You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Reshef Roy <ro...@yahoo.com> on 2006/05/19 17:12:25 UTC
Decryption of a complex Axis2 SOAP message fails in WSS4J/XmlSec

Hello WSS4J and Axis2 folks,

I come back here on this issue which was discussed by
Brian and Werner on the WSS4J mailing list in March,
and has not been resolved. I am facing exactly the
same problem. I believe it is a WSS4J/XMLSec issue,
but I send it to both Axis2 and WSSS4J mailing lists.
The original thread I copied from the mail archive and
added at the bottom.

My configuration is as follows:
- My webservice is running on Axis2 1.0 deployed on
Tomcat 5.5.16
- My client application is a standalone Java
application using an Axis2 1.0 client repository
- jre1.5.0_06
- relevant jar files in the Axis2 lib directory (both
the server and the client): wss4j-1.5.0, xmlsec-1.3.0,
xalan-2.7.0 (probably not relevant), various
javamail-1.4 jars (in case it has to do with the MTOM
attachment??).
- the security configuration of both the webservice
and the Axis2 client repository is similar to the one
in the security sample of Axis2 1.0.

I send a simple SOAP message from the client to the
service, and get a complex, eventually a very complex,
SOAP message containing the data back.

The client->server message works fine, both when I
configure it to be signed and encrypted and when I
don't.
The server->client message works fine without
signature and encryption, but fails on the same
exception as Brian's when the client side has to
decrypt it.

At first I thought the fault was in our code, as the
generated XML was a mixture of XML generated by AXIOM
and "self-made" XML Strings in POJO code (however
Axis2 does escape the < sign). In the past few days I
cleaned our POJO code up completely, now the XML
message is generated solely by AXIOM. I still get the
following exception:

        [java] org.apache.axis2.AxisFault:
WSDoAllReceiver: security processing failed; nested
exception is: 
        [java] 
org.apache.ws.security.WSSecurityException: Cannot
encrypt/decrypt data; nested exception is: 
        [java] 
org.apache.xml.security.encryption.XMLEncryptionException:
Error while decoding
        [java] Original Exception was
org.apache.xml.security.exceptions.Base64DecodingException:
Error while decoding
        [java] 	at
org.apache.axis2.security.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:183)
        [java] 	at
org.apache.axis2.security.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:82)
        [java] 	at
org.apache.axis2.engine.Phase.invoke(Phase.java:381)
        [java] 	at
org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:473)
        [java] 	at
org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:445)
        [java] 	at
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:355)
        [java] 	at
org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:279)
        [java] 	at
org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:457)
        [java] 	at
org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:399)
        [java] 	at
nitg.dino.dataclient.DataClient.sendDataRequest(Unknown
Source)
        [java] 	at
nitg.dino.dataclient.DataClient.getData(Unknown
Source)
        [java] 	at
nitg.dino.dataclient.DataClient.getData(Unknown
Source)
        [java] 	at
nitg.dino.dataclient.DataClient.main(Unknown Source)
        [java] Caused by:
org.apache.ws.security.WSSecurityException: Cannot
encrypt/decrypt data; nested exception is: 
        [java] 
org.apache.xml.security.encryption.XMLEncryptionException:
Error while decoding
        [java] Original Exception was
org.apache.xml.security.exceptions.Base64DecodingException:
Error while decoding
        [java] 	at
org.apache.ws.security.processor.EncryptedKeyProcessor.decryptDataRef(EncryptedKeyProcessor.java:404)
        [java] 	at
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:328)
        [java] 	at
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:84)
        [java] 	at
org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:76)
        [java] 	at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:269)
        [java] 	at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:191)
        [java] 	at
org.apache.axis2.security.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:180)
        [java] 	... 12 more
        [java] Caused by:
org.apache.xml.security.encryption.XMLEncryptionException:
Error while decoding
        [java] Original Exception was
org.apache.xml.security.exceptions.Base64DecodingException:
Error while decoding
        [java] 	at
org.apache.xml.security.encryption.XMLCipherInput.getDecryptBytes(Unknown
Source)
        [java] 	at
org.apache.xml.security.encryption.XMLCipherInput.getBytes(Unknown
Source)
        [java] 	at
org.apache.xml.security.encryption.XMLCipher.decryptToByteArray(Unknown
Source)
        [java] 	at
org.apache.xml.security.encryption.XMLCipher.decryptElement(Unknown
Source)
        [java] 	at
org.apache.xml.security.encryption.XMLCipher.decryptElementContent(Unknown
Source)
        [java] 	at
org.apache.xml.security.encryption.XMLCipher.doFinal(Unknown
Source)
        [java] 	at
org.apache.ws.security.processor.EncryptedKeyProcessor.decryptDataRef(EncryptedKeyProcessor.java:402)
        [java] 	... 18 more

I attach here the following:

1. tcpmon capture when the messages are not secured
(here you can read the SOAP messages):

==============
Listen Port: 8070
Target Host: 127.0.0.1
Target Port: 8080
==== Request ====
POST /axis2/services/PiezoService HTTP/1.1
User-Agent: Axis/2.0
Host: 127.0.0.1:8070
Transfer-Encoding: chunked
Content-Type: multipart/related;
boundary=MIMEBoundaryurn_uuid_250A5D084C2807B5EA11480503381251;
type="application/xop+xml";
start="<0....@apache.org>";
start-info="application/soap+xml";
charset=UTF-8;action="urn:getPiezoById";

3c3
--MIMEBoundaryurn_uuid_250A5D084C2807B5EA11480503381251
content-type:application/xop+xml; charset=UTF-8;
type="application/soap+xml";
content-transfer-encoding:binary
content-id:<0....@apache.org>

<?xml version='1.0'
encoding='UTF-8'?><soapenv:Envelope
xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"><soapenv:Header><wsa:To>http://localhost:8070/axis2/services/PiezoService</wsa:To><wsa:ReplyTo><wsa:Address>http://www.w3.org/2005/08/addressing/anonymous</wsa:Address></wsa:ReplyTo><wsa:MessageID>urn:uuid:5DDEADED942C61847311480503378751</wsa:MessageID><wsa:Action>urn:getPiezoById</wsa:Action></soapenv:Header><soapenv:Body><getPiezoById
xmlns="http://dinoservices.nitg.tno.nl"><parameters><iD>NL-B02C0214-002</iD><dataLevel>2</dataLevel></parameters></getPiezoById></soapenv:Body></soapenv:Envelope>
--MIMEBoundaryurn_uuid_250A5D084C2807B5EA11480503381251--
0

==== Response ====
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie:
JSESSIONID=80BC3E2AB2786F5FE2E017D5018E4053;
Path=/axis2
Content-Type: multipart/related;
boundary=MIMEBoundaryurn_uuid_CD4AEADBBA124E2FB111480503456713;
type="application/xop+xml";
start="<0....@apache.org>";
start-info="application/soap+xml";charset=UTF-8
Transfer-Encoding: chunked
Date: Fri, 19 May 2006 14:52:25 GMT

979
--MIMEBoundaryurn_uuid_CD4AEADBBA124E2FB111480503456713
content-type:application/xop+xml; charset=UTF-8;
type="application/soap+xml";
content-transfer-encoding:binary
content-id:<0....@apache.org>

<?xml version='1.0'
encoding='UTF-8'?><soapenv:Envelope
xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"
xmlns:wsa="http://www.w3.org/2005/08/addressing"><soapenv:Header><wsa:To>http://www.w3.org/2005/08/addressing/anonymous</wsa:To><wsa:ReplyTo><wsa:Address>http://www.w3.org/2005/08/addressing/anonymous</wsa:Address></wsa:ReplyTo><wsa:From><wsa:Address>http://localhost:8070/axis2/services/PiezoService</wsa:Address></wsa:From><wsa:FaultTo><wsa:Address>http://localhost:8070/axis2/services/PiezoService</wsa:Address></wsa:FaultTo><wsa:MessageID>urn:uuid:66AB8BB9CA1E1D2D0511480503384064</wsa:MessageID><wsa:Action>urn:getPiezoById</wsa:Action><wsa:RelatesTo
wsa:RelationshipType="wsa:Reply">urn:uuid:5DDEADED942C61847311480503378751</wsa:RelatesTo></soapenv:Header><soapenv:Body><response
xmlns="http://dinoservices.nitg.tno.nl"
xmlns:tns="http://dinoservices.nitg.tno.nl/"><result><piezometers
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://dinoservices.nitg.tno.nl/xml/namespace/piezometer/piezometer-v1.0/xsd"><meta><dateformat
src="ISO8601" format="YYYY-MM-DDThh:mmTZD"
/><coordinateSystem alias="WSG84" name="World Geodetic
System 1984" src="EPSG" code="4326" unit="decimal
degrees" /><levelReference alias="NAP" name="Normaal
Amsterdams Peil" src="EPSG" code="5109" unit="cm"
/><country src="ISO3166" /><language src="ISO639-2"
/><date>2006-05-19T16:52+0200</date></meta><piezometer
Id="NL-B02C0214-002"><country>NL</country><language>NLD</language><databasename>DINO</databasename><ownerOrg>TNO-NITG</ownerOrg><location
coordinates="5.87971132 53.44542629"
/><surfaceLevelHeight>327</surfaceLevelHeight><municipality>AMELAND</municipality><topDepth>-559</topDepth><bottomDepth>-659</bottomDepth><headCount>195</headCount><firstHeadDate>2005-06-27T00:00+0200</firstHeadDate><lastHeadDate></lastHeadDate><groundwaterbody></groundwaterbody><aquifer></aquifer><verticalDatumCd>NAP</verticalDatumCd></piezometer></piezometers></result><meta><piezometersFound><piezometer
Id="NL-B02C0214-002"
/></piezometersFound></meta><parameters><iD>NL-B02C0214-002</iD><dataLevel>2</dataLevel></parameters></response></soapenv:Body></soapenv:Envelope>
3b

--MIMEBoundaryurn_uuid_CD4AEADBBA124E2FB111480503456713--
0


==============

2. tcpmon capture when the messages are secured:


==============
Listen Port: 8070
Target Host: 127.0.0.1
Target Port: 8080
==== Request ====
POST /axis2/services/PiezoService HTTP/1.1
User-Agent: Axis/2.0
Host: 127.0.0.1:8070
Transfer-Encoding: chunked
Content-Type: multipart/related;
boundary=MIMEBoundaryurn_uuid_0F722611FABF8E534811480473705931;
type="application/xop+xml";
start="<0....@apache.org>";
start-info="application/soap+xml";
charset=UTF-8;action="urn:getPiezoById";

13b3
--MIMEBoundaryurn_uuid_0F722611FABF8E534811480473705931
content-type:application/xop+xml; charset=UTF-8;
type="application/soap+xml";
content-transfer-encoding:binary
content-id:<0....@apache.org>

<?xml version='1.0'
encoding='UTF-8'?><soapenv:Envelope
xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
xmlns:wsa="http://www.w3.org/2005/08/addressing"><soapenv:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
soapenv:mustUnderstand="true"><xenc:EncryptedKey
Id="EncKeyId-30222347">
<xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"
/>
<ds:KeyInfo
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference><wsse:KeyIdentifier
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">WwslVkkUD5Hwc9RYmoumJM77NkU=</wsse:KeyIdentifier></wsse:SecurityTokenReference>
</ds:KeyInfo>
<xenc:CipherData><xenc:CipherValue>bbu+tRp03z7q4CSB60iseEDiL+zLzdyPZinq2AhN51Mh1/0QkFpN4Ma5Bz/TXwa/HkU9yA2QjZeE6WM4OCxFLE/xp2pviN8uzbIe9TKBN5lU2jXH2n3g5Sczux0GAjcbmXlKcbbY6NLbxQYztbW5TR9ZxMQzg2scjh+ARNHWqxg=</xenc:CipherValue></xenc:CipherData>
<xenc:ReferenceList><xenc:DataReference
URI="#EncDataId-23585701"
/></xenc:ReferenceList></xenc:EncryptedKey><ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
Id="Signature-2595047">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"
/>
<ds:Reference URI="#id-19940306">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>RVXkLPDEzDcaz9eWPVUCe2TYRAE=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-540190">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>RRNThBrxXGcBMajnZx40dbE5hog=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-19287723">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>Y7zvA4ZQzm6h/X8yGk8zoDKyoZw=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#Timestamp-31614731">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>HeP5hnTJ+QDGXheAmyfCjpJVe1I=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
NPwfdrsuexLCM3/Ji4NHDZtK0tcnJoBlbUc3YNcpfoP8eog75ztt1GXQrRtdxRV++vMbmZu9svPq
at7joxw2Qst9nfP0zpEKiFtbSf1YvkiRrubF8C6DonLhem/D3jsP97VclWPPyzq77/3MHTGAA8lq
wef3fglnBEXOrnXvEMQ=
</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-31556811">
<wsse:SecurityTokenReference
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="STRId-15245345"><wsse:KeyIdentifier
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">QrCDsN5tWGrPLZHfPNw7lqOoSvA=</wsse:KeyIdentifier></wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature><wsu:Timestamp
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Timestamp-31614731"><wsu:Created>2006-05-19T14:02:44.968Z</wsu:Created><wsu:Expires>2006-05-19T14:07:44.968Z</wsu:Expires></wsu:Timestamp></wsse:Security><wsa:To
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="id-19940306">http://localhost:8070/axis2/services/PiezoService</wsa:To><wsa:ReplyTo
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="id-540190"><wsa:Address>http://www.w3.org/2005/08/addressing/anonymous</wsa:Address></wsa:ReplyTo><wsa:MessageID
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="id-19287723">urn:uuid:B53BA331374DCA64F511480473618591</wsa:MessageID><wsa:Action>urn:getPiezoById</wsa:Action></soapenv:Header><soapenv:Body><xenc:EncryptedData
Id="EncDataId-23585701"
Type="http://www.w3.org/2001/04/xmlenc#Content"><xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"
/><xenc:CipherData><xenc:CipherValue><xop:Include
href="cid:1.urn:uuid:0F722611FABF8E534811480473705933@apache.org"
xmlns:xop="http://www.w3.org/2004/08/xop/include"
/></xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></soapenv:Body></soapenv:Envelope>
246

--MIMEBoundaryurn_uuid_0F722611FABF8E534811480473705931
content-id:<1....@apache.org>
content-type:application/octet-stream
content-transfer-encoding:binary

ï¿½ï¿½I?ï¿½2ï¿½ï¿½1ï¿½)\ï¿½ï¿½ï¿½5ï¿½ï¿½=ï¿½rwï¿½?
ï¿½ï¿½Eï¿½ï¿½v39O)ï¿½jï¿½ï¿½iWï¿½?ï¿½ï¿½Gï¿½yÖ9ï¿½3ï¿½ï¿½?sï¿½ï¿½lï¿½ï¿½QbÆ#
ï¿½iï¿½ Å·:qÜ«;
~ï¿½ï¿½3tï¿½ï¿½ï¿½\aï¿½ï¿½ÕDï¿½Zï¿½ï¿½ï¿½?ï¿½ï¿½ï¿½ï¿½7ï¿½Qï¿½ï¿½ÏPï¿½$ï¿½ï¿½X}ï¿½0ï¿½Í{+%ï¿½
ï¿½ï¿½p)1ï¿½ï¿½ï¿½ï¿½
ï¿½[9Q3-etï¿½Eï¿½uï¿½/iï¿½ï¿½ï¿½Üªï¿½Tï¿½ï¿½Y7Hnï¿½ï¿½Pï¿½(y{|
ï¿½ï¿½P\ï¿½ï¿½xï¿½ï¿½?;ï¿½ï¿½$-ï¿½ï¿½ï¿½ï¿½cw+#
L^ï¿½3ï¿½ï¿½ï¿½Í¢ï¿½:ï¿½ï¿½ï¿½?5Â©ï¿½ï¿½ï¿½Íbï¿½Qs[ï¿½S9cï¿½ï¿½P+ï¿½ï¿½fwï¿½SÐ¦ä±»ï¿½ï¿½ï¿½Ë¢ï¿½ï¿½B?
]ï¿½ï¿½?ï¿½Lï¿½ï¿½ï¿½0ï¿½\2_tï¿½ï¿½
--MIMEBoundaryurn_uuid_0F722611FABF8E534811480473705931--
0

==== Response ====
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Set-Cookie:
JSESSIONID=703634597AA0DE46C23CA3F5F9D1F2DF;
Path=/axis2
Content-Type: multipart/related;
boundary=MIMEBoundaryurn_uuid_994A544365FAB6DE4611480473745004;
type="application/xop+xml";
start="<0....@apache.org>";
start-info="application/soap+xml";charset=UTF-8
Transfer-Encoding: chunked
Date: Fri, 19 May 2006 14:02:54 GMT

17b5
--MIMEBoundaryurn_uuid_994A544365FAB6DE4611480473745004
content-type:application/xop+xml; charset=UTF-8;
type="application/soap+xml";
content-transfer-encoding:binary
content-id:<0....@apache.org>

<?xml version='1.0'
encoding='UTF-8'?><soapenv:Envelope
xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
xmlns:wsa="http://www.w3.org/2005/08/addressing"><soapenv:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
soapenv:mustUnderstand="true"><xenc:EncryptedKey
Id="EncKeyId-24577551">
<xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"
/>
<ds:KeyInfo
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference><wsse:KeyIdentifier
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">QrCDsN5tWGrPLZHfPNw7lqOoSvA=</wsse:KeyIdentifier></wsse:SecurityTokenReference>
</ds:KeyInfo>
<xenc:CipherData><xenc:CipherValue>kEOEcMSSUdDdGGQZ5X/u1fMIuB6Hk3WCioqiDDz3xc9T1Uoore6WDsCTtKj5/yT/bc6ynnm6PCjD14IXbgjnV7YeVrEtQNIkbU0cSkynGFXfwJOQS2GW2ynSHjc2/9NH5ps2tXxcvKjolD/z74Nc0Vi/0fB54YZRadKSr9prB+o=</xenc:CipherValue></xenc:CipherData>
<xenc:ReferenceList><xenc:DataReference
URI="#EncDataId-19854534"
/></xenc:ReferenceList></xenc:EncryptedKey><ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
Id="Signature-32181456">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"
/>
<ds:Reference URI="#id-20319379">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>ZU+r4GxWvcFb0h2kjo0Q/Le7Sr8=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-24356426">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>GhnxOw33uQNB3UDR2/t1tRU1bNs=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-27940994">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>IQ1OIg2k4sJrA9BeSEozRs/uDIo=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#Timestamp-15081761">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>M0Kyhqu96pO7U+YnCEpUZ7HShHM=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#SigConf-10372485">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>9ORNHkyu7Avgl2zBxvxK5AytTiM=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
d4HGDbFD/N4q4G6QTRz/HiTeXEZ3Td5YuRx60VhKycJAdxxPI6HaRwlcM0NKLQ4gmLhxaJ5N05k8
DGnQ4V3u1bibC1LMfgyPwhnkkUUh4EYlGz6qacQxX4A9SBhyJ5pcRiUPoSHT64tCGO+AR6IZctX3
+ovvtTeV1Le/6XVDFm4=
</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-9847088">
<wsse:SecurityTokenReference
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="STRId-9550256"><wsse:KeyIdentifier
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">WwslVkkUD5Hwc9RYmoumJM77NkU=</wsse:KeyIdentifier></wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature><wsu:Timestamp
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Timestamp-15081761"><wsu:Created>2006-05-19T14:02:54.453Z</wsu:Created><wsu:Expires>2006-05-19T14:07:54.453Z</wsu:Expires></wsu:Timestamp><wsse11:SignatureConfirmation
xmlns:wsse11="http://docs.oasis-open.org/wss/2005/xx/oasis-2005xx-wss-wssecurity-secext-1.1.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
Value="NPwfdrsuexLCM3/Ji4NHDZtK0tcnJoBlbUc3YNcpfoP8eog75ztt1GXQrRtdxRV++vMbmZu9svPqat7joxw2Qst9nfP0zpEKiFtbSf1YvkiRrubF8C6DonLhem/D3jsP97VclWPPyzq77/3MHTGAA8lqwef3fglnBEXOrnXvEMQ="
wsu:Id="SigConf-10372485" /></wsse:Security><wsa:To
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="id-20319379">http://www.w3.org/2005/08/addressing/anonymous</wsa:To><wsa:ReplyTo
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="id-24356426"><wsa:Address>http://www.w3.org/2005/08/addressing/anonymous</wsa:Address></wsa:ReplyTo><wsa:From><wsa:Address>http://localhost:8070/axis2/services/PiezoService</wsa:Address></wsa:From><wsa:FaultTo><wsa:Address>http://localhost:8070/axis2/services/PiezoService</wsa:Address></wsa:FaultTo><wsa:MessageID
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="id-27940994">urn:uuid:B36C4B2CB527DEB8FF11480473708284</wsa:MessageID><wsa:Action>urn:getPiezoById</wsa:Action><wsa:RelatesTo
wsa:RelationshipType="wsa:Reply">urn:uuid:B53BA331374DCA64F511480473618591</wsa:RelatesTo></soapenv:Header><soapenv:Body><xenc:EncryptedData
Id="EncDataId-19854534"
Type="http://www.w3.org/2001/04/xmlenc#Content"><xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"
/><xenc:CipherData><xenc:CipherValue><xop:Include
href="cid:1.urn:uuid:994A544365FAB6DE4611480473745156@apache.org"
xmlns:xop="http://www.w3.org/2004/08/xop/include"
/></xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></soapenv:Body></soapenv:Envelope>
7e6

--MIMEBoundaryurn_uuid_994A544365FAB6DE4611480473745004
content-id:<1....@apache.org>
content-type:application/octet-stream
content-transfer-encoding:binary

ï¿½-\mWï¿½ï¿½ï¿½ï¿½\ï¿½cï¿½1],Q[ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½yï¿½ï¿½ï¿½ï¿½ï¿½0\ï¿½+ï¿½n3ï¿½ðï¿½?Q
ï¿½}m
ï¿½Fï¿½}ï¿½ï¿½8eï¿½Pï¿½97`Hï¿½ï¿½ï¿½XFï¿½?oï¿½ï¿½rï¿½ï¿½ï¿½J)@N%ï¿½ï¿½,ï¿½zï¿½ï¿½ï¿½
Òï¿½ï¿½=ï¿½Tï¿½u$f=~ï¿½9ï¿½?cLCt>uï¿½ï¿½ï¿½ï¿½Yï¿½Cï¿½ß®ï¿½ï¿½vï¿½*ï¿½ï¿½Îï¿½ï¿½Tï¿½Q
=pï¿½fï¿½Dï¿½ï¿½ï¿½H}ï¿½\qc=1ï¿½bï¿½jqï¿½ï¿½??Cwï¿½R6?%{fVUÛ®ï¿½"d2rï¿½
ï¿½@ï¿½!ï¿½ï¿½ï¿½8ï¿½ï¿½ï¿½ï¿½}Qï¿½Ê¥#
ï¿½ï¿½7ï¿½V?ï¿½ï¿½8ï¿½ï¿½6Kï¿½
ï¿½ï¿½ï¿½ï¿½ï¿½Wï¿½ï¿½{ï¿½ï¿½4Yï¿½ï¿½nxz`ï¿½oï¿½ï¿½M3moï¿½aCÜ¦ï¿½lï¿½dï¿½ï¿½ï¿½M?c??9w}ï¿½
ï¿½4ï¿½ï¿½Å´ï¿½dï¿½OVKï¿½1]ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½ï¿½]cï¿½ï¿½ï¿½zï¿½ï¿½ï¿½2ï¿½aï¿½ï¿½ï¿½ï¿½
ï¿½ï¿½tï¿½Bï¿½dï¿½ZxJJ~=ï¿½K%tï¿½(ï¿½Kï¿½á½¡5ï¿½SDo]ï¿½ï¿½rï¿½^ï¿½ï¿½Ù¨i)
ï¿½ï¿½sï¿½ï¿½eï¿½ï¿½Ì[ï¿½ï¿½B'f\jï¿½1Fï¿½ï¿½:ï¿½ï¿½?NUÂï¿½[ï¿½6}hï¿½Wí·ï¿½ï¿½4ï¿½ï¿½ï¿½cï¿½ï¿½BWï¿½ï¿½]
=g]tï¿½A*Ù¾ï¿½ï¿½x(ï¿½
ï¿½ï¿½m%L^ï¿½ï¿½V×¾ï¿½ï¿½ï¿½2ï¿½ï¿½ï¿½
ï¿½ï¿½ï¿½ï¿½ï¿½dgÔ¼ï¿½ï¿½Iï¿½C9>ï¿½ï¿½ï¿½nzW>ï¿½ï¿½ï¿½ï¿½8ï¿½`3ï¿½ï¿½nï¿½DMRï¿½ï¿½ï¿½Y{uï¿½[Vï¿½Å´ï¿½rï¿½Üï¿½ï¿½ï¿½.aaqï¿½tï¿½ï¿½'3J?e.ï¿½ï¿½(ï¿½|Ø±ï¿½ï¿½nÐ¾YÒªï¿½;ï¿½ï¿½\ï¿½ï¿½ï¿½YbA?ï¿½}NYï¿½ï¿½hLï¿½L<\sï¿½_2ï¿½R=bï¿½ï¿½Tz6ï¿½ï¿½ï¿½ï¿½"ï¿½Zï¿½:ï¿½Tsï¿½ï¿½tGî´@ï¿½n[ï¿½Cdï¿½ï¿½ï¿½ï¿½ï¿½Dï¿½zï¿½Sï¿½(ï¿½2ï¿½C.ï¿½ï¿½;
ï¿½WHï¿½6?
Hï¿½a?8Tï¿½?ï¿½ï¿½9ï¿½Xï¿½6ï¿½bï¿½ï¿½gï¿½ï¿½tÎ¸ï¿½$[?ï¿½ï¿½Nï¿½Iï¿½ï¿½Pï¿½ï¿½%b&ï¿½ï¿½ï¿½i>ï¿½&ï¿½nï¿½ï¿½%ï¿½ï¿½^Dï¿½ï¿½ï¿½~ï¿½ï¿½4
ï¿½ï¿½jï¿½aï¿½zï¿½vOï¿½ï¿½ï¿½<kï¿½ï¿½s*ï¿½
ï¿½ï¿½UQL`ï¿½tï¿½ï¿½
#ï¿½Q?ï¿½ï¿½Ý»ï¿½ï¿½ê¡«&ï¿½\ï¿½?A&
yï¿½.ï¿½0ï¿½ï¿½Çº_Zçï¿½ï¿½?ï¿½?3f)#\0ï¿½L][pG<ï¿½ï¿½pWL=Bï¿½~v}Uï¿½ï¿½ï¿½Dï¿½ï¿½ï¿½ï¿½|ï¿½0<Rï¿½ï¿½|ï¿½}%ï¿½?ï¿½h*ï¿½ï¿½QÖï¿½0ï¿½ï¿½tï¿½ziï¿½,
sï¿½,ï¿½ï¿½×¢ï¿½Nï¿½ï¿½ï¿½ï¿½ï¿½ï¿½Fï¿½ï¿½Bï¿½lï¿½$=ï¿½
1ï¿½ï¿½?t[Iï¿½pneï¿½ï¿½Ñ·scDEï¿½ï¿½ï¿½6V7ï¿½ï¿½ï¿½"ï¿½ï¿½ï¿½.>ï¿½ï¿½
ï¿½ï¿½ï¿½ï¿½Q?^ï¿½ï¿½Pï¿½ï¿½ï¿½ï¿½}
ï¿½mï¿½S;*]SFjï¿½ï¿½Ü±ï¿½NYï¿½ï¿½ï¿½ï¿½ï¿½ï¿½57ä¾°ï¿½[9ï¿½ï¿½ï¿½ï¿½BA/ï¿½ï¿½ï¿½ï¿½ï¿½_ï¿½_(Cï¿½ï¿½PYl7ï¿½BÄ4ï¿½Wï¿½ï¿½.
J()ï¿½EÜ¡ï¿½æ»¼ï¿½|qï¿½ï¿½?%ï¿½I2ï¿½)Kï¿½nï¿½ï¿½&é¦¡oï¿½ï¿½,[
ï¿½s_<Aï¿½+nt'ï¿½6ï¿½yC?ï¿½7ï¿½ï¿½ï¿½3ï¿½*ï¿½ï¿½
ï¿½Wï¿½oFENï¿½nW6ï¿½?ï¿½ï¿½
Eï¿½ï¿½$ï¿½6ï¿½7sï¿½ï¿½wï¿½?Mï¿½ï¿½bï¿½ï¿½ï¿½ï¿½qB55ï¿½-ï¿½ï¿½;ï¿½PBï¿½ï¿½%ï¿½9Kï?ï¿½pQï¿½
tï¿½qï¿½ï¿½+ï¿½tï¿½ï¿½uJï¿½ï¿½6ï¿½?ï¿½ï¿½[Ð+ï¿½ï¿½@ï¿½l>!ï¿½ï¿½jï¿½xjï¿½)oYï¿½ï¿½L:ï¿½'ï¿½ï¿½ï¿½Aï¿½ï¿½ï¿½Mï¿½OxOï¿½ï¿½bï¿½ï¿½oï¿½>tï¿½ï¿½!ï¿½+:ï¿½q@Dï¿½?ï¿½ï¿½AzmB$ï¿½
&vnï¿½ï¿½ï¿½ï¿½ï¿½uÑ¬ï¿½e,ï¿½ï¿½ß¹;ï¿½:`Cï¿½ï¿½ï¿½@pï¿½ï¿½Q]ï¿½kï¿½ï¿½]Û;5ï¿½ï¿½ï¿½Av]ï¿½Kï¿½dï¿½?d|`^ï¿½ï¿½kÂ¼ï¿½ï¿½Eï¿½ï¿½R]-Ð¨R
T/oï¿½DMï¿½ï¿½IW!r?ï¿½ï¿½ï¿½ï¿½7ï¿½eï¿½eï¿½ï¿½Eï¿½dï¿½ï¿½ï¿½}WÕµPÝ¬JICï¿½nÒ§v#`ï¿½ï¿½
?Õï¿½]ï¿½ï¿½ï¿½'ï¿½,ï¿½ï¿½Ô»ï¿½ï¿½p?%#ï¿½ï¿½?\|ï¿½ï¿½hMg=ï¿½ï¿½ï¿½ï¿½ÍÌï¿½1ßï¿½ï¿½ï¿½+ï¿½ï¿½?CY@ï¿½Iï¿½ï¿½ï¿½ï¿½
ï¿½#`Xï¿½{dÏ¼ï¿½ï¿½ï¿½bï¿½=B
ï¿½ï¿½vï¿½ï¿½CL8G5Í¡ï¿½ï¿½5,{]ï¿½ï¿½ï¿½ï¿½ï¿½&ï¿½&!ï¿½?ï¿½mï¿½ï¿½Oï¿½L>;ï¿½ï¿½'Bï¿½Ð7ï¿½=K\ï¿½7Ëk){ï¿½ï¿½ï¿½Ú¾-ï¿½sï¿½ï¿½ï¿½
Kt
<ï¿½=ï¿½ï¿½1zoï¿½ï¿½(ï¿½/ï¿½Ý°Tï¿½ï¿½ï¿½ï¿½×½Kï¿½ï¿½ï¿½ï¿½}Fï¿½'ï¿½n*zï¿½ï¿½xï¿½ot%ï¿½^4Hï¿½ï¿½kï¿½jF
oYï¿½? vBï¿½t
--MIMEBoundaryurn_uuid_994A544365FAB6DE4611480473745004--
0


==============



3. Axis2 client configuration

    <parameter name="OutflowSecurity">
      <action>
        <items>Timestamp Signature Encrypt</items>
        <user>pres_service</user>
       
<passwordCallbackClass>nitg.dino.dst.security.PWCallbackHandler</passwordCallbackClass>
       
<signaturePropFile>security.properties</signaturePropFile>
       
<encryptionPropFile>security.properties</encryptionPropFile>
       
<signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
       
<encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
	<encryptionUser>data_service</encryptionUser>
       
<signatureParts>{Element}{http://www.w3.org/2005/08/addressing}To;{Element}{http://www.w3.org/2005/08/addressing}ReplyTo;{Element}{http://www.w3.org/2005/08/addressing}MessageID;{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp</signatureParts>

       
<optimizeParts>//xenc:EncryptedData/xenc:CipherData/xenc:CipherValue</optimizeParts>
      </action>
    </parameter>

    <parameter name="InflowSecurity">
      <action>
        <items>Timestamp Signature Encrypt</items>
       
<passwordCallbackClass>nitg.dino.dst.security.PWCallbackHandler</passwordCallbackClass>
       
<signaturePropFile>security.properties</signaturePropFile>
       
<decryptionPropFile>security.properties</decryptionPropFile>
      </action>
    </parameter>

---
4. Axis2 service configuration

    <parameter name="OutflowSecurity">
      <action>
        <items>Timestamp Signature Encrypt</items>
        <user>data_service</user>
       
<passwordCallbackClass>nitg.dino.dst.security.PWCallbackHandler</passwordCallbackClass>
       
<signaturePropFile>security.properties</signaturePropFile>
       
<encryptionPropFile>security.properties</encryptionPropFile>
       
<signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
       
<encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
        <encryptionUser>pres_service</encryptionUser>
	
<signatureParts>{Element}{http://www.w3.org/2005/08/addressing}To;{Element}{http://www.w3.org/2005/08/addressing}ReplyTo;{Element}{http://www.w3.org/2005/08/addressing}MessageID;{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp</signatureParts>
       
<optimizeParts>//xenc:EncryptedData/xenc:CipherData/xenc:CipherValue</optimizeParts>
      </action>
    </parameter>

    <parameter name="InflowSecurity">
      <action>
        <items>Timestamp Signature Encrypt</items>
       
<passwordCallbackClass>nitg.dino.dst.security.PWCallbackHandler</passwordCallbackClass>
       
<signaturePropFile>security.properties</signaturePropFile>
       
<decryptionPropFile>security.properties</decryptionPropFile>
      </action>
    </parameter>


Any help would be appreciated!

Thanks,

/ Roy








----

> Werner,
> I got distracted with other issues yesterday evening

> so didnt get to explore much more. What I have 
> narrowed it down to is this:
> It will send a simple string as a parameter both 
> securely and unsecurely
> It will send a simple xml string as a parameter both

> securely and unsecurely
>
> The XML String i need to send, and it is having 
> problems with, is quite complex. It contains a full 
> XML document as a CDATA element of the parent 
> document, where i am interested in sending the
parent
> document. 
> As i said, i have made some headway in narrowing
down
> exxactly what is causing the errors and will repost 
> when I find exactly what is causing it.
> BTW, there is an embedded axis function that escapes

> the angle brackets (only the < bracket needs to be 
> escaped). This is not an issue as simple 
> XML is working.
>
> Regards,
> Brian.
>
> Werner Dittmann wrote:

>Brian,
>
>WSS4J uses a specific Axis method to set the message
generated by
>WSS4J that includes the security header as the new
message to send.
>Maybe there is a problem in that area - I'll test
this during the next
>day (maybe weekend).
>
>It would be helpful if you can provide me the message
you are going
>to send (the XML string). Do you escape the angle
bracket in your
>program or is this an embedded Axis function?
>
>Regards,
>Werner
>
>
>Brian Shields wrote:
>  
>
>>Werner,
>>Yes I have tested it without security in place and
is working fine!
>>Angle brackets are modified to &lt; to avoid errors!
>>Regards,
>>Brian.
>>
>>Werner Dittmann wrote:
>>
>>    
>>
>>>Brian,
>>>
>>>did you test this without security enabled? Sending
an XML string
>>>may require some modifications to escape angle
bracket.
>>>
>>>Regards,
>>>Werner
>>>
>>>
>>>Brian Shields wrote:
>>> 
>>>
>>>      
>>>
>>>>Hi Guys,
>>>>I have a secure service established using wss4j
and connect to it using
>>>>a simple client. For testing purposes this is an
echo service. It works
>>>>perfectly when i pass a simple string as the
parameter to the call,
>>>>however when i pass it a string which is generated
from an
>>>>org.jdom.Document using an
org.jdom.output.XMLOutputter i get the errors
>>>>below. Is there something i have to do to the
String? or the Document
>>>>before outputting?
>>>>Thanks,
>>>>Brian.
>>>>
>>>>org.apache.ws.security.WSSecurityException: Cannot
encrypt/decrypt data;
>>>>nested exception is:
>>>> 
org.apache.xml.security.encryption.XMLEncryptionException:
Error
>>>>while decoding
>>>>Original Exception was
>>>>org.apache.xml.security.exceptions.Base64DecodingException:
Error while
>>>>decoding
>>>>  at
>>>>org.apache.ws.security.processor.EncryptedKeyProcessor.decryptDataRef(EncryptedKeyProcessor.java:388)
>>>>
>>>>
>>>>  at
>>>>org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:313)
>>>>
>>>>
>>>>  at
>>>>org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:81)
>>>>
>>>>
>>>>  at
>>>>org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:75)
>>>>
>>>>
>>>>  at
>>>>org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:252)
>>>>
>>>>
>>>>  at
>>>>org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:179)
>>>>
>>>>
>>>>  at
>>>>org.apache.axis2.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:161)
>>>>
>>>>  at
org.apache.axis2.engine.Phase.invoke(Phase.java:376)
>>>>  at
org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:351)
>>>>  at
org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:322)
>>>>  at
>>>>org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:274)
>>>>
>>>>
>>>>  at
>>>>org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:150)
>>>>  at
javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
>>>>  at
javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
>>>>  at
>>>>org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
>>>>
>>>>
>>>>  at
>>>>org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
>>>>
>>>>
>>>>  at
>>>>org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
>>>>
>>>>
>>>>  at
>>>>org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
>>>>
>>>>
>>>>  at
>>>>org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
>>>>
>>>>
>>>>  at
>>>>org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
>>>>
>>>>
>>>>  at
>>>>org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
>>>>
>>>>
>>>>  at
>>>>org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
>>>>
>>>>  at
>>>>org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:856)
>>>>
>>>>  at
>>>>org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:744)
>>>>
>>>>
>>>>  at
>>>>org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
>>>>
>>>>
>>>>  at
>>>>org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
>>>>
>>>>
>>>>  at
>>>>org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
>>>>
>>>>
>>>>  at java.lang.Thread.run(Unknown Source)
>>>>Caused by:
org.apache.xml.security.encryption.XMLEncryptionException:
>>>>Error while decoding
>>>>Original Exception was
>>>>org.apache.xml.security.exceptions.Base64DecodingException:
Error while
>>>>decoding
>>>>  at
>>>>org.apache.xml.security.encryption.XMLCipherInput.getDecryptBytes(Unknown
>>>>
>>>>Source)
>>>>  at
org.apache.xml.security.encryption.XMLCipherInput.getBytes(Unknown
>>>>Source)
>>>>  at
>>>>org.apache.xml.security.encryption.XMLCipher.decryptToByteArray(Unknown
>>>>Source)
>>>>  at
>>>>org.apache.xml.security.encryption.XMLCipher.decryptElement(Unknown
>>>>Source)
>>>>  at
>>>>org.apache.xml.security.encryption.XMLCipher.decryptElementContent(Unknown
>>>>
>>>>Source)
>>>>  at
org.apache.xml.security.encryption.XMLCipher.doFinal(Unknown
>>>>Source)
>>>>  at
>>>>org.apache.ws.security.processor.EncryptedKeyProcessor.decryptDataRef(EncryptedKeyProcessor.java:386)
>>>>
>>>>
>>>>  ... 27 more
>>>>
>>>>  
>>>>        
>>>>
>>>
>>> 
>>>
>>>      
>>>
>
>
>  
>

-- 
Brian Shields BSc. MSc.,
PhD Candidate,
Department of Information Technology,
National University of Ireland,
Galway,
Ireland.


__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam
protection around 
http://mail.yahoo.com 

__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org