You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by "Wang, Jason" <Ja...@delta.com> on 2006/10/09 04:55:09 UTC

Problems when Interoperate with .NET by X509 token

Hi,

I'm working on a project to call a .Net Web Service from a Java client
by X509 certificate.
On server side, I use WSE 3.0 and WS policy,  WSS4J 1.5.0 and Axis2 1.0
on the Java client side.

I used the Hello World Web Service and enabled WSSE with WSE
Configuration Tool.
To verify the .NET Web service works fine, I created a .NET client with
policy,
It works very well.

But once I called from my Java Client, I always got following error
message:
======================================================
Referenced security token could not be retrieved, 
System.Exception: WSE590: Failed to resolve the following Key Info

<KeyInfo ....>
	.......
</KeyInfo>
======================================================


Here is the key info from .NET client Side,

      <soap:Envelope **** >
        <soap:Header>
          <wsse:Security soap:mustUnderstand="1">
            <xenc:EncryptedKey
Id="SecurityToken-9235ed81-093c-4ffc-9e7d-1c1e8b7083af"
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
              <xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
              <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
                <wsse:SecurityTokenReference>
                  <X509Data>
                    <X509IssuerSerial>
                      <X509IssuerName>CN=Root Agency</X509IssuerName>
 
<X509SerialNumber>119177920819346963742949139381104551659</X509SerialNum
ber>
                    </X509IssuerSerial>
                  </X509Data>
                </wsse:SecurityTokenReference>
              </KeyInfo>
              
	       ******
            </xenc:EncryptedKey>
            
	    ******
          </wsse:Security>
          
        </soap:Header>
        <soap:Body>
	   ******
        </soap:Body>
      </soap:Envelope>


And following is the key info from Java side,

    <processingStep description="Unprocessed message">
      <soapenv:Envelope **** >
        <soapenv:Header>
          <wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse
curity-secext-1.0.xsd" soapenv:mustUnderstand="1">
            <xenc:EncryptedKey Id="EncKeyId-9992755">
               <xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
               <ds:KeyInfo
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
                 <wsse:SecurityTokenReference>
                   <ds:X509Data>
                     <ds:X509IssuerSerial>
                       <ds:X509IssuerName>CN=Root
Agency</ds:X509IssuerName>
 
<ds:X509SerialNumber>119177920819346963742949139381104551659</ds:X509Ser
ialNumber>
                     </ds:X509IssuerSerial>
                   </ds:X509Data>
                 </wsse:SecurityTokenReference>
               </ds:KeyInfo>
                 
	       ******
            </xenc:EncryptedKey>
            
	    ******
          </wsse:Security>
          
        </soap:Header>
        <soap:Body>
	   ******
        </soap:Body>
      </soap:Envelope>
      
I didn't see any big differences here, I don't know what's the problem.

                 
And I tried using X509KeyIdentifier and SKIKeyIdentifier from Java side,
but always got the same error.

Is there any one has meet the same problem before?

thanks.
Jason