You are viewing a plain text version of this content. The canonical link for it is here.

Posted to fx-dev@ws.apache.org by Xinjun Chen <xj...@gmail.com> on 2006/12/11 12:53:50 UTC

Does WSS4J implement WS-Security 1.0 X509Certificate Token Profile 3.3.2 BinarySecurityToken

Does WSS4J implement WS-Security 1.0 X509 Certificate Token Profile
3.3.2BinarySecurityToken?

Could anyone enlighten me how to let WSS4J generate what .NET WSE
2.0expected security headers (<KeyInfo>)?
Or in another way, how can I modify .NET WSE 2.0 configuration so that .NET
WSE 2.0 accepts what WSS4J generated security headers(<KeyInfo>)?

.NET expects: (WS-Security 1.0 X509 Certificate Token Profile
3.3.2BinarySecurityToken)

<wsse:Security>
 <*wsse:BinarySecurityToken>theWholeCertificate</wsse:BinarySecurityToken*>
 <Signature>
 ...
  <KeyInfo>
   <wsse:SecurityTokenReference>
    <*wsse:Reference*>
   </wsse:SecurityTokenReference>
  </KeyInfo>
 </Signature>
</wsse:Security>
But WSS4J generates: (WS-Security 1.0 X509 Certificate Token Profile
3.3.1KeyIdentifier)

<wsse:Security>
 <Signature>
 ...
  <KeyInfo>
   <wsse:SecurityTokenReference>
    <*wsse:KeyIdentifier>theWholeCertificate</wsse:KeyIdentifier*>
   </wsse:SecurityTokenReference>
  </KeyInfo>
 </Signature>
</wsse:Security>

How can I ask WSS4J to generate what .NET expected?

Regards,
Xinjun

Re: Does WSS4J implement WS-Security 1.0 X509Certificate Token Profile 3.3.2 BinarySecurityToken

Posted by Ruchith Fernando <ru...@gmail.com>.

Please set the value of "signatureKeyIdentifier" to "DirectReference".

Thanks,
Ruchith

On 12/11/06, Xinjun Chen <xj...@gmail.com> wrote:
> Does WSS4J implement WS-Security 1.0 X509 Certificate Token Profile 3.3.2
> BinarySecurityToken?
>
> Could anyone enlighten me how to let WSS4J generate what .NET WSE 2.0
> expected security headers (<KeyInfo>)?
> Or in another way, how can I modify .NET WSE 2.0 configuration so that .NET
> WSE 2.0 accepts what WSS4J generated security headers(<KeyInfo>)?
>
> .NET expects: (WS-Security 1.0 X509 Certificate Token Profile 3.3.2
> BinarySecurityToken)
>
> <wsse:Security>
> <wsse:BinarySecurityToken>theWholeCertificate</wsse:BinarySecurityToken>
>  <Signature>
>  ...
>   <KeyInfo>
>    <wsse:SecurityTokenReference>
>     <wsse:Reference>
>    </wsse:SecurityTokenReference>
>   </KeyInfo>
>  </Signature>
> </wsse:Security>
> But WSS4J generates: (WS-Security 1.0 X509 Certificate Token Profile 3.3.1
> KeyIdentifier)
>
> <wsse:Security>
>  <Signature>
>  ...
>   <KeyInfo>
>    <wsse:SecurityTokenReference>
>
> <wsse:KeyIdentifier>theWholeCertificate</wsse:KeyIdentifier>
>    </wsse:SecurityTokenReference>
>   </KeyInfo>
>  </Signature>
> </wsse:Security>
>
> How can I ask WSS4J to generate what .NET expected?
>
> Regards,
> Xinjun
>


-- 
www.ruchith.org

---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org

Re: Does WSS4J implement WS-Security 1.0 X509Certificate Token Profile 3.3.2 BinarySecurityToken

Posted by Ruchith Fernando <ru...@gmail.com>.

Please set the value of "signatureKeyIdentifier" to "DirectReference".

Thanks,
Ruchith

On 12/11/06, Xinjun Chen <xj...@gmail.com> wrote:
> Does WSS4J implement WS-Security 1.0 X509 Certificate Token Profile 3.3.2
> BinarySecurityToken?
>
> Could anyone enlighten me how to let WSS4J generate what .NET WSE 2.0
> expected security headers (<KeyInfo>)?
> Or in another way, how can I modify .NET WSE 2.0 configuration so that .NET
> WSE 2.0 accepts what WSS4J generated security headers(<KeyInfo>)?
>
> .NET expects: (WS-Security 1.0 X509 Certificate Token Profile 3.3.2
> BinarySecurityToken)
>
> <wsse:Security>
> <wsse:BinarySecurityToken>theWholeCertificate</wsse:BinarySecurityToken>
>  <Signature>
>  ...
>   <KeyInfo>
>    <wsse:SecurityTokenReference>
>     <wsse:Reference>
>    </wsse:SecurityTokenReference>
>   </KeyInfo>
>  </Signature>
> </wsse:Security>
> But WSS4J generates: (WS-Security 1.0 X509 Certificate Token Profile 3.3.1
> KeyIdentifier)
>
> <wsse:Security>
>  <Signature>
>  ...
>   <KeyInfo>
>    <wsse:SecurityTokenReference>
>
> <wsse:KeyIdentifier>theWholeCertificate</wsse:KeyIdentifier>
>    </wsse:SecurityTokenReference>
>   </KeyInfo>
>  </Signature>
> </wsse:Security>
>
> How can I ask WSS4J to generate what .NET expected?
>
> Regards,
> Xinjun
>


-- 
www.ruchith.org

---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org