You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by Jorge Fernandez <in...@yahoo.es> on 2007/07/30 18:15:09 UTC
Check Signature confirmation: stored SV vector not empty
Hi,
I'm getting that exception. I'm using axis2 1.2 and rampart 1.2 in both client and server sides. I receive that exception in the client.
The first thing I can see in my client is :
30-jul-2007 16:46:51 org.apache.xml.security.signature.Reference verify
INFO: Verification successful for URI "#Timestamp-19502806"
That is the Timestamp sent back from the server. It comes signed even if in my server policy I don't say that it should be signed.
I searched for
<wsse:SignatureConfirmation> elements in the response as I could see
in http://mail-archives.apache.org/mod_mbox/ws-wss4j-dev/200610.mbox/%3C452FD74B.6010206@HotPOP.com%3E
and I didn't find any.
When I used rampart configuration without policy, I didn't have
any problem. Actually is what I'm using at the client side
for sending the messages to the sever.
In the server, I'm using sample3 policy from rampart distribution.
Can anybody tell me why is this happening??
Thanks,
Jorge Fernández
This is the stack trace:
org.apache.axis2.AxisFault: WSHandler: Check Signature confirmation: stored SV vector not empty
at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:100)
at org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72)
at org.apache.axis2.engine.Phase.invoke(Phase.java:383)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:203)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:131)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:378)
at org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:294)
at client.Medici_LinkSOAP12PortStub.validateSystem(Medici_LinkSOAP12PortStub.java:747)
at client.ClientUtilities.validateSystemTest(ClientUtilities.java:62)
at client.Client.main(Client.java:33)
Caused by: org.apache.ws.security.WSSecurityException: WSHandler: Check Signature confirmation: stored SV vector not empty
at org.apache.ws.security.handler.WSHandler.checkSignatureConfirmation(WSHandler.java:328)
at org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:300)
at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:91)
... 9 more
---------------------------------
Sé un Mejor Amante del Cine
¿Quieres saber cómo? ¡Deja que otras personas te ayuden!.
Re: Check Signature confirmation: stored SV vector not empty
Posted by Jorge Fernandez <in...@yahoo.es>.
Hi Dimithu,
I'd read the specification but I'd missed that detail. Thanks for that. But my real problem was the "Check Signature confirmation: stored SV vector not empty" Exception. I resolved it adding the <sp:RequireSignatureConfirmation/> assertion in the server policy because my client configured with basic rampart, seemed to expect that. I though it wasn't necessary.
I also had to replace the "Timestamp Signature Encrypt" actions order with "Signature Encrypt Timestamp" in my client when changing form basic configuration on the server to policy but I don't know exactly why.
Thanks a lot,
Jorge Fernández
Dimuthu <mu...@apache.org> escribió: Hi,
Please check "7.2 [Timestamp] Property" section of Security Policy
specification[1]
Regards,
Dimuthu
[1]http://specs.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.pdf
On Mon, 2007-07-30 at 18:15 +0200, Jorge Fernandez wrote:
> Hi,
>
> I'm getting that exception. I'm using axis2 1.2 and rampart 1.2 in both client and server sides. I receive that exception in the client.
>
> The first thing I can see in my client is :
> 30-jul-2007 16:46:51 org.apache.xml.security.signature.Reference verify
> INFO: Verification successful for URI "#Timestamp-19502806"
>
> That is the Timestamp sent back from the server. It comes signed even if in my server policy I don't say that it should be signed.
>
> I searched for
>
> elements in the response as I could see
> in http://mail-archives.apache.org/mod_mbox/ws-wss4j-dev/200610.mbox/%3C452FD74B.6010206@HotPOP.com%3E
> and I didn't find any.
>
> When I used rampart configuration without policy, I didn't have
> any problem. Actually is what I'm using at the client side
> for sending the messages to the sever.
>
> In the server, I'm using sample3 policy from rampart distribution.
>
> Can anybody tell me why is this happening??
>
> Thanks,
>
> Jorge Fernández
>
>
>
>
> This is the stack trace:
>
> org.apache.axis2.AxisFault: WSHandler: Check Signature confirmation: stored SV vector not empty
> at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:100)
> at org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:383)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:203)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:131)
> at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:378)
> at org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:294)
> at client.Medici_LinkSOAP12PortStub.validateSystem(Medici_LinkSOAP12PortStub.java:747)
> at client.ClientUtilities.validateSystemTest(ClientUtilities.java:62)
> at client.Client.main(Client.java:33)
> Caused by: org.apache.ws.security.WSSecurityException: WSHandler: Check Signature confirmation: stored SV vector not empty
> at org.apache.ws.security.handler.WSHandler.checkSignatureConfirmation(WSHandler.java:328)
> at org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:300)
> at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:91)
> ... 9 more
>
>
>
> ---------------------------------
>
> Sé un Mejor Amante del Cine
> ¿Quieres saber cómo? ¡Deja que otras personas te ayuden!.
--
http://wso2.org
---------------------------------
Sé un Mejor Amante del Cine
¿Quieres saber cómo? ¡Deja que otras personas te ayuden!.
Re: Check Signature confirmation: stored SV vector not empty
Posted by Jorge Fernandez <in...@yahoo.es>.
Hi Dimithu,
I'd read the specification but I'd missed that detail. Thanks for that. But my real problem was the "Check Signature confirmation: stored SV vector not empty" Exception. I resolved it adding the <sp:RequireSignatureConfirmation/> assertion in the server policy because my client configured with basic rampart, seemed to expect that. I though it wasn't necessary.
I also had to replace the "Timestamp Signature Encrypt" actions order with "Signature Encrypt Timestamp" in my client when changing form basic configuration on the server to policy but I don't know exactly why.
Thanks a lot,
Jorge Fernández
Dimuthu <mu...@apache.org> escribió: Hi,
Please check "7.2 [Timestamp] Property" section of Security Policy
specification[1]
Regards,
Dimuthu
[1]http://specs.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.pdf
On Mon, 2007-07-30 at 18:15 +0200, Jorge Fernandez wrote:
> Hi,
>
> I'm getting that exception. I'm using axis2 1.2 and rampart 1.2 in both client and server sides. I receive that exception in the client.
>
> The first thing I can see in my client is :
> 30-jul-2007 16:46:51 org.apache.xml.security.signature.Reference verify
> INFO: Verification successful for URI "#Timestamp-19502806"
>
> That is the Timestamp sent back from the server. It comes signed even if in my server policy I don't say that it should be signed.
>
> I searched for
>
> elements in the response as I could see
> in http://mail-archives.apache.org/mod_mbox/ws-wss4j-dev/200610.mbox/%3C452FD74B.6010206@HotPOP.com%3E
> and I didn't find any.
>
> When I used rampart configuration without policy, I didn't have
> any problem. Actually is what I'm using at the client side
> for sending the messages to the sever.
>
> In the server, I'm using sample3 policy from rampart distribution.
>
> Can anybody tell me why is this happening??
>
> Thanks,
>
> Jorge Fernández
>
>
>
>
> This is the stack trace:
>
> org.apache.axis2.AxisFault: WSHandler: Check Signature confirmation: stored SV vector not empty
> at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:100)
> at org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:383)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:203)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:131)
> at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:378)
> at org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:294)
> at client.Medici_LinkSOAP12PortStub.validateSystem(Medici_LinkSOAP12PortStub.java:747)
> at client.ClientUtilities.validateSystemTest(ClientUtilities.java:62)
> at client.Client.main(Client.java:33)
> Caused by: org.apache.ws.security.WSSecurityException: WSHandler: Check Signature confirmation: stored SV vector not empty
> at org.apache.ws.security.handler.WSHandler.checkSignatureConfirmation(WSHandler.java:328)
> at org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:300)
> at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:91)
> ... 9 more
>
>
>
> ---------------------------------
>
> Sé un Mejor Amante del Cine
> ¿Quieres saber cómo? ¡Deja que otras personas te ayuden!.
--
http://wso2.org
---------------------------------
Sé un Mejor Amante del Cine
¿Quieres saber cómo? ¡Deja que otras personas te ayuden!.
Re: Check Signature confirmation: stored SV vector not empty
Posted by Jorge Fernandez <in...@yahoo.es>.
Hi Dimithu,
I'd read the specification but I'd missed that detail. Thanks for that. But my real problem was the "Check Signature confirmation: stored SV vector not empty" Exception. I resolved it adding the <sp:RequireSignatureConfirmation/> assertion in the server policy because my client configured with basic rampart, seemed to expect that. I though it wasn't necessary.
I also had to replace the "Timestamp Signature Encrypt" actions order with "Signature Encrypt Timestamp" in my client when changing form basic configuration on the server to policy but I don't know exactly why.
Thanks a lot,
Jorge Fernández
Dimuthu <mu...@apache.org> escribió: Hi,
Please check "7.2 [Timestamp] Property" section of Security Policy
specification[1]
Regards,
Dimuthu
[1]http://specs.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.pdf
On Mon, 2007-07-30 at 18:15 +0200, Jorge Fernandez wrote:
> Hi,
>
> I'm getting that exception. I'm using axis2 1.2 and rampart 1.2 in both client and server sides. I receive that exception in the client.
>
> The first thing I can see in my client is :
> 30-jul-2007 16:46:51 org.apache.xml.security.signature.Reference verify
> INFO: Verification successful for URI "#Timestamp-19502806"
>
> That is the Timestamp sent back from the server. It comes signed even if in my server policy I don't say that it should be signed.
>
> I searched for
>
> elements in the response as I could see
> in http://mail-archives.apache.org/mod_mbox/ws-wss4j-dev/200610.mbox/%3C452FD74B.6010206@HotPOP.com%3E
> and I didn't find any.
>
> When I used rampart configuration without policy, I didn't have
> any problem. Actually is what I'm using at the client side
> for sending the messages to the sever.
>
> In the server, I'm using sample3 policy from rampart distribution.
>
> Can anybody tell me why is this happening??
>
> Thanks,
>
> Jorge Fernández
>
>
>
>
> This is the stack trace:
>
> org.apache.axis2.AxisFault: WSHandler: Check Signature confirmation: stored SV vector not empty
> at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:100)
> at org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:383)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:203)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:131)
> at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:378)
> at org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:294)
> at client.Medici_LinkSOAP12PortStub.validateSystem(Medici_LinkSOAP12PortStub.java:747)
> at client.ClientUtilities.validateSystemTest(ClientUtilities.java:62)
> at client.Client.main(Client.java:33)
> Caused by: org.apache.ws.security.WSSecurityException: WSHandler: Check Signature confirmation: stored SV vector not empty
> at org.apache.ws.security.handler.WSHandler.checkSignatureConfirmation(WSHandler.java:328)
> at org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:300)
> at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:91)
> ... 9 more
>
>
>
> ---------------------------------
>
> Sé un Mejor Amante del Cine
> ¿Quieres saber cómo? ¡Deja que otras personas te ayuden!.
--
http://wso2.org
---------------------------------
Sé un Mejor Amante del Cine
¿Quieres saber cómo? ¡Deja que otras personas te ayuden!.
Re: Check Signature confirmation: stored SV vector not empty
Posted by Dimuthu <mu...@apache.org>.
Hi,
Please check "7.2 [Timestamp] Property" section of Security Policy
specification[1]
Regards,
Dimuthu
[1]http://specs.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.pdf
On Mon, 2007-07-30 at 18:15 +0200, Jorge Fernandez wrote:
> Hi,
>
> I'm getting that exception. I'm using axis2 1.2 and rampart 1.2 in both client and server sides. I receive that exception in the client.
>
> The first thing I can see in my client is :
> 30-jul-2007 16:46:51 org.apache.xml.security.signature.Reference verify
> INFO: Verification successful for URI "#Timestamp-19502806"
>
> That is the Timestamp sent back from the server. It comes signed even if in my server policy I don't say that it should be signed.
>
> I searched for
>
> <wsse:SignatureConfirmation> elements in the response as I could see
> in http://mail-archives.apache.org/mod_mbox/ws-wss4j-dev/200610.mbox/%3C452FD74B.6010206@HotPOP.com%3E
> and I didn't find any.
>
> When I used rampart configuration without policy, I didn't have
> any problem. Actually is what I'm using at the client side
> for sending the messages to the sever.
>
> In the server, I'm using sample3 policy from rampart distribution.
>
> Can anybody tell me why is this happening??
>
> Thanks,
>
> Jorge Fernández
>
>
>
>
> This is the stack trace:
>
> org.apache.axis2.AxisFault: WSHandler: Check Signature confirmation: stored SV vector not empty
> at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:100)
> at org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:383)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:203)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:131)
> at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:378)
> at org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:294)
> at client.Medici_LinkSOAP12PortStub.validateSystem(Medici_LinkSOAP12PortStub.java:747)
> at client.ClientUtilities.validateSystemTest(ClientUtilities.java:62)
> at client.Client.main(Client.java:33)
> Caused by: org.apache.ws.security.WSSecurityException: WSHandler: Check Signature confirmation: stored SV vector not empty
> at org.apache.ws.security.handler.WSHandler.checkSignatureConfirmation(WSHandler.java:328)
> at org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:300)
> at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:91)
> ... 9 more
>
>
>
> ---------------------------------
>
> Sé un Mejor Amante del Cine
> ¿Quieres saber cómo? ¡Deja que otras personas te ayuden!.
--
http://wso2.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Check Signature confirmation: stored SV vector not empty
Posted by Dimuthu <mu...@apache.org>.
Hi,
Please check "7.2 [Timestamp] Property" section of Security Policy
specification[1]
Regards,
Dimuthu
[1]http://specs.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.pdf
On Mon, 2007-07-30 at 18:15 +0200, Jorge Fernandez wrote:
> Hi,
>
> I'm getting that exception. I'm using axis2 1.2 and rampart 1.2 in both client and server sides. I receive that exception in the client.
>
> The first thing I can see in my client is :
> 30-jul-2007 16:46:51 org.apache.xml.security.signature.Reference verify
> INFO: Verification successful for URI "#Timestamp-19502806"
>
> That is the Timestamp sent back from the server. It comes signed even if in my server policy I don't say that it should be signed.
>
> I searched for
>
> <wsse:SignatureConfirmation> elements in the response as I could see
> in http://mail-archives.apache.org/mod_mbox/ws-wss4j-dev/200610.mbox/%3C452FD74B.6010206@HotPOP.com%3E
> and I didn't find any.
>
> When I used rampart configuration without policy, I didn't have
> any problem. Actually is what I'm using at the client side
> for sending the messages to the sever.
>
> In the server, I'm using sample3 policy from rampart distribution.
>
> Can anybody tell me why is this happening??
>
> Thanks,
>
> Jorge Fernández
>
>
>
>
> This is the stack trace:
>
> org.apache.axis2.AxisFault: WSHandler: Check Signature confirmation: stored SV vector not empty
> at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:100)
> at org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:383)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:203)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:131)
> at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:378)
> at org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:294)
> at client.Medici_LinkSOAP12PortStub.validateSystem(Medici_LinkSOAP12PortStub.java:747)
> at client.ClientUtilities.validateSystemTest(ClientUtilities.java:62)
> at client.Client.main(Client.java:33)
> Caused by: org.apache.ws.security.WSSecurityException: WSHandler: Check Signature confirmation: stored SV vector not empty
> at org.apache.ws.security.handler.WSHandler.checkSignatureConfirmation(WSHandler.java:328)
> at org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:300)
> at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:91)
> ... 9 more
>
>
>
> ---------------------------------
>
> Sé un Mejor Amante del Cine
> ¿Quieres saber cómo? ¡Deja que otras personas te ayuden!.
--
http://wso2.org
Re: Check Signature confirmation: stored SV vector not empty
Posted by Dimuthu <mu...@apache.org>.
Hi,
Please check "7.2 [Timestamp] Property" section of Security Policy
specification[1]
Regards,
Dimuthu
[1]http://specs.xmlsoap.org/ws/2005/07/securitypolicy/ws-securitypolicy.pdf
On Mon, 2007-07-30 at 18:15 +0200, Jorge Fernandez wrote:
> Hi,
>
> I'm getting that exception. I'm using axis2 1.2 and rampart 1.2 in both client and server sides. I receive that exception in the client.
>
> The first thing I can see in my client is :
> 30-jul-2007 16:46:51 org.apache.xml.security.signature.Reference verify
> INFO: Verification successful for URI "#Timestamp-19502806"
>
> That is the Timestamp sent back from the server. It comes signed even if in my server policy I don't say that it should be signed.
>
> I searched for
>
> <wsse:SignatureConfirmation> elements in the response as I could see
> in http://mail-archives.apache.org/mod_mbox/ws-wss4j-dev/200610.mbox/%3C452FD74B.6010206@HotPOP.com%3E
> and I didn't find any.
>
> When I used rampart configuration without policy, I didn't have
> any problem. Actually is what I'm using at the client side
> for sending the messages to the sever.
>
> In the server, I'm using sample3 policy from rampart distribution.
>
> Can anybody tell me why is this happening??
>
> Thanks,
>
> Jorge Fernández
>
>
>
>
> This is the stack trace:
>
> org.apache.axis2.AxisFault: WSHandler: Check Signature confirmation: stored SV vector not empty
> at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:100)
> at org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:383)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:203)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:131)
> at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:378)
> at org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:294)
> at client.Medici_LinkSOAP12PortStub.validateSystem(Medici_LinkSOAP12PortStub.java:747)
> at client.ClientUtilities.validateSystemTest(ClientUtilities.java:62)
> at client.Client.main(Client.java:33)
> Caused by: org.apache.ws.security.WSSecurityException: WSHandler: Check Signature confirmation: stored SV vector not empty
> at org.apache.ws.security.handler.WSHandler.checkSignatureConfirmation(WSHandler.java:328)
> at org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:300)
> at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:91)
> ... 9 more
>
>
>
> ---------------------------------
>
> Sé un Mejor Amante del Cine
> ¿Quieres saber cómo? ¡Deja que otras personas te ayuden!.
--
http://wso2.org
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org