You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by Brajeul Johann <J....@creditlogement.fr> on 2010/03/30 11:29:06 UTC
[Axis2] org.apache.ws.security.WSSecurityException: The signature or decryption was invalid

Hello,

 

We developed a Web Services project server with WebSphere Application Server 6.1 to generate the beans.

We secured the messages according to the standard OASIS Web Services Security : SOAP Message Security 1.0 (Integrity + Authentication with X509 certificate).

 

The client is generated with Axis2 1.3 (Built on : Aug 10, 2007 04:45:47 LKT) and use WSS4J to implement the security.

 

It happens randomly that the client generates a error during the verification of the response signature.

Here is the log:

org.apache.ws.security.WSSecurityException: The signature or decryption was invalid; nested exception is: 
        org.apache.xml.security.signature.XMLSignatureException: Signature encoding error
Original Exception was org.apache.xml.security.signature.XMLSignatureException: Signature encoding error
Original Exception was java.security.SignatureException: Signature encoding error
        at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:532)
        at org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:97)
        at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:326)
        at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:243)
        at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:196)
        at com.cardiweb.crelog.ws.SOAPUtils.isReponseSecurisee(SOAPUtils.java:113)
        at com.cardiweb.crelog.axis2.client.Service_Demande_Caution_BDBStub.operation_BDB(Service_Demande_Caution_BDBStub.java:91)
        at com.cardiweb.crelog.ws.BDBWSClient.traitementUnFichier(BDBWSClient.java:137)
        at com.cardiweb.crelog.ws.BDBWSClient.main(BDBWSClient.java:94)
Caused by: org.apache.xml.security.signature.XMLSignatureException: Signature encoding error
Original Exception was org.apache.xml.security.signature.XMLSignatureException: Signature encoding error
Original Exception was java.security.SignatureException: Signature encoding error
        at org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Unknown Source)
        at org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Unknown Source)
        at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:430)
        ... 8 more
Erreur : les Ã©lÃ©ments de sÃ©curitÃ© du flux de rÃ©ponse sont invalides

 

Have you already encounter this error ?

Would you have an idea of why the problem happens?

 

Regards

 

--

Johann Brajeul

Credit Logement

DSI/SEP

Poste 30 24

Exterieur 01 44 61 62 35