You are viewing a plain text version of this content. The canonical link for it is here.

Posted to users@cxf.apache.org by Martin Fernau <ma...@fernausoft.de> on 2016/11/04 16:17:47 UTC

ws-policy/ws-security: Remote-Service reports "An error occurred when verifying security for the message"

Hello,

this thing is a real problem and I need it to bring to work...
I need to consume a third party web service (implemented in .NET hosted 
by IIS) using ws-policy/ws-security.
Basically the client works and I can successfully call some methods. But 
for one method the call fails with "An error occurred when verifying 
security for the message".
If I call the same method with a .NET Test-Client generated from the 
same WSDL the call succeeds so this must something related to CXF. A 
special requirement for this method is that it needs a special Header 
which needs to be encrypted and signed. The other methods does not 
require this header so I think its related to that.
I'm able to add the header and the outgoing message seems to contain 
this header encrypted and signed as required. However, the remote server 
refuse the message.

The developer of the service is currently no real help. The only 
information I get until now is "there is no error message in the logs". 
Great, that helps much...

I'm able to provide any kind of information which should be helpful. The 
full WSDL, the message before and after encryption from both the .NET 
and CXF-Client. But because this is quite a lot of text I don't know if 
I should add them here (embedded as text or as attachments), or if its 
better to upload them anywhere.

I hope someone is able to bring some light in this...

Thanks and regards
Martin

Re: ws-policy/ws-security: Remote-Service reports "An error occurred when verifying security for the message"

Posted by Colm O hEigeartaigh <co...@apache.org>.

This is a bug in WSS4J which I've fixed:
https://issues.apache.org/jira/browse/WSS-594

Colm.

On Thu, Nov 17, 2016 at 6:01 PM, Martin Fernau <ma...@fernausoft.de>
wrote:

> I was able to fix this by adding my own AbstractSoapInterceptor and
> manually adding the mustUnderstand-Attribute to the EncryptedHeader Element
> and set it to "true".
> After this the remote server accept my messages.
>
> Thanks - solved!
>
> Am 16.11.2016 um 15:39 schrieb Martin Fernau:
>
>> Hi Colm,
>>
>> thanks for your response. I finally got a maybe valuable information from
>> the distributor of this service.
>> They found the following information in their logs:
>>
>> --cut
>> Message authentication failed.
>>  Service: https://www.fhdsales.dealerconnection.com/DMSInterface/V4/Se
>> rviceCustomer.svc
>>  Action: http://tempuri.org/IServiceCustomer/InsertCustomer
>>  ClientIdentity:
>>  ActivityId: <null>
>>  MessageSecurityException: The Encrypted Header and the Security Header
>> 'mustUnderstand' attribute did not match. Encrypted Header: False. Security
>> Header: True.
>> --cut
>>
>> I already saw that CXF did not specify the mustUnderstand attribute for
>> the EncryptedHeader as it the .NET Client does but because of lack of
>> knowledge I thought this is normal or just a redundant information.
>> Is there a way to enable this attribute for the missing parts of the
>> message?
>>
>> Thanks and Regards
>> Martin
>>
>>
>> Am 10.11.2016 um 12:20 schrieb Colm O hEigeartaigh:
>>
>>> Hi Martin,
>>>
>>> The .NET + CXF messages look structurally the same, so there's no obvious
>>> hint there. I'd suggest two things:
>>>
>>> a) Try to create a CXF-based test-case using your WSDL (it should be easy
>>> enough to adapt one of the existing ws-security system tests). See if the
>>> client request works to the service, or whether the service can reproduce
>>> the .NET error when validating the request.
>>>
>>> b) If you have access to the .NET service, try tweaking the security
>>> policy
>>> a bit. If you remove the header from EncryptedParts does it still fail?
>>> If
>>> you remove the Derived Keys does it still fail etc? That might help to
>>> narrow down the problem.
>>>
>>> Colm.
>>>
>>> On Tue, Nov 8, 2016 at 10:32 AM, Martin Fernau <
>>> martin.fernau@fernausoft.de>
>>> wrote:
>>>
>>> As I'm still stuck in this I'm going to post WSDL and examples in hope
>>>> someone can point me to the right direction.
>>>> The problematic method is "InsertCustomer". Other methods work! I guess
>>>> its related to the additional header for the InserCustomer method which
>>>> I
>>>> add as follows:
>>>>
>>>> -----cut
>>>> SOAPFactory sf = SOAPFactory.newInstance();
>>>> SOAPElement s_ffeHeader = sf.createElement(new QName("
>>>> http://tempuri.org/
>>>> ","FfeHeader"));
>>>> SOAPElement s_ffeDealerCode = sf.createElement(new QName("
>>>> http://schemas.datacontract.org/2004/07/DMSInterface.Model",
>>>> "ffeDealerCode"));
>>>> s_ffeDealerCode.addTextNode("dealerCode");
>>>> s_ffeHeader.addChildElement(s_ffeDealerCode);
>>>> SoapHeader tokenHeader = new SoapHeader(new QName("http://tempuri.org/
>>>> ","FfeHeader"),
>>>> s_ffeHeader);
>>>> headersList.add(tokenHeader);
>>>> client.getRequestContext().put(Header.HEADER_LIST, headersList);
>>>> -----cut
>>>>
>>>> I'll post three files after these lines:
>>>> [1] The original WSDL-File
>>>> [2] The working request from .NET Client
>>>> [3] The request from CXF-Client which fails with "An error occurred when
>>>> verifying security for the message"
>>>>
>>>> -----cut [1]-----
>>>> <wsdl:definitions name="ServiceCustomer" targetNamespace="http://tempur
>>>> i.org/"
>>>>      xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:xsd="
>>>> http://www.w3.org/2001/XMLSchema"
>>>>      xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
>>>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-2004
>>>> 01-wss-wssecurity-utility-1.0.xsd"
>>>>      xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
>>>>      xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:tns="
>>>> http://tempuri.org/"
>>>> xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
>>>>      xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex"
>>>> xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy"
>>>>      xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
>>>> xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract"
>>>>      xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
>>>>      xmlns:wsa10="http://www.w3.org/2005/08/addressing"
>>>> xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata">
>>>>      <wsp:Policy wsu:Id="CustomBinding_IServiceCustomer_policy">
>>>>          <wsp:ExactlyOne>
>>>>              <wsp:All>
>>>>                  <sp:SymmetricBinding xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <wsp:Policy>
>>>>                          <sp:ProtectionToken>
>>>>                              <wsp:Policy>
>>>>                                  <sp:X509Token
>>>> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/
>>>> securitypolicy/IncludeToken/Never">
>>>>                                      <wsp:Policy>
>>>> <sp:RequireDerivedKeys/>
>>>> <sp:RequireThumbprintReference/>
>>>> <sp:WssX509V3Token10/>
>>>>                                      </wsp:Policy>
>>>>                                  </sp:X509Token>
>>>>                              </wsp:Policy>
>>>>                          </sp:ProtectionToken>
>>>>                          <sp:AlgorithmSuite>
>>>>                              <wsp:Policy>
>>>>                                  <sp:Basic128Rsa15/>
>>>>                              </wsp:Policy>
>>>>                          </sp:AlgorithmSuite>
>>>>                          <sp:Layout>
>>>>                              <wsp:Policy>
>>>>                                  <sp:Strict/>
>>>>                              </wsp:Policy>
>>>>                          </sp:Layout>
>>>>                          <sp:IncludeTimestamp/>
>>>> <sp:OnlySignEntireHeadersAndBody/>
>>>>                      </wsp:Policy>
>>>>                  </sp:SymmetricBinding>
>>>>                  <sp:EndorsingSupportingTokens
>>>> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>>                      <wsp:Policy>
>>>>                          <sp:X509Token
>>>> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/
>>>> securitypolicy/IncludeToken/AlwaysToRecipient">
>>>>                              <wsp:Policy>
>>>> <sp:RequireThumbprintReference/>
>>>>                                  <sp:WssX509V3Token10/>
>>>>                              </wsp:Policy>
>>>>                          </sp:X509Token>
>>>>                      </wsp:Policy>
>>>>                  </sp:EndorsingSupportingTokens>
>>>>                  <sp:Wss11 xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <wsp:Policy>
>>>>                          <sp:MustSupportRefThumbprint/>
>>>> <sp:MustSupportRefEncryptedKey/>
>>>> <sp:RequireSignatureConfirmation/>
>>>>                      </wsp:Policy>
>>>>                  </sp:Wss11>
>>>>                  <sp:Trust10 xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <wsp:Policy>
>>>>                          <sp:MustSupportIssuedTokens/>
>>>>                          <sp:RequireClientEntropy/>
>>>>                          <sp:RequireServerEntropy/>
>>>>                      </wsp:Policy>
>>>>                  </sp:Trust10>
>>>>                  <sp:TransportBinding xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <wsp:Policy>
>>>>                          <sp:TransportToken>
>>>>                              <wsp:Policy>
>>>>                                  <sp:HttpsToken
>>>> RequireClientCertificate="false"/>
>>>>                              </wsp:Policy>
>>>>                          </sp:TransportToken>
>>>>                          <sp:AlgorithmSuite>
>>>>                              <wsp:Policy>
>>>>                                  <sp:Basic128/>
>>>>                              </wsp:Policy>
>>>>                          </sp:AlgorithmSuite>
>>>>                          <sp:Layout>
>>>>                              <wsp:Policy>
>>>>                                  <sp:Strict/>
>>>>                              </wsp:Policy>
>>>>                          </sp:Layout>
>>>>                          <sp:IncludeTimestamp/>
>>>>                      </wsp:Policy>
>>>>                  </sp:TransportBinding>
>>>>                  <wsaw:UsingAddressing/>
>>>>              </wsp:All>
>>>>          </wsp:ExactlyOne>
>>>>      </wsp:Policy>
>>>>      <wsp:Policy wsu:Id="CustomBinding_IService
>>>> Customer_InsertCustomer_Input_policy">
>>>>          <wsp:ExactlyOne>
>>>>              <wsp:All>
>>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                      <sp:Header Name="FfeHeader" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="To" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="From" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="FaultTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="ReplyTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="MessageID" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="RelatesTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="Action" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                  </sp:SignedParts>
>>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                      <sp:Header Name="FfeHeader" Namespace="
>>>> http://tempuri.org/"/>
>>>>                  </sp:EncryptedParts>
>>>>              </wsp:All>
>>>>          </wsp:ExactlyOne>
>>>>      </wsp:Policy>
>>>>      <wsp:Policy wsu:Id="CustomBinding_IServiceCustomer_InsertCustomer_
>>>> output_policy">
>>>>          <wsp:ExactlyOne>
>>>>              <wsp:All>
>>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                      <sp:Header Name="To" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="From" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="FaultTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="ReplyTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="MessageID" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="RelatesTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="Action" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                  </sp:SignedParts>
>>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                  </sp:EncryptedParts>
>>>>              </wsp:All>
>>>>          </wsp:ExactlyOne>
>>>>      </wsp:Policy>
>>>>      <wsp:Policy wsu:Id="CustomBinding_IService
>>>> Customer_InsertCustomer_ValidationErrorFault_Fault">
>>>>          <wsp:ExactlyOne>
>>>>              <wsp:All>
>>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                      <sp:Header Name="To" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="From" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="FaultTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="ReplyTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="MessageID" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="RelatesTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="Action" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                  </sp:SignedParts>
>>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                  </sp:EncryptedParts>
>>>>              </wsp:All>
>>>>          </wsp:ExactlyOne>
>>>>      </wsp:Policy>
>>>>      <wsp:Policy wsu:Id="CustomBinding_IService
>>>> Customer_GetOffersByCustomerID_Input_policy">
>>>>          <wsp:ExactlyOne>
>>>>              <wsp:All>
>>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                      <sp:Header Name="To" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="From" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="FaultTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="ReplyTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="MessageID" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="RelatesTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="Action" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                  </sp:SignedParts>
>>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                  </sp:EncryptedParts>
>>>>              </wsp:All>
>>>>          </wsp:ExactlyOne>
>>>>      </wsp:Policy>
>>>>      <wsp:Policy wsu:Id="CustomBinding_IService
>>>> Customer_GetOffersByCustomerID_output_policy">
>>>>          <wsp:ExactlyOne>
>>>>              <wsp:All>
>>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                      <sp:Header Name="To" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="From" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="FaultTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="ReplyTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="MessageID" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="RelatesTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="Action" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                  </sp:SignedParts>
>>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                  </sp:EncryptedParts>
>>>>              </wsp:All>
>>>>          </wsp:ExactlyOne>
>>>>      </wsp:Policy>
>>>>      <wsp:Policy wsu:Id="CustomBinding_IService
>>>> Customer_GetOfferByOfferID_
>>>> Input_policy">
>>>>          <wsp:ExactlyOne>
>>>>              <wsp:All>
>>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                      <sp:Header Name="To" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="From" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="FaultTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="ReplyTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="MessageID" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="RelatesTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="Action" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                  </sp:SignedParts>
>>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                  </sp:EncryptedParts>
>>>>              </wsp:All>
>>>>          </wsp:ExactlyOne>
>>>>      </wsp:Policy>
>>>>      <wsp:Policy wsu:Id="CustomBinding_IService
>>>> Customer_GetOfferByOfferID_
>>>> output_policy">
>>>>          <wsp:ExactlyOne>
>>>>              <wsp:All>
>>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                      <sp:Header Name="dealerCountryCodeField"
>>>> Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="dealerLangCodeField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="ffeDealerCodeField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="fromSystemField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="fromURIField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="msgIdField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="replyToURIField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="salesPersonCodeField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="timeStampField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="userField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="To" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="From" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="FaultTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="ReplyTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="MessageID" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="RelatesTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="Action" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                  </sp:SignedParts>
>>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                      <sp:Header Name="dealerCountryCodeField"
>>>> Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="dealerLangCodeField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="ffeDealerCodeField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="fromSystemField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="fromURIField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="msgIdField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="replyToURIField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="salesPersonCodeField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="timeStampField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="userField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                  </sp:EncryptedParts>
>>>>              </wsp:All>
>>>>          </wsp:ExactlyOne>
>>>>      </wsp:Policy>
>>>>      <wsp:Policy wsu:Id="CustomBinding_IService
>>>> Customer_GetContractsByCustomerID_Input_policy">
>>>>          <wsp:ExactlyOne>
>>>>              <wsp:All>
>>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                      <sp:Header Name="To" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="From" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="FaultTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="ReplyTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="MessageID" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="RelatesTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="Action" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                  </sp:SignedParts>
>>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                  </sp:EncryptedParts>
>>>>              </wsp:All>
>>>>          </wsp:ExactlyOne>
>>>>      </wsp:Policy>
>>>>      <wsp:Policy wsu:Id="CustomBinding_IService
>>>> Customer_GetContractsByCustomerID_output_policy">
>>>>          <wsp:ExactlyOne>
>>>>              <wsp:All>
>>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                      <sp:Header Name="To" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="From" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="FaultTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="ReplyTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="MessageID" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="RelatesTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="Action" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                  </sp:SignedParts>
>>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                  </sp:EncryptedParts>
>>>>              </wsp:All>
>>>>          </wsp:ExactlyOne>
>>>>      </wsp:Policy>
>>>>      <wsp:Policy wsu:Id="CustomBinding_IService
>>>> Customer_GetContractByContractID_Input_policy">
>>>>          <wsp:ExactlyOne>
>>>>              <wsp:All>
>>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                      <sp:Header Name="To" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="From" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="FaultTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="ReplyTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="MessageID" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="RelatesTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="Action" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                  </sp:SignedParts>
>>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                  </sp:EncryptedParts>
>>>>              </wsp:All>
>>>>          </wsp:ExactlyOne>
>>>>      </wsp:Policy>
>>>>      <wsp:Policy wsu:Id="CustomBinding_IService
>>>> Customer_GetContractByContractID_output_policy">
>>>>          <wsp:ExactlyOne>
>>>>              <wsp:All>
>>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                      <sp:Header Name="dealerCountryCodeField"
>>>> Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="dealerLangCodeField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="ffeDealerCodeField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="fromSystemField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="fromURIField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="msgIdField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="replyToURIField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="salesPersonCodeField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="timeStampField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="userField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="To" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="From" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="FaultTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="ReplyTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="MessageID" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="RelatesTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="Action" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                  </sp:SignedParts>
>>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                      <sp:Header Name="dealerCountryCodeField"
>>>> Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="dealerLangCodeField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="ffeDealerCodeField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="fromSystemField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="fromURIField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="msgIdField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="replyToURIField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="salesPersonCodeField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="timeStampField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                      <sp:Header Name="userField" Namespace="
>>>> http://tempuri.org/"/>
>>>>                  </sp:EncryptedParts>
>>>>              </wsp:All>
>>>>          </wsp:ExactlyOne>
>>>>      </wsp:Policy>
>>>>      <wsp:Policy wsu:Id="CustomBinding_IService
>>>> Customer_GetStockcarByOrderRef_Input_policy">
>>>>          <wsp:ExactlyOne>
>>>>              <wsp:All>
>>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>>> ap.org/ws/2005/07/securitypolicy">
>>>>                      <sp:Body/>
>>>>                      <sp:Header Name="To" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="From" Namespace="
>>>> http://www.w3.org/2
>>>> 005/08/addressing"/>
>>>>                      <sp:Header Name="FaultTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="ReplyTo" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>>                      <sp:Header Name="MessageID" Namespace="
>>>> http://www.w3.org/2005/08/addressing"/>
>>>
>>>


-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Re: ws-policy/ws-security: Remote-Service reports "An error occurred when verifying security for the message"

Posted by Martin Fernau <ma...@fernausoft.de>.

I was able to fix this by adding my own AbstractSoapInterceptor and 
manually adding the mustUnderstand-Attribute to the EncryptedHeader 
Element and set it to "true".
After this the remote server accept my messages.

Thanks - solved!

Am 16.11.2016 um 15:39 schrieb Martin Fernau:
> Hi Colm,
>
> thanks for your response. I finally got a maybe valuable information 
> from the distributor of this service.
> They found the following information in their logs:
>
> --cut
> Message authentication failed.
>  Service: 
> https://www.fhdsales.dealerconnection.com/DMSInterface/V4/ServiceCustomer.svc
>  Action: http://tempuri.org/IServiceCustomer/InsertCustomer
>  ClientIdentity:
>  ActivityId: <null>
>  MessageSecurityException: The Encrypted Header and the Security 
> Header 'mustUnderstand' attribute did not match. Encrypted Header: 
> False. Security Header: True.
> --cut
>
> I already saw that CXF did not specify the mustUnderstand attribute 
> for the EncryptedHeader as it the .NET Client does but because of lack 
> of knowledge I thought this is normal or just a redundant information.
> Is there a way to enable this attribute for the missing parts of the 
> message?
>
> Thanks and Regards
> Martin
>
>
> Am 10.11.2016 um 12:20 schrieb Colm O hEigeartaigh:
>> Hi Martin,
>>
>> The .NET + CXF messages look structurally the same, so there's no 
>> obvious
>> hint there. I'd suggest two things:
>>
>> a) Try to create a CXF-based test-case using your WSDL (it should be 
>> easy
>> enough to adapt one of the existing ws-security system tests). See if 
>> the
>> client request works to the service, or whether the service can 
>> reproduce
>> the .NET error when validating the request.
>>
>> b) If you have access to the .NET service, try tweaking the security 
>> policy
>> a bit. If you remove the header from EncryptedParts does it still 
>> fail? If
>> you remove the Derived Keys does it still fail etc? That might help to
>> narrow down the problem.
>>
>> Colm.
>>
>> On Tue, Nov 8, 2016 at 10:32 AM, Martin Fernau 
>> <ma...@fernausoft.de>
>> wrote:
>>
>>> As I'm still stuck in this I'm going to post WSDL and examples in hope
>>> someone can point me to the right direction.
>>> The problematic method is "InsertCustomer". Other methods work! I guess
>>> its related to the additional header for the InserCustomer method 
>>> which I
>>> add as follows:
>>>
>>> -----cut
>>> SOAPFactory sf = SOAPFactory.newInstance();
>>> SOAPElement s_ffeHeader = sf.createElement(new 
>>> QName("http://tempuri.org/
>>> ","FfeHeader"));
>>> SOAPElement s_ffeDealerCode = sf.createElement(new QName("
>>> http://schemas.datacontract.org/2004/07/DMSInterface.Model",
>>> "ffeDealerCode"));
>>> s_ffeDealerCode.addTextNode("dealerCode");
>>> s_ffeHeader.addChildElement(s_ffeDealerCode);
>>> SoapHeader tokenHeader = new SoapHeader(new 
>>> QName("http://tempuri.org/","FfeHeader"),
>>> s_ffeHeader);
>>> headersList.add(tokenHeader);
>>> client.getRequestContext().put(Header.HEADER_LIST, headersList);
>>> -----cut
>>>
>>> I'll post three files after these lines:
>>> [1] The original WSDL-File
>>> [2] The working request from .NET Client
>>> [3] The request from CXF-Client which fails with "An error occurred 
>>> when
>>> verifying security for the message"
>>>
>>> -----cut [1]-----
>>> <wsdl:definitions name="ServiceCustomer" targetNamespace="http://tempur
>>> i.org/"
>>>      xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:xsd="
>>> http://www.w3.org/2001/XMLSchema"
>>>      xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
>>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-2004
>>> 01-wss-wssecurity-utility-1.0.xsd"
>>>      xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
>>>      xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:tns="
>>> http://tempuri.org/"
>>> xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
>>>      xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex"
>>> xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy"
>>>      xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
>>> xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract"
>>>      xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
>>>      xmlns:wsa10="http://www.w3.org/2005/08/addressing"
>>> xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata">
>>>      <wsp:Policy wsu:Id="CustomBinding_IServiceCustomer_policy">
>>>          <wsp:ExactlyOne>
>>>              <wsp:All>
>>>                  <sp:SymmetricBinding xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <wsp:Policy>
>>>                          <sp:ProtectionToken>
>>>                              <wsp:Policy>
>>>                                  <sp:X509Token
>>> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/
>>> securitypolicy/IncludeToken/Never">
>>>                                      <wsp:Policy>
>>> <sp:RequireDerivedKeys/>
>>> <sp:RequireThumbprintReference/>
>>> <sp:WssX509V3Token10/>
>>>                                      </wsp:Policy>
>>>                                  </sp:X509Token>
>>>                              </wsp:Policy>
>>>                          </sp:ProtectionToken>
>>>                          <sp:AlgorithmSuite>
>>>                              <wsp:Policy>
>>>                                  <sp:Basic128Rsa15/>
>>>                              </wsp:Policy>
>>>                          </sp:AlgorithmSuite>
>>>                          <sp:Layout>
>>>                              <wsp:Policy>
>>>                                  <sp:Strict/>
>>>                              </wsp:Policy>
>>>                          </sp:Layout>
>>>                          <sp:IncludeTimestamp/>
>>> <sp:OnlySignEntireHeadersAndBody/>
>>>                      </wsp:Policy>
>>>                  </sp:SymmetricBinding>
>>>                  <sp:EndorsingSupportingTokens
>>> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>>                      <wsp:Policy>
>>>                          <sp:X509Token
>>> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/
>>> securitypolicy/IncludeToken/AlwaysToRecipient">
>>>                              <wsp:Policy>
>>> <sp:RequireThumbprintReference/>
>>>                                  <sp:WssX509V3Token10/>
>>>                              </wsp:Policy>
>>>                          </sp:X509Token>
>>>                      </wsp:Policy>
>>>                  </sp:EndorsingSupportingTokens>
>>>                  <sp:Wss11 xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <wsp:Policy>
>>>                          <sp:MustSupportRefThumbprint/>
>>> <sp:MustSupportRefEncryptedKey/>
>>> <sp:RequireSignatureConfirmation/>
>>>                      </wsp:Policy>
>>>                  </sp:Wss11>
>>>                  <sp:Trust10 xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <wsp:Policy>
>>>                          <sp:MustSupportIssuedTokens/>
>>>                          <sp:RequireClientEntropy/>
>>>                          <sp:RequireServerEntropy/>
>>>                      </wsp:Policy>
>>>                  </sp:Trust10>
>>>                  <sp:TransportBinding xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <wsp:Policy>
>>>                          <sp:TransportToken>
>>>                              <wsp:Policy>
>>>                                  <sp:HttpsToken
>>> RequireClientCertificate="false"/>
>>>                              </wsp:Policy>
>>>                          </sp:TransportToken>
>>>                          <sp:AlgorithmSuite>
>>>                              <wsp:Policy>
>>>                                  <sp:Basic128/>
>>>                              </wsp:Policy>
>>>                          </sp:AlgorithmSuite>
>>>                          <sp:Layout>
>>>                              <wsp:Policy>
>>>                                  <sp:Strict/>
>>>                              </wsp:Policy>
>>>                          </sp:Layout>
>>>                          <sp:IncludeTimestamp/>
>>>                      </wsp:Policy>
>>>                  </sp:TransportBinding>
>>>                  <wsaw:UsingAddressing/>
>>>              </wsp:All>
>>>          </wsp:ExactlyOne>
>>>      </wsp:Policy>
>>>      <wsp:Policy wsu:Id="CustomBinding_IService
>>> Customer_InsertCustomer_Input_policy">
>>>          <wsp:ExactlyOne>
>>>              <wsp:All>
>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                      <sp:Header Name="FfeHeader" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="To" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="From" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="FaultTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="ReplyTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="MessageID" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="RelatesTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="Action" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                  </sp:SignedParts>
>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                      <sp:Header Name="FfeHeader" Namespace="
>>> http://tempuri.org/"/>
>>>                  </sp:EncryptedParts>
>>>              </wsp:All>
>>>          </wsp:ExactlyOne>
>>>      </wsp:Policy>
>>>      <wsp:Policy wsu:Id="CustomBinding_IServiceCustomer_InsertCustomer_
>>> output_policy">
>>>          <wsp:ExactlyOne>
>>>              <wsp:All>
>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                      <sp:Header Name="To" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="From" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="FaultTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="ReplyTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="MessageID" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="RelatesTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="Action" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                  </sp:SignedParts>
>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                  </sp:EncryptedParts>
>>>              </wsp:All>
>>>          </wsp:ExactlyOne>
>>>      </wsp:Policy>
>>>      <wsp:Policy wsu:Id="CustomBinding_IService
>>> Customer_InsertCustomer_ValidationErrorFault_Fault">
>>>          <wsp:ExactlyOne>
>>>              <wsp:All>
>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                      <sp:Header Name="To" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="From" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="FaultTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="ReplyTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="MessageID" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="RelatesTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="Action" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                  </sp:SignedParts>
>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                  </sp:EncryptedParts>
>>>              </wsp:All>
>>>          </wsp:ExactlyOne>
>>>      </wsp:Policy>
>>>      <wsp:Policy wsu:Id="CustomBinding_IService
>>> Customer_GetOffersByCustomerID_Input_policy">
>>>          <wsp:ExactlyOne>
>>>              <wsp:All>
>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                      <sp:Header Name="To" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="From" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="FaultTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="ReplyTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="MessageID" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="RelatesTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="Action" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                  </sp:SignedParts>
>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                  </sp:EncryptedParts>
>>>              </wsp:All>
>>>          </wsp:ExactlyOne>
>>>      </wsp:Policy>
>>>      <wsp:Policy wsu:Id="CustomBinding_IService
>>> Customer_GetOffersByCustomerID_output_policy">
>>>          <wsp:ExactlyOne>
>>>              <wsp:All>
>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                      <sp:Header Name="To" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="From" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="FaultTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="ReplyTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="MessageID" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="RelatesTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="Action" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                  </sp:SignedParts>
>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                  </sp:EncryptedParts>
>>>              </wsp:All>
>>>          </wsp:ExactlyOne>
>>>      </wsp:Policy>
>>>      <wsp:Policy 
>>> wsu:Id="CustomBinding_IServiceCustomer_GetOfferByOfferID_
>>> Input_policy">
>>>          <wsp:ExactlyOne>
>>>              <wsp:All>
>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                      <sp:Header Name="To" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="From" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="FaultTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="ReplyTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="MessageID" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="RelatesTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="Action" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                  </sp:SignedParts>
>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                  </sp:EncryptedParts>
>>>              </wsp:All>
>>>          </wsp:ExactlyOne>
>>>      </wsp:Policy>
>>>      <wsp:Policy 
>>> wsu:Id="CustomBinding_IServiceCustomer_GetOfferByOfferID_
>>> output_policy">
>>>          <wsp:ExactlyOne>
>>>              <wsp:All>
>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                      <sp:Header Name="dealerCountryCodeField" 
>>> Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="dealerLangCodeField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="ffeDealerCodeField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="fromSystemField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="fromURIField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="msgIdField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="replyToURIField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="salesPersonCodeField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="timeStampField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="userField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="To" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="From" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="FaultTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="ReplyTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="MessageID" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="RelatesTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="Action" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                  </sp:SignedParts>
>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                      <sp:Header Name="dealerCountryCodeField" 
>>> Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="dealerLangCodeField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="ffeDealerCodeField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="fromSystemField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="fromURIField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="msgIdField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="replyToURIField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="salesPersonCodeField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="timeStampField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="userField" Namespace="
>>> http://tempuri.org/"/>
>>>                  </sp:EncryptedParts>
>>>              </wsp:All>
>>>          </wsp:ExactlyOne>
>>>      </wsp:Policy>
>>>      <wsp:Policy wsu:Id="CustomBinding_IService
>>> Customer_GetContractsByCustomerID_Input_policy">
>>>          <wsp:ExactlyOne>
>>>              <wsp:All>
>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                      <sp:Header Name="To" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="From" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="FaultTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="ReplyTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="MessageID" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="RelatesTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="Action" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                  </sp:SignedParts>
>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                  </sp:EncryptedParts>
>>>              </wsp:All>
>>>          </wsp:ExactlyOne>
>>>      </wsp:Policy>
>>>      <wsp:Policy wsu:Id="CustomBinding_IService
>>> Customer_GetContractsByCustomerID_output_policy">
>>>          <wsp:ExactlyOne>
>>>              <wsp:All>
>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                      <sp:Header Name="To" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="From" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="FaultTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="ReplyTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="MessageID" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="RelatesTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="Action" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                  </sp:SignedParts>
>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                  </sp:EncryptedParts>
>>>              </wsp:All>
>>>          </wsp:ExactlyOne>
>>>      </wsp:Policy>
>>>      <wsp:Policy wsu:Id="CustomBinding_IService
>>> Customer_GetContractByContractID_Input_policy">
>>>          <wsp:ExactlyOne>
>>>              <wsp:All>
>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                      <sp:Header Name="To" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="From" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="FaultTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="ReplyTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="MessageID" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="RelatesTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="Action" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                  </sp:SignedParts>
>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                  </sp:EncryptedParts>
>>>              </wsp:All>
>>>          </wsp:ExactlyOne>
>>>      </wsp:Policy>
>>>      <wsp:Policy wsu:Id="CustomBinding_IService
>>> Customer_GetContractByContractID_output_policy">
>>>          <wsp:ExactlyOne>
>>>              <wsp:All>
>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                      <sp:Header Name="dealerCountryCodeField" 
>>> Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="dealerLangCodeField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="ffeDealerCodeField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="fromSystemField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="fromURIField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="msgIdField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="replyToURIField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="salesPersonCodeField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="timeStampField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="userField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="To" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="From" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="FaultTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="ReplyTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="MessageID" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="RelatesTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="Action" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                  </sp:SignedParts>
>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                      <sp:Header Name="dealerCountryCodeField" 
>>> Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="dealerLangCodeField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="ffeDealerCodeField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="fromSystemField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="fromURIField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="msgIdField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="replyToURIField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="salesPersonCodeField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="timeStampField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="userField" Namespace="
>>> http://tempuri.org/"/>
>>>                  </sp:EncryptedParts>
>>>              </wsp:All>
>>>          </wsp:ExactlyOne>
>>>      </wsp:Policy>
>>>      <wsp:Policy wsu:Id="CustomBinding_IService
>>> Customer_GetStockcarByOrderRef_Input_policy">
>>>          <wsp:ExactlyOne>
>>>              <wsp:All>
>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                      <sp:Header Name="To" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="From" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="FaultTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="ReplyTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="MessageID" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="RelatesTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="Action" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                  </sp:SignedParts>
>>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                  </sp:EncryptedParts>
>>>              </wsp:All>
>>>          </wsp:ExactlyOne>
>>>      </wsp:Policy>
>>>      <wsp:Policy wsu:Id="CustomBinding_IService
>>> Customer_GetStockcarByOrderRef_output_policy">
>>>          <wsp:ExactlyOne>
>>>              <wsp:All>
>>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>>> ap.org/ws/2005/07/securitypolicy">
>>>                      <sp:Body/>
>>>                      <sp:Header Name="dealerCountryCodeField" 
>>> Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="dealerLangCodeField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="ffeDealerCodeField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="fromSystemField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="fromURIField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="msgIdField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="replyToURIField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="salesPersonCodeField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="timeStampField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="userField" Namespace="
>>> http://tempuri.org/"/>
>>>                      <sp:Header Name="To" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="From" 
>>> Namespace="http://www.w3.org/2
>>> 005/08/addressing"/>
>>>                      <sp:Header Name="FaultTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="ReplyTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="MessageID" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="RelatesTo" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>>                      <sp:Header Name="Action" Namespace="
>>> http://www.w3.org/2005/08/addressing"/>
>>
>>
>>
>

-- 
FERNAUSOFT GmbH
Gartenstra�e 42 - 37269 Eschwege

Telefon (0 56 51) 95 99-0
Telefax (0 56 51) 95 99-90

eMail martin.fernau@fernausoft.de
Internet http://www.fernausoft.de

Handelsregister Eschwege, HRB 1585
Gesch�ftsf�hrer: Axel Fernau, Ulrich Fernau, Martin Fernau
Steuernummer 025 233 00041
USt-ID-Nr. DE 178 554 622

Re: ws-policy/ws-security: Remote-Service reports "An error occurred when verifying security for the message"

Posted by Martin Fernau <ma...@fernausoft.de>.

Hi Colm,

thanks for your response. I finally got a maybe valuable information 
from the distributor of this service.
They found the following information in their logs:

--cut
Message authentication failed.
  Service: 
https://www.fhdsales.dealerconnection.com/DMSInterface/V4/ServiceCustomer.svc
  Action: http://tempuri.org/IServiceCustomer/InsertCustomer
  ClientIdentity:
  ActivityId: <null>
  MessageSecurityException: The Encrypted Header and the Security Header 
'mustUnderstand' attribute did not match. Encrypted Header: False. 
Security Header: True.
--cut

I already saw that CXF did not specify the mustUnderstand attribute for 
the EncryptedHeader as it the .NET Client does but because of lack of 
knowledge I thought this is normal or just a redundant information.
Is there a way to enable this attribute for the missing parts of the 
message?

Thanks and Regards
Martin


Am 10.11.2016 um 12:20 schrieb Colm O hEigeartaigh:
> Hi Martin,
>
> The .NET + CXF messages look structurally the same, so there's no obvious
> hint there. I'd suggest two things:
>
> a) Try to create a CXF-based test-case using your WSDL (it should be easy
> enough to adapt one of the existing ws-security system tests). See if the
> client request works to the service, or whether the service can reproduce
> the .NET error when validating the request.
>
> b) If you have access to the .NET service, try tweaking the security policy
> a bit. If you remove the header from EncryptedParts does it still fail? If
> you remove the Derived Keys does it still fail etc? That might help to
> narrow down the problem.
>
> Colm.
>
> On Tue, Nov 8, 2016 at 10:32 AM, Martin Fernau <ma...@fernausoft.de>
> wrote:
>
>> As I'm still stuck in this I'm going to post WSDL and examples in hope
>> someone can point me to the right direction.
>> The problematic method is "InsertCustomer". Other methods work! I guess
>> its related to the additional header for the InserCustomer method which I
>> add as follows:
>>
>> -----cut
>> SOAPFactory sf = SOAPFactory.newInstance();
>> SOAPElement s_ffeHeader = sf.createElement(new QName("http://tempuri.org/
>> ","FfeHeader"));
>> SOAPElement s_ffeDealerCode = sf.createElement(new QName("
>> http://schemas.datacontract.org/2004/07/DMSInterface.Model",
>> "ffeDealerCode"));
>> s_ffeDealerCode.addTextNode("dealerCode");
>> s_ffeHeader.addChildElement(s_ffeDealerCode);
>> SoapHeader tokenHeader = new SoapHeader(new QName("http://tempuri.org/","FfeHeader"),
>> s_ffeHeader);
>> headersList.add(tokenHeader);
>> client.getRequestContext().put(Header.HEADER_LIST, headersList);
>> -----cut
>>
>> I'll post three files after these lines:
>> [1] The original WSDL-File
>> [2] The working request from .NET Client
>> [3] The request from CXF-Client which fails with "An error occurred when
>> verifying security for the message"
>>
>> -----cut [1]-----
>> <wsdl:definitions name="ServiceCustomer" targetNamespace="http://tempur
>> i.org/"
>>      xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:xsd="
>> http://www.w3.org/2001/XMLSchema"
>>      xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-2004
>> 01-wss-wssecurity-utility-1.0.xsd"
>>      xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
>>      xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:tns="
>> http://tempuri.org/"
>>      xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
>>      xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex"
>> xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy"
>>      xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
>> xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract"
>>      xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
>>      xmlns:wsa10="http://www.w3.org/2005/08/addressing"
>>      xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata">
>>      <wsp:Policy wsu:Id="CustomBinding_IServiceCustomer_policy">
>>          <wsp:ExactlyOne>
>>              <wsp:All>
>>                  <sp:SymmetricBinding xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <wsp:Policy>
>>                          <sp:ProtectionToken>
>>                              <wsp:Policy>
>>                                  <sp:X509Token
>> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/
>> securitypolicy/IncludeToken/Never">
>>                                      <wsp:Policy>
>> <sp:RequireDerivedKeys/>
>> <sp:RequireThumbprintReference/>
>>                                          <sp:WssX509V3Token10/>
>>                                      </wsp:Policy>
>>                                  </sp:X509Token>
>>                              </wsp:Policy>
>>                          </sp:ProtectionToken>
>>                          <sp:AlgorithmSuite>
>>                              <wsp:Policy>
>>                                  <sp:Basic128Rsa15/>
>>                              </wsp:Policy>
>>                          </sp:AlgorithmSuite>
>>                          <sp:Layout>
>>                              <wsp:Policy>
>>                                  <sp:Strict/>
>>                              </wsp:Policy>
>>                          </sp:Layout>
>>                          <sp:IncludeTimestamp/>
>>                          <sp:OnlySignEntireHeadersAndBody/>
>>                      </wsp:Policy>
>>                  </sp:SymmetricBinding>
>>                  <sp:EndorsingSupportingTokens
>> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>>                      <wsp:Policy>
>>                          <sp:X509Token
>> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/
>> securitypolicy/IncludeToken/AlwaysToRecipient">
>>                              <wsp:Policy>
>> <sp:RequireThumbprintReference/>
>>                                  <sp:WssX509V3Token10/>
>>                              </wsp:Policy>
>>                          </sp:X509Token>
>>                      </wsp:Policy>
>>                  </sp:EndorsingSupportingTokens>
>>                  <sp:Wss11 xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <wsp:Policy>
>>                          <sp:MustSupportRefThumbprint/>
>>                          <sp:MustSupportRefEncryptedKey/>
>>                          <sp:RequireSignatureConfirmation/>
>>                      </wsp:Policy>
>>                  </sp:Wss11>
>>                  <sp:Trust10 xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <wsp:Policy>
>>                          <sp:MustSupportIssuedTokens/>
>>                          <sp:RequireClientEntropy/>
>>                          <sp:RequireServerEntropy/>
>>                      </wsp:Policy>
>>                  </sp:Trust10>
>>                  <sp:TransportBinding xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <wsp:Policy>
>>                          <sp:TransportToken>
>>                              <wsp:Policy>
>>                                  <sp:HttpsToken
>> RequireClientCertificate="false"/>
>>                              </wsp:Policy>
>>                          </sp:TransportToken>
>>                          <sp:AlgorithmSuite>
>>                              <wsp:Policy>
>>                                  <sp:Basic128/>
>>                              </wsp:Policy>
>>                          </sp:AlgorithmSuite>
>>                          <sp:Layout>
>>                              <wsp:Policy>
>>                                  <sp:Strict/>
>>                              </wsp:Policy>
>>                          </sp:Layout>
>>                          <sp:IncludeTimestamp/>
>>                      </wsp:Policy>
>>                  </sp:TransportBinding>
>>                  <wsaw:UsingAddressing/>
>>              </wsp:All>
>>          </wsp:ExactlyOne>
>>      </wsp:Policy>
>>      <wsp:Policy wsu:Id="CustomBinding_IService
>> Customer_InsertCustomer_Input_policy">
>>          <wsp:ExactlyOne>
>>              <wsp:All>
>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                      <sp:Header Name="FfeHeader" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="To" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="From" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="FaultTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="ReplyTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="MessageID" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="RelatesTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="Action" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                  </sp:SignedParts>
>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                      <sp:Header Name="FfeHeader" Namespace="
>> http://tempuri.org/"/>
>>                  </sp:EncryptedParts>
>>              </wsp:All>
>>          </wsp:ExactlyOne>
>>      </wsp:Policy>
>>      <wsp:Policy wsu:Id="CustomBinding_IServiceCustomer_InsertCustomer_
>> output_policy">
>>          <wsp:ExactlyOne>
>>              <wsp:All>
>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                      <sp:Header Name="To" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="From" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="FaultTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="ReplyTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="MessageID" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="RelatesTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="Action" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                  </sp:SignedParts>
>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                  </sp:EncryptedParts>
>>              </wsp:All>
>>          </wsp:ExactlyOne>
>>      </wsp:Policy>
>>      <wsp:Policy wsu:Id="CustomBinding_IService
>> Customer_InsertCustomer_ValidationErrorFault_Fault">
>>          <wsp:ExactlyOne>
>>              <wsp:All>
>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                      <sp:Header Name="To" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="From" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="FaultTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="ReplyTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="MessageID" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="RelatesTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="Action" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                  </sp:SignedParts>
>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                  </sp:EncryptedParts>
>>              </wsp:All>
>>          </wsp:ExactlyOne>
>>      </wsp:Policy>
>>      <wsp:Policy wsu:Id="CustomBinding_IService
>> Customer_GetOffersByCustomerID_Input_policy">
>>          <wsp:ExactlyOne>
>>              <wsp:All>
>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                      <sp:Header Name="To" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="From" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="FaultTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="ReplyTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="MessageID" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="RelatesTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="Action" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                  </sp:SignedParts>
>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                  </sp:EncryptedParts>
>>              </wsp:All>
>>          </wsp:ExactlyOne>
>>      </wsp:Policy>
>>      <wsp:Policy wsu:Id="CustomBinding_IService
>> Customer_GetOffersByCustomerID_output_policy">
>>          <wsp:ExactlyOne>
>>              <wsp:All>
>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                      <sp:Header Name="To" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="From" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="FaultTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="ReplyTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="MessageID" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="RelatesTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="Action" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                  </sp:SignedParts>
>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                  </sp:EncryptedParts>
>>              </wsp:All>
>>          </wsp:ExactlyOne>
>>      </wsp:Policy>
>>      <wsp:Policy wsu:Id="CustomBinding_IServiceCustomer_GetOfferByOfferID_
>> Input_policy">
>>          <wsp:ExactlyOne>
>>              <wsp:All>
>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                      <sp:Header Name="To" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="From" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="FaultTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="ReplyTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="MessageID" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="RelatesTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="Action" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                  </sp:SignedParts>
>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                  </sp:EncryptedParts>
>>              </wsp:All>
>>          </wsp:ExactlyOne>
>>      </wsp:Policy>
>>      <wsp:Policy wsu:Id="CustomBinding_IServiceCustomer_GetOfferByOfferID_
>> output_policy">
>>          <wsp:ExactlyOne>
>>              <wsp:All>
>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                      <sp:Header Name="dealerCountryCodeField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="dealerLangCodeField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="ffeDealerCodeField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="fromSystemField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="fromURIField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="msgIdField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="replyToURIField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="salesPersonCodeField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="timeStampField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="userField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="To" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="From" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="FaultTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="ReplyTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="MessageID" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="RelatesTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="Action" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                  </sp:SignedParts>
>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                      <sp:Header Name="dealerCountryCodeField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="dealerLangCodeField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="ffeDealerCodeField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="fromSystemField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="fromURIField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="msgIdField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="replyToURIField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="salesPersonCodeField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="timeStampField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="userField" Namespace="
>> http://tempuri.org/"/>
>>                  </sp:EncryptedParts>
>>              </wsp:All>
>>          </wsp:ExactlyOne>
>>      </wsp:Policy>
>>      <wsp:Policy wsu:Id="CustomBinding_IService
>> Customer_GetContractsByCustomerID_Input_policy">
>>          <wsp:ExactlyOne>
>>              <wsp:All>
>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                      <sp:Header Name="To" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="From" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="FaultTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="ReplyTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="MessageID" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="RelatesTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="Action" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                  </sp:SignedParts>
>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                  </sp:EncryptedParts>
>>              </wsp:All>
>>          </wsp:ExactlyOne>
>>      </wsp:Policy>
>>      <wsp:Policy wsu:Id="CustomBinding_IService
>> Customer_GetContractsByCustomerID_output_policy">
>>          <wsp:ExactlyOne>
>>              <wsp:All>
>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                      <sp:Header Name="To" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="From" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="FaultTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="ReplyTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="MessageID" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="RelatesTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="Action" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                  </sp:SignedParts>
>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                  </sp:EncryptedParts>
>>              </wsp:All>
>>          </wsp:ExactlyOne>
>>      </wsp:Policy>
>>      <wsp:Policy wsu:Id="CustomBinding_IService
>> Customer_GetContractByContractID_Input_policy">
>>          <wsp:ExactlyOne>
>>              <wsp:All>
>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                      <sp:Header Name="To" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="From" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="FaultTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="ReplyTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="MessageID" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="RelatesTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="Action" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                  </sp:SignedParts>
>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                  </sp:EncryptedParts>
>>              </wsp:All>
>>          </wsp:ExactlyOne>
>>      </wsp:Policy>
>>      <wsp:Policy wsu:Id="CustomBinding_IService
>> Customer_GetContractByContractID_output_policy">
>>          <wsp:ExactlyOne>
>>              <wsp:All>
>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                      <sp:Header Name="dealerCountryCodeField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="dealerLangCodeField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="ffeDealerCodeField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="fromSystemField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="fromURIField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="msgIdField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="replyToURIField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="salesPersonCodeField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="timeStampField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="userField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="To" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="From" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="FaultTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="ReplyTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="MessageID" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="RelatesTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="Action" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                  </sp:SignedParts>
>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                      <sp:Header Name="dealerCountryCodeField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="dealerLangCodeField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="ffeDealerCodeField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="fromSystemField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="fromURIField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="msgIdField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="replyToURIField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="salesPersonCodeField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="timeStampField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="userField" Namespace="
>> http://tempuri.org/"/>
>>                  </sp:EncryptedParts>
>>              </wsp:All>
>>          </wsp:ExactlyOne>
>>      </wsp:Policy>
>>      <wsp:Policy wsu:Id="CustomBinding_IService
>> Customer_GetStockcarByOrderRef_Input_policy">
>>          <wsp:ExactlyOne>
>>              <wsp:All>
>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                      <sp:Header Name="To" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="From" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="FaultTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="ReplyTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="MessageID" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="RelatesTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="Action" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                  </sp:SignedParts>
>>                  <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                  </sp:EncryptedParts>
>>              </wsp:All>
>>          </wsp:ExactlyOne>
>>      </wsp:Policy>
>>      <wsp:Policy wsu:Id="CustomBinding_IService
>> Customer_GetStockcarByOrderRef_output_policy">
>>          <wsp:ExactlyOne>
>>              <wsp:All>
>>                  <sp:SignedParts xmlns:sp="http://schemas.xmlso
>> ap.org/ws/2005/07/securitypolicy">
>>                      <sp:Body/>
>>                      <sp:Header Name="dealerCountryCodeField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="dealerLangCodeField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="ffeDealerCodeField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="fromSystemField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="fromURIField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="msgIdField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="replyToURIField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="salesPersonCodeField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="timeStampField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="userField" Namespace="
>> http://tempuri.org/"/>
>>                      <sp:Header Name="To" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="From" Namespace="http://www.w3.org/2
>> 005/08/addressing"/>
>>                      <sp:Header Name="FaultTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="ReplyTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="MessageID" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="RelatesTo" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>>                      <sp:Header Name="Action" Namespace="
>> http://www.w3.org/2005/08/addressing"/>
>
>
>

-- 
FERNAUSOFT GmbH
Gartenstra�e 42 - 37269 Eschwege

Telefon (0 56 51) 95 99-0
Telefax (0 56 51) 95 99-90

eMail martin.fernau@fernausoft.de
Internet http://www.fernausoft.de

Handelsregister Eschwege, HRB 1585
Gesch�ftsf�hrer: Axel Fernau, Ulrich Fernau, Martin Fernau
Steuernummer 025 233 00041
USt-ID-Nr. DE 178 554 622

Re: ws-policy/ws-security: Remote-Service reports "An error occurred when verifying security for the message"

Posted by Colm O hEigeartaigh <co...@apache.org>.

Hi Martin,

The .NET + CXF messages look structurally the same, so there's no obvious
hint there. I'd suggest two things:

a) Try to create a CXF-based test-case using your WSDL (it should be easy
enough to adapt one of the existing ws-security system tests). See if the
client request works to the service, or whether the service can reproduce
the .NET error when validating the request.

b) If you have access to the .NET service, try tweaking the security policy
a bit. If you remove the header from EncryptedParts does it still fail? If
you remove the Derived Keys does it still fail etc? That might help to
narrow down the problem.

Colm.

On Tue, Nov 8, 2016 at 10:32 AM, Martin Fernau <ma...@fernausoft.de>
wrote:

> As I'm still stuck in this I'm going to post WSDL and examples in hope
> someone can point me to the right direction.
> The problematic method is "InsertCustomer". Other methods work! I guess
> its related to the additional header for the InserCustomer method which I
> add as follows:
>
> -----cut
> SOAPFactory sf = SOAPFactory.newInstance();
> SOAPElement s_ffeHeader = sf.createElement(new QName("http://tempuri.org/
> ","FfeHeader"));
> SOAPElement s_ffeDealerCode = sf.createElement(new QName("
> http://schemas.datacontract.org/2004/07/DMSInterface.Model",
> "ffeDealerCode"));
> s_ffeDealerCode.addTextNode("dealerCode");
> s_ffeHeader.addChildElement(s_ffeDealerCode);
> SoapHeader tokenHeader = new SoapHeader(new QName("http://tempuri.org/","FfeHeader"),
> s_ffeHeader);
> headersList.add(tokenHeader);
> client.getRequestContext().put(Header.HEADER_LIST, headersList);
> -----cut
>
> I'll post three files after these lines:
> [1] The original WSDL-File
> [2] The working request from .NET Client
> [3] The request from CXF-Client which fails with "An error occurred when
> verifying security for the message"
>
> -----cut [1]-----
> <wsdl:definitions name="ServiceCustomer" targetNamespace="http://tempur
> i.org/"
>     xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" xmlns:xsd="
> http://www.w3.org/2001/XMLSchema"
>     xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-2004
> 01-wss-wssecurity-utility-1.0.xsd"
>     xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
>     xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" xmlns:tns="
> http://tempuri.org/"
>     xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
>     xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex"
> xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy"
>     xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
> xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract"
>     xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
>     xmlns:wsa10="http://www.w3.org/2005/08/addressing"
>     xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata">
>     <wsp:Policy wsu:Id="CustomBinding_IServiceCustomer_policy">
>         <wsp:ExactlyOne>
>             <wsp:All>
>                 <sp:SymmetricBinding xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <wsp:Policy>
>                         <sp:ProtectionToken>
>                             <wsp:Policy>
>                                 <sp:X509Token
> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/
> securitypolicy/IncludeToken/Never">
>                                     <wsp:Policy>
> <sp:RequireDerivedKeys/>
> <sp:RequireThumbprintReference/>
>                                         <sp:WssX509V3Token10/>
>                                     </wsp:Policy>
>                                 </sp:X509Token>
>                             </wsp:Policy>
>                         </sp:ProtectionToken>
>                         <sp:AlgorithmSuite>
>                             <wsp:Policy>
>                                 <sp:Basic128Rsa15/>
>                             </wsp:Policy>
>                         </sp:AlgorithmSuite>
>                         <sp:Layout>
>                             <wsp:Policy>
>                                 <sp:Strict/>
>                             </wsp:Policy>
>                         </sp:Layout>
>                         <sp:IncludeTimestamp/>
>                         <sp:OnlySignEntireHeadersAndBody/>
>                     </wsp:Policy>
>                 </sp:SymmetricBinding>
>                 <sp:EndorsingSupportingTokens
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
>                     <wsp:Policy>
>                         <sp:X509Token
> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/
> securitypolicy/IncludeToken/AlwaysToRecipient">
>                             <wsp:Policy>
> <sp:RequireThumbprintReference/>
>                                 <sp:WssX509V3Token10/>
>                             </wsp:Policy>
>                         </sp:X509Token>
>                     </wsp:Policy>
>                 </sp:EndorsingSupportingTokens>
>                 <sp:Wss11 xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <wsp:Policy>
>                         <sp:MustSupportRefThumbprint/>
>                         <sp:MustSupportRefEncryptedKey/>
>                         <sp:RequireSignatureConfirmation/>
>                     </wsp:Policy>
>                 </sp:Wss11>
>                 <sp:Trust10 xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <wsp:Policy>
>                         <sp:MustSupportIssuedTokens/>
>                         <sp:RequireClientEntropy/>
>                         <sp:RequireServerEntropy/>
>                     </wsp:Policy>
>                 </sp:Trust10>
>                 <sp:TransportBinding xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <wsp:Policy>
>                         <sp:TransportToken>
>                             <wsp:Policy>
>                                 <sp:HttpsToken
> RequireClientCertificate="false"/>
>                             </wsp:Policy>
>                         </sp:TransportToken>
>                         <sp:AlgorithmSuite>
>                             <wsp:Policy>
>                                 <sp:Basic128/>
>                             </wsp:Policy>
>                         </sp:AlgorithmSuite>
>                         <sp:Layout>
>                             <wsp:Policy>
>                                 <sp:Strict/>
>                             </wsp:Policy>
>                         </sp:Layout>
>                         <sp:IncludeTimestamp/>
>                     </wsp:Policy>
>                 </sp:TransportBinding>
>                 <wsaw:UsingAddressing/>
>             </wsp:All>
>         </wsp:ExactlyOne>
>     </wsp:Policy>
>     <wsp:Policy wsu:Id="CustomBinding_IService
> Customer_InsertCustomer_Input_policy">
>         <wsp:ExactlyOne>
>             <wsp:All>
>                 <sp:SignedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                     <sp:Header Name="FfeHeader" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="To" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="From" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="FaultTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="ReplyTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="MessageID" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="RelatesTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="Action" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                 </sp:SignedParts>
>                 <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                     <sp:Header Name="FfeHeader" Namespace="
> http://tempuri.org/"/>
>                 </sp:EncryptedParts>
>             </wsp:All>
>         </wsp:ExactlyOne>
>     </wsp:Policy>
>     <wsp:Policy wsu:Id="CustomBinding_IServiceCustomer_InsertCustomer_
> output_policy">
>         <wsp:ExactlyOne>
>             <wsp:All>
>                 <sp:SignedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                     <sp:Header Name="To" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="From" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="FaultTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="ReplyTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="MessageID" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="RelatesTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="Action" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                 </sp:SignedParts>
>                 <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                 </sp:EncryptedParts>
>             </wsp:All>
>         </wsp:ExactlyOne>
>     </wsp:Policy>
>     <wsp:Policy wsu:Id="CustomBinding_IService
> Customer_InsertCustomer_ValidationErrorFault_Fault">
>         <wsp:ExactlyOne>
>             <wsp:All>
>                 <sp:SignedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                     <sp:Header Name="To" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="From" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="FaultTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="ReplyTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="MessageID" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="RelatesTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="Action" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                 </sp:SignedParts>
>                 <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                 </sp:EncryptedParts>
>             </wsp:All>
>         </wsp:ExactlyOne>
>     </wsp:Policy>
>     <wsp:Policy wsu:Id="CustomBinding_IService
> Customer_GetOffersByCustomerID_Input_policy">
>         <wsp:ExactlyOne>
>             <wsp:All>
>                 <sp:SignedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                     <sp:Header Name="To" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="From" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="FaultTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="ReplyTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="MessageID" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="RelatesTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="Action" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                 </sp:SignedParts>
>                 <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                 </sp:EncryptedParts>
>             </wsp:All>
>         </wsp:ExactlyOne>
>     </wsp:Policy>
>     <wsp:Policy wsu:Id="CustomBinding_IService
> Customer_GetOffersByCustomerID_output_policy">
>         <wsp:ExactlyOne>
>             <wsp:All>
>                 <sp:SignedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                     <sp:Header Name="To" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="From" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="FaultTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="ReplyTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="MessageID" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="RelatesTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="Action" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                 </sp:SignedParts>
>                 <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                 </sp:EncryptedParts>
>             </wsp:All>
>         </wsp:ExactlyOne>
>     </wsp:Policy>
>     <wsp:Policy wsu:Id="CustomBinding_IServiceCustomer_GetOfferByOfferID_
> Input_policy">
>         <wsp:ExactlyOne>
>             <wsp:All>
>                 <sp:SignedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                     <sp:Header Name="To" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="From" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="FaultTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="ReplyTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="MessageID" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="RelatesTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="Action" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                 </sp:SignedParts>
>                 <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                 </sp:EncryptedParts>
>             </wsp:All>
>         </wsp:ExactlyOne>
>     </wsp:Policy>
>     <wsp:Policy wsu:Id="CustomBinding_IServiceCustomer_GetOfferByOfferID_
> output_policy">
>         <wsp:ExactlyOne>
>             <wsp:All>
>                 <sp:SignedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                     <sp:Header Name="dealerCountryCodeField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="dealerLangCodeField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="ffeDealerCodeField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="fromSystemField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="fromURIField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="msgIdField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="replyToURIField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="salesPersonCodeField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="timeStampField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="userField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="To" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="From" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="FaultTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="ReplyTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="MessageID" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="RelatesTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="Action" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                 </sp:SignedParts>
>                 <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                     <sp:Header Name="dealerCountryCodeField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="dealerLangCodeField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="ffeDealerCodeField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="fromSystemField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="fromURIField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="msgIdField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="replyToURIField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="salesPersonCodeField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="timeStampField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="userField" Namespace="
> http://tempuri.org/"/>
>                 </sp:EncryptedParts>
>             </wsp:All>
>         </wsp:ExactlyOne>
>     </wsp:Policy>
>     <wsp:Policy wsu:Id="CustomBinding_IService
> Customer_GetContractsByCustomerID_Input_policy">
>         <wsp:ExactlyOne>
>             <wsp:All>
>                 <sp:SignedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                     <sp:Header Name="To" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="From" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="FaultTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="ReplyTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="MessageID" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="RelatesTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="Action" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                 </sp:SignedParts>
>                 <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                 </sp:EncryptedParts>
>             </wsp:All>
>         </wsp:ExactlyOne>
>     </wsp:Policy>
>     <wsp:Policy wsu:Id="CustomBinding_IService
> Customer_GetContractsByCustomerID_output_policy">
>         <wsp:ExactlyOne>
>             <wsp:All>
>                 <sp:SignedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                     <sp:Header Name="To" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="From" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="FaultTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="ReplyTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="MessageID" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="RelatesTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="Action" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                 </sp:SignedParts>
>                 <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                 </sp:EncryptedParts>
>             </wsp:All>
>         </wsp:ExactlyOne>
>     </wsp:Policy>
>     <wsp:Policy wsu:Id="CustomBinding_IService
> Customer_GetContractByContractID_Input_policy">
>         <wsp:ExactlyOne>
>             <wsp:All>
>                 <sp:SignedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                     <sp:Header Name="To" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="From" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="FaultTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="ReplyTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="MessageID" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="RelatesTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="Action" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                 </sp:SignedParts>
>                 <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                 </sp:EncryptedParts>
>             </wsp:All>
>         </wsp:ExactlyOne>
>     </wsp:Policy>
>     <wsp:Policy wsu:Id="CustomBinding_IService
> Customer_GetContractByContractID_output_policy">
>         <wsp:ExactlyOne>
>             <wsp:All>
>                 <sp:SignedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                     <sp:Header Name="dealerCountryCodeField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="dealerLangCodeField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="ffeDealerCodeField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="fromSystemField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="fromURIField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="msgIdField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="replyToURIField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="salesPersonCodeField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="timeStampField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="userField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="To" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="From" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="FaultTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="ReplyTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="MessageID" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="RelatesTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="Action" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                 </sp:SignedParts>
>                 <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                     <sp:Header Name="dealerCountryCodeField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="dealerLangCodeField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="ffeDealerCodeField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="fromSystemField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="fromURIField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="msgIdField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="replyToURIField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="salesPersonCodeField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="timeStampField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="userField" Namespace="
> http://tempuri.org/"/>
>                 </sp:EncryptedParts>
>             </wsp:All>
>         </wsp:ExactlyOne>
>     </wsp:Policy>
>     <wsp:Policy wsu:Id="CustomBinding_IService
> Customer_GetStockcarByOrderRef_Input_policy">
>         <wsp:ExactlyOne>
>             <wsp:All>
>                 <sp:SignedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                     <sp:Header Name="To" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="From" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="FaultTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="ReplyTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="MessageID" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="RelatesTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="Action" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                 </sp:SignedParts>
>                 <sp:EncryptedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                 </sp:EncryptedParts>
>             </wsp:All>
>         </wsp:ExactlyOne>
>     </wsp:Policy>
>     <wsp:Policy wsu:Id="CustomBinding_IService
> Customer_GetStockcarByOrderRef_output_policy">
>         <wsp:ExactlyOne>
>             <wsp:All>
>                 <sp:SignedParts xmlns:sp="http://schemas.xmlso
> ap.org/ws/2005/07/securitypolicy">
>                     <sp:Body/>
>                     <sp:Header Name="dealerCountryCodeField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="dealerLangCodeField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="ffeDealerCodeField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="fromSystemField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="fromURIField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="msgIdField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="replyToURIField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="salesPersonCodeField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="timeStampField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="userField" Namespace="
> http://tempuri.org/"/>
>                     <sp:Header Name="To" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="From" Namespace="http://www.w3.org/2
> 005/08/addressing"/>
>                     <sp:Header Name="FaultTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="ReplyTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="MessageID" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="RelatesTo" Namespace="
> http://www.w3.org/2005/08/addressing"/>
>                     <sp:Header Name="Action" Namespace="
> http://www.w3.org/2005/08/addressing"/>




-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Re: ws-policy/ws-security: Remote-Service reports "An error occurred when verifying security for the message"

Posted by Martin Fernau <ma...@fernausoft.de>.

As I'm still stuck in this I'm going to post WSDL and examples in hope 
someone can point me to the right direction.
The problematic method is "InsertCustomer". Other methods work! I guess 
its related to the additional header for the InserCustomer method which 
I add as follows:

-----cut
SOAPFactory sf = SOAPFactory.newInstance();
SOAPElement s_ffeHeader = sf.createElement(new 
QName("http://tempuri.org/","FfeHeader"));
SOAPElement s_ffeDealerCode = sf.createElement(new 
QName("http://schemas.datacontract.org/2004/07/DMSInterface.Model", 
"ffeDealerCode"));
s_ffeDealerCode.addTextNode("dealerCode");
s_ffeHeader.addChildElement(s_ffeDealerCode);
SoapHeader tokenHeader = new SoapHeader(new 
QName("http://tempuri.org/","FfeHeader"), s_ffeHeader);
headersList.add(tokenHeader);
client.getRequestContext().put(Header.HEADER_LIST, headersList);
-----cut

I'll post three files after these lines:
[1] The original WSDL-File
[2] The working request from .NET Client
[3] The request from CXF-Client which fails with "An error occurred when 
verifying security for the message"

-----cut [1]-----
<wsdl:definitions name="ServiceCustomer" 
targetNamespace="http://tempuri.org/"
     xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/" 
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
     xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
     xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
     xmlns:soap12="http://schemas.xmlsoap.org/wsdl/soap12/" 
xmlns:tns="http://tempuri.org/"
     xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
     xmlns:wsx="http://schemas.xmlsoap.org/ws/2004/09/mex"
xmlns:wsap="http://schemas.xmlsoap.org/ws/2004/08/addressing/policy"
     xmlns:wsaw="http://www.w3.org/2006/05/addressing/wsdl"
xmlns:msc="http://schemas.microsoft.com/ws/2005/12/wsdl/contract"
     xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"
     xmlns:wsa10="http://www.w3.org/2005/08/addressing"
     xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata">
     <wsp:Policy wsu:Id="CustomBinding_IServiceCustomer_policy">
         <wsp:ExactlyOne>
             <wsp:All>
                 <sp:SymmetricBinding 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <wsp:Policy>
                         <sp:ProtectionToken>
                             <wsp:Policy>
                                 <sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
                                     <wsp:Policy>
<sp:RequireDerivedKeys/>
<sp:RequireThumbprintReference/>
                                         <sp:WssX509V3Token10/>
                                     </wsp:Policy>
                                 </sp:X509Token>
                             </wsp:Policy>
                         </sp:ProtectionToken>
                         <sp:AlgorithmSuite>
                             <wsp:Policy>
                                 <sp:Basic128Rsa15/>
                             </wsp:Policy>
                         </sp:AlgorithmSuite>
                         <sp:Layout>
                             <wsp:Policy>
                                 <sp:Strict/>
                             </wsp:Policy>
                         </sp:Layout>
                         <sp:IncludeTimestamp/>
                         <sp:OnlySignEntireHeadersAndBody/>
                     </wsp:Policy>
                 </sp:SymmetricBinding>
                 <sp:EndorsingSupportingTokens
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <wsp:Policy>
                         <sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
                             <wsp:Policy>
<sp:RequireThumbprintReference/>
                                 <sp:WssX509V3Token10/>
                             </wsp:Policy>
                         </sp:X509Token>
                     </wsp:Policy>
                 </sp:EndorsingSupportingTokens>
                 <sp:Wss11 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <wsp:Policy>
                         <sp:MustSupportRefThumbprint/>
                         <sp:MustSupportRefEncryptedKey/>
                         <sp:RequireSignatureConfirmation/>
                     </wsp:Policy>
                 </sp:Wss11>
                 <sp:Trust10 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <wsp:Policy>
                         <sp:MustSupportIssuedTokens/>
                         <sp:RequireClientEntropy/>
                         <sp:RequireServerEntropy/>
                     </wsp:Policy>
                 </sp:Trust10>
                 <sp:TransportBinding 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <wsp:Policy>
                         <sp:TransportToken>
                             <wsp:Policy>
                                 <sp:HttpsToken 
RequireClientCertificate="false"/>
                             </wsp:Policy>
                         </sp:TransportToken>
                         <sp:AlgorithmSuite>
                             <wsp:Policy>
                                 <sp:Basic128/>
                             </wsp:Policy>
                         </sp:AlgorithmSuite>
                         <sp:Layout>
                             <wsp:Policy>
                                 <sp:Strict/>
                             </wsp:Policy>
                         </sp:Layout>
                         <sp:IncludeTimestamp/>
                     </wsp:Policy>
                 </sp:TransportBinding>
                 <wsaw:UsingAddressing/>
             </wsp:All>
         </wsp:ExactlyOne>
     </wsp:Policy>
     <wsp:Policy 
wsu:Id="CustomBinding_IServiceCustomer_InsertCustomer_Input_policy">
         <wsp:ExactlyOne>
             <wsp:All>
                 <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                     <sp:Header Name="FfeHeader" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="To" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="From" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="FaultTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="ReplyTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="MessageID" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="RelatesTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="Action" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                 </sp:SignedParts>
                 <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                     <sp:Header Name="FfeHeader" 
Namespace="http://tempuri.org/"/>
                 </sp:EncryptedParts>
             </wsp:All>
         </wsp:ExactlyOne>
     </wsp:Policy>
     <wsp:Policy 
wsu:Id="CustomBinding_IServiceCustomer_InsertCustomer_output_policy">
         <wsp:ExactlyOne>
             <wsp:All>
                 <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                     <sp:Header Name="To" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="From" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="FaultTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="ReplyTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="MessageID" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="RelatesTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="Action" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                 </sp:SignedParts>
                 <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                 </sp:EncryptedParts>
             </wsp:All>
         </wsp:ExactlyOne>
     </wsp:Policy>
     <wsp:Policy 
wsu:Id="CustomBinding_IServiceCustomer_InsertCustomer_ValidationErrorFault_Fault">
         <wsp:ExactlyOne>
             <wsp:All>
                 <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                     <sp:Header Name="To" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="From" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="FaultTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="ReplyTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="MessageID" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="RelatesTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="Action" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                 </sp:SignedParts>
                 <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                 </sp:EncryptedParts>
             </wsp:All>
         </wsp:ExactlyOne>
     </wsp:Policy>
     <wsp:Policy 
wsu:Id="CustomBinding_IServiceCustomer_GetOffersByCustomerID_Input_policy">
         <wsp:ExactlyOne>
             <wsp:All>
                 <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                     <sp:Header Name="To" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="From" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="FaultTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="ReplyTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="MessageID" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="RelatesTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="Action" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                 </sp:SignedParts>
                 <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                 </sp:EncryptedParts>
             </wsp:All>
         </wsp:ExactlyOne>
     </wsp:Policy>
     <wsp:Policy 
wsu:Id="CustomBinding_IServiceCustomer_GetOffersByCustomerID_output_policy">
         <wsp:ExactlyOne>
             <wsp:All>
                 <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                     <sp:Header Name="To" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="From" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="FaultTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="ReplyTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="MessageID" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="RelatesTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="Action" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                 </sp:SignedParts>
                 <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                 </sp:EncryptedParts>
             </wsp:All>
         </wsp:ExactlyOne>
     </wsp:Policy>
     <wsp:Policy 
wsu:Id="CustomBinding_IServiceCustomer_GetOfferByOfferID_Input_policy">
         <wsp:ExactlyOne>
             <wsp:All>
                 <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                     <sp:Header Name="To" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="From" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="FaultTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="ReplyTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="MessageID" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="RelatesTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="Action" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                 </sp:SignedParts>
                 <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                 </sp:EncryptedParts>
             </wsp:All>
         </wsp:ExactlyOne>
     </wsp:Policy>
     <wsp:Policy 
wsu:Id="CustomBinding_IServiceCustomer_GetOfferByOfferID_output_policy">
         <wsp:ExactlyOne>
             <wsp:All>
                 <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                     <sp:Header Name="dealerCountryCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="dealerLangCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="ffeDealerCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="fromSystemField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="fromURIField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="msgIdField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="replyToURIField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="salesPersonCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="timeStampField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="userField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="To" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="From" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="FaultTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="ReplyTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="MessageID" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="RelatesTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="Action" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                 </sp:SignedParts>
                 <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                     <sp:Header Name="dealerCountryCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="dealerLangCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="ffeDealerCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="fromSystemField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="fromURIField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="msgIdField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="replyToURIField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="salesPersonCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="timeStampField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="userField" 
Namespace="http://tempuri.org/"/>
                 </sp:EncryptedParts>
             </wsp:All>
         </wsp:ExactlyOne>
     </wsp:Policy>
     <wsp:Policy 
wsu:Id="CustomBinding_IServiceCustomer_GetContractsByCustomerID_Input_policy">
         <wsp:ExactlyOne>
             <wsp:All>
                 <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                     <sp:Header Name="To" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="From" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="FaultTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="ReplyTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="MessageID" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="RelatesTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="Action" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                 </sp:SignedParts>
                 <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                 </sp:EncryptedParts>
             </wsp:All>
         </wsp:ExactlyOne>
     </wsp:Policy>
     <wsp:Policy 
wsu:Id="CustomBinding_IServiceCustomer_GetContractsByCustomerID_output_policy">
         <wsp:ExactlyOne>
             <wsp:All>
                 <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                     <sp:Header Name="To" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="From" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="FaultTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="ReplyTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="MessageID" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="RelatesTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="Action" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                 </sp:SignedParts>
                 <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                 </sp:EncryptedParts>
             </wsp:All>
         </wsp:ExactlyOne>
     </wsp:Policy>
     <wsp:Policy 
wsu:Id="CustomBinding_IServiceCustomer_GetContractByContractID_Input_policy">
         <wsp:ExactlyOne>
             <wsp:All>
                 <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                     <sp:Header Name="To" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="From" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="FaultTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="ReplyTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="MessageID" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="RelatesTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="Action" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                 </sp:SignedParts>
                 <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                 </sp:EncryptedParts>
             </wsp:All>
         </wsp:ExactlyOne>
     </wsp:Policy>
     <wsp:Policy 
wsu:Id="CustomBinding_IServiceCustomer_GetContractByContractID_output_policy">
         <wsp:ExactlyOne>
             <wsp:All>
                 <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                     <sp:Header Name="dealerCountryCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="dealerLangCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="ffeDealerCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="fromSystemField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="fromURIField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="msgIdField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="replyToURIField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="salesPersonCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="timeStampField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="userField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="To" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="From" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="FaultTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="ReplyTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="MessageID" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="RelatesTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="Action" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                 </sp:SignedParts>
                 <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                     <sp:Header Name="dealerCountryCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="dealerLangCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="ffeDealerCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="fromSystemField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="fromURIField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="msgIdField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="replyToURIField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="salesPersonCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="timeStampField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="userField" 
Namespace="http://tempuri.org/"/>
                 </sp:EncryptedParts>
             </wsp:All>
         </wsp:ExactlyOne>
     </wsp:Policy>
     <wsp:Policy 
wsu:Id="CustomBinding_IServiceCustomer_GetStockcarByOrderRef_Input_policy">
         <wsp:ExactlyOne>
             <wsp:All>
                 <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                     <sp:Header Name="To" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="From" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="FaultTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="ReplyTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="MessageID" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="RelatesTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="Action" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                 </sp:SignedParts>
                 <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                 </sp:EncryptedParts>
             </wsp:All>
         </wsp:ExactlyOne>
     </wsp:Policy>
     <wsp:Policy 
wsu:Id="CustomBinding_IServiceCustomer_GetStockcarByOrderRef_output_policy">
         <wsp:ExactlyOne>
             <wsp:All>
                 <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                     <sp:Header Name="dealerCountryCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="dealerLangCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="ffeDealerCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="fromSystemField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="fromURIField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="msgIdField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="replyToURIField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="salesPersonCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="timeStampField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="userField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="To" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="From" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="FaultTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="ReplyTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="MessageID" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="RelatesTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="Action" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                 </sp:SignedParts>
                 <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                     <sp:Header Name="dealerCountryCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="dealerLangCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="ffeDealerCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="fromSystemField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="fromURIField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="msgIdField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="replyToURIField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="salesPersonCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="timeStampField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="userField" 
Namespace="http://tempuri.org/"/>
                 </sp:EncryptedParts>
             </wsp:All>
         </wsp:ExactlyOne>
     </wsp:Policy>
     <wsp:Policy 
wsu:Id="CustomBinding_IServiceCustomer_OfferSold_Input_policy">
         <wsp:ExactlyOne>
             <wsp:All>
                 <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                     <sp:Header Name="To" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="From" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="FaultTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="ReplyTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="MessageID" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="RelatesTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="Action" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                 </sp:SignedParts>
                 <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                 </sp:EncryptedParts>
             </wsp:All>
         </wsp:ExactlyOne>
     </wsp:Policy>
     <wsp:Policy 
wsu:Id="CustomBinding_IServiceCustomer_OfferSold_output_policy">
         <wsp:ExactlyOne>
             <wsp:All>
                 <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                     <sp:Header Name="To" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="From" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="FaultTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="ReplyTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="MessageID" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="RelatesTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="Action" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                 </sp:SignedParts>
                 <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                 </sp:EncryptedParts>
             </wsp:All>
         </wsp:ExactlyOne>
     </wsp:Policy>
     <wsp:Policy 
wsu:Id="CustomBinding_IServiceCustomer_CreateStockcarOffer_Input_policy">
         <wsp:ExactlyOne>
             <wsp:All>
                 <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                     <sp:Header Name="To" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="From" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="FaultTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="ReplyTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="MessageID" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="RelatesTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="Action" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                 </sp:SignedParts>
                 <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                 </sp:EncryptedParts>
             </wsp:All>
         </wsp:ExactlyOne>
     </wsp:Policy>
     <wsp:Policy 
wsu:Id="CustomBinding_IServiceCustomer_CreateStockcarOffer_output_policy">
         <wsp:ExactlyOne>
             <wsp:All>
                 <sp:SignedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                     <sp:Header Name="dealerCountryCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="dealerLangCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="ffeDealerCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="fromSystemField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="fromURIField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="msgIdField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="replyToURIField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="salesPersonCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="timeStampField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="userField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="To" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="From" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="FaultTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="ReplyTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="MessageID" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="RelatesTo" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                     <sp:Header Name="Action" 
Namespace="http://www.w3.org/2005/08/addressing"/>
                 </sp:SignedParts>
                 <sp:EncryptedParts 
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                     <sp:Body/>
                     <sp:Header Name="dealerCountryCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="dealerLangCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="ffeDealerCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="fromSystemField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="fromURIField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="msgIdField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="replyToURIField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="salesPersonCodeField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="timeStampField" 
Namespace="http://tempuri.org/"/>
                     <sp:Header Name="userField" 
Namespace="http://tempuri.org/"/>
                 </sp:EncryptedParts>
             </wsp:All>
         </wsp:ExactlyOne>
     </wsp:Policy>
     <wsdl:types>
         <xsd:schema targetNamespace="http://tempuri.org/Imports">
             <xsd:import
schemaLocation="https://www.fhdsales.dealerconnection.com/DMSInterface/V4/ServiceCustomer.svc?xsd=xsd3"
                 namespace="http://tempuri.org/"/>
             <xsd:import
schemaLocation="https://www.fhdsales.dealerconnection.com/DMSInterface/V4/ServiceCustomer.svc?xsd=xsd1"
namespace="http://schemas.datacontract.org/2004/07/DMSInterface"/>
             <xsd:import
schemaLocation="https://www.fhdsales.dealerconnection.com/DMSInterface/V4/ServiceCustomer.svc?xsd=xsd0"
namespace="http://schemas.microsoft.com/2003/10/Serialization/"/>
             <xsd:import
schemaLocation="https://www.fhdsales.dealerconnection.com/DMSInterface/V4/ServiceCustomer.svc?xsd=xsd2"
namespace="http://schemas.datacontract.org/2004/07/DMSInterface.Model"/>
             <xsd:import
schemaLocation="https://www.fhdsales.dealerconnection.com/DMSInterface/V4/ServiceCustomer.svc?xsd=xsd4"
namespace="http://schemas.datacontract.org/2004/07/Configurator.CalculationReferenceDearborn"/>
             <xsd:import
schemaLocation="https://www.fhdsales.dealerconnection.com/DMSInterface/V4/ServiceCustomer.svc?xsd=xsd5"
namespace="http://schemas.datacontract.org/2004/07/Configurator.Common"/>
         </xsd:schema>
     </wsdl:types>
     <wsdl:message name="SOAPEnvelope">
         <wsdl:part name="WorksheetData" element="tns:WorksheetData"/>
     </wsdl:message>
     <wsdl:message name="SOAPEnvelope_Headers">
         <wsdl:part name="FfeHeader" element="tns:FfeHeader"/>
     </wsdl:message>
     <wsdl:message name="Success">
         <wsdl:part name="parameters" element="tns:Success"/>
     </wsdl:message>
     <wsdl:message 
name="IServiceCustomer_InsertCustomer_ValidationErrorFault_FaultMessage">
         <wsdl:part name="detail" element="q1:ValidationError"
xmlns:q1="http://schemas.datacontract.org/2004/07/DMSInterface"/>
     </wsdl:message>
     <wsdl:message 
name="IServiceCustomer_GetOffersByCustomerID_InputMessage">
         <wsdl:part name="parameters" element="tns:GetOffersByCustomerID"/>
     </wsdl:message>
     <wsdl:message 
name="IServiceCustomer_GetOffersByCustomerID_OutputMessage">
         <wsdl:part name="parameters" 
element="tns:GetOffersByCustomerIDResponse"/>
     </wsdl:message>
     <wsdl:message name="Offer">
         <wsdl:part name="parameters" element="tns:Offer"/>
     </wsdl:message>
     <wsdl:message name="Envelope">
         <wsdl:part name="offerField" element="tns:offerField"/>
         <wsdl:part name="customerField" element="tns:customerField"/>
         <wsdl:part name="vehicleField" element="tns:vehicleField"/>
         <wsdl:part name="financePlansField" 
element="tns:financePlansField"/>
         <wsdl:part name="DMSEnhancementField" 
element="tns:DMSEnhancementField"/>
         <wsdl:part name="contractField" element="tns:contractField"/>
     </wsdl:message>
     <wsdl:message name="Envelope_Headers">
         <wsdl:part name="dealerCountryCodeField" 
element="tns:dealerCountryCodeField"/>
         <wsdl:part name="dealerLangCodeField" 
element="tns:dealerLangCodeField"/>
         <wsdl:part name="ffeDealerCodeField" 
element="tns:ffeDealerCodeField"/>
         <wsdl:part name="fromSystemField" element="tns:fromSystemField"/>
         <wsdl:part name="fromURIField" element="tns:fromURIField"/>
         <wsdl:part name="msgIdField" element="tns:msgIdField"/>
         <wsdl:part name="replyToURIField" element="tns:replyToURIField"/>
         <wsdl:part name="salesPersonCodeField" 
element="tns:salesPersonCodeField"/>
         <wsdl:part name="timeStampField" element="tns:timeStampField"/>
         <wsdl:part name="userField" element="tns:userField"/>
     </wsdl:message>
     <wsdl:message 
name="IServiceCustomer_GetContractsByCustomerID_InputMessage">
         <wsdl:part name="parameters" 
element="tns:GetContractsByCustomerID"/>
     </wsdl:message>
     <wsdl:message 
name="IServiceCustomer_GetContractsByCustomerID_OutputMessage">
         <wsdl:part name="parameters" 
element="tns:GetContractsByCustomerIDResponse"/>
     </wsdl:message>
     <wsdl:message name="Contract">
         <wsdl:part name="parameters" element="tns:Contract"/>
     </wsdl:message>
     <wsdl:message name="StockVehicleRequestModel">
         <wsdl:part name="parameters" 
element="tns:StockVehicleRequestModel"/>
     </wsdl:message>
     <wsdl:message name="IServiceCustomer_OfferSold_InputMessage">
         <wsdl:part name="parameters" element="tns:OfferSold"/>
     </wsdl:message>
     <wsdl:message name="IServiceCustomer_OfferSold_OutputMessage">
         <wsdl:part name="parameters" element="tns:OfferSoldResponse"/>
     </wsdl:message>
     <wsdl:portType name="IServiceCustomer">
         <wsdl:operation name="InsertCustomer">
             <wsdl:input 
wsaw:Action="http://tempuri.org/IServiceCustomer/InsertCustomer"
                 name="SOAPEnvelope" message="tns:SOAPEnvelope"/>
             <wsdl:output 
wsaw:Action="http://tempuri.org/IServiceCustomer/InsertCustomerResponse"
                 name="Success" message="tns:Success"/>
             <wsdl:fault
wsaw:Action="http://tempuri.org/IServiceCustomer/InsertCustomerValidationErrorFault"
                 name="ValidationErrorFault"
message="tns:IServiceCustomer_InsertCustomer_ValidationErrorFault_FaultMessage"/>
         </wsdl:operation>
         <wsdl:operation name="GetOffersByCustomerID">
             <wsdl:input 
wsaw:Action="http://tempuri.org/IServiceCustomer/GetOffersByCustomerID"
message="tns:IServiceCustomer_GetOffersByCustomerID_InputMessage"/>
             <wsdl:output
wsaw:Action="http://tempuri.org/IServiceCustomer/GetOffersByCustomerIDResponse"
message="tns:IServiceCustomer_GetOffersByCustomerID_OutputMessage"/>
         </wsdl:operation>
         <wsdl:operation name="GetOfferByOfferID">
             <wsdl:input 
wsaw:Action="http://tempuri.org/IServiceCustomer/GetOfferByOfferID"
                 name="Offer" message="tns:Offer"/>
             <wsdl:output 
wsaw:Action="http://tempuri.org/IServiceCustomer/GetOfferByOfferIDResponse"
                 name="Envelope" message="tns:Envelope"/>
         </wsdl:operation>
         <wsdl:operation name="GetContractsByCustomerID">
             <wsdl:input 
wsaw:Action="http://tempuri.org/IServiceCustomer/GetContractsByCustomerID"
message="tns:IServiceCustomer_GetContractsByCustomerID_InputMessage"/>
             <wsdl:output
wsaw:Action="http://tempuri.org/IServiceCustomer/GetContractsByCustomerIDResponse"
message="tns:IServiceCustomer_GetContractsByCustomerID_OutputMessage"/>
         </wsdl:operation>
         <wsdl:operation name="GetContractByContractID">
             <wsdl:input 
wsaw:Action="http://tempuri.org/IServiceCustomer/GetContractByContractID"
                 name="Contract" message="tns:Contract"/>
             <wsdl:output
wsaw:Action="http://tempuri.org/IServiceCustomer/GetContractByContractIDResponse"
                 name="Envelope" message="tns:Envelope"/>
         </wsdl:operation>
         <wsdl:operation name="GetStockcarByOrderRef">
             <wsdl:input 
wsaw:Action="http://tempuri.org/IServiceCustomer/GetStockcarByOrderRef"
                 name="StockVehicleRequestModel" 
message="tns:StockVehicleRequestModel"/>
             <wsdl:output
wsaw:Action="http://tempuri.org/IServiceCustomer/GetStockcarByOrderRefResponse"
                 name="Envelope" message="tns:Envelope"/>
         </wsdl:operation>
         <wsdl:operation name="OfferSold">
             <wsdl:input 
wsaw:Action="http://tempuri.org/IServiceCustomer/OfferSold"
message="tns:IServiceCustomer_OfferSold_InputMessage"/>
             <wsdl:output 
wsaw:Action="http://tempuri.org/IServiceCustomer/OfferSoldResponse"
message="tns:IServiceCustomer_OfferSold_OutputMessage"/>
         </wsdl:operation>
         <wsdl:operation name="CreateStockcarOffer">
             <wsdl:input 
wsaw:Action="http://tempuri.org/IServiceCustomer/CreateStockcarOffer"
                 name="StockVehicleRequestModel" 
message="tns:StockVehicleRequestModel"/>
             <wsdl:output
wsaw:Action="http://tempuri.org/IServiceCustomer/CreateStockcarOfferResponse"
                 name="Envelope" message="tns:Envelope"/>
         </wsdl:operation>
     </wsdl:portType>
     <wsdl:binding name="CustomBinding_IServiceCustomer" 
type="tns:IServiceCustomer">
         <wsp:PolicyReference URI="#CustomBinding_IServiceCustomer_policy"/>
         <soap:binding transport="http://schemas.xmlsoap.org/soap/http"/>
         <wsdl:operation name="InsertCustomer">
             <soap:operation 
soapAction="http://tempuri.org/IServiceCustomer/InsertCustomer"
                 style="document"/>
             <wsdl:input name="SOAPEnvelope">
                 <wsp:PolicyReference
URI="#CustomBinding_IServiceCustomer_InsertCustomer_Input_policy"/>
                 <soap:header message="tns:SOAPEnvelope_Headers" 
part="FfeHeader" use="literal"/>
                 <soap:body use="literal"/>
             </wsdl:input>
             <wsdl:output name="Success">
                 <wsp:PolicyReference
URI="#CustomBinding_IServiceCustomer_InsertCustomer_output_policy"/>
                 <soap:body use="literal"/>
             </wsdl:output>
             <wsdl:fault name="ValidationErrorFault">
                 <wsp:PolicyReference
URI="#CustomBinding_IServiceCustomer_InsertCustomer_ValidationErrorFault_Fault"/>
                 <soap:fault name="ValidationErrorFault" use="literal"/>
             </wsdl:fault>
         </wsdl:operation>
         <wsdl:operation name="GetOffersByCustomerID">
             <soap:operation 
soapAction="http://tempuri.org/IServiceCustomer/GetOffersByCustomerID"
                 style="document"/>
             <wsdl:input>
                 <wsp:PolicyReference
URI="#CustomBinding_IServiceCustomer_GetOffersByCustomerID_Input_policy"/>
                 <soap:body use="literal"/>
             </wsdl:input>
             <wsdl:output>
                 <wsp:PolicyReference
URI="#CustomBinding_IServiceCustomer_GetOffersByCustomerID_output_policy"/>
                 <soap:body use="literal"/>
             </wsdl:output>
         </wsdl:operation>
         <wsdl:operation name="GetOfferByOfferID">
             <soap:operation 
soapAction="http://tempuri.org/IServiceCustomer/GetOfferByOfferID"
                 style="document"/>
             <wsdl:input name="Offer">
                 <wsp:PolicyReference
URI="#CustomBinding_IServiceCustomer_GetOfferByOfferID_Input_policy"/>
                 <soap:body use="literal"/>
             </wsdl:input>
             <wsdl:output name="Envelope">
                 <wsp:PolicyReference
URI="#CustomBinding_IServiceCustomer_GetOfferByOfferID_output_policy"/>
                 <soap:header message="tns:Envelope_Headers" 
part="dealerCountryCodeField"
                     use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="dealerLangCodeField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="ffeDealerCodeField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="fromSystemField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="fromURIField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="msgIdField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="replyToURIField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="salesPersonCodeField"
                     use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="timeStampField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="userField" use="literal"/>
                 <soap:body use="literal"/>
             </wsdl:output>
         </wsdl:operation>
         <wsdl:operation name="GetContractsByCustomerID">
             <soap:operation
soapAction="http://tempuri.org/IServiceCustomer/GetContractsByCustomerID"
                 style="document"/>
             <wsdl:input>
                 <wsp:PolicyReference
URI="#CustomBinding_IServiceCustomer_GetContractsByCustomerID_Input_policy"/>
                 <soap:body use="literal"/>
             </wsdl:input>
             <wsdl:output>
                 <wsp:PolicyReference
URI="#CustomBinding_IServiceCustomer_GetContractsByCustomerID_output_policy"/>
                 <soap:body use="literal"/>
             </wsdl:output>
         </wsdl:operation>
         <wsdl:operation name="GetContractByContractID">
             <soap:operation 
soapAction="http://tempuri.org/IServiceCustomer/GetContractByContractID"
                 style="document"/>
             <wsdl:input name="Contract">
                 <wsp:PolicyReference
URI="#CustomBinding_IServiceCustomer_GetContractByContractID_Input_policy"/>
                 <soap:body use="literal"/>
             </wsdl:input>
             <wsdl:output name="Envelope">
                 <wsp:PolicyReference
URI="#CustomBinding_IServiceCustomer_GetContractByContractID_output_policy"/>
                 <soap:header message="tns:Envelope_Headers" 
part="dealerCountryCodeField"
                     use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="dealerLangCodeField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="ffeDealerCodeField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="fromSystemField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="fromURIField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="msgIdField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="replyToURIField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="salesPersonCodeField"
                     use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="timeStampField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="userField" use="literal"/>
                 <soap:body use="literal"/>
             </wsdl:output>
         </wsdl:operation>
         <wsdl:operation name="GetStockcarByOrderRef">
             <soap:operation 
soapAction="http://tempuri.org/IServiceCustomer/GetStockcarByOrderRef"
                 style="document"/>
             <wsdl:input name="StockVehicleRequestModel">
                 <wsp:PolicyReference
URI="#CustomBinding_IServiceCustomer_GetStockcarByOrderRef_Input_policy"/>
                 <soap:body use="literal"/>
             </wsdl:input>
             <wsdl:output name="Envelope">
                 <wsp:PolicyReference
URI="#CustomBinding_IServiceCustomer_GetStockcarByOrderRef_output_policy"/>
                 <soap:header message="tns:Envelope_Headers" 
part="dealerCountryCodeField"
                     use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="dealerLangCodeField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="ffeDealerCodeField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="fromSystemField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="fromURIField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="msgIdField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="replyToURIField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="salesPersonCodeField"
                     use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="timeStampField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="userField" use="literal"/>
                 <soap:body use="literal"/>
             </wsdl:output>
         </wsdl:operation>
         <wsdl:operation name="OfferSold">
             <soap:operation 
soapAction="http://tempuri.org/IServiceCustomer/OfferSold"
                 style="document"/>
             <wsdl:input>
                 <wsp:PolicyReference 
URI="#CustomBinding_IServiceCustomer_OfferSold_Input_policy"/>
                 <soap:body use="literal"/>
             </wsdl:input>
             <wsdl:output>
                 <wsp:PolicyReference 
URI="#CustomBinding_IServiceCustomer_OfferSold_output_policy"/>
                 <soap:body use="literal"/>
             </wsdl:output>
         </wsdl:operation>
         <wsdl:operation name="CreateStockcarOffer">
             <soap:operation 
soapAction="http://tempuri.org/IServiceCustomer/CreateStockcarOffer"
                 style="document"/>
             <wsdl:input name="StockVehicleRequestModel">
                 <wsp:PolicyReference
URI="#CustomBinding_IServiceCustomer_CreateStockcarOffer_Input_policy"/>
                 <soap:body use="literal"/>
             </wsdl:input>
             <wsdl:output name="Envelope">
                 <wsp:PolicyReference
URI="#CustomBinding_IServiceCustomer_CreateStockcarOffer_output_policy"/>
                 <soap:header message="tns:Envelope_Headers" 
part="dealerCountryCodeField"
                     use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="dealerLangCodeField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="ffeDealerCodeField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="fromSystemField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="fromURIField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="msgIdField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="replyToURIField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="salesPersonCodeField"
                     use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="timeStampField" use="literal"/>
                 <soap:header message="tns:Envelope_Headers" 
part="userField" use="literal"/>
                 <soap:body use="literal"/>
             </wsdl:output>
         </wsdl:operation>
     </wsdl:binding>
     <wsdl:service name="ServiceCustomer">
         <wsdl:port name="CustomBinding_IServiceCustomer"
             binding="tns:CustomBinding_IServiceCustomer">
             <soap:address
location="https://www.fhdsales.dealerconnection.com/DMSInterface/V4/ServiceCustomer.svc"/>
             <wsa10:EndpointReference>
<wsa10:Address>https://www.fhdsales.dealerconnection.com/DMSInterface/V4/ServiceCustomer.svc</wsa10:Address>
                 <Identity 
xmlns="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity">
                     <Dns>localhost</Dns>
                 </Identity>
             </wsa10:EndpointReference>
         </wsdl:port>
     </wsdl:service>
</wsdl:definitions>
-----cut [1]-----

-----cut [2]-----
<s:Envelope xmlns:s="http://schemas.xmlsoap.org/soap/envelope/"
     xmlns:a="http://www.w3.org/2005/08/addressing"
xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
     <s:Header>
         <a:Action s:mustUnderstand="1" u:Id="_5"
 >http://tempuri.org/IServiceCustomer/InsertCustomer</a:Action>
         <k:EncryptedHeader s:mustUnderstand="1" u:Id="_7"
xmlns:k="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
             <e:EncryptedData xmlns:e="http://www.w3.org/2001/04/xmlenc#">
                 <e:EncryptionMethod 
Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
                 <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
                     <o:SecurityTokenReference
xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
                         <o:Reference 
ValueType="http://schemas.xmlsoap.org/ws/2005/02/sc/dk"
                             URI="#_2"/>
                     </o:SecurityTokenReference>
                 </KeyInfo>
                 <e:CipherData>
<e:CipherValue>a6Yd5XETXeXFabAd64hIvp39WM2acJ0jDf5clnT1SWgxcd/qyKJo5hHBQAjSXT4mZQb9PcyEGK4dIhIzPUZmQy6cdAy5FNhiIkXf7UyLM4xuTHJ2avgKLrejCDJj44CJBj+F50NxDe98wpwEaiJ/voJ4enqazeT/QMNiLlH0V8pxuQzUqJXWywW/Jr1cfDL13I862UAul6VBH8nn94tpft4TvK6JnFW4LSs3VrDoWEdqUxCoHccS4MgGpP1tvWeLjJovUMYrKOzkV9yIzonnzAUuvUrWd+1U8xO7rykxbcngfx7J8Gkixrc3obvkt6CDi4uN+YaIYeD/BeKhZ+utz18+zW4a8wiGNj40kDTN4+JcEGw2lgK7qiFfapo7/xXOdFnvLpybjEQp0ob0jLw79WmeWmfz5p0pd2PZJIZ01EfBeNFoGM7854f2BRZisyNQWG9jvt5DGEbZkAfQDSasp15Y4+ziAd3Hjo6Lt3ChaAPJDIaA1OtMBcDtj+Gm6SU2W3dApzUsEVRge+iv6tMJ7USFAhuaS7kwrAQR73GUQ/hJU8tlCAI8tNoMJTQzrPjjbBJ3kAggSYwwDGhzK9anKSllazwUUPPDNIUycDJfamDW0z6YuWTeuSxkpeSZ/7Guwi2Oajux+15eqzX66dE3oWIhsR7Q4mhSTGSk3PLyf4GXgxVPa15oFk8kUva6lYHa+q51WKgfibvkpEB9XIuHg9ynM/7WUjRsENOJlfwQaE7lu3WSpnrOfAMesAD307KoeWGpzFjnVYIQccymvukX6s/MyIOxlPM1Layj18oK/tSBfjslBvCCWiaAQH8POB68Ux2afMZBN5nzvueJpRKFTsH9J9VcuHMu25CNbFZSEWnvfzlh401o+PlwTQpBA8ol8+Pki7ILc3tupnO5mc5e5JCXSBV/z/1qBEh4FLlTDPK/tI9ubSjgglmdaYl8aaIqvaDW71+H6RTTOn5KIrwwLe/ShAOFGFGLV76FvoVAAcfQijmd2MXrwoeyZAFUiK9/YksOz+UR/RtBY1WQDKtbU7lwIrXEi2PRXZBv37nty/T21TR51YpFdNkuNaUQS/TtLexRFfdpa8xGLzgeESgpSGrXI9ux8ZVmS+/xszvINjlKh6cYb4TLsOeLj9rWFzaTAFHHqTsTfpSZmCu/fkI4HIp9LG5RodYei+BT9YCvnIccSPm3QEuhyapKbjQ5Hf/RpsXT4rIAzxxWZsNluK/d8NYIs7LwkYC9e0MVN9haY49B5SeCU31mE8OBNrony1FGJLl1Zp4ih1hh7VIEqurDqwEZJK25ZMfa39vO83Gm0UrFUeAIaNSjbj7kfjZUbScQrtsF8Q7psacW1QPnIW0/Xita4BhreBCI061vEQI94A+70AUuiYezDAp1iQv9+PhUfZ97quGQZK0VlwKds4HoVw==</e:CipherValue>
                 </e:CipherData>
             </e:EncryptedData>
         </k:EncryptedHeader>
         <a:MessageID 
u:Id="_8">urn:uuid:0a97e9b3-f3ca-4fdf-baf2-f7b736728634</a:MessageID>
         <a:ReplyTo u:Id="_9">
<a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address>
         </a:ReplyTo>
         <VsDebuggerCausalityData
xmlns="http://schemas.microsoft.com/vstudio/diagnostics/servicemodelsink"
 >uIDPowDtQQap/JhAmTNC0G64gcAAAAAA16XX2ukTZEawG8fDhE8motrzfQV6pcZBnKgSr88X7OkACQAA</VsDebuggerCausalityData>
         <a:To s:mustUnderstand="1" u:Id="_10"
 >https://fhdsales.dealerconnection.com/DMSInterface/V4/ServiceCustomer.svc</a:To>
         <o:Security s:mustUnderstand="1"
xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
             <u:Timestamp 
u:Id="uuid-a6df5a60-e173-43fe-b15d-8cdf028ab09e-2">
<u:Created>2016-11-04T13:45:39.851Z</u:Created>
<u:Expires>2016-11-04T13:50:39.851Z</u:Expires>
             </u:Timestamp>
             <e:EncryptedKey 
Id="uuid-a6df5a60-e173-43fe-b15d-8cdf028ab09e-1"
                 xmlns:e="http://www.w3.org/2001/04/xmlenc#">
                 <e:EncryptionMethod 
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
                 <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
                     <o:SecurityTokenReference>
                         <o:KeyIdentifier
ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1"
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
 >fQ2pNoRRJceEtRF7hwvXEhv4SdU=</o:KeyIdentifier>
                     </o:SecurityTokenReference>
                 </KeyInfo>
                 <e:CipherData>
<e:CipherValue>DhS8HilLH5k8mEVcw7i5OTsJyXq0uvZxIY2uqqEpdEjjhYfy6o66mFfvb6b5go9anRAzgF9mPfxHXb4edS5S040lHczaEGnynVoGe4GNC3qC37RfoINZhkPOoFDQERfsWlqABhUVjs53FJ21vo0jiW5MphheBZc3vzpIhiPRrPBdPZPipvjwx19Mwb7lPR8noh7++60s13JLMJBEN/j7rAA+YQjSj/JZlTov4jos++E7sJFV4TK7TmG+/nIJiB3K1ivwpSYic/ieRqWBZMLjcUlYx3QBlQrPNxLJCCjimhDp62nPexnGHikK5y5Ubuh1LKG4ESTY4yRNyWg0YDr+Kg==</e:CipherValue>
                 </e:CipherData>
             </e:EncryptedKey>
             <c:DerivedKeyToken u:Id="_0" 
xmlns:c="http://schemas.xmlsoap.org/ws/2005/02/sc">
                 <o:SecurityTokenReference
k:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey"
xmlns:k="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
                     <o:Reference
ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey"
URI="#uuid-a6df5a60-e173-43fe-b15d-8cdf028ab09e-1"/>
                 </o:SecurityTokenReference>
                 <c:Offset>0</c:Offset>
                 <c:Length>16</c:Length>
<c:Nonce>g9KEwRq9yBoVSEfase1hbQ==</c:Nonce>
             </c:DerivedKeyToken>
             <c:DerivedKeyToken u:Id="_2" 
xmlns:c="http://schemas.xmlsoap.org/ws/2005/02/sc">
                 <o:SecurityTokenReference
k:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey"
xmlns:k="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
                     <o:Reference
ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey"
URI="#uuid-a6df5a60-e173-43fe-b15d-8cdf028ab09e-1"/>
                 </o:SecurityTokenReference>
                 <c:Offset>0</c:Offset>
                 <c:Length>16</c:Length>
<c:Nonce>fvK4gOUq0dcRVDbanO3viQ==</c:Nonce>
             </c:DerivedKeyToken>
             <e:ReferenceList xmlns:e="http://www.w3.org/2001/04/xmlenc#">
                 <e:DataReference URI="#_4"/>
                 <e:DataReference URI="#_7"/>
             </e:ReferenceList>
             <o:BinarySecurityToken 
u:Id="uuid-751f0eb6-4edb-4da3-81e2-963c1fd46b63-1"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
 >MIIFRDCCBCygAwIBAgIMbtu8HzA+W3C2QIusMA0GCSqGSIb3DQEBCwUAMGYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTYwOTA4MDg0MzE4WhcNMTkwOTA5MDg0MzE4WjBwMQswCQYDVQQGEwJVUzERMA8GA1UECBMITWljaGlnYW4xETAPBgNVBAcTCERlYXJib3JuMRswGQYDVQQKExJGb3JkIE1vdG9yIENvbXBhbnkxHjAcBgNVBAMTFURFVTk3MDI4LmIyZC5mb3JkLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMfTerY0Tc8tRtR7x40EoaGWNDEckej3GcmBtRpahwd9w7tuDzIInGJpcdyVtsTJbDdnoKoXRQcHONA3FjtxhZQ09O19FXC7K4CSMRaJ0cHzHs4t55ZybipYLjXiBchJNoEjnmxz2NJ2AQsMd7gYb0GhU6agdpQv1gQpA9Tyadds2vZOxF6OI2SVh58YUp1fznKCE0KleHz9jDLcHPzo9k4wLHxCTSQv5ncKWI+YxX6j1ZHNKB/iVLXWniRb8YlZHLVI/lfkZ3m6m9KmVXgPyhIjgqjRWbjLrySUDMjCz8zAaxjW0Z441N2QRXHWM+NboS5hsA4YlzOoliEhsI1oJTMCAwEAAaOCAeYwggHiMA4GA1UdDwEB/wQEAwIFoDCBoAYIKwYBBQUHAQEEgZMwgZAwTQYIKwYBBQUHMAKGQWh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzb3JnYW5pemF0aW9udmFsc2hhMmcycjEuY3J0MD8GCCsGAQUFBzABhjNodHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3Nvcmdhbml6YXRpb252YWxzaGEyZzIwVgYDVR0gBE8wTTBBBgkrBgEEAaAyARQwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQICMAkGA1UdEwQCMAAwSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc29yZ2FuaXphdGlvbnZhbHNoYTJnMi5jcmwwIAYDVR0RBBkwF4IVREVVOTcwMjguYjJkLmZvcmQuY29tMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU9FKPkwNxOGcwL5p9BRAaB6x4fdIwHwYDVR0jBBgwFoAUlt5h8b0cFilTHMDMfTuDAEDmGnwwDQYJKoZIhvcNAQELBQADggEBADlN5wzgOFROGAJw2Mc9sB6jIQtjYyOtGTWfeZ952EPG4G7+osSm/2F7q8s3eWwheywI5ZnvuGGjqQWA9g3WB+Db4OmFiMFwBAx+qZ9KAda9WBwSsqujClLWv/Und/rgNmOF4sUmKeyRm+zgNbjb68zu4476M6vBlzEXYAd+HxqvU65AlsPu0TE5pZRPBhkhdwSUNONcOFZ+ApsEPAR8uVVaMhPnRpgjDI7LyOfyO3YS9WcKeJFhZ9NXKBN3TKBXHmo0cf1tGHMNIsS/Vc5jX2EupwmlkpqbvzkHIH1WWVlO+sKrqWm+x1HPH72hAV8yZUkohikQLG47/kIjJs0LDM0=</o:BinarySecurityToken>
             <Signature Id="_1" xmlns="http://www.w3.org/2000/09/xmldsig#">
                 <SignedInfo>
                     <CanonicalizationMethod 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                     <SignatureMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/>
                     <Reference URI="#_3">
                         <Transforms>
                             <Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                         </Transforms>
                         <DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>a7CXmuB2JSHm9RmW6POwsHnycDk=</DigestValue>
                     </Reference>
                     <Reference URI="#_5">
                         <Transforms>
                             <Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                         </Transforms>
                         <DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>xvFpAFWy98ZDDtrQchzYCOU2670=</DigestValue>
                     </Reference>
                     <Reference URI="#_6">
                         <Transforms>
                             <Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                         </Transforms>
                         <DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>deiXD1V5czoZv+MoOslh/eg0rKw=</DigestValue>
                     </Reference>
                     <Reference URI="#_8">
                         <Transforms>
                             <Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                         </Transforms>
                         <DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>h6E+sS2NLsiKhhUCfcals7erXMg=</DigestValue>
                     </Reference>
                     <Reference URI="#_9">
                         <Transforms>
                             <Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                         </Transforms>
                         <DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>j/gRxucq9/ffT51/LB/t2WT0bbY=</DigestValue>
                     </Reference>
                     <Reference URI="#_10">
                         <Transforms>
                             <Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                         </Transforms>
                         <DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>An0taXOPXlJv34kf95nLHPMCWJ8=</DigestValue>
                     </Reference>
                     <Reference 
URI="#uuid-a6df5a60-e173-43fe-b15d-8cdf028ab09e-2">
                         <Transforms>
                             <Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                         </Transforms>
                         <DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>+uXH9y1oEQYBOUnKeZxvVbUsqeQ=</DigestValue>
                     </Reference>
                 </SignedInfo>
<SignatureValue>UH4mbGqmFUYIp6yXL1XKs8/J1Pw=</SignatureValue>
                 <KeyInfo>
                     <o:SecurityTokenReference>
                         <o:Reference 
ValueType="http://schemas.xmlsoap.org/ws/2005/02/sc/dk"
                             URI="#_0"/>
                     </o:SecurityTokenReference>
                 </KeyInfo>
             </Signature>
             <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
                 <SignedInfo>
                     <CanonicalizationMethod 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                     <SignatureMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
                     <Reference URI="#_1">
                         <Transforms>
                             <Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                         </Transforms>
                         <DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>MCU9VxzDXHN1KLN+yx8iBjY4G4A=</DigestValue>
                     </Reference>
                 </SignedInfo>
<SignatureValue>QB6CPBPJboftzr7AoSapgkRlqxsKZM2d1P0V+JNipX0DrGfUlD+9McoJ5DsqZk3Dir0n/RNBYXuFtcI2E4VgCfVWcDAxFcJpRVkwqMwYsjEUf5FNM19oYt5IzMVgsXBbdaBBerJ8srKXCIW44tsHxxNaKKfGy1bxUaFWgLQZ6XiHRzTeHh/mVxYx48uOfS0uOFArP1JuEwXS36Q1ErVGI3vDyLGUGgbXupqilHs0ZHvrk/W2mx5q4vo1+tMnXxH7ipPZ3FpbGrCuS3YhaEPSr+Kl2dw45ik6SEmvDqTjdcMCAzGIvuk0fyD4AyhD8bsWBYP5r2RQVEq/OhxdYb3/tQ==</SignatureValue>
                 <KeyInfo>
                     <o:SecurityTokenReference>
                         <o:Reference
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
URI="#uuid-751f0eb6-4edb-4da3-81e2-963c1fd46b63-1"/>
                     </o:SecurityTokenReference>
                 </KeyInfo>
             </Signature>
         </o:Security>
     </s:Header>
     <s:Body u:Id="_3" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
         xmlns:xsd="http://www.w3.org/2001/XMLSchema">
         <e:EncryptedData Id="_4" 
Type="http://www.w3.org/2001/04/xmlenc#Content"
             xmlns:e="http://www.w3.org/2001/04/xmlenc#">
             <e:EncryptionMethod 
Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
             <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
                 <o:SecurityTokenReference
xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
                     <o:Reference 
ValueType="http://schemas.xmlsoap.org/ws/2005/02/sc/dk" URI="#_2"/>
                 </o:SecurityTokenReference>
             </KeyInfo>
             <e:CipherData>
<e:CipherValue>wi/hjit1gDzO3mMrej8M3IcqCjVhLjAnBnIRESkWVIT3nBpFouvHJofbJODh/jJkMNd1ftIe57tIVqj2Y/h9DtfLGfGDwQjydLlH1r8skyR4JyBtBdYuzsfHtystgd0H9T99uue0LM4luNGxXK1D8WMdRBH60BIiZNByPxyimncXU9Nz7UhELHf4b61Ij0EClnI9nCE2fDN5zd2JcWjlDddgmzhA36oi9WrO/IhM7uxAL/k59VfjEDiahvxgxRx9cZcjUgztnIHTY1SXuEUyxCFW4GLxnEUG86hjhDKvRLJZnkbf58xkXKJH5CvAjqc8wKhhvSQW6obVq3eh4rtcHHv+aFu5MRu70e5rxwHIeuf9d11Axu6A33picpOo9fkBB/fXxQ24Ak2T2emj8V/ogniJKV2z2zzTw2eNlIIMJCqpDo+8aTs67HagEWuVYxlCcRbKnYKZzwabJpsvEpH111emvtRsn/pxdV3ZGNz27KJkfb8ntdmIYXtmq3zsyy6rlz8N4WSWlqHGcVXXp7Oj84lWJnfjM7eonBUIRySFstfgfQCxsP3XF1SaL8/mvOeUMXpoE/I6s6j2t87GYUqihV8UtQi7nE7TsCqPpJKO+0uuagdTPDDB/ITW1fbQi7AlNk03cD/2egFGmFc6npAQ3elCe8tK7JiKZA2NJlcME9jdhP29GsQyM5qSMHCciNa1awwgkx6RTmLEhDT9uRed7mpi9e4U7pCoSvtoeRAPX0hnXAn0N+SE6jssTHvuS9IJNl5xeNHfcCeDAr3pfXLfAiX7IYFLw0F6kIpK9oCHiuunNYQIzHfsXvhhDuSHyoOTGeox/FLT/ZbGxV7qZItXslWq5usnA0r+cCKNT3UxX9E017affTOK6+DnjZYrrikJOPCpQ94VV/nGzmKPPgCIwTE3v4c3PQaTReFR/v5xb+s6UNv2GyApZSp5eo2dih+r3l22QogNZNOLJjo4GgowStrsX4yNn5MQn2BtBOQYfh2fvJUjNTgr358OcVKux9l3E8gEBAM9WsS9vh7c+pizfMYmAqMl+UEf59RaG7bMrV7dD8/YXjPgR6ylP4HlyyXG5qJfScKNizR5XvllpgtHz6xQ4lIZ7zHQbCdQg/j86pf2nEBhqqzpwGuOKhMF0+HwZa+e6JyhXtR0uuX0SiouGmvS5zuYctP3iw9KP4Mye/1SsGh7EyFM7m3/SZa2rlgW+vGL62yTJtojIJYO+2CmQaapAsG7Sgs7VyYlVnJCJZ1vbHpm2qegTeqVjn/0rXK9ON1IGXxDma9VFmIy+u506rvykm0dQOKNHGiEhL8B9kkBCt/YIGAnpoOXUHJChQj6sMtQ7l00+DKBds/kYjBxbii35kOVPWk/sXaVDI7cKX3iFVKnMA/k/fPHNOhN3ENN0oaOW2Ne6zYfnQaG0AGnrq5I+0Q76x0oNkMOpa3Ga7LrxkU6mYQ1xuTD6FnM25P/KKmy7klBPYqBojNIdsqf4nxuVQzc3vQa7jjuA0x4E6d4O+SyJ/4l17XU+ueY3HNaTZa90Up4O6Og3SriactyF1lRixlCqvPyPecg5Dc3yBReIcRKaLFetGEBWK7FdPCdwFAgYrvIHMazzwQWL0t9XP6+r05Q7BsGIEoRR/Pp3M8ov7G3EY4BkhvIrv6aL2hKMuriWommedVRViQskFq0237P8v/1DU+0hdwlPPqMKWmci9vrXN52iTUKzF7HJpIBzGorsPi0dt1VO4O31Q0I2p4BExy8jdkw5BpCAH78lTFM/Lw9LobP9JYtO5O71BHvu0CNfFFL7B4cAzAIOYDHRgJVfKo+8v9NFbdRzZrMcfL315fFXz8yZ/4/kHI0iPwC4EwA90E6DWC1J582+XLbqWZ94lAM9djSCcbVCt3rade9pt0A1TylyUCZ7t3F1j2aHAF4x2r4K0Fs/8kjnTYWXrMnvuNqgMAtfmOTscuzpiKIgiNJ12+HuZEOrZOR5TyQ5pf1ptdryTeHDuOuJ8IOFUQVQKiDewkt1QkPhXeFEapCE8+oJmhj44i2PTXK/Fr16edUVt4MDiJftrBlddKlszT63/H3AYXUPv/C/REwOeDbrJqLagbWCltmc08h60Y196YDZjpsePXmOt9Zpxijm6F0sWKoyezYtkXcQ8L2piEv99hXDnlJsgkd27Z8WbB7IB7e8nWBQnTYxB/A+BwwQg8p5unMrRSlZDvpBvCUQizcaoAiUQcr41l2jL6SJcQ475DQ4JfOa0oawHIy9Rep7inQ97d73xIPip4M1NXuM3w0eEnSfeqSli+aNwXXDzxWrV2iK2v5n2BntgIwpO2xN9GYEZX862e3sL/7d/CQ7WkQjaDwXzYWg5bdPxObA9lCy+KSemOyoE+GpTRarLM7VNJ1LI9pF4/F0m9nhGA4BFkX9jTPcgZUYAevJfU0RhTdi+JfJjSx6nNZduY4PRpNX6Egt4RlrDRJNFS27o5y8E4=</e:CipherValue>
             </e:CipherData>
         </e:EncryptedData>
     </s:Body>
</s:Envelope>
-----cut [2]-----

-----cut [3]-----
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
     <soap:Header>
         <wsse11:EncryptedHeader 
xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" 
wsu:Id="EH-fd92616b-6cfb-4573-ae14-10b12d7147ea">
             <xenc:EncryptedData 
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" 
Id="ED-38312cc0-4e7a-4563-9f6c-29c0010ccb5c" 
Type="http://www.w3.org/2001/04/xmlenc#Element">
                 <xenc:EncryptionMethod 
Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
                 <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                     <wsse:SecurityTokenReference 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
                         <wsse:Reference 
URI="#DK-69b841f8-6e71-4c1f-ab8a-7ef91df70753" 
ValueType="http://schemas.xmlsoap.org/ws/2005/02/sc/dk"/>
                     </wsse:SecurityTokenReference>
                 </ds:KeyInfo>
                 <xenc:CipherData>
<xenc:CipherValue>/nIZwWCTAWejrBtTBbXMzSPBi7oYmPCRmESmn5fIYvQdS4lmsKKZaDteGJUsG9XIC2eVPsGcJKIkbYtfs34Qs/9LOY8sQ/6ePKgmMZ9WEga68q9uBV35SFc7VX/u00njOoLQ2rHvTKq5Ud7rgUPtVFN13gRDUqzuYx5rR72XMgcD3ir29bUZzPGnhtn9ICeXb292hPZGibwOzHEAimxElhbkMEJ/uNHw9+c/yK4q3HdHLZ1rw/0NkJujSztvJMOpYoz8Zs7W4h67kSApGdOYbc7tbEK7lLG56WQJh4QMzxjqJ+Ec3s5UwFFJi/l0t7PmeK17nggNmOkyLE5JLb3QGWGw7qhu981v/IoY2N43eI+FAZS0boeX6hB6mYA9TwAqoTCAaSKdFpn/42uBzfgqq8pO5csUL+LF6djro+K0uchMLXgsV0Bynn0C34qoF3pmHxAVMPhdPwmKcSSO6U3apmL33YfnZK1KqkkqM/dqM5TlrTbH5XOTWIIhn2rj3PHppTWzm+0sliP9XBJK6D9ZOiVxitrN8CyiI94BLaC8S0B8JPsyVVXEjdRU3wY9KPDQzyNNJCKnovh0taEaByV03LDvIpbTtW5vNx3gEBSri6YFTcwBMcVio5Tlt7cVgPQBQ0fOaTWBMVXlSB+zb78JYQu9o+OyqPM5EyqoBfJ4ZJQztM/T/Wrs5Jl1zbn1vLAKHUTgx7vR4YjzK1smFRB5pns8VFbcGetmKg3u78SxhWD2ApoLF4eS9bLSocYQHCUq0S6OEVMo3cwzcWNJw5Ggg5EmPIBBPF2g9WCKpRv+niuBxZQ5hSj5c1j4y4uksUZDQVadOcYvq61/BegYP5tReakfoUsqu39liYv3N/E82DrukXYOtO7pyy8XL6nx9FaP24fbkoFULyfAeNiNxUAPsCgF2Zr7rlBRDTFMt22XYJ/5rLdgYraI6OA4ktFcHxm5da2Jk5IUNAv//OSWRnKaNXwnyaId9itGylZMRAWUwFbSlVIr1q536JveYsfNmSGB0nDOWoX1duCyupjDeWBAt74xalEc9cs20hTiSJhvz8vNXCjEkTK1i+reKOu/OZgvYUUSbIKopw6s7If3JQEe7cbowsvB+PA8ib7lsG+RRAXO6/CMXooHow0WVRZ1RYajLz4Pb+cVYTo7i/YRrXoixa47xI9nASLQ/OYs2NmLvBgPJh8g/iT/VRtSVH9/WRBJcrcsSC38h4MMFwgvgJ+BanVQVmRT6SK5Dyh59PykJxu7ErZYHCgznuKpZTdAEHF1u1xju7in5NZABVboV3BQCwbkd/vX+KQ3eW/OlOvdmDFKaDrhyW3C/gYXmEzrDDmTqnZVetVIzJFBUZLldCuT3NvqlIezojwDoKL/m0isMKxqiqM/kioI3q7Uuqp1HvGpi3IQtmeN/ApFeQklzCDUBxi3IQ9Axz1I8fLy9iwzPEcanql8liOl3W6lfzSMMJW+Nm1kmEWP38t7p4w+G6IIaQ==</xenc:CipherValue>
                 </xenc:CipherData>
             </xenc:EncryptedData>
         </wsse11:EncryptedHeader>
         <Action xmlns="http://www.w3.org/2005/08/addressing" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" 
wsu:Id="_c0b750e9-5e6e-4f2a-8ebf-857992f3d22a">http://tempuri.org/IServiceCustomer/InsertCustomer</Action>
         <MessageID xmlns="http://www.w3.org/2005/08/addressing" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" 
wsu:Id="_191e3ff4-c597-4431-8c81-616fb7208506">urn:uuid:e5175407-eb0a-4643-a963-7a7599c7c10a</MessageID>
         <To xmlns="http://www.w3.org/2005/08/addressing" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" 
wsu:Id="_a3605ac7-2910-4e56-827d-4e2c81ed2d83">https://www.fhdsales.dealerconnection.com/DMSInterface/V4/ServiceCustomer.svc</To>
         <ReplyTo xmlns="http://www.w3.org/2005/08/addressing" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" 
wsu:Id="_68dbf68d-03d4-4860-a8f5-fa7bb9171918">
<Address>http://www.w3.org/2005/08/addressing/anonymous</Address>
         </ReplyTo>
         <wsse:Security 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" 
soap:mustUnderstand="1">
             <wsu:Timestamp 
wsu:Id="TS-638d599d-7a0b-42c4-95e4-960b93a1de05">
<wsu:Created>2016-11-04T13:45:50.638Z</wsu:Created>
<wsu:Expires>2016-11-04T13:50:50.638Z</wsu:Expires>
             </wsu:Timestamp>
             <xenc:EncryptedKey 
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" 
Id="EK-fb2d7ab5-a113-4cac-b1b7-dd5318aa05e7">
                 <xenc:EncryptionMethod 
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
                 <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                     <wsse:SecurityTokenReference 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
                         <wsse:KeyIdentifier 
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" 
ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1">fQ2pNoRRJceEtRF7hwvXEhv4SdU=</wsse:KeyIdentifier>
                     </wsse:SecurityTokenReference>
                 </ds:KeyInfo>
                 <xenc:CipherData>
<xenc:CipherValue>G0l4bpG3k/vtYtszFnnnHKYCFq4r8iR9ReDXOjzRGmnUpcKGxY0ucZDvn74QOaU+yzQN1CWO5c4GkeagVgIxIZ0BP1NgnhB3dCrKQIN5yzCganTPg8X4BmgEiLArziCttlGJmslMLQHKf9giCdwqp0nhkrXKrz2i4iz3FKqLEnSrh8Tg+AW66ddjpqCPJy5G+crHARqcw9DY9MykL4mqYQ36E4sMVa1LVnGfnkp6LdXx65Zf3r8o44mgOI1kjYL8EDmsMy9pnvg0PAnO2nJ7DCYIbvkmAnw0nULVKdF5zn4zTfhe/oS6S4ZiY9rf0koxd/ouEH6xpwLhX3MF6yJUlg==</xenc:CipherValue>
                 </xenc:CipherData>
             </xenc:EncryptedKey>
             <wsc:DerivedKeyToken 
xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc" 
wsu:Id="DK-af53d235-fa06-4282-a73d-d1eac65af45b">
                 <wsse:SecurityTokenReference 
xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd" 
wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey" 
wsu:Id="STR-9cf70533-e971-488e-b1bb-8cb5d06171f9">
                     <wsse:Reference 
URI="#EK-fb2d7ab5-a113-4cac-b1b7-dd5318aa05e7" 
ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey"/>
                 </wsse:SecurityTokenReference>
                 <wsc:Offset>0</wsc:Offset>
                 <wsc:Length>16</wsc:Length>
<wsc:Nonce>LkLXW+RpnfI+qA9lsKrEKg==</wsc:Nonce>
             </wsc:DerivedKeyToken>
             <wsc:DerivedKeyToken 
xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc" 
wsu:Id="DK-69b841f8-6e71-4c1f-ab8a-7ef91df70753">
                 <wsse:SecurityTokenReference 
xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd" 
wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey" 
wsu:Id="STR-088e5429-bff0-4bbc-8d6e-e5185724e022">
                     <wsse:Reference 
URI="#EK-fb2d7ab5-a113-4cac-b1b7-dd5318aa05e7" 
ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey"/>
                 </wsse:SecurityTokenReference>
                 <wsc:Offset>0</wsc:Offset>
                 <wsc:Length>16</wsc:Length>
<wsc:Nonce>v3/2uDLPJui2hYw1GMnyEg==</wsc:Nonce>
             </wsc:DerivedKeyToken>
             <xenc:ReferenceList 
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
                 <xenc:DataReference 
URI="#ED-12663af0-5355-4970-8c66-a8c984a4e67e"/>
                 <xenc:DataReference 
URI="#ED-38312cc0-4e7a-4563-9f6c-29c0010ccb5c"/>
             </xenc:ReferenceList>
             <wsse:BinarySecurityToken 
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" 
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" 
wsu:Id="X509-c15e750c-dbc8-42f5-bcca-c2d1d1373eca">MIIFRDCCBCygAwIBAgIMbtu8HzA+W3C2QIusMA0GCSqGSIb3DQEBCwUAMGYxCzAJBgNVBAYTAkJFMRkwFwYDVQQKExBHbG9iYWxTaWduIG52LXNhMTwwOgYDVQQDEzNHbG9iYWxTaWduIE9yZ2FuaXphdGlvbiBWYWxpZGF0aW9uIENBIC0gU0hBMjU2IC0gRzIwHhcNMTYwOTA4MDg0MzE4WhcNMTkwOTA5MDg0MzE4WjBwMQswCQYDVQQGEwJVUzERMA8GA1UECBMITWljaGlnYW4xETAPBgNVBAcTCERlYXJib3JuMRswGQYDVQQKExJGb3JkIE1vdG9yIENvbXBhbnkxHjAcBgNVBAMTFURFVTk3MDI4LmIyZC5mb3JkLmNvbTCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAMfTerY0Tc8tRtR7x40EoaGWNDEckej3GcmBtRpahwd9w7tuDzIInGJpcdyVtsTJbDdnoKoXRQcHONA3FjtxhZQ09O19FXC7K4CSMRaJ0cHzHs4t55ZybipYLjXiBchJNoEjnmxz2NJ2AQsMd7gYb0GhU6agdpQv1gQpA9Tyadds2vZOxF6OI2SVh58YUp1fznKCE0KleHz9jDLcHPzo9k4wLHxCTSQv5ncKWI+YxX6j1ZHNKB/iVLXWniRb8YlZHLVI/lfkZ3m6m9KmVXgPyhIjgqjRWbjLrySUDMjCz8zAaxjW0Z441N2QRXHWM+NboS5hsA4YlzOoliEhsI1oJTMCAwEAAaOCAeYwggHiMA4GA1UdDwEB/wQEAwIFoDCBoAYIKwYBBQUHAQEEgZMwgZAwTQYIKwYBBQUHMAKGQWh0dHA6Ly9zZWN1cmUuZ2xvYmFsc2lnbi5jb20vY2FjZXJ0L2dzb3JnYW5pemF0aW9udmFsc2hhMmcycjEuY3J0MD8GCCsGAQUFBzABhjNodHRwOi8vb2NzcDIuZ2xvYmFsc2lnbi5jb20vZ3Nvcmdhbml6YXRpb252YWxzaGEyZzIwVgYDVR0gBE8wTTBBBgkrBgEEAaAyARQwNDAyBggrBgEFBQcCARYmaHR0cHM6Ly93d3cuZ2xvYmFsc2lnbi5jb20vcmVwb3NpdG9yeS8wCAYGZ4EMAQICMAkGA1UdEwQCMAAwSQYDVR0fBEIwQDA+oDygOoY4aHR0cDovL2NybC5nbG9iYWxzaWduLmNvbS9ncy9nc29yZ2FuaXphdGlvbnZhbHNoYTJnMi5jcmwwIAYDVR0RBBkwF4IVREVVOTcwMjguYjJkLmZvcmQuY29tMB0GA1UdJQQWMBQGCCsGAQUFBwMBBggrBgEFBQcDAjAdBgNVHQ4EFgQU9FKPkwNxOGcwL5p9BRAaB6x4fdIwHwYDVR0jBBgwFoAUlt5h8b0cFilTHMDMfTuDAEDmGnwwDQYJKoZIhvcNAQELBQADggEBADlN5wzgOFROGAJw2Mc9sB6jIQtjYyOtGTWfeZ952EPG4G7+osSm/2F7q8s3eWwheywI5ZnvuGGjqQWA9g3WB+Db4OmFiMFwBAx+qZ9KAda9WBwSsqujClLWv/Und/rgNmOF4sUmKeyRm+zgNbjb68zu4476M6vBlzEXYAd+HxqvU65AlsPu0TE5pZRPBhkhdwSUNONcOFZ+ApsEPAR8uVVaMhPnRpgjDI7LyOfyO3YS9WcKeJFhZ9NXKBN3TKBXHmo0cf1tGHMNIsS/Vc5jX2EupwmlkpqbvzkHIH1WWVlO+sKrqWm+x1HPH72hAV8yZUkohikQLG47/kIjJs0LDM0=</wsse:BinarySecurityToken>
             <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
Id="SIG-d3c88a4a-3d0d-4dd4-9b83-f76af1305a9d">
                 <ds:SignedInfo>
                     <ds:CanonicalizationMethod 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                         <ec:InclusiveNamespaces 
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="soap"/>
                     </ds:CanonicalizationMethod>
                     <ds:SignatureMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/>
                     <ds:Reference 
URI="#TS-638d599d-7a0b-42c4-95e4-960b93a1de05">
                         <ds:Transforms>
                             <ds:Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                                 <ec:InclusiveNamespaces 
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="wsse soap"/>
                             </ds:Transform>
                         </ds:Transforms>
                         <ds:DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>LAwNMZ9GkBsj3CdAFpyMMNnFICg=</ds:DigestValue>
                     </ds:Reference>
                     <ds:Reference 
URI="#_c2969464-0103-4d15-a131-b445ece324a1">
                         <ds:Transforms>
                             <ds:Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
                         </ds:Transforms>
                         <ds:DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>NRX7q5ovVidnKTw+hcArJfoxgX0=</ds:DigestValue>
                     </ds:Reference>
                     <ds:Reference 
URI="#_67dfe461-a596-4727-925d-cdf5685f929c">
                         <ds:Transforms>
                             <ds:Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                                 <ec:InclusiveNamespaces 
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="soap"/>
                             </ds:Transform>
                         </ds:Transforms>
                         <ds:DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>qJTVf8019l9Z8MOmeCltThEXJEY=</ds:DigestValue>
                     </ds:Reference>
                     <ds:Reference 
URI="#_a3605ac7-2910-4e56-827d-4e2c81ed2d83">
                         <ds:Transforms>
                             <ds:Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                                 <ec:InclusiveNamespaces 
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="soap"/>
                             </ds:Transform>
                         </ds:Transforms>
                         <ds:DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>QtNncRhWFISvWAfhbHX9qPp5CWM=</ds:DigestValue>
                     </ds:Reference>
                     <ds:Reference 
URI="#_68dbf68d-03d4-4860-a8f5-fa7bb9171918">
                         <ds:Transforms>
                             <ds:Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                                 <ec:InclusiveNamespaces 
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="soap"/>
                             </ds:Transform>
                         </ds:Transforms>
                         <ds:DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>v1koCwv6bNv31R5Lmp5iF9cx7/s=</ds:DigestValue>
                     </ds:Reference>
                     <ds:Reference 
URI="#_191e3ff4-c597-4431-8c81-616fb7208506">
                         <ds:Transforms>
                             <ds:Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                                 <ec:InclusiveNamespaces 
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="soap"/>
                             </ds:Transform>
                         </ds:Transforms>
                         <ds:DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>RXxOvPwQ6ZKiLT98YRW0m3Yo6uI=</ds:DigestValue>
                     </ds:Reference>
                     <ds:Reference 
URI="#_c0b750e9-5e6e-4f2a-8ebf-857992f3d22a">
                         <ds:Transforms>
                             <ds:Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                                 <ec:InclusiveNamespaces 
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="soap"/>
                             </ds:Transform>
                         </ds:Transforms>
                         <ds:DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>8cDFkG0Qd7Lo3cDWD4xIM5opOxA=</ds:DigestValue>
                     </ds:Reference>
                 </ds:SignedInfo>
<ds:SignatureValue>Wy2jPeNTUYeU0EO+LARVtZS5DKY=</ds:SignatureValue>
                 <ds:KeyInfo Id="KI-79968dde-4ce3-4016-9ad9-559ed5076f99">
                     <wsse:SecurityTokenReference 
wsu:Id="STR-e1878ad2-1f4a-4c8b-bf51-be167c3364bb">
                         <wsse:Reference 
URI="#DK-af53d235-fa06-4282-a73d-d1eac65af45b" 
ValueType="http://schemas.xmlsoap.org/ws/2005/02/sc/dk"/>
                     </wsse:SecurityTokenReference>
                 </ds:KeyInfo>
             </ds:Signature>
             <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 
Id="SIG-ea6ba6bd-4661-4fc2-bf8f-1857de7aeb6f">
                 <ds:SignedInfo>
                     <ds:CanonicalizationMethod 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                         <ec:InclusiveNamespaces 
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="soap"/>
                     </ds:CanonicalizationMethod>
                     <ds:SignatureMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
                     <ds:Reference 
URI="#SIG-d3c88a4a-3d0d-4dd4-9b83-f76af1305a9d">
                         <ds:Transforms>
                             <ds:Transform 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
                                 <ec:InclusiveNamespaces 
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="wsse wsu 
soap"/>
                             </ds:Transform>
                         </ds:Transforms>
                         <ds:DigestMethod 
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>Zk0hH0ML/sotGX7SCQ6Z2VL69LY=</ds:DigestValue>
                     </ds:Reference>
                 </ds:SignedInfo>
<ds:SignatureValue>o0RmacdFWkSsrsk3MRwjcaem9kdDq1FntI+DyIztvysY3u1lqxK8lR2dF3YstUt7GtGRaL7Ihiqp5C/bf/Ekpv14G9ZfYrSeZa2rMTkd3nTyMJXl2tUT5U3oGdtUwXW5Kg7GGlj4F0hijMvaYEL1Ts3XSbX2lIrWbTimn7XmROTPC5Z5U1H8+iokFAbNz/s9t7nT9BtK7mGxb5cEMVQpVzb34sIKWovngbsLwKC3cKmn4X3t5D0eHiiPsrj2HTkdSLqf30bR+xo1nqNMoyeeEMtjy1ClI8yi32452mzSH4iEw3wrWAE+MBM9VaGxRurG7wu7lFvZHEuee3Aw3V/lZQ==</ds:SignatureValue>
                 <ds:KeyInfo Id="KI-2a794e42-2383-4a05-85f8-a4d1a97c9255">
                     <wsse:SecurityTokenReference 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" 
wsu:Id="STR-4c9354d4-b2fd-49b8-9cbc-254d61930d5f">
                         <wsse:KeyIdentifier 
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" 
ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1">L16Cl7RveplrJ/84Q8JcRSrMAJY=</wsse:KeyIdentifier>
                     </wsse:SecurityTokenReference>
                 </ds:KeyInfo>
             </ds:Signature>
         </wsse:Security>
     </soap:Header>
     <soap:Body 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" 
wsu:Id="_c2969464-0103-4d15-a131-b445ece324a1">
         <xenc:EncryptedData 
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" 
Id="ED-12663af0-5355-4970-8c66-a8c984a4e67e" 
Type="http://www.w3.org/2001/04/xmlenc#Content">
             <xenc:EncryptionMethod 
Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
             <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                 <wsse:SecurityTokenReference 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
                     <wsse:Reference 
URI="#DK-69b841f8-6e71-4c1f-ab8a-7ef91df70753" 
ValueType="http://schemas.xmlsoap.org/ws/2005/02/sc/dk"/>
                 </wsse:SecurityTokenReference>
             </ds:KeyInfo>
             <xenc:CipherData>
<xenc:CipherValue>yMWa0hexVslhZzHiMMq+YW9A2UFP7GgPzSObquisuO3EGXi0d0TSR57gCZP2Ups4PeEz5o4HB4+kCWD52Bx3jdPyTxlAqEuEFrXLTxBuGWQ52FP5Jg3bTqVw96h93ASovkXu2LiT0qJEJtQM0tNgRMfDQVoFjG34AwEpms3Mue/VRWw0nyRFtO6nNNtuaXQLsj80uvWQRygNA7lDDPrQ0YSl114eCKw8bJkjq2l+cdl2we+SBZ5+7rnF6TJLMmZI8bxkklkTOFzR6HJwaA0iZJAEsWBnj4BscxVAShWR6hiAugpxOeeAc9IfsSkBtGMDTk6BoA3DlRDQLExJ69f8abFIS+DA8WPAuWYhVTrkQ/+nTQ4ToOjuTbfJzsIPtWEzZPIJnjJeCT8zGIJKiBRUjk7pvU/58+xcY1VSJhXlig97j2Xesrjsivj2zNR0CEFFDfnmiMUpBv+fcEejUztvh4Pp10Huu5GSQIxmJ6EF/XlH+ZrbHNhiBgVKryckmyumNeLRuSoAB12a3GupxWoBGrSOjusJ6VMwFTVg4Wz+vH8/eLerheYej1KyvJ3Pker1/Cid7rUMQEI9yFfKi67eBZ3f+JhkwNPYsc9M3vADLTVcrmbPMvB/GYGVcFnNQqR+iu9rwV0Ug0yItkctIc3N7jHlnwo3yKuHWrbqTC/LkhHHgFD8FWwbkrw9g8UqPL3vxSuRbIKozfRVqLR8W1B5g1ppMZhz92s+ZpQ4lJpoS/LMhukivcWS1WAC+UDB7K+l7xqsFADJ0C0BMYnrB78Vx4gidxjYULpR1nBsN+Yr2eifAkGPu+EesJX/8MRdKGxcDvCAj6QbPb3uoUmaq47DRUwk8BN2Vla/OHpA9XMKkvktWW35gofceegJj0Nw3gRXAdMbaj8Fl2axLCZ4Yv2K8rCFnjd8DNX7ov2RgR0eOMkiUo1J8S35wD6Km0s+V22MT0xz7weTw6vXHrGfztlEJ1nrQ/CMl6m/WIeubPo4OmSk88FIk1/yxfT+1GmF4t8DW7VqZj1lgBrMcNEYHCyhumMe24LO676gjH6KPwI7tDTdrE52YEh8fHrbSgBjFDdCMyEvjN7mKJtdtpto22CycnMp34DIq+9i971Amye5/QArd5bTc2VFmiJz1uudXMnV</xenc:CipherValue>
             </xenc:CipherData>
         </xenc:EncryptedData>
     </soap:Body>
</soap:Envelope>
-----cut [3]-----


Am 04.11.2016 um 17:17 schrieb Martin Fernau:
> Hello,
>
> this thing is a real problem and I need it to bring to work...
> I need to consume a third party web service (implemented in .NET 
> hosted by IIS) using ws-policy/ws-security.
> Basically the client works and I can successfully call some methods. 
> But for one method the call fails with "An error occurred when 
> verifying security for the message".
> If I call the same method with a .NET Test-Client generated from the 
> same WSDL the call succeeds so this must something related to CXF. A 
> special requirement for this method is that it needs a special Header 
> which needs to be encrypted and signed. The other methods does not 
> require this header so I think its related to that.
> I'm able to add the header and the outgoing message seems to contain 
> this header encrypted and signed as required. However, the remote 
> server refuse the message.
>
> The developer of the service is currently no real help. The only 
> information I get until now is "there is no error message in the 
> logs". Great, that helps much...
>
> I'm able to provide any kind of information which should be helpful. 
> The full WSDL, the message before and after encryption from both the 
> .NET and CXF-Client. But because this is quite a lot of text I don't 
> know if I should add them here (embedded as text or as attachments), 
> or if its better to upload them anywhere.
>
> I hope someone is able to bring some light in this...
>
> Thanks and regards
> Martin