You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by Xinjun Chen <xj...@gmail.com> on 2006/12/11 12:53:50 UTC
Does WSS4J implement WS-Security 1.0 X509Certificate Token Profile 3.3.2 BinarySecurityToken
Does WSS4J implement WS-Security 1.0 X509 Certificate Token Profile
3.3.2BinarySecurityToken?
Could anyone enlighten me how to let WSS4J generate what .NET WSE
2.0expected security headers (<KeyInfo>)?
Or in another way, how can I modify .NET WSE 2.0 configuration so that .NET
WSE 2.0 accepts what WSS4J generated security headers(<KeyInfo>)?
.NET expects: (WS-Security 1.0 X509 Certificate Token Profile
3.3.2BinarySecurityToken)
<wsse:Security>
<*wsse:BinarySecurityToken>theWholeCertificate</wsse:BinarySecurityToken*>
<Signature>
...
<KeyInfo>
<wsse:SecurityTokenReference>
<*wsse:Reference*>
</wsse:SecurityTokenReference>
</KeyInfo>
</Signature>
</wsse:Security>
But WSS4J generates: (WS-Security 1.0 X509 Certificate Token Profile
3.3.1KeyIdentifier)
<wsse:Security>
<Signature>
...
<KeyInfo>
<wsse:SecurityTokenReference>
<*wsse:KeyIdentifier>theWholeCertificate</wsse:KeyIdentifier*>
</wsse:SecurityTokenReference>
</KeyInfo>
</Signature>
</wsse:Security>
How can I ask WSS4J to generate what .NET expected?
Regards,
Xinjun
Re: Does WSS4J implement WS-Security 1.0 X509Certificate Token Profile 3.3.2 BinarySecurityToken
Posted by Ruchith Fernando <ru...@gmail.com>.
Please set the value of "signatureKeyIdentifier" to "DirectReference".
Thanks,
Ruchith
On 12/11/06, Xinjun Chen <xj...@gmail.com> wrote:
> Does WSS4J implement WS-Security 1.0 X509 Certificate Token Profile 3.3.2
> BinarySecurityToken?
>
> Could anyone enlighten me how to let WSS4J generate what .NET WSE 2.0
> expected security headers (<KeyInfo>)?
> Or in another way, how can I modify .NET WSE 2.0 configuration so that .NET
> WSE 2.0 accepts what WSS4J generated security headers(<KeyInfo>)?
>
> .NET expects: (WS-Security 1.0 X509 Certificate Token Profile 3.3.2
> BinarySecurityToken)
>
> <wsse:Security>
> <wsse:BinarySecurityToken>theWholeCertificate</wsse:BinarySecurityToken>
> <Signature>
> ...
> <KeyInfo>
> <wsse:SecurityTokenReference>
> <wsse:Reference>
> </wsse:SecurityTokenReference>
> </KeyInfo>
> </Signature>
> </wsse:Security>
> But WSS4J generates: (WS-Security 1.0 X509 Certificate Token Profile 3.3.1
> KeyIdentifier)
>
> <wsse:Security>
> <Signature>
> ...
> <KeyInfo>
> <wsse:SecurityTokenReference>
>
> <wsse:KeyIdentifier>theWholeCertificate</wsse:KeyIdentifier>
> </wsse:SecurityTokenReference>
> </KeyInfo>
> </Signature>
> </wsse:Security>
>
> How can I ask WSS4J to generate what .NET expected?
>
> Regards,
> Xinjun
>
--
www.ruchith.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Does WSS4J implement WS-Security 1.0 X509Certificate Token Profile 3.3.2 BinarySecurityToken
Posted by Ruchith Fernando <ru...@gmail.com>.
Please set the value of "signatureKeyIdentifier" to "DirectReference".
Thanks,
Ruchith
On 12/11/06, Xinjun Chen <xj...@gmail.com> wrote:
> Does WSS4J implement WS-Security 1.0 X509 Certificate Token Profile 3.3.2
> BinarySecurityToken?
>
> Could anyone enlighten me how to let WSS4J generate what .NET WSE 2.0
> expected security headers (<KeyInfo>)?
> Or in another way, how can I modify .NET WSE 2.0 configuration so that .NET
> WSE 2.0 accepts what WSS4J generated security headers(<KeyInfo>)?
>
> .NET expects: (WS-Security 1.0 X509 Certificate Token Profile 3.3.2
> BinarySecurityToken)
>
> <wsse:Security>
> <wsse:BinarySecurityToken>theWholeCertificate</wsse:BinarySecurityToken>
> <Signature>
> ...
> <KeyInfo>
> <wsse:SecurityTokenReference>
> <wsse:Reference>
> </wsse:SecurityTokenReference>
> </KeyInfo>
> </Signature>
> </wsse:Security>
> But WSS4J generates: (WS-Security 1.0 X509 Certificate Token Profile 3.3.1
> KeyIdentifier)
>
> <wsse:Security>
> <Signature>
> ...
> <KeyInfo>
> <wsse:SecurityTokenReference>
>
> <wsse:KeyIdentifier>theWholeCertificate</wsse:KeyIdentifier>
> </wsse:SecurityTokenReference>
> </KeyInfo>
> </Signature>
> </wsse:Security>
>
> How can I ask WSS4J to generate what .NET expected?
>
> Regards,
> Xinjun
>
--
www.ruchith.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org