists a way to force WSS4J work in 1.0 mode
> anyway, or to be backward compatible.
>
> Someone can help?
>
> Bye,
> Davide Romanini
>
>
> -----BEGIN PGP SIGNATURE-----
> Version: GnuPG v1.4.2.2 (GNU/Linux)
>
> iD8DBQBEkTMx0+cDn9e+QqwRAo4WAKCpMCGazEE2GelhopQsjJ3EPWYACACeLoQf
> FREiIVtY0Y9p0+YRATnIQrM=
> =ijiA
> -----END PGP SIGNATURE-----
>
>
>