You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by Konstantinos Pateras <kp...@googlemail.com> on 2007/03/18 20:43:58 UTC

Cannot encrypt SOAP Body

Hi, I am relatively new in web services and security and I am facing a
problem. I have set up Axis2 1.1.1 and Rampart 1.1 and configure it (I
followed the configuration instructions for Rampart 1.0 that are still
supported). I use the actions Timestamp Sign Encrypt to sign the body
and then encrypt it. The messages are generated fine and I get the
response from the server but I only see from SOAP monitor the
signature of the body. The actual data are still there unencrypted and
the response is also in plain text.

Client configuration:

   <parameter name = "OutflowSecurity">
       <action>
           <items>Timestamp Encrypt Signature</items>
           <user>client</user>
           <passwordCallbackClass>thesis.PWCBHandler</passwordCallbackClass>
           <signaturePropFile>client.properties</signaturePropFile>
           <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
           <encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
           <encryptionUser>srv_cert</encryptionUser>
       </action>
   </parameter>
   <parameter name = "InflowSecurity">
       <action>
           <items>Timestamp Encrypt Signature</items>
           <passwordCallbackClass>thesis.PWCBHandler</passwordCallbackClass>
           <signaturePropFile>client.properties</signaturePropFile>
       </action>
   </parameter>


Server configuration:

   <parameter name = "InflowSecurity">
       <action>
           <items>Timestamp Encrypt Signature</items>
           <passwordCallbackClass>thesis.PWCBHandler</passwordCallbackClass>
           <signaturePropFile>service.properties</signaturePropFile>
       </action>
   </parameter>
   <parameter name = "OutflowSecurity">
       <action>
           <items>Timestamp Encrypt Signature</items>
           <user>authsrv</user>
           <passwordCallbackClass>thesis.PWCBHandler</passwordCallbackClass>
           <signaturePropFile>service.properties</signaturePropFile>
           <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
           <encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
           <encryptionUser>useReqSigCert</encryptionUser>
       </action>
   </parameter>

Please help!
Thanks in advance

---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org