You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Hans-Bernhard Friedrich <H....@levigo.de> on 2010/02/15 19:54:36 UTC

Is it normal that my cypher in has blanks instead of returns

Hello,

This is related to my previous mail "Receive WSSecurityException (The 
signature verification failed)".
But I think this should be discussed seperatly.

When I examine my  requests with wireshark my <SignatuerValue> looks has 
no return and ist just one string with blanks
every 78 characters.

When I compare that with a sample request our client send to us, this 
<SignatuerValue> looks like that:

<ds:SignatureValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
bYGahEmUUGB5U8KKDdyMT82Me/q275kqbfGZeglLrSoSBgdFXY5Sl++sOZFbeBzMnTV5nC9uPe0q
atojV2DeqZyw1LCm5SFlzewnCkXKZ/x5OM/p8c2kaHvIE3uAwJZ4kBOTo/yACOXprMUQnZb1VYVC
khNqqZ6x7sKwUWguRE8dzNUl7dp9h+r1MDLlprYFjgV+dgIng9qFym/0ABhGGYu3DZHdmuztgqc+
YzTdvIRBF4Z9OqG4Gt+982XdNyvtscoagn0PJd7hQD4gcLMqIk0PpSbLACCBeDH6ZmW1aozovPSR
wRlnkXFKNAIKd7XD5+WtFRGBrcUoxnMGFanc9A==
</ds:SignatureValue>

A block with 4 returns at the end of every line

- I use rampart 1.3 and Axis2 1.4.1

Configuration:

Properties prop1 = getProps();
serviceclient.getOptions.options.setProperty("cyrpto_props", prop1);
...
    private Properties getProps() {
                Properties prop1 =  new Properties();
                prop1.setProperty("org.apache.ws.security.crypto.provider"
, "org.apache.ws.security.components.crypto.Merlin");
                prop1.setProperty(
"org.apache.ws.security.crypto.merlin.keystore.type", "jks");
                prop1.setProperty(
"org.apache.ws.security.crypto.merlin.keystore.password", 
"L7uZJX1JUZ9l@+W2");
                prop1.setProperty(
"org.apache.ws.security.crypto.merlin.file", "fcms.keystore");
                return prop1;
          }

and



...options.setProperty(WSSHandlerConstants.OUTFLOW_SECURITY, 
getOutflowConfiguration());
...
private  Parameter getOutflowConfiguration() {
        OutflowConfiguration ofc = new OutflowConfiguration();
        ofc.setActionItems("Timestamp Signature");
        ofc.setSignatureParts("{Element}{
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
}Timestamp");
        ofc.setUser("fcms-aci");
        ofc.setPasswordCallbackClass("de.aci.handler.PWCBHandler");
        ofc.setSignaturePropRefId("cyrpto_props"); 
        ofc.setSignatureKeyIdentifier(WSSHandlerConstants.
X509_KEY_IDENTIFIER);
        return ofc.getProperty();
    }


Could this different lead to org.apache.ws.security.WSSecurityException 
(The signature verification failed) 
because the server can't read my signed informaton?
And if so, is it possible to changed the format somehow?

Thank you so much for your hints!!

Greetings
Hans