You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by Naresh Kumar <na...@gmail.com> on 2009/08/27 08:23:48 UTC
WSS4J handler for encryption is not working correctly
Hi,
I am using Wss4J for encrypting a soap message which is being send from a
client to a web service.
I have deployed the webservice with the following description.
<deployment xmlns="http://xml.apache.org/axis/wsdd/"
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
<service name="Calculator" provider="java:RPC">
<parameter name="className" value="wroxaxis.chapter2.Calculator"/>
<parameter name="allowedMethods" value="add"/>
<parameter name="scope" value="application"/>
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="action" value="Encrypt"/>
<parameter name="decryptionPropFile" value="crypto.properties"/>
<parameter name="passwordCallbackClass"
value="wroxaxis.chapter2.PWDCallBack"/>
</handler>
<handler type="soapmonitor"/>
</requestFlow>
<responseFlow>
<handler type="soapmonitor"/>
</responseFlow>
</service>
</deployment>
Like wise i am using the following wssd in client side
<deployment xmlns="http://xml.apache.org/axis/wsdd/"
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
<transport name="http"
pivot="java:org.apache.axis.transport.http.HTTPSender"/>
<globalConfiguration >
<requestFlow >
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="Encrypt"/>
<parameter name="encryptionPropFile" value="crypto.properties"
/>
<parameter name="encryptionUser" value="server" />
</handler>
</requestFlow >
</globalConfiguration >
</deployment>.
Following is my client code
EngineConfiguration config = new FileProvider("client_deploy.wsdd");
CalculatorServiceLocator locator = new CalculatorServiceLocator(config);
CalculatorSoapBindingStub service =(CalculatorSoapBindingStub)
locator.getCalculator();
String quote = service.add("5","10");
System.out.println("The price is "+ quote);
When I run the client, I am getting the response from the web service.
But the soap body is transfered as plain text. Encryption is not happening
properly.
<?xml version="1.0" encoding="utf-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><xenc:EncryptedKey
Id="EncKeyId-B3F8D707C3B0A99D2E12513535956572"><xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><ds:KeyInfo
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference><ds:X509Data>
<ds:X509IssuerSerial>
<ds:X509IssuerName>CN=server</ds:X509IssuerName>
<ds:X509SerialNumber>1251283380</ds:X509SerialNumber>
</ds:X509IssuerSerial>
</ds:X509Data></wsse:SecurityTokenReference>
</ds:KeyInfo><xenc:CipherData><xenc:CipherValue>YCkcRAds5pNVzUExSh5pNU1HniRL91CtC75R34QR7uzjNSPkhzClJ9WnZtyg8PnC41b62mhW9U7JyF8scTED5u/bEH3VbwhkYymVgFFl9FVY0k3/G5v8UBLug8J9aMATAtfsdgjNnuiMh5trNu3BtToaWS/H0wdZop8O9ppr/zw=</xenc:CipherValue></xenc:CipherData><xenc:ReferenceList><xenc:DataReference
URI="#EncDataId-1"/></xenc:ReferenceList></xenc:EncryptedKey></wsse:Security></soapenv:Header><soapenv:Body><ns1:add
soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:ns1="http://DefaultNamespace"><i1 xsi:type="soapenc:string"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/">5</i1><i2
xsi:type="soapenc:string"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/">10</i2></ns1:add></soapenv:Body></soapenv:Envelope>
Am I missing out any configuration?
Though i include the encryptionparts configuration in the client wsdd file.
Its not helping out.
Please advice on this.
Thanks in advance.
Naresh.
--
View this message in context: http://www.nabble.com/WSS4J-handler-for-encryption-is-not-working-correctly-tp25166890p25166890.html
Sent from the WSS4J mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
RE: WSS4J handler for encryption is not working correctly
Posted by Colm O hEigeartaigh <co...@progress.com>.
I can't see anything wrong in the document. Can you create a zip file
with a test-case I can run, and attach it to a new JIRA describing the
problem?
http://issues.apache.org/jira/browse/WSS
Colm.
-----Original Message-----
From: Naresh Kumar [mailto:nareshkumar.sampath@gmail.com]
Sent: 01 September 2009 14:38
To: wss4j-dev@ws.apache.org
Subject: RE: WSS4J handler for encryption is not working correctly
http://www.nabble.com/file/p25240382/Steps%2Bfollowed%2Bfor%2Bwss4j.doc
Steps+followed+for+wss4j.doc
Hi Colm,
I have attached a document with the steps, which I followed to perform
the
soap encryption using WSS4j.
Its not in the test case format. If this is not helpful I will prepare
and
send the test case. Please let me know.
Thanks
Naresh
--
View this message in context:
http://www.nabble.com/WSS4J-handler-for-encryption-is-not-working-correc
tly-tp25166890p25240382.html
Sent from the WSS4J mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
RE: WSS4J handler for encryption is not working correctly
Posted by Naresh Kumar <na...@gmail.com>.
http://www.nabble.com/file/p25240382/Steps%2Bfollowed%2Bfor%2Bwss4j.doc
Steps+followed+for+wss4j.doc
Hi Colm,
I have attached a document with the steps, which I followed to perform the
soap encryption using WSS4j.
Its not in the test case format. If this is not helpful I will prepare and
send the test case. Please let me know.
Thanks
Naresh
--
View this message in context: http://www.nabble.com/WSS4J-handler-for-encryption-is-not-working-correctly-tp25166890p25240382.html
Sent from the WSS4J mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
RE: WSS4J handler for encryption is not working correctly
Posted by Colm O hEigeartaigh <co...@progress.com>.
Could you create a test-case for this?
Colm.
-----Original Message-----
From: Naresh Kumar [mailto:nareshkumar.sampath@gmail.com]
Sent: 31 August 2009 06:26
To: wss4j-dev@ws.apache.org
Subject: RE: WSS4J handler for encryption is not working correctly
Hi colm,
I have upgraded xmlsec to 1.4.3. But Still am getting the same problem..
Thanks,
Naresh
--
View this message in context:
http://www.nabble.com/WSS4J-handler-for-encryption-is-not-working-correc
tly-tp25166890p25218502.html
Sent from the WSS4J mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
RE: WSS4J handler for encryption is not working correctly
Posted by Naresh Kumar <na...@gmail.com>.
Hi colm,
I have upgraded xmlsec to 1.4.3. But Still am getting the same problem..
Thanks,
Naresh
--
View this message in context: http://www.nabble.com/WSS4J-handler-for-encryption-is-not-working-correctly-tp25166890p25218502.html
Sent from the WSS4J mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
RE: WSS4J handler for encryption is not working correctly
Posted by Naresh Kumar <na...@gmail.com>.
Hi Colm,
I am using WSS4j - 1.5.8 and XML sec - 1.3.0
Thanks,
Naresh
Colm O hEigeartaigh wrote:
>
>
> What version of WSS4J and xml-security are you using?
>
> Colm.
>
> -----Original Message-----
> From: Naresh Kumar [mailto:nareshkumar.sampath@gmail.com]
> Sent: 27 August 2009 07:24
> To: wss4j-dev@ws.apache.org
> Subject: WSS4J handler for encryption is not working correctly
>
>
> Hi,
>
> I am using Wss4J for encrypting a soap message which is being send from
> a
> client to a web service.
>
> I have deployed the webservice with the following description.
>
> <deployment xmlns="http://xml.apache.org/axis/wsdd/"
> xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
> <service name="Calculator" provider="java:RPC">
> <parameter name="className" value="wroxaxis.chapter2.Calculator"/>
> <parameter name="allowedMethods" value="add"/>
> <parameter name="scope" value="application"/>
> <requestFlow>
> <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
> <parameter name="action" value="Encrypt"/>
> <parameter name="decryptionPropFile"
> value="crypto.properties"/>
> <parameter name="passwordCallbackClass"
> value="wroxaxis.chapter2.PWDCallBack"/>
> </handler>
> <handler type="soapmonitor"/>
> </requestFlow>
> <responseFlow>
> <handler type="soapmonitor"/>
> </responseFlow>
> </service>
> </deployment>
>
>
> Like wise i am using the following wssd in client side
>
> <deployment xmlns="http://xml.apache.org/axis/wsdd/"
> xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
> <transport name="http"
> pivot="java:org.apache.axis.transport.http.HTTPSender"/>
> <globalConfiguration >
> <requestFlow >
> <handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
>
> <parameter name="action" value="Encrypt"/>
> <parameter name="encryptionPropFile"
> value="crypto.properties"
> />
> <parameter name="encryptionUser" value="server" />
> </handler>
> </requestFlow >
> </globalConfiguration >
> </deployment>.
>
> Following is my client code
>
> EngineConfiguration config = new FileProvider("client_deploy.wsdd");
> CalculatorServiceLocator locator = new
> CalculatorServiceLocator(config);
> CalculatorSoapBindingStub service =(CalculatorSoapBindingStub)
> locator.getCalculator();
> String quote = service.add("5","10");
> System.out.println("The price is "+ quote);
>
> When I run the client, I am getting the response from the web service.
> But the soap body is transfered as plain text. Encryption is not
> happening
> properly.
>
>
> <?xml version="1.0" encoding="utf-8"?>
> <soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> <soapenv:Header>
> <wsse:Security soapenv:mustUnderstand="1"
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse
> curity-secext-1.0.xsd"><xenc:EncryptedKey
> Id="EncKeyId-B3F8D707C3B0A99D2E12513535956572"><xenc:EncryptionMethod
> Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><ds:KeyInfo
> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> <wsse:SecurityTokenReference><ds:X509Data>
> <ds:X509IssuerSerial>
> <ds:X509IssuerName>CN=server</ds:X509IssuerName>
> <ds:X509SerialNumber>1251283380</ds:X509SerialNumber>
> </ds:X509IssuerSerial>
> </ds:X509Data></wsse:SecurityTokenReference>
> </ds:KeyInfo><xenc:CipherData><xenc:CipherValue>YCkcRAds5pNVzUExSh5pNU1H
> niRL91CtC75R34QR7uzjNSPkhzClJ9WnZtyg8PnC41b62mhW9U7JyF8scTED5u/bEH3Vbwhk
> YymVgFFl9FVY0k3/G5v8UBLug8J9aMATAtfsdgjNnuiMh5trNu3BtToaWS/H0wdZop8O9ppr
> /zw=</xenc:CipherValue></xenc:CipherData><xenc:ReferenceList><xenc:DataR
> eference
> URI="#EncDataId-1"/></xenc:ReferenceList></xenc:EncryptedKey></wsse:Secu
> rity></soapenv:Header><soapenv:Body><ns1:add
> soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"
> xmlns:ns1="http://DefaultNamespace"><i1 xsi:type="soapenc:string"
> xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/">5</i1><i2
> xsi:type="soapenc:string"
> xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/">10</i2></ns1:a
> dd></soapenv:Body></soapenv:Envelope>
>
> Am I missing out any configuration?
>
> Though i include the encryptionparts configuration in the client wsdd
> file.
> Its not helping out.
>
> Please advice on this.
>
> Thanks in advance.
>
> Naresh.
>
> --
> View this message in context:
> http://www.nabble.com/WSS4J-handler-for-encryption-is-not-working-correc
> tly-tp25166890p25166890.html
> Sent from the WSS4J mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
>
--
View this message in context: http://www.nabble.com/WSS4J-handler-for-encryption-is-not-working-correctly-tp25166890p25183959.html
Sent from the WSS4J mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
RE: WSS4J handler for encryption is not working correctly
Posted by Colm O hEigeartaigh <co...@progress.com>.
What version of WSS4J and xml-security are you using?
Colm.
-----Original Message-----
From: Naresh Kumar [mailto:nareshkumar.sampath@gmail.com]
Sent: 27 August 2009 07:24
To: wss4j-dev@ws.apache.org
Subject: WSS4J handler for encryption is not working correctly
Hi,
I am using Wss4J for encrypting a soap message which is being send from
a
client to a web service.
I have deployed the webservice with the following description.
<deployment xmlns="http://xml.apache.org/axis/wsdd/"
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
<service name="Calculator" provider="java:RPC">
<parameter name="className" value="wroxaxis.chapter2.Calculator"/>
<parameter name="allowedMethods" value="add"/>
<parameter name="scope" value="application"/>
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="action" value="Encrypt"/>
<parameter name="decryptionPropFile"
value="crypto.properties"/>
<parameter name="passwordCallbackClass"
value="wroxaxis.chapter2.PWDCallBack"/>
</handler>
<handler type="soapmonitor"/>
</requestFlow>
<responseFlow>
<handler type="soapmonitor"/>
</responseFlow>
</service>
</deployment>
Like wise i am using the following wssd in client side
<deployment xmlns="http://xml.apache.org/axis/wsdd/"
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
<transport name="http"
pivot="java:org.apache.axis.transport.http.HTTPSender"/>
<globalConfiguration >
<requestFlow >
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="Encrypt"/>
<parameter name="encryptionPropFile"
value="crypto.properties"
/>
<parameter name="encryptionUser" value="server" />
</handler>
</requestFlow >
</globalConfiguration >
</deployment>.
Following is my client code
EngineConfiguration config = new FileProvider("client_deploy.wsdd");
CalculatorServiceLocator locator = new
CalculatorServiceLocator(config);
CalculatorSoapBindingStub service =(CalculatorSoapBindingStub)
locator.getCalculator();
String quote = service.add("5","10");
System.out.println("The price is "+ quote);
When I run the client, I am getting the response from the web service.
But the soap body is transfered as plain text. Encryption is not
happening
properly.
<?xml version="1.0" encoding="utf-8"?>
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Header>
<wsse:Security soapenv:mustUnderstand="1"
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse
curity-secext-1.0.xsd"><xenc:EncryptedKey
Id="EncKeyId-B3F8D707C3B0A99D2E12513535956572"><xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/><ds:KeyInfo
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference><ds:X509Data>
<ds:X509IssuerSerial>
<ds:X509IssuerName>CN=server</ds:X509IssuerName>
<ds:X509SerialNumber>1251283380</ds:X509SerialNumber>
</ds:X509IssuerSerial>
</ds:X509Data></wsse:SecurityTokenReference>
</ds:KeyInfo><xenc:CipherData><xenc:CipherValue>YCkcRAds5pNVzUExSh5pNU1H
niRL91CtC75R34QR7uzjNSPkhzClJ9WnZtyg8PnC41b62mhW9U7JyF8scTED5u/bEH3Vbwhk
YymVgFFl9FVY0k3/G5v8UBLug8J9aMATAtfsdgjNnuiMh5trNu3BtToaWS/H0wdZop8O9ppr
/zw=</xenc:CipherValue></xenc:CipherData><xenc:ReferenceList><xenc:DataR
eference
URI="#EncDataId-1"/></xenc:ReferenceList></xenc:EncryptedKey></wsse:Secu
rity></soapenv:Header><soapenv:Body><ns1:add
soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:ns1="http://DefaultNamespace"><i1 xsi:type="soapenc:string"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/">5</i1><i2
xsi:type="soapenc:string"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/">10</i2></ns1:a
dd></soapenv:Body></soapenv:Envelope>
Am I missing out any configuration?
Though i include the encryptionparts configuration in the client wsdd
file.
Its not helping out.
Please advice on this.
Thanks in advance.
Naresh.
--
View this message in context:
http://www.nabble.com/WSS4J-handler-for-encryption-is-not-working-correc
tly-tp25166890p25166890.html
Sent from the WSS4J mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org