You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by Hans-Bernhard Friedrich <H....@levigo.de> on 2010/02/15 11:29:50 UTC
Client request always reveives WSSecurityException (The signature
verification failed)
Hi,
I work on a webservice test client and I always receive the same error
when I try to make a request to our clients webservice.
"org.apache.ws.security.WSSecurityException (The signature verification
failed)"
- Our client's webservice is axis-based, more I don't know
- I use rampart 1.3 and Axis2 1.4.1, EclipseEE
- I generated the customers WSDLs with axis2 1.4.1 in EclipseEE
- I received certificates of our customer and imported them to a keystore
- I set up the the security using outflow configuration. I know it's
deprecated but I seemed easier to me just singing the time stamp and not
the body in programmatically than using a policy.xml.
- I also set up a client using a policy.xml signing the body but reveice
the same error
- I read all I could find on the web and in mailinglists but nothing
helped:
- XML is UTF-B
- JVM argument "language=EN" didn't help
- Mixing different Axis2 and rampart versions didn't help
- Changing xmlsec1.4.0. jar to 1.4.1 or 1.4.2 didn't help
- The certs are have not expired
Question:
- Does the exception really mean the SOAP-Envelope has been changed after
is was singed? Are there any other reasons this exception could be thrown?
- What is about the "Pretty Printing" of the XML issue I've found on the
mailing list. This this really solved in axis2 1.4.1?
- Is there a way to set up namespace optimation and pretty printing
manually in axis2 like in axis 1?
- Could somethig else be wrong with the certificates?
The thing is when I use the a modified sample using a policy.xml I get the
same Exception
- Is there anything I could tell our client to changed what could help me?
What did I do special:
- Wrote a little Handler to avoid "mustunderstand"-Problem in the
response: I Set all headers in the responseto processed. The error also
occurs if I don't engage my handler
Here is my Security setup using outflowConfiguration:
...options.setProperty(WSSHandlerConstants.OUTFLOW_SECURITY,
getOutflowConfiguration());
...
private Parameter getOutflowConfiguration() {
OutflowConfiguration ofc = new OutflowConfiguration();
ofc.setActionItems("Timestamp Signature");
ofc.setSignatureParts("{Element}{
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
}Timestamp");
ofc.setUser("fcms-aci");
ofc.setPasswordCallbackClass("de.aci.handler.PWCBHandler");
ofc.setSignaturePropRefId("cyrpto_props");
ofc.setSignatureKeyIdentifier(WSSHandlerConstants.
X509_KEY_IDENTIFIER);
return ofc.getProperty();
}
The PWCBHandler is the same as in all Samples. I just changed the alias
and the password
Does anybody has an idea what I do wrong?
Thank youso very much in advance for any ideas!!!!
Greetings
Hans