You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by Soactive Inc <so...@gmail.com> on 2005/09/15 01:06:13 UTC
WSS4J message verification/decryption issue (unable to get decrypted message / original msg)
Hi!
I am using WSS4J for signing, encrypting, and verifying SOAP messages. Below
is some sample code that I borrowed from one of the unit tests (
TestWSSecurity3.java). Note that I am using my own keystore, keys, etc. that
work fine.
Now, The issue is that I am able to sign and encrypt messages but after
verification, one would expect to see the decrypted message. But I still
seem to be seeing the encrypted/signed message. Is there an explicit
decrypt() method that I need to use to actually convert the encrypted/signed
message back to my original message for further processing.
Here is the code I am using...
WSSignEnvelope builder = new WSSignEnvelope();
//builder.setUserInfo("16c73ab6-b892-458f-abf5-2f875f74882e", "security");
builder.setUserInfo("myco", "storepass");
logger.info("Before Signing....");
Document doc = unsignedEnvelope.getAsDocument();
Document signedDoc = builder.build(doc, CryptoFactory.getInstance("
cryptomyco.properties"));
/*
* convert the resulting document into a message first. The toSOAPMessage()
* mehtod performs the necessary c14n call to properly set up the signed
* document and convert it into a SOAP message. After that we extract it
* as a document again for further processing.
*/
Message signedMsg = (Message) SoapUtil.toSOAPMessage(signedDoc);
signedDoc = signedMsg.getSOAPEnvelope().getAsDocument();
logger.info("After Signing....");
verify(signedDoc);
SoapUtil.updateSOAPMessage(signedDoc, signedMsg);
String decryptedString = signedMsg.getSOAPPartAsString();
System.out.println("Decrypted string is: " + decryptedString);
System.out.println("Successfully verified document...");
--------------------
Any input/help appreciated.
Thanks,
-Arun