You are viewing a plain text version of this content. The canonical link for it is here.

Posted to rampart-dev@ws.apache.org by Seshadri Krishnamurthy <se...@enfs.com> on 2009/05/01 08:25:44 UTC

WS Security : Rampart Issue with sp:IncludeTimestamp. Help required

Hi,

Greetings!!

We are trying to implement security in web services using Apache Axis 2.0 & Rampart 1.4.
We are using policy based settings.
Currently we have tried with UserNameToken authentication without sp:IncludeTimestamp. This worked fine for us.
Now when we enhance it to include timestamp, we are getting the error "Error in extracting message properties "

On further investigation using SOAP UI we found that, the problem is due to wsu:Id in <wsse:UsernameToken
<wsse:UsernameToken wsu:Id="UsernameToken-20914447">.

Please find below the SOAP request and response data ..

Soap Request

<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"><soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="true"><wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-25337455"><wsu:Created>2009-04-29T10:54:27.790Z</wsu:Created><wsu:Expires>2009-04-29T10:59:27.790Z</wsu:Expires></wsu:Timestamp>
<wsse:UsernameToken wsu:Id="UsernameToken-20914447"><wsse:Username>wsuser</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText">wspwd</wsse:Password></wsse:UsernameToken></wsse:Security></soapenv:Header><soapenv:Body></soapenv:Body></soapenv:Envelope>

Soap Response

<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"><soapenv:Body><soapenv:Fault xmlns:axis2ns10="http://www.w3.org/2003/05/soap-envelope"><soapenv:Code><soapenv:Value>axis2ns10:Sender</soapenv:Value><soapenv:Subcode><soapenv:Value xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">wsse:InvalidSecurity</soapenv:Value></soapenv:Subcode></soapenv:Code><soapenv:Reason><soapenv:Text xml:lang="en-US">Error in extracting message properties</soapenv:Text></soapenv:Reason><soapenv:Detail /></soapenv:Fault></soapenv:Body></soapenv:Envelope>


Could you please help us in resolving the issue?

Regards

Seshadri