You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Ruchith Fernando <ru...@gmail.com> on 2006/07/21 18:02:21 UTC
Re: Repost: WSSecurityException - Check Signature confirmation (Axis 1.4 + wss4j)
Hi Ravi,
Which version of WSS4J are you using?
Thanks,
Ruchith
On 7/21/06, Ravi Krishnamurthy <ra...@savvion.com> wrote:
>
> Trying my luck if anybody can suggest any pointers,
>
>
>
> Hello:
> Would appreciate if someone could give me some pointers.
>
> Thanks,
> Ravi
>
> Ravi Krishnamurthy wrote:
> Hello:
> I'm trying to use wss4j with Axis1.4 and trying out the samples that comes
> with wss4j/interop.
>
> On executing the org.apache.ws.axis.oasis.Scenario3 I get
> the following exception:
>
> WSHandler: Check Signature confirmation: stored SV vector not empty; nested
> exception is:
> org.apache.ws.security.WSSecurityException: WSHandler:
> Check Signature confirmation: stored SV vector not empty
> at
> org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:351)
>
> I monitor the soap messages through the tcpmon and they are below:
>
> request soap message:
> ----------------------
> <?xml version="1.0" encoding="UTF-8"?>
> <soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> <soapenv:Header>
> <wsse:Security
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
> soapenv:mustUnderstand="1">
> <wsu:Timestamp
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="Timestamp-6559246">
> <wsu:Created>2006-07-10T20:19:53.011Z</wsu:Created>
> <wsu:Expires>2006-07-10T20:24:53.011Z</wsu:Expires>
> </wsu:Timestamp>
> <xenc:EncryptedKey Id="EncKeyId-13076987">
> <xenc:EncryptionMethod
> Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"></xenc:EncryptionMethod>
> <ds:KeyInfo
> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> <wsse:SecurityTokenReference>
> <wsse:KeyIdentifier
> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">Xeg55vRyK3ZhAEhEf+YT0z986L0=</wsse:KeyIdentifier>
> </wsse:SecurityTokenReference>
> </ds:KeyInfo>
> <xenc:CipherData>
>
> <xenc:CipherValue>HEhP2Wm923TOcrC6vcfyf3I7BQPFW6pzZb4oRsV6GHL1THJvLbmjeIGTX9p3/6bLL4lQEy/7M3Sk2znE7QBjTtQuip+WAiJuiKONzQRC175FZTkhNgF6iD62/ikuGMihR3yn/1KZtjMiH8k/gh1Q+sRW0pD8JmEKnBWw2hhX/n8=</xenc:CipherValue>
> </xenc:CipherData>
> <xenc:ReferenceList>
> <xenc:DataReference
> URI="#EncDataId-30568553"></xenc:DataReference>
> </xenc:ReferenceList>
> </xenc:EncryptedKey>
> <wsse:BinarySecurityToken
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
> wsu:Id="CertId-1776694">MIIDDDCCAfSgAwIBAgIQM6YEf7FVYx/tZyEXgVComTANBgkqhkiG9w0BAQUFADAwMQ4wDAYDVQQKDAVPQVNJUzEeMBwGA1UEAwwVT0FTSVMgSW50ZXJvcCBUZXN0IENBMB4XDTA1MDMxOTAwMDAwMFoXDTE4MDMxOTIzNTk1OVowQjEOMAwGA1UECgwFT0FTSVMxIDAeBgNVBAsMF09BU0lTIEludGVyb3AgVGVzdCBDZXJ0MQ4wDAYDVQQDDAVBbGljZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAoqi99By1VYo0aHrkKCNT4DkIgPL/SgahbeKdGhrbu3K2XG7arfD9tqIBIKMfrX4Gp90NJa85AV1yiNsEyvq+mUnMpNcKnLXLOjkTmMCqDYbbkehJlXPnaWLzve+mW0pJdPxtf3rbD4PS/cBQIvtpjmrDAU8VsZKT8DN5Kyz+EZsCAwEAAaOBkzCBkDAJBgNVHRMEAjAAMDMGA1UdHwQsMCowKKImhiRodHRwOi8vaW50ZXJvcC5iYnRlc3QubmV0L2NybC9jYS5jcmwwDgYDVR0PAQH/BAQDAgSwMB0GA1UdDgQWBBQK4l0TUHZ1QV3V2QtlLNDm+PoxiDAfBgNVHSMEGDAWgBTAnSj8wes1oR3WqqqgHBpNwkkPDzANBgkqhkiG9w0BAQUFAAOCAQEABTqpOpvW+6yrLXyUlP2xJbEkohXHI5OWwKWleOb9hlkhWntUalfcFOJAgUyH30TTpHldzx1+vK2LPzhoUFKYHE1IyQvokBN2JjFO64BQukCKnZhldLRPxGhfkTdxQgdf5rCK/wh3xVsZCNTfuMNmlAM6lOAg8QduDah3WFZpEA0s2nwQaCNQTNMjJC8tav1CBr6+E5FAmwPXP7pJxn9Fw9OXRyqbRA4v2y7YpbGkG2GI9UvOHw6SGvf4FRSthMMO35
> YbpikGsLix3vAsXWWi4rwfVOYzQK0OFPNi9RMCUdSH06m9uLWckiCxjos0FQODZE9l4ATGy9s9hNVwryOJTw==</wsse:BinarySecurityToken>
> <ds:Signature
> xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
> Id="Signature-2950265">
> <ds:SignedInfo>
> <ds:CanonicalizationMethod
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
> <ds:SignatureMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
> <ds:Reference URI="#id-30568553">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
>
> <ds:DigestValue>zzx3ig1a7LmzkrkBpLOTIJbLd3s=</ds:DigestValue>
> </ds:Reference>
> </ds:SignedInfo>
>
> <ds:SignatureValue>IuRirKy+x18gU00p0uhMEDzEAFvpoHMGKcq45ROmpzQ6ZpD/VEghpYjru6Kff0y3tyWzSvW6nA1mH1pudDP1yLxP5geYvXNPQlFV5X+7T60QPlM6ho3sBj2D3IDAZZXZQdJV+fqC7JycqdzLfXU15fHw+ReZm2r7hIPoys9eHgg=</ds:SignatureValue>
> <ds:KeyInfo Id="KeyId-13452612">
> <wsse:SecurityTokenReference
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="STRId-29769356">
> <wsse:Reference URI="#CertId-1776694"
> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"></wsse:Reference>
> </wsse:SecurityTokenReference>
> </ds:KeyInfo>
> </ds:Signature>
> </wsse:Security>
> </soapenv:Header>
> <soapenv:Body
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="id-30568553">
> <xenc:EncryptedData Id="EncDataId-30568553"
> Type="http://www.w3.org/2001/04/xmlenc#Content">
> <xenc:EncryptionMethod
> Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"></xenc:EncryptionMethod>
> <xenc:CipherData>
>
> <xenc:CipherValue>oXcNsV8AMx98dJom1wFX1i6y0Q90oPf7SpLM88MqCsc9dbVFkJNwN5prhs3WXUtjQ40IKuBRxX+MRNg+J79tT3sm+ivzH7+qol3JaudVz5ahPyLO7BPHmjOLNFV0YrtVs+dUbjhtJHk152uU6Lty/3l9RKuPbC6FDy6NGNpFolt27gqIfOfnQgGFEYpEFST7Vjt/QD6VoLkA7JdjNsJmQceWtn6jQ0ZUHW5lsBCR1fFRYRCBTSp2NHAHf+PqpFuNJ+8jr4HZhhy71dfxACQ4n7BuS0MelKtF/Sf+Gk4MIGsh27JdGESfPG3IQRW6FGicq92TILQPh1mEWAl+xC9cT08Wv6bscNmTM9hz3e4A7Z2C25GpZGki4NTt3jZgYb3BEXAyUQfxANQVe7MFytRlzKGx9rK9qnX1PcF8/4Oa+UNoBNtid+geXYN9xRXM5jvOlRT0rquvu58bv84XCmnzMT6O/OxXdUlaiBSIrVavgcT36QtjHVC0ov69ViHI5c4KdfcZcjk2ijGryJdv7FoNtQcsG6VwufSGXoGrvlzHP+b1fQCaDG2w+vF/DLsjKjb5</xenc:CipherValue>
> </xenc:CipherData>
> </xenc:EncryptedData>
> </soapenv:Body>
> </soapenv:Envelope>
>
>
>
> response soap message:
> -----------------------
> <?xml version="1.0" encoding="UTF-8"?>
> <soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> <soapenv:Header>
> <wsse:Security
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
> soapenv:mustUnderstand="1">
> <wsu:Timestamp
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
> <wsu:Created>2006-07-10T20:19:53.301Z</wsu:Created>
> <wsu:Expires>2006-07-10T20:24:53.301Z</wsu:Expires>
> </wsu:Timestamp>
> <xenc:EncryptedKey>
> <xenc:EncryptionMethod
> Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"></xenc:EncryptionMethod>
> <ds:KeyInfo
> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> <wsse:SecurityTokenReference>
> <wsse:KeyIdentifier
> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">CuJdE1B2dUFd1dkLZSzQ5vj6MYg=</wsse:KeyIdentifier>
> </wsse:SecurityTokenReference>
> </ds:KeyInfo>
> <xenc:CipherData>
>
> <xenc:CipherValue>DSQ2fgmVjM49zAKL7exQfRZ59jHNTy/GYYH+FipkHibYiUUgEcCCtaN9RE4SwXqmQyy32t6x/+YQSlhPK7o8vTJi3jdkcvjk+NJRUFv5r8YLu2x3dtDX3cnhio979uC7JjHDUmgKg9XbZpFWLLerfiL5jZ2Wn7VLtzyHUvk/qBs=</xenc:CipherValue>
> </xenc:CipherData>
> <xenc:ReferenceList>
> <xenc:DataReference
> URI="#EncDataId-9012615"></xenc:DataReference>
> </xenc:ReferenceList>
> </xenc:EncryptedKey>
> <wsse:BinarySecurityToken
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
> wsu:Id="CertId-2645972">MIIDCjCCAfKgAwIBAgIQYDju2/6sm77InYfTq65x+DANBgkqhkiG9w0BAQUFADAwMQ4wDAYDVQQKDAVPQVNJUzEeMBwGA1UEAwwVT0FTSVMgSW50ZXJvcCBUZXN0IENBMB4XDTA1MDMxOTAwMDAwMFoXDTE4MDMxOTIzNTk1OVowQDEOMAwGA1UECgwFT0FTSVMxIDAeBgNVBAsMF09BU0lTIEludGVyb3AgVGVzdCBDZXJ0MQwwCgYDVQQDDANCb2IwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMCquMva4lFDrv3fXQnKK8CkSU7HvVZ0USyJtlL/yhmHH/FQXHyYY+fTcSyWYItWJYiTZ99PAbD+6EKBGbdfuJNUJCGaTWc5ZDUISqM/SGtacYe/PD/4+g3swNPzTUQAIBLRY1pkr2cm3s5Ch/f+mYVNBR41HnBeIxybw25kkoM7AgMBAAGjgZMwgZAwCQYDVR0TBAIwADAzBgNVHR8ELDAqMCiiJoYkaHR0cDovL2ludGVyb3AuYmJ0ZXN0Lm5ldC9jcmwvY2EuY3JsMA4GA1UdDwEB/wQEAwIEsDAdBgNVHQ4EFgQUXeg55vRyK3ZhAEhEf+YT0z986L0wHwYDVR0jBBgwFoAUwJ0o/MHrNaEd1qqqoBwaTcJJDw8wDQYJKoZIhvcNAQEFBQADggEBAIiVGv2lGLhRvmMAHSlY7rKLVkv+zEUtSyg08FBT8z/RepUbtUQShcIqwWsemDU8JVtsucQLc+g6GCQXgkCkMiC8qhcLAt3BXzFmLxuCEAQeeFe8IATr4wACmEQE37TEqAuWEIanPYIplbxYgwP0OBWBSjcRpKRAxjEzuwObYjbll6vKdFHYIweWhhWPrefquFp7TefTkF4D3rcctTfWJ76I5NrEVld+7PBnnJNpdDEuGsoaiJrwTW3Ixm40RXvG3fYS4h
> IAPeTCUk3RkYfUkqlaaLQnUrF2hZSgiBNLPe8gGkYORccRIlZCGQDEpcWl1Uf9OHw6fC+3hkqolFd5CVI=</wsse:BinarySecurityToken>
> <ds:Signature
> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> <ds:SignedInfo>
> <ds:CanonicalizationMethod
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
> <ds:SignatureMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
> <ds:Reference URI="#id-9012615">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
>
> <ds:DigestValue>IRfNt/3fQaa0QskrOxRUUA+1GDA=</ds:DigestValue>
> </ds:Reference>
> </ds:SignedInfo>
>
> <ds:SignatureValue>Np3MfcGB60J5QomOh5Sxy7uUNNyRfmw4xXtnzJQX211PN928V8VyFGztx0AM5EzooUZoSoGA064+3bIe3cZSXYeUOEm625RVD+UDhNUyT5Ed8L1WUJjXAabXWNVeglfqI110DYCHphY9BaTqXYMK5qeUKNFvVaRD+zd4Bm/g/+w=</ds:SignatureValue>
> <ds:KeyInfo Id="KeyId-19375260">
> <wsse:SecurityTokenReference
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="STRId-27799186">
> <wsse:Reference URI="#CertId-2645972"
> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"></wsse:Reference>
> </wsse:SecurityTokenReference>
> </ds:KeyInfo>
> </ds:Signature>
> </wsse:Security>
> </soapenv:Header>
> <soapenv:Body
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="id-9012615">
> <xenc:EncryptedData Id="EncDataId-9012615"
> Type="http://www.w3.org/2001/04/xmlenc#Content">
> <xenc:EncryptionMethod
> Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"></xenc:EncryptionMethod>
> <xenc:CipherData>
>
> <xenc:CipherValue>icXz2exE8Wga6dSjPmJM1VPx2S76MVLuERxODdxrST9S6feRTjSXhry9mBFO8ouNKkMtQie1KxCRHe7MSchFYmMaj3C9UFE30RQXrTj/LLRtkTUAoiq8DpQB3RJX2XPQeHibocNrlL4yY17BLblFTg/UBdIxA7mks3OUEFbVXDc+FSgTcTmjG9Cbmt7e77W3Walx+yJDYvo9zaniEMhcxO5kIglnzjrBcf6WlL74NXDtKsRrMgNYqAVz4IkFG6/5bmmq0Nc36MX9C7XHPp/yJZW2M1WHOOWuTnB9hAgtboGMSMBiTfFQ/XYMT14gTeHFOj+OjszNneYXVZPhnw4HgO5TwmO4k7NKLpHnuv/sKILEvmGB3j+kmAbL06bJYn3fRZnio8LetG5089dQllr/KpYEzhwAzk8eHLtNDC1BTghqsKKuNfTWQuvyNY/cHpIJglO4J/FOMMtnG1XNb2m0CV7EZLTecS3V1RTGdlZyDzp03AzA1Ol8O9XJ1mEaKCab9P0nbzahzYk5VNkz6PbEDIDZsz6ApZ74</xenc:CipherValue>
> </xenc:CipherData>
> </xenc:EncryptedData>
> </soapenv:Body>
> </soapenv:Envelope>
>
>
>
> Could some one help me in understanding what might be wrong.
>
> Thanks,
> Ravi
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
--
www.ruchith.org
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Repost: WSSecurityException - Check Signature confirmation (Axis
1.4 + wss4j)
Posted by Ravi Krishnamurthy <ra...@savvion.com>.
Thank Ruchith and Martin.
Looks liek may be there is some incompatibility in my environment with
the wss4j jar file from previous version. I cleaned up my whole
envirornment, downloaded the wss4j 1.5 and axis1,4 and reconfigured my
tomcat. I'm able to run the first 7 interop test cases.
have to play with the SAML now.
Thanks for your help and time.
Regards,
Ravi
Ruchith Fernando wrote:
> Hi Ravi,
>
> Have you set a handler parameter by the name
> "enableSignatureConfirmation" any where in your configurations?
>
> Since I couldn't find the "SignatureConfirmation" element in your
> response message I think you may have set
> "enableSignatureConfirmation" to false at the service. If so please
> remove it OR add the same entry to client side, so the client side
> handler will not expect a "SignatureConfirmation" element in the
> response.
>
> Thanks,
> Ruchith
>
> On 7/21/06, Ravi Krishnamurthy <ra...@savvion.com> wrote:
>> Thanks Ruchith for your reply.
>> I'm using wss4j-1.5 with axis 1.4
>>
>> ALso I debugegd the wss4j source code yesterday and looks like the
>> following is causing the problem:
>>
>> File: org.apache.ws.security.handler.WSHandler (line # 315 - 321)
>> /*
>> * This indicates this is the last handler: the vector holding
>> the
>> * stored Signature values must be empty, otherwise we have an
>> error
>> */
>> if (!reqData.isNoSerialization()) {
>> log.debug("Check Signature confirmation - last handler");
>> if (sigv != null && !sigv.isEmpty()) {
>> throw new WSSecurityException("WSHandler: Check
>> Signature confirmation: stored SV vector not empty");
>> }
>> }
>>
>> Looks liek teh reqData.isNoSerialization is false and hence the error. I
>> changed it to return true and it worked fine.
>>
>> Since I'm trying the out of the box interop samples, wondering why I'm
>> getting this error.
>>
>> thanks for your time again.
>>
>> Regards,
>> Ravi
>>
>>
>> Ruchith Fernando wrote:
>> > Hi Ravi,
>> >
>> > Which version of WSS4J are you using?
>> >
>> > Thanks,
>> > Ruchith
>> >
>> > On 7/21/06, Ravi Krishnamurthy <ra...@savvion.com> wrote:
>> >>
>> >> Trying my luck if anybody can suggest any pointers,
>> >>
>> >>
>> >>
>> >> Hello:
>> >> Would appreciate if someone could give me some pointers.
>> >>
>> >> Thanks,
>> >> Ravi
>> >>
>> >> Ravi Krishnamurthy wrote:
>> >> Hello:
>> >> I'm trying to use wss4j with Axis1.4 and trying out the samples that
>> >> comes
>> >> with wss4j/interop.
>> >>
>> >> On executing the org.apache.ws.axis.oasis.Scenario3 I get
>> >> the following exception:
>> >>
>> >> WSHandler: Check Signature confirmation: stored SV vector not empty;
>> >> nested
>> >> exception is:
>> >> org.apache.ws.security.WSSecurityException: WSHandler:
>> >> Check Signature confirmation: stored SV vector not empty
>> >> at
>> >>
>> org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:351)
>>
>> >>
>> >>
>> >> I monitor the soap messages through the tcpmon and they are below:
>> >>
>> >> request soap message:
>> >> ----------------------
>> >> <?xml version="1.0" encoding="UTF-8"?>
>> >> <soapenv:Envelope
>> >> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
>> >> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
>> >> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
>> >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
>> >> <soapenv:Header>
>> >> <wsse:Security
>> >>
>> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
>>
>> >>
>> >> soapenv:mustUnderstand="1">
>> >> <wsu:Timestamp
>> >>
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>
>> >>
>> >> wsu:Id="Timestamp-6559246">
>> >> <wsu:Created>2006-07-10T20:19:53.011Z</wsu:Created>
>> >> <wsu:Expires>2006-07-10T20:24:53.011Z</wsu:Expires>
>> >> </wsu:Timestamp>
>> >> <xenc:EncryptedKey Id="EncKeyId-13076987">
>> >> <xenc:EncryptionMethod
>> >>
>> Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"></xenc:EncryptionMethod>
>>
>> >>
>> >> <ds:KeyInfo
>> >> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
>> >> <wsse:SecurityTokenReference>
>> >> <wsse:KeyIdentifier
>> >>
>> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
>>
>> >>
>> >>
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">Xeg55vRyK3ZhAEhEf+YT0z986L0=</wsse:KeyIdentifier>
>>
>> >>
>> >> </wsse:SecurityTokenReference>
>> >> </ds:KeyInfo>
>> >> <xenc:CipherData>
>> >>
>> >>
>> <xenc:CipherValue>HEhP2Wm923TOcrC6vcfyf3I7BQPFW6pzZb4oRsV6GHL1THJvLbmjeIGTX9p3/6bLL4lQEy/7M3Sk2znE7QBjTtQuip+WAiJuiKONzQRC175FZTkhNgF6iD62/ikuGMihR3yn/1KZtjMiH8k/gh1Q+sRW0pD8JmEKnBWw2hhX/n8=</xenc:CipherValue>
>>
>> >>
>> >> </xenc:CipherData>
>> >> <xenc:ReferenceList>
>> >> <xenc:DataReference
>> >> URI="#EncDataId-30568553"></xenc:DataReference>
>> >> </xenc:ReferenceList>
>> >> </xenc:EncryptedKey>
>> >> <wsse:BinarySecurityToken
>> >>
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>
>> >>
>> >>
>> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
>>
>> >>
>> >>
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
>>
>> >>
>> >>
>> wsu:Id="CertId-1776694">MIIDDDCCAfSgAwIBAgIQM6YEf7FVYx/tZyEXgVComTANBgkqhkiG9w0BAQUFADAwMQ4wDAYDVQQKDAVPQVNJUzEeMBwGA1UEAwwVT0FTSVMgSW50ZXJvcCBUZXN0IENBMB4XDTA1MDMxOTAwMDAwMFoXDTE4MDMxOTIzNTk1OVowQjEOMAwGA1UECgwFT0FTSVMxIDAeBgNVBAsMF09BU0lTIEludGVyb3AgVGVzdCBDZXJ0MQ4wDAYDVQQDDAVBbGljZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAoqi99By1VYo0aHrkKCNT4DkIgPL/SgahbeKdGhrbu3K2XG7arfD9tqIBIKMfrX4Gp90NJa85AV1yiNsEyvq+mUnMpNcKnLXLOjkTmMCqDYbbkehJlXPnaWLzve+mW0pJdPxtf3rbD4PS/cBQIvtpjmrDAU8VsZKT8DN5Kyz+EZsCAwEAAaOBkzCBkDAJBgNVHRMEAjAAMDMGA1UdHwQsMCowKKImhiRodHRwOi8vaW50ZXJvcC5iYnRlc3QubmV0L2NybC9jYS5jcmwwDgYDVR0PAQH/BAQDAgSwMB0GA1UdDgQWBBQK4l0TUHZ1QV3V2QtlLNDm+PoxiDAfBgNVHSMEGDAWgBTAnSj8wes1oR3WqqqgHBpNwkkPDzANBgkqhkiG9w0BAQUFAAOCAQEABTqpOpvW+6yrLXyUlP2xJbEkohXHI5OWwKWleOb9hlkhWntUalfcFOJAgUyH30TTpHldzx1+vK2LPzhoUFKYHE1IyQvokBN2JjFO64BQukCKnZhldLRPxGhfkTdxQgdf5rCK/wh3xVsZCNTfuMNmlAM6lOAg8QduDah3WFZpEA0s2nwQaCNQTNMjJC8tav1CBr6+E5FAmwPXP7pJxn9Fw9OXRyqbRA4v2y7YpbGkG2GI9UvOHw6SGvf4FRSthMMO3
>>
> 5
>> >>
>> >>
>> YbpikGsLix3vAsXWWi4rwfVOYzQK0OFPNi9RMCUdSH06m9uLWckiCxjos0FQODZE9l4ATGy9s9hNVwryOJTw==</wsse:BinarySecurityToken>
>>
>> >>
>> >> <ds:Signature
>> >> xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
>> >> Id="Signature-2950265">
>> >> <ds:SignedInfo>
>> >> <ds:CanonicalizationMethod
>> >>
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
>>
>> >>
>> >> <ds:SignatureMethod
>> >>
>> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
>>
>> >>
>> >> <ds:Reference URI="#id-30568553">
>> >> <ds:Transforms>
>> >> <ds:Transform
>> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
>> >> </ds:Transforms>
>> >> <ds:DigestMethod
>> >> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
>> >>
>> >> <ds:DigestValue>zzx3ig1a7LmzkrkBpLOTIJbLd3s=</ds:DigestValue>
>> >> </ds:Reference>
>> >> </ds:SignedInfo>
>> >>
>> >>
>> <ds:SignatureValue>IuRirKy+x18gU00p0uhMEDzEAFvpoHMGKcq45ROmpzQ6ZpD/VEghpYjru6Kff0y3tyWzSvW6nA1mH1pudDP1yLxP5geYvXNPQlFV5X+7T60QPlM6ho3sBj2D3IDAZZXZQdJV+fqC7JycqdzLfXU15fHw+ReZm2r7hIPoys9eHgg=</ds:SignatureValue>
>>
>> >>
>> >> <ds:KeyInfo Id="KeyId-13452612">
>> >> <wsse:SecurityTokenReference
>> >>
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>
>> >>
>> >> wsu:Id="STRId-29769356">
>> >> <wsse:Reference URI="#CertId-1776694"
>> >>
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"></wsse:Reference>
>>
>> >>
>> >> </wsse:SecurityTokenReference>
>> >> </ds:KeyInfo>
>> >> </ds:Signature>
>> >> </wsse:Security>
>> >> </soapenv:Header>
>> >> <soapenv:Body
>> >>
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>
>> >>
>> >> wsu:Id="id-30568553">
>> >> <xenc:EncryptedData Id="EncDataId-30568553"
>> >> Type="http://www.w3.org/2001/04/xmlenc#Content">
>> >> <xenc:EncryptionMethod
>> >>
>> Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"></xenc:EncryptionMethod>
>>
>> >>
>> >> <xenc:CipherData>
>> >>
>> >>
>> <xenc:CipherValue>oXcNsV8AMx98dJom1wFX1i6y0Q90oPf7SpLM88MqCsc9dbVFkJNwN5prhs3WXUtjQ40IKuBRxX+MRNg+J79tT3sm+ivzH7+qol3JaudVz5ahPyLO7BPHmjOLNFV0YrtVs+dUbjhtJHk152uU6Lty/3l9RKuPbC6FDy6NGNpFolt27gqIfOfnQgGFEYpEFST7Vjt/QD6VoLkA7JdjNsJmQceWtn6jQ0ZUHW5lsBCR1fFRYRCBTSp2NHAHf+PqpFuNJ+8jr4HZhhy71dfxACQ4n7BuS0MelKtF/Sf+Gk4MIGsh27JdGESfPG3IQRW6FGicq92TILQPh1mEWAl+xC9cT08Wv6bscNmTM9hz3e4A7Z2C25GpZGki4NTt3jZgYb3BEXAyUQfxANQVe7MFytRlzKGx9rK9qnX1PcF8/4Oa+UNoBNtid+geXYN9xRXM5jvOlRT0rquvu58bv84XCmnzMT6O/OxXdUlaiBSIrVavgcT36QtjHVC0ov69ViHI5c4KdfcZcjk2ijGryJdv7FoNtQcsG6VwufSGXoGrvlzHP+b1fQCaDG2w+vF/DLsjKjb5</xenc:CipherValue>
>>
>> >>
>> >> </xenc:CipherData>
>> >> </xenc:EncryptedData>
>> >> </soapenv:Body>
>> >> </soapenv:Envelope>
>> >>
>> >>
>> >>
>> >> response soap message:
>> >> -----------------------
>> >> <?xml version="1.0" encoding="UTF-8"?>
>> >> <soapenv:Envelope
>> >> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
>> >> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
>> >> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
>> >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
>> >> <soapenv:Header>
>> >> <wsse:Security
>> >>
>> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
>>
>> >>
>> >> soapenv:mustUnderstand="1">
>> >> <wsu:Timestamp
>> >>
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
>>
>> >>
>> >> <wsu:Created>2006-07-10T20:19:53.301Z</wsu:Created>
>> >> <wsu:Expires>2006-07-10T20:24:53.301Z</wsu:Expires>
>> >> </wsu:Timestamp>
>> >> <xenc:EncryptedKey>
>> >> <xenc:EncryptionMethod
>> >>
>> Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"></xenc:EncryptionMethod>
>>
>> >>
>> >> <ds:KeyInfo
>> >> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
>> >> <wsse:SecurityTokenReference>
>> >> <wsse:KeyIdentifier
>> >>
>> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
>>
>> >>
>> >>
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">CuJdE1B2dUFd1dkLZSzQ5vj6MYg=</wsse:KeyIdentifier>
>>
>> >>
>> >> </wsse:SecurityTokenReference>
>> >> </ds:KeyInfo>
>> >> <xenc:CipherData>
>> >>
>> >>
>> <xenc:CipherValue>DSQ2fgmVjM49zAKL7exQfRZ59jHNTy/GYYH+FipkHibYiUUgEcCCtaN9RE4SwXqmQyy32t6x/+YQSlhPK7o8vTJi3jdkcvjk+NJRUFv5r8YLu2x3dtDX3cnhio979uC7JjHDUmgKg9XbZpFWLLerfiL5jZ2Wn7VLtzyHUvk/qBs=</xenc:CipherValue>
>>
>> >>
>> >> </xenc:CipherData>
>> >> <xenc:ReferenceList>
>> >> <xenc:DataReference
>> >> URI="#EncDataId-9012615"></xenc:DataReference>
>> >> </xenc:ReferenceList>
>> >> </xenc:EncryptedKey>
>> >> <wsse:BinarySecurityToken
>> >>
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>
>> >>
>> >>
>> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
>>
>> >>
>> >>
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
>>
>> >>
>> >>
>> wsu:Id="CertId-2645972">MIIDCjCCAfKgAwIBAgIQYDju2/6sm77InYfTq65x+DANBgkqhkiG9w0BAQUFADAwMQ4wDAYDVQQKDAVPQVNJUzEeMBwGA1UEAwwVT0FTSVMgSW50ZXJvcCBUZXN0IENBMB4XDTA1MDMxOTAwMDAwMFoXDTE4MDMxOTIzNTk1OVowQDEOMAwGA1UECgwFT0FTSVMxIDAeBgNVBAsMF09BU0lTIEludGVyb3AgVGVzdCBDZXJ0MQwwCgYDVQQDDANCb2IwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMCquMva4lFDrv3fXQnKK8CkSU7HvVZ0USyJtlL/yhmHH/FQXHyYY+fTcSyWYItWJYiTZ99PAbD+6EKBGbdfuJNUJCGaTWc5ZDUISqM/SGtacYe/PD/4+g3swNPzTUQAIBLRY1pkr2cm3s5Ch/f+mYVNBR41HnBeIxybw25kkoM7AgMBAAGjgZMwgZAwCQYDVR0TBAIwADAzBgNVHR8ELDAqMCiiJoYkaHR0cDovL2ludGVyb3AuYmJ0ZXN0Lm5ldC9jcmwvY2EuY3JsMA4GA1UdDwEB/wQEAwIEsDAdBgNVHQ4EFgQUXeg55vRyK3ZhAEhEf+YT0z986L0wHwYDVR0jBBgwFoAUwJ0o/MHrNaEd1qqqoBwaTcJJDw8wDQYJKoZIhvcNAQEFBQADggEBAIiVGv2lGLhRvmMAHSlY7rKLVkv+zEUtSyg08FBT8z/RepUbtUQShcIqwWsemDU8JVtsucQLc+g6GCQXgkCkMiC8qhcLAt3BXzFmLxuCEAQeeFe8IATr4wACmEQE37TEqAuWEIanPYIplbxYgwP0OBWBSjcRpKRAxjEzuwObYjbll6vKdFHYIweWhhWPrefquFp7TefTkF4D3rcctTfWJ76I5NrEVld+7PBnnJNpdDEuGsoaiJrwTW3Ixm40RXvG3fYS4
>>
> h
>> >>
>> >>
>> IAPeTCUk3RkYfUkqlaaLQnUrF2hZSgiBNLPe8gGkYORccRIlZCGQDEpcWl1Uf9OHw6fC+3hkqolFd5CVI=</wsse:BinarySecurityToken>
>>
>> >>
>> >> <ds:Signature
>> >> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
>> >> <ds:SignedInfo>
>> >> <ds:CanonicalizationMethod
>> >>
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
>>
>> >>
>> >> <ds:SignatureMethod
>> >>
>> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
>>
>> >>
>> >> <ds:Reference URI="#id-9012615">
>> >> <ds:Transforms>
>> >> <ds:Transform
>> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
>> >> </ds:Transforms>
>> >> <ds:DigestMethod
>> >> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
>> >>
>> >> <ds:DigestValue>IRfNt/3fQaa0QskrOxRUUA+1GDA=</ds:DigestValue>
>> >> </ds:Reference>
>> >> </ds:SignedInfo>
>> >>
>> >>
>> <ds:SignatureValue>Np3MfcGB60J5QomOh5Sxy7uUNNyRfmw4xXtnzJQX211PN928V8VyFGztx0AM5EzooUZoSoGA064+3bIe3cZSXYeUOEm625RVD+UDhNUyT5Ed8L1WUJjXAabXWNVeglfqI110DYCHphY9BaTqXYMK5qeUKNFvVaRD+zd4Bm/g/+w=</ds:SignatureValue>
>>
>> >>
>> >> <ds:KeyInfo Id="KeyId-19375260">
>> >> <wsse:SecurityTokenReference
>> >>
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>
>> >>
>> >> wsu:Id="STRId-27799186">
>> >> <wsse:Reference URI="#CertId-2645972"
>> >>
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"></wsse:Reference>
>>
>> >>
>> >> </wsse:SecurityTokenReference>
>> >> </ds:KeyInfo>
>> >> </ds:Signature>
>> >> </wsse:Security>
>> >> </soapenv:Header>
>> >> <soapenv:Body
>> >>
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>
>> >>
>> >> wsu:Id="id-9012615">
>> >> <xenc:EncryptedData Id="EncDataId-9012615"
>> >> Type="http://www.w3.org/2001/04/xmlenc#Content">
>> >> <xenc:EncryptionMethod
>> >>
>> Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"></xenc:EncryptionMethod>
>>
>> >>
>> >> <xenc:CipherData>
>> >>
>> >>
>> <xenc:CipherValue>icXz2exE8Wga6dSjPmJM1VPx2S76MVLuERxODdxrST9S6feRTjSXhry9mBFO8ouNKkMtQie1KxCRHe7MSchFYmMaj3C9UFE30RQXrTj/LLRtkTUAoiq8DpQB3RJX2XPQeHibocNrlL4yY17BLblFTg/UBdIxA7mks3OUEFbVXDc+FSgTcTmjG9Cbmt7e77W3Walx+yJDYvo9zaniEMhcxO5kIglnzjrBcf6WlL74NXDtKsRrMgNYqAVz4IkFG6/5bmmq0Nc36MX9C7XHPp/yJZW2M1WHOOWuTnB9hAgtboGMSMBiTfFQ/XYMT14gTeHFOj+OjszNneYXVZPhnw4HgO5TwmO4k7NKLpHnuv/sKILEvmGB3j+kmAbL06bJYn3fRZnio8LetG5089dQllr/KpYEzhwAzk8eHLtNDC1BTghqsKKuNfTWQuvyNY/cHpIJglO4J/FOMMtnG1XNb2m0CV7EZLTecS3V1RTGdlZyDzp03AzA1Ol8O9XJ1mEaKCab9P0nbzahzYk5VNkz6PbEDIDZsz6ApZ74</xenc:CipherValue>
>>
>> >>
>> >> </xenc:CipherData>
>> >> </xenc:EncryptedData>
>> >> </soapenv:Body>
>> >> </soapenv:Envelope>
>> >>
>> >>
>> >>
>> >> Could some one help me in understanding what might be wrong.
>> >>
>> >> Thanks,
>> >> Ravi
>> >>
>> >>
>> >>
>> >>
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> >> For additional commands, e-mail: axis-user-help@ws.apache.org
>> >
>> >
>>
>>
>>
>>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Repost: WSSecurityException - Check Signature confirmation (Axis
1.4 + wss4j)
Posted by Ravi Krishnamurthy <ra...@savvion.com>.
Thanks Ruchith for your reply.
I'm using the client_deploy.wsdd and deploy.wsdd from the wss4j\interop
samples of wss4j:
client_deploy.wsdd : C:\software\wss4j\interop\org\apache\ws\axis\oasis
depoy.wsdd for the service:
C:\software\wss4j\interop\org\apache\ws\axis\oasis\ping
I have attached them with this email. I get the mentioned exception when
I do the ping3 and above.
The only change I remember doing was to rename the wstest.properties to
wssec.properties. Anyway I will look into it.
Regards,
Ravi
Ruchith Fernando wrote:
> Hi Ravi,
>
> Have you set a handler parameter by the name
> "enableSignatureConfirmation" any where in your configurations?
>
> Since I couldn't find the "SignatureConfirmation" element in your
> response message I think you may have set
> "enableSignatureConfirmation" to false at the service. If so please
> remove it OR add the same entry to client side, so the client side
> handler will not expect a "SignatureConfirmation" element in the
> response.
>
> Thanks,
> Ruchith
>
> On 7/21/06, Ravi Krishnamurthy <ra...@savvion.com> wrote:
>> Thanks Ruchith for your reply.
>> I'm using wss4j-1.5 with axis 1.4
>>
>> ALso I debugegd the wss4j source code yesterday and looks like the
>> following is causing the problem:
>>
>> File: org.apache.ws.security.handler.WSHandler (line # 315 - 321)
>> /*
>> * This indicates this is the last handler: the vector holding
>> the
>> * stored Signature values must be empty, otherwise we have an
>> error
>> */
>> if (!reqData.isNoSerialization()) {
>> log.debug("Check Signature confirmation - last handler");
>> if (sigv != null && !sigv.isEmpty()) {
>> throw new WSSecurityException("WSHandler: Check
>> Signature confirmation: stored SV vector not empty");
>> }
>> }
>>
>> Looks liek teh reqData.isNoSerialization is false and hence the error. I
>> changed it to return true and it worked fine.
>>
>> Since I'm trying the out of the box interop samples, wondering why I'm
>> getting this error.
>>
>> thanks for your time again.
>>
>> Regards,
>> Ravi
>>
>>
>> Ruchith Fernando wrote:
>> > Hi Ravi,
>> >
>> > Which version of WSS4J are you using?
>> >
>> > Thanks,
>> > Ruchith
>> >
>> > On 7/21/06, Ravi Krishnamurthy <ra...@savvion.com> wrote:
>> >>
>> >> Trying my luck if anybody can suggest any pointers,
>> >>
>> >>
>> >>
>> >> Hello:
>> >> Would appreciate if someone could give me some pointers.
>> >>
>> >> Thanks,
>> >> Ravi
>> >>
>> >> Ravi Krishnamurthy wrote:
>> >> Hello:
>> >> I'm trying to use wss4j with Axis1.4 and trying out the samples that
>> >> comes
>> >> with wss4j/interop.
>> >>
>> >> On executing the org.apache.ws.axis.oasis.Scenario3 I get
>> >> the following exception:
>> >>
>> >> WSHandler: Check Signature confirmation: stored SV vector not empty;
>> >> nested
>> >> exception is:
>> >> org.apache.ws.security.WSSecurityException: WSHandler:
>> >> Check Signature confirmation: stored SV vector not empty
>> >> at
>> >>
>> org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:351)
>>
>> >>
>> >>
>> >> I monitor the soap messages through the tcpmon and they are below:
>> >>
>> >> request soap message:
>> >> ----------------------
>> >> <?xml version="1.0" encoding="UTF-8"?>
>> >> <soapenv:Envelope
>> >> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
>> >> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
>> >> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
>> >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
>> >> <soapenv:Header>
>> >> <wsse:Security
>> >>
>> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
>>
>> >>
>> >> soapenv:mustUnderstand="1">
>> >> <wsu:Timestamp
>> >>
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>
>> >>
>> >> wsu:Id="Timestamp-6559246">
>> >> <wsu:Created>2006-07-10T20:19:53.011Z</wsu:Created>
>> >> <wsu:Expires>2006-07-10T20:24:53.011Z</wsu:Expires>
>> >> </wsu:Timestamp>
>> >> <xenc:EncryptedKey Id="EncKeyId-13076987">
>> >> <xenc:EncryptionMethod
>> >>
>> Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"></xenc:EncryptionMethod>
>>
>> >>
>> >> <ds:KeyInfo
>> >> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
>> >> <wsse:SecurityTokenReference>
>> >> <wsse:KeyIdentifier
>> >>
>> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
>>
>> >>
>> >>
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">Xeg55vRyK3ZhAEhEf+YT0z986L0=</wsse:KeyIdentifier>
>>
>> >>
>> >> </wsse:SecurityTokenReference>
>> >> </ds:KeyInfo>
>> >> <xenc:CipherData>
>> >>
>> >>
>> <xenc:CipherValue>HEhP2Wm923TOcrC6vcfyf3I7BQPFW6pzZb4oRsV6GHL1THJvLbmjeIGTX9p3/6bLL4lQEy/7M3Sk2znE7QBjTtQuip+WAiJuiKONzQRC175FZTkhNgF6iD62/ikuGMihR3yn/1KZtjMiH8k/gh1Q+sRW0pD8JmEKnBWw2hhX/n8=</xenc:CipherValue>
>>
>> >>
>> >> </xenc:CipherData>
>> >> <xenc:ReferenceList>
>> >> <xenc:DataReference
>> >> URI="#EncDataId-30568553"></xenc:DataReference>
>> >> </xenc:ReferenceList>
>> >> </xenc:EncryptedKey>
>> >> <wsse:BinarySecurityToken
>> >>
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>
>> >>
>> >>
>> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
>>
>> >>
>> >>
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
>>
>> >>
>> >>
>> wsu:Id="CertId-1776694">MIIDDDCCAfSgAwIBAgIQM6YEf7FVYx/tZyEXgVComTANBgkqhkiG9w0BAQUFADAwMQ4wDAYDVQQKDAVPQVNJUzEeMBwGA1UEAwwVT0FTSVMgSW50ZXJvcCBUZXN0IENBMB4XDTA1MDMxOTAwMDAwMFoXDTE4MDMxOTIzNTk1OVowQjEOMAwGA1UECgwFT0FTSVMxIDAeBgNVBAsMF09BU0lTIEludGVyb3AgVGVzdCBDZXJ0MQ4wDAYDVQQDDAVBbGljZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAoqi99By1VYo0aHrkKCNT4DkIgPL/SgahbeKdGhrbu3K2XG7arfD9tqIBIKMfrX4Gp90NJa85AV1yiNsEyvq+mUnMpNcKnLXLOjkTmMCqDYbbkehJlXPnaWLzve+mW0pJdPxtf3rbD4PS/cBQIvtpjmrDAU8VsZKT8DN5Kyz+EZsCAwEAAaOBkzCBkDAJBgNVHRMEAjAAMDMGA1UdHwQsMCowKKImhiRodHRwOi8vaW50ZXJvcC5iYnRlc3QubmV0L2NybC9jYS5jcmwwDgYDVR0PAQH/BAQDAgSwMB0GA1UdDgQWBBQK4l0TUHZ1QV3V2QtlLNDm+PoxiDAfBgNVHSMEGDAWgBTAnSj8wes1oR3WqqqgHBpNwkkPDzANBgkqhkiG9w0BAQUFAAOCAQEABTqpOpvW+6yrLXyUlP2xJbEkohXHI5OWwKWleOb9hlkhWntUalfcFOJAgUyH30TTpHldzx1+vK2LPzhoUFKYHE1IyQvokBN2JjFO64BQukCKnZhldLRPxGhfkTdxQgdf5rCK/wh3xVsZCNTfuMNmlAM6lOAg8QduDah3WFZpEA0s2nwQaCNQTNMjJC8tav1CBr6+E5FAmwPXP7pJxn9Fw9OXRyqbRA4v2y7YpbGkG2GI9UvOHw6SGvf4FRSthMMO3
>>
> 5
>> >>
>> >>
>> YbpikGsLix3vAsXWWi4rwfVOYzQK0OFPNi9RMCUdSH06m9uLWckiCxjos0FQODZE9l4ATGy9s9hNVwryOJTw==</wsse:BinarySecurityToken>
>>
>> >>
>> >> <ds:Signature
>> >> xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
>> >> Id="Signature-2950265">
>> >> <ds:SignedInfo>
>> >> <ds:CanonicalizationMethod
>> >>
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
>>
>> >>
>> >> <ds:SignatureMethod
>> >>
>> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
>>
>> >>
>> >> <ds:Reference URI="#id-30568553">
>> >> <ds:Transforms>
>> >> <ds:Transform
>> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
>> >> </ds:Transforms>
>> >> <ds:DigestMethod
>> >> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
>> >>
>> >> <ds:DigestValue>zzx3ig1a7LmzkrkBpLOTIJbLd3s=</ds:DigestValue>
>> >> </ds:Reference>
>> >> </ds:SignedInfo>
>> >>
>> >>
>> <ds:SignatureValue>IuRirKy+x18gU00p0uhMEDzEAFvpoHMGKcq45ROmpzQ6ZpD/VEghpYjru6Kff0y3tyWzSvW6nA1mH1pudDP1yLxP5geYvXNPQlFV5X+7T60QPlM6ho3sBj2D3IDAZZXZQdJV+fqC7JycqdzLfXU15fHw+ReZm2r7hIPoys9eHgg=</ds:SignatureValue>
>>
>> >>
>> >> <ds:KeyInfo Id="KeyId-13452612">
>> >> <wsse:SecurityTokenReference
>> >>
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>
>> >>
>> >> wsu:Id="STRId-29769356">
>> >> <wsse:Reference URI="#CertId-1776694"
>> >>
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"></wsse:Reference>
>>
>> >>
>> >> </wsse:SecurityTokenReference>
>> >> </ds:KeyInfo>
>> >> </ds:Signature>
>> >> </wsse:Security>
>> >> </soapenv:Header>
>> >> <soapenv:Body
>> >>
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>
>> >>
>> >> wsu:Id="id-30568553">
>> >> <xenc:EncryptedData Id="EncDataId-30568553"
>> >> Type="http://www.w3.org/2001/04/xmlenc#Content">
>> >> <xenc:EncryptionMethod
>> >>
>> Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"></xenc:EncryptionMethod>
>>
>> >>
>> >> <xenc:CipherData>
>> >>
>> >>
>> <xenc:CipherValue>oXcNsV8AMx98dJom1wFX1i6y0Q90oPf7SpLM88MqCsc9dbVFkJNwN5prhs3WXUtjQ40IKuBRxX+MRNg+J79tT3sm+ivzH7+qol3JaudVz5ahPyLO7BPHmjOLNFV0YrtVs+dUbjhtJHk152uU6Lty/3l9RKuPbC6FDy6NGNpFolt27gqIfOfnQgGFEYpEFST7Vjt/QD6VoLkA7JdjNsJmQceWtn6jQ0ZUHW5lsBCR1fFRYRCBTSp2NHAHf+PqpFuNJ+8jr4HZhhy71dfxACQ4n7BuS0MelKtF/Sf+Gk4MIGsh27JdGESfPG3IQRW6FGicq92TILQPh1mEWAl+xC9cT08Wv6bscNmTM9hz3e4A7Z2C25GpZGki4NTt3jZgYb3BEXAyUQfxANQVe7MFytRlzKGx9rK9qnX1PcF8/4Oa+UNoBNtid+geXYN9xRXM5jvOlRT0rquvu58bv84XCmnzMT6O/OxXdUlaiBSIrVavgcT36QtjHVC0ov69ViHI5c4KdfcZcjk2ijGryJdv7FoNtQcsG6VwufSGXoGrvlzHP+b1fQCaDG2w+vF/DLsjKjb5</xenc:CipherValue>
>>
>> >>
>> >> </xenc:CipherData>
>> >> </xenc:EncryptedData>
>> >> </soapenv:Body>
>> >> </soapenv:Envelope>
>> >>
>> >>
>> >>
>> >> response soap message:
>> >> -----------------------
>> >> <?xml version="1.0" encoding="UTF-8"?>
>> >> <soapenv:Envelope
>> >> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
>> >> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
>> >> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
>> >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
>> >> <soapenv:Header>
>> >> <wsse:Security
>> >>
>> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
>>
>> >>
>> >> soapenv:mustUnderstand="1">
>> >> <wsu:Timestamp
>> >>
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
>>
>> >>
>> >> <wsu:Created>2006-07-10T20:19:53.301Z</wsu:Created>
>> >> <wsu:Expires>2006-07-10T20:24:53.301Z</wsu:Expires>
>> >> </wsu:Timestamp>
>> >> <xenc:EncryptedKey>
>> >> <xenc:EncryptionMethod
>> >>
>> Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"></xenc:EncryptionMethod>
>>
>> >>
>> >> <ds:KeyInfo
>> >> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
>> >> <wsse:SecurityTokenReference>
>> >> <wsse:KeyIdentifier
>> >>
>> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
>>
>> >>
>> >>
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">CuJdE1B2dUFd1dkLZSzQ5vj6MYg=</wsse:KeyIdentifier>
>>
>> >>
>> >> </wsse:SecurityTokenReference>
>> >> </ds:KeyInfo>
>> >> <xenc:CipherData>
>> >>
>> >>
>> <xenc:CipherValue>DSQ2fgmVjM49zAKL7exQfRZ59jHNTy/GYYH+FipkHibYiUUgEcCCtaN9RE4SwXqmQyy32t6x/+YQSlhPK7o8vTJi3jdkcvjk+NJRUFv5r8YLu2x3dtDX3cnhio979uC7JjHDUmgKg9XbZpFWLLerfiL5jZ2Wn7VLtzyHUvk/qBs=</xenc:CipherValue>
>>
>> >>
>> >> </xenc:CipherData>
>> >> <xenc:ReferenceList>
>> >> <xenc:DataReference
>> >> URI="#EncDataId-9012615"></xenc:DataReference>
>> >> </xenc:ReferenceList>
>> >> </xenc:EncryptedKey>
>> >> <wsse:BinarySecurityToken
>> >>
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>
>> >>
>> >>
>> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
>>
>> >>
>> >>
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
>>
>> >>
>> >>
>> wsu:Id="CertId-2645972">MIIDCjCCAfKgAwIBAgIQYDju2/6sm77InYfTq65x+DANBgkqhkiG9w0BAQUFADAwMQ4wDAYDVQQKDAVPQVNJUzEeMBwGA1UEAwwVT0FTSVMgSW50ZXJvcCBUZXN0IENBMB4XDTA1MDMxOTAwMDAwMFoXDTE4MDMxOTIzNTk1OVowQDEOMAwGA1UECgwFT0FTSVMxIDAeBgNVBAsMF09BU0lTIEludGVyb3AgVGVzdCBDZXJ0MQwwCgYDVQQDDANCb2IwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMCquMva4lFDrv3fXQnKK8CkSU7HvVZ0USyJtlL/yhmHH/FQXHyYY+fTcSyWYItWJYiTZ99PAbD+6EKBGbdfuJNUJCGaTWc5ZDUISqM/SGtacYe/PD/4+g3swNPzTUQAIBLRY1pkr2cm3s5Ch/f+mYVNBR41HnBeIxybw25kkoM7AgMBAAGjgZMwgZAwCQYDVR0TBAIwADAzBgNVHR8ELDAqMCiiJoYkaHR0cDovL2ludGVyb3AuYmJ0ZXN0Lm5ldC9jcmwvY2EuY3JsMA4GA1UdDwEB/wQEAwIEsDAdBgNVHQ4EFgQUXeg55vRyK3ZhAEhEf+YT0z986L0wHwYDVR0jBBgwFoAUwJ0o/MHrNaEd1qqqoBwaTcJJDw8wDQYJKoZIhvcNAQEFBQADggEBAIiVGv2lGLhRvmMAHSlY7rKLVkv+zEUtSyg08FBT8z/RepUbtUQShcIqwWsemDU8JVtsucQLc+g6GCQXgkCkMiC8qhcLAt3BXzFmLxuCEAQeeFe8IATr4wACmEQE37TEqAuWEIanPYIplbxYgwP0OBWBSjcRpKRAxjEzuwObYjbll6vKdFHYIweWhhWPrefquFp7TefTkF4D3rcctTfWJ76I5NrEVld+7PBnnJNpdDEuGsoaiJrwTW3Ixm40RXvG3fYS4
>>
> h
>> >>
>> >>
>> IAPeTCUk3RkYfUkqlaaLQnUrF2hZSgiBNLPe8gGkYORccRIlZCGQDEpcWl1Uf9OHw6fC+3hkqolFd5CVI=</wsse:BinarySecurityToken>
>>
>> >>
>> >> <ds:Signature
>> >> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
>> >> <ds:SignedInfo>
>> >> <ds:CanonicalizationMethod
>> >>
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
>>
>> >>
>> >> <ds:SignatureMethod
>> >>
>> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
>>
>> >>
>> >> <ds:Reference URI="#id-9012615">
>> >> <ds:Transforms>
>> >> <ds:Transform
>> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
>> >> </ds:Transforms>
>> >> <ds:DigestMethod
>> >> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
>> >>
>> >> <ds:DigestValue>IRfNt/3fQaa0QskrOxRUUA+1GDA=</ds:DigestValue>
>> >> </ds:Reference>
>> >> </ds:SignedInfo>
>> >>
>> >>
>> <ds:SignatureValue>Np3MfcGB60J5QomOh5Sxy7uUNNyRfmw4xXtnzJQX211PN928V8VyFGztx0AM5EzooUZoSoGA064+3bIe3cZSXYeUOEm625RVD+UDhNUyT5Ed8L1WUJjXAabXWNVeglfqI110DYCHphY9BaTqXYMK5qeUKNFvVaRD+zd4Bm/g/+w=</ds:SignatureValue>
>>
>> >>
>> >> <ds:KeyInfo Id="KeyId-19375260">
>> >> <wsse:SecurityTokenReference
>> >>
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>
>> >>
>> >> wsu:Id="STRId-27799186">
>> >> <wsse:Reference URI="#CertId-2645972"
>> >>
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"></wsse:Reference>
>>
>> >>
>> >> </wsse:SecurityTokenReference>
>> >> </ds:KeyInfo>
>> >> </ds:Signature>
>> >> </wsse:Security>
>> >> </soapenv:Header>
>> >> <soapenv:Body
>> >>
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>
>> >>
>> >> wsu:Id="id-9012615">
>> >> <xenc:EncryptedData Id="EncDataId-9012615"
>> >> Type="http://www.w3.org/2001/04/xmlenc#Content">
>> >> <xenc:EncryptionMethod
>> >>
>> Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"></xenc:EncryptionMethod>
>>
>> >>
>> >> <xenc:CipherData>
>> >>
>> >>
>> <xenc:CipherValue>icXz2exE8Wga6dSjPmJM1VPx2S76MVLuERxODdxrST9S6feRTjSXhry9mBFO8ouNKkMtQie1KxCRHe7MSchFYmMaj3C9UFE30RQXrTj/LLRtkTUAoiq8DpQB3RJX2XPQeHibocNrlL4yY17BLblFTg/UBdIxA7mks3OUEFbVXDc+FSgTcTmjG9Cbmt7e77W3Walx+yJDYvo9zaniEMhcxO5kIglnzjrBcf6WlL74NXDtKsRrMgNYqAVz4IkFG6/5bmmq0Nc36MX9C7XHPp/yJZW2M1WHOOWuTnB9hAgtboGMSMBiTfFQ/XYMT14gTeHFOj+OjszNneYXVZPhnw4HgO5TwmO4k7NKLpHnuv/sKILEvmGB3j+kmAbL06bJYn3fRZnio8LetG5089dQllr/KpYEzhwAzk8eHLtNDC1BTghqsKKuNfTWQuvyNY/cHpIJglO4J/FOMMtnG1XNb2m0CV7EZLTecS3V1RTGdlZyDzp03AzA1Ol8O9XJ1mEaKCab9P0nbzahzYk5VNkz6PbEDIDZsz6ApZ74</xenc:CipherValue>
>>
>> >>
>> >> </xenc:CipherData>
>> >> </xenc:EncryptedData>
>> >> </soapenv:Body>
>> >> </soapenv:Envelope>
>> >>
>> >>
>> >>
>> >> Could some one help me in understanding what might be wrong.
>> >>
>> >> Thanks,
>> >> Ravi
>> >>
>> >>
>> >>
>> >>
>> >>
>> >> ---------------------------------------------------------------------
>> >> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> >> For additional commands, e-mail: axis-user-help@ws.apache.org
>> >
>> >
>>
>>
>>
>>
>
>
Re: Repost: WSSecurityException - Check Signature confirmation (Axis 1.4 + wss4j)
Posted by Ruchith Fernando <ru...@gmail.com>.
Hi Ravi,
Have you set a handler parameter by the name
"enableSignatureConfirmation" any where in your configurations?
Since I couldn't find the "SignatureConfirmation" element in your
response message I think you may have set
"enableSignatureConfirmation" to false at the service. If so please
remove it OR add the same entry to client side, so the client side
handler will not expect a "SignatureConfirmation" element in the
response.
Thanks,
Ruchith
On 7/21/06, Ravi Krishnamurthy <ra...@savvion.com> wrote:
> Thanks Ruchith for your reply.
> I'm using wss4j-1.5 with axis 1.4
>
> ALso I debugegd the wss4j source code yesterday and looks like the
> following is causing the problem:
>
> File: org.apache.ws.security.handler.WSHandler (line # 315 - 321)
> /*
> * This indicates this is the last handler: the vector holding the
> * stored Signature values must be empty, otherwise we have an error
> */
> if (!reqData.isNoSerialization()) {
> log.debug("Check Signature confirmation - last handler");
> if (sigv != null && !sigv.isEmpty()) {
> throw new WSSecurityException("WSHandler: Check
> Signature confirmation: stored SV vector not empty");
> }
> }
>
> Looks liek teh reqData.isNoSerialization is false and hence the error. I
> changed it to return true and it worked fine.
>
> Since I'm trying the out of the box interop samples, wondering why I'm
> getting this error.
>
> thanks for your time again.
>
> Regards,
> Ravi
>
>
> Ruchith Fernando wrote:
> > Hi Ravi,
> >
> > Which version of WSS4J are you using?
> >
> > Thanks,
> > Ruchith
> >
> > On 7/21/06, Ravi Krishnamurthy <ra...@savvion.com> wrote:
> >>
> >> Trying my luck if anybody can suggest any pointers,
> >>
> >>
> >>
> >> Hello:
> >> Would appreciate if someone could give me some pointers.
> >>
> >> Thanks,
> >> Ravi
> >>
> >> Ravi Krishnamurthy wrote:
> >> Hello:
> >> I'm trying to use wss4j with Axis1.4 and trying out the samples that
> >> comes
> >> with wss4j/interop.
> >>
> >> On executing the org.apache.ws.axis.oasis.Scenario3 I get
> >> the following exception:
> >>
> >> WSHandler: Check Signature confirmation: stored SV vector not empty;
> >> nested
> >> exception is:
> >> org.apache.ws.security.WSSecurityException: WSHandler:
> >> Check Signature confirmation: stored SV vector not empty
> >> at
> >> org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:351)
> >>
> >>
> >> I monitor the soap messages through the tcpmon and they are below:
> >>
> >> request soap message:
> >> ----------------------
> >> <?xml version="1.0" encoding="UTF-8"?>
> >> <soapenv:Envelope
> >> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
> >> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
> >> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> >> <soapenv:Header>
> >> <wsse:Security
> >> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
> >>
> >> soapenv:mustUnderstand="1">
> >> <wsu:Timestamp
> >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> >>
> >> wsu:Id="Timestamp-6559246">
> >> <wsu:Created>2006-07-10T20:19:53.011Z</wsu:Created>
> >> <wsu:Expires>2006-07-10T20:24:53.011Z</wsu:Expires>
> >> </wsu:Timestamp>
> >> <xenc:EncryptedKey Id="EncKeyId-13076987">
> >> <xenc:EncryptionMethod
> >> Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"></xenc:EncryptionMethod>
> >>
> >> <ds:KeyInfo
> >> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> >> <wsse:SecurityTokenReference>
> >> <wsse:KeyIdentifier
> >> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
> >>
> >> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">Xeg55vRyK3ZhAEhEf+YT0z986L0=</wsse:KeyIdentifier>
> >>
> >> </wsse:SecurityTokenReference>
> >> </ds:KeyInfo>
> >> <xenc:CipherData>
> >>
> >> <xenc:CipherValue>HEhP2Wm923TOcrC6vcfyf3I7BQPFW6pzZb4oRsV6GHL1THJvLbmjeIGTX9p3/6bLL4lQEy/7M3Sk2znE7QBjTtQuip+WAiJuiKONzQRC175FZTkhNgF6iD62/ikuGMihR3yn/1KZtjMiH8k/gh1Q+sRW0pD8JmEKnBWw2hhX/n8=</xenc:CipherValue>
> >>
> >> </xenc:CipherData>
> >> <xenc:ReferenceList>
> >> <xenc:DataReference
> >> URI="#EncDataId-30568553"></xenc:DataReference>
> >> </xenc:ReferenceList>
> >> </xenc:EncryptedKey>
> >> <wsse:BinarySecurityToken
> >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> >>
> >> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
> >>
> >> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
> >>
> >> wsu:Id="CertId-1776694">MIIDDDCCAfSgAwIBAgIQM6YEf7FVYx/tZyEXgVComTANBgkqhkiG9w0BAQUFADAwMQ4wDAYDVQQKDAVPQVNJUzEeMBwGA1UEAwwVT0FTSVMgSW50ZXJvcCBUZXN0IENBMB4XDTA1MDMxOTAwMDAwMFoXDTE4MDMxOTIzNTk1OVowQjEOMAwGA1UECgwFT0FTSVMxIDAeBgNVBAsMF09BU0lTIEludGVyb3AgVGVzdCBDZXJ0MQ4wDAYDVQQDDAVBbGljZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAoqi99By1VYo0aHrkKCNT4DkIgPL/SgahbeKdGhrbu3K2XG7arfD9tqIBIKMfrX4Gp90NJa85AV1yiNsEyvq+mUnMpNcKnLXLOjkTmMCqDYbbkehJlXPnaWLzve+mW0pJdPxtf3rbD4PS/cBQIvtpjmrDAU8VsZKT8DN5Kyz+EZsCAwEAAaOBkzCBkDAJBgNVHRMEAjAAMDMGA1UdHwQsMCowKKImhiRodHRwOi8vaW50ZXJvcC5iYnRlc3QubmV0L2NybC9jYS5jcmwwDgYDVR0PAQH/BAQDAgSwMB0GA1UdDgQWBBQK4l0TUHZ1QV3V2QtlLNDm+PoxiDAfBgNVHSMEGDAWgBTAnSj8wes1oR3WqqqgHBpNwkkPDzANBgkqhkiG9w0BAQUFAAOCAQEABTqpOpvW+6yrLXyUlP2xJbEkohXHI5OWwKWleOb9hlkhWntUalfcFOJAgUyH30TTpHldzx1+vK2LPzhoUFKYHE1IyQvokBN2JjFO64BQukCKnZhldLRPxGhfkTdxQgdf5rCK/wh3xVsZCNTfuMNmlAM6lOAg8QduDah3WFZpEA0s2nwQaCNQTNMjJC8tav1CBr6+E5FAmwPXP7pJxn9Fw9OXRyqbRA4v2y7YpbGkG2GI9UvOHw6SGvf4FRSthMMO3
5
> >>
> >> YbpikGsLix3vAsXWWi4rwfVOYzQK0OFPNi9RMCUdSH06m9uLWckiCxjos0FQODZE9l4ATGy9s9hNVwryOJTw==</wsse:BinarySecurityToken>
> >>
> >> <ds:Signature
> >> xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
> >> Id="Signature-2950265">
> >> <ds:SignedInfo>
> >> <ds:CanonicalizationMethod
> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
> >>
> >> <ds:SignatureMethod
> >> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
> >>
> >> <ds:Reference URI="#id-30568553">
> >> <ds:Transforms>
> >> <ds:Transform
> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
> >> </ds:Transforms>
> >> <ds:DigestMethod
> >> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
> >>
> >> <ds:DigestValue>zzx3ig1a7LmzkrkBpLOTIJbLd3s=</ds:DigestValue>
> >> </ds:Reference>
> >> </ds:SignedInfo>
> >>
> >> <ds:SignatureValue>IuRirKy+x18gU00p0uhMEDzEAFvpoHMGKcq45ROmpzQ6ZpD/VEghpYjru6Kff0y3tyWzSvW6nA1mH1pudDP1yLxP5geYvXNPQlFV5X+7T60QPlM6ho3sBj2D3IDAZZXZQdJV+fqC7JycqdzLfXU15fHw+ReZm2r7hIPoys9eHgg=</ds:SignatureValue>
> >>
> >> <ds:KeyInfo Id="KeyId-13452612">
> >> <wsse:SecurityTokenReference
> >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> >>
> >> wsu:Id="STRId-29769356">
> >> <wsse:Reference URI="#CertId-1776694"
> >> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"></wsse:Reference>
> >>
> >> </wsse:SecurityTokenReference>
> >> </ds:KeyInfo>
> >> </ds:Signature>
> >> </wsse:Security>
> >> </soapenv:Header>
> >> <soapenv:Body
> >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> >>
> >> wsu:Id="id-30568553">
> >> <xenc:EncryptedData Id="EncDataId-30568553"
> >> Type="http://www.w3.org/2001/04/xmlenc#Content">
> >> <xenc:EncryptionMethod
> >> Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"></xenc:EncryptionMethod>
> >>
> >> <xenc:CipherData>
> >>
> >> <xenc:CipherValue>oXcNsV8AMx98dJom1wFX1i6y0Q90oPf7SpLM88MqCsc9dbVFkJNwN5prhs3WXUtjQ40IKuBRxX+MRNg+J79tT3sm+ivzH7+qol3JaudVz5ahPyLO7BPHmjOLNFV0YrtVs+dUbjhtJHk152uU6Lty/3l9RKuPbC6FDy6NGNpFolt27gqIfOfnQgGFEYpEFST7Vjt/QD6VoLkA7JdjNsJmQceWtn6jQ0ZUHW5lsBCR1fFRYRCBTSp2NHAHf+PqpFuNJ+8jr4HZhhy71dfxACQ4n7BuS0MelKtF/Sf+Gk4MIGsh27JdGESfPG3IQRW6FGicq92TILQPh1mEWAl+xC9cT08Wv6bscNmTM9hz3e4A7Z2C25GpZGki4NTt3jZgYb3BEXAyUQfxANQVe7MFytRlzKGx9rK9qnX1PcF8/4Oa+UNoBNtid+geXYN9xRXM5jvOlRT0rquvu58bv84XCmnzMT6O/OxXdUlaiBSIrVavgcT36QtjHVC0ov69ViHI5c4KdfcZcjk2ijGryJdv7FoNtQcsG6VwufSGXoGrvlzHP+b1fQCaDG2w+vF/DLsjKjb5</xenc:CipherValue>
> >>
> >> </xenc:CipherData>
> >> </xenc:EncryptedData>
> >> </soapenv:Body>
> >> </soapenv:Envelope>
> >>
> >>
> >>
> >> response soap message:
> >> -----------------------
> >> <?xml version="1.0" encoding="UTF-8"?>
> >> <soapenv:Envelope
> >> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
> >> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
> >> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> >> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> >> <soapenv:Header>
> >> <wsse:Security
> >> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
> >>
> >> soapenv:mustUnderstand="1">
> >> <wsu:Timestamp
> >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
> >>
> >> <wsu:Created>2006-07-10T20:19:53.301Z</wsu:Created>
> >> <wsu:Expires>2006-07-10T20:24:53.301Z</wsu:Expires>
> >> </wsu:Timestamp>
> >> <xenc:EncryptedKey>
> >> <xenc:EncryptionMethod
> >> Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"></xenc:EncryptionMethod>
> >>
> >> <ds:KeyInfo
> >> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> >> <wsse:SecurityTokenReference>
> >> <wsse:KeyIdentifier
> >> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
> >>
> >> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">CuJdE1B2dUFd1dkLZSzQ5vj6MYg=</wsse:KeyIdentifier>
> >>
> >> </wsse:SecurityTokenReference>
> >> </ds:KeyInfo>
> >> <xenc:CipherData>
> >>
> >> <xenc:CipherValue>DSQ2fgmVjM49zAKL7exQfRZ59jHNTy/GYYH+FipkHibYiUUgEcCCtaN9RE4SwXqmQyy32t6x/+YQSlhPK7o8vTJi3jdkcvjk+NJRUFv5r8YLu2x3dtDX3cnhio979uC7JjHDUmgKg9XbZpFWLLerfiL5jZ2Wn7VLtzyHUvk/qBs=</xenc:CipherValue>
> >>
> >> </xenc:CipherData>
> >> <xenc:ReferenceList>
> >> <xenc:DataReference
> >> URI="#EncDataId-9012615"></xenc:DataReference>
> >> </xenc:ReferenceList>
> >> </xenc:EncryptedKey>
> >> <wsse:BinarySecurityToken
> >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> >>
> >> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
> >>
> >> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
> >>
> >> wsu:Id="CertId-2645972">MIIDCjCCAfKgAwIBAgIQYDju2/6sm77InYfTq65x+DANBgkqhkiG9w0BAQUFADAwMQ4wDAYDVQQKDAVPQVNJUzEeMBwGA1UEAwwVT0FTSVMgSW50ZXJvcCBUZXN0IENBMB4XDTA1MDMxOTAwMDAwMFoXDTE4MDMxOTIzNTk1OVowQDEOMAwGA1UECgwFT0FTSVMxIDAeBgNVBAsMF09BU0lTIEludGVyb3AgVGVzdCBDZXJ0MQwwCgYDVQQDDANCb2IwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMCquMva4lFDrv3fXQnKK8CkSU7HvVZ0USyJtlL/yhmHH/FQXHyYY+fTcSyWYItWJYiTZ99PAbD+6EKBGbdfuJNUJCGaTWc5ZDUISqM/SGtacYe/PD/4+g3swNPzTUQAIBLRY1pkr2cm3s5Ch/f+mYVNBR41HnBeIxybw25kkoM7AgMBAAGjgZMwgZAwCQYDVR0TBAIwADAzBgNVHR8ELDAqMCiiJoYkaHR0cDovL2ludGVyb3AuYmJ0ZXN0Lm5ldC9jcmwvY2EuY3JsMA4GA1UdDwEB/wQEAwIEsDAdBgNVHQ4EFgQUXeg55vRyK3ZhAEhEf+YT0z986L0wHwYDVR0jBBgwFoAUwJ0o/MHrNaEd1qqqoBwaTcJJDw8wDQYJKoZIhvcNAQEFBQADggEBAIiVGv2lGLhRvmMAHSlY7rKLVkv+zEUtSyg08FBT8z/RepUbtUQShcIqwWsemDU8JVtsucQLc+g6GCQXgkCkMiC8qhcLAt3BXzFmLxuCEAQeeFe8IATr4wACmEQE37TEqAuWEIanPYIplbxYgwP0OBWBSjcRpKRAxjEzuwObYjbll6vKdFHYIweWhhWPrefquFp7TefTkF4D3rcctTfWJ76I5NrEVld+7PBnnJNpdDEuGsoaiJrwTW3Ixm40RXvG3fYS4
h
> >>
> >> IAPeTCUk3RkYfUkqlaaLQnUrF2hZSgiBNLPe8gGkYORccRIlZCGQDEpcWl1Uf9OHw6fC+3hkqolFd5CVI=</wsse:BinarySecurityToken>
> >>
> >> <ds:Signature
> >> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> >> <ds:SignedInfo>
> >> <ds:CanonicalizationMethod
> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
> >>
> >> <ds:SignatureMethod
> >> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
> >>
> >> <ds:Reference URI="#id-9012615">
> >> <ds:Transforms>
> >> <ds:Transform
> >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
> >> </ds:Transforms>
> >> <ds:DigestMethod
> >> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
> >>
> >> <ds:DigestValue>IRfNt/3fQaa0QskrOxRUUA+1GDA=</ds:DigestValue>
> >> </ds:Reference>
> >> </ds:SignedInfo>
> >>
> >> <ds:SignatureValue>Np3MfcGB60J5QomOh5Sxy7uUNNyRfmw4xXtnzJQX211PN928V8VyFGztx0AM5EzooUZoSoGA064+3bIe3cZSXYeUOEm625RVD+UDhNUyT5Ed8L1WUJjXAabXWNVeglfqI110DYCHphY9BaTqXYMK5qeUKNFvVaRD+zd4Bm/g/+w=</ds:SignatureValue>
> >>
> >> <ds:KeyInfo Id="KeyId-19375260">
> >> <wsse:SecurityTokenReference
> >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> >>
> >> wsu:Id="STRId-27799186">
> >> <wsse:Reference URI="#CertId-2645972"
> >> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"></wsse:Reference>
> >>
> >> </wsse:SecurityTokenReference>
> >> </ds:KeyInfo>
> >> </ds:Signature>
> >> </wsse:Security>
> >> </soapenv:Header>
> >> <soapenv:Body
> >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> >>
> >> wsu:Id="id-9012615">
> >> <xenc:EncryptedData Id="EncDataId-9012615"
> >> Type="http://www.w3.org/2001/04/xmlenc#Content">
> >> <xenc:EncryptionMethod
> >> Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"></xenc:EncryptionMethod>
> >>
> >> <xenc:CipherData>
> >>
> >> <xenc:CipherValue>icXz2exE8Wga6dSjPmJM1VPx2S76MVLuERxODdxrST9S6feRTjSXhry9mBFO8ouNKkMtQie1KxCRHe7MSchFYmMaj3C9UFE30RQXrTj/LLRtkTUAoiq8DpQB3RJX2XPQeHibocNrlL4yY17BLblFTg/UBdIxA7mks3OUEFbVXDc+FSgTcTmjG9Cbmt7e77W3Walx+yJDYvo9zaniEMhcxO5kIglnzjrBcf6WlL74NXDtKsRrMgNYqAVz4IkFG6/5bmmq0Nc36MX9C7XHPp/yJZW2M1WHOOWuTnB9hAgtboGMSMBiTfFQ/XYMT14gTeHFOj+OjszNneYXVZPhnw4HgO5TwmO4k7NKLpHnuv/sKILEvmGB3j+kmAbL06bJYn3fRZnio8LetG5089dQllr/KpYEzhwAzk8eHLtNDC1BTghqsKKuNfTWQuvyNY/cHpIJglO4J/FOMMtnG1XNb2m0CV7EZLTecS3V1RTGdlZyDzp03AzA1Ol8O9XJ1mEaKCab9P0nbzahzYk5VNkz6PbEDIDZsz6ApZ74</xenc:CipherValue>
> >>
> >> </xenc:CipherData>
> >> </xenc:EncryptedData>
> >> </soapenv:Body>
> >> </soapenv:Envelope>
> >>
> >>
> >>
> >> Could some one help me in understanding what might be wrong.
> >>
> >> Thanks,
> >> Ravi
> >>
> >>
> >>
> >>
> >>
> >> ---------------------------------------------------------------------
> >> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> >> For additional commands, e-mail: axis-user-help@ws.apache.org
> >
> >
>
>
>
>
--
www.ruchith.org
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org
Re: Repost: WSSecurityException - Check Signature confirmation (Axis
1.4 + wss4j)
Posted by Ravi Krishnamurthy <ra...@savvion.com>.
Thanks Ruchith for your reply.
I'm using wss4j-1.5 with axis 1.4
ALso I debugegd the wss4j source code yesterday and looks like the
following is causing the problem:
File: org.apache.ws.security.handler.WSHandler (line # 315 - 321)
/*
* This indicates this is the last handler: the vector holding the
* stored Signature values must be empty, otherwise we have an error
*/
if (!reqData.isNoSerialization()) {
log.debug("Check Signature confirmation - last handler");
if (sigv != null && !sigv.isEmpty()) {
throw new WSSecurityException("WSHandler: Check
Signature confirmation: stored SV vector not empty");
}
}
Looks liek teh reqData.isNoSerialization is false and hence the error. I
changed it to return true and it worked fine.
Since I'm trying the out of the box interop samples, wondering why I'm
getting this error.
thanks for your time again.
Regards,
Ravi
Ruchith Fernando wrote:
> Hi Ravi,
>
> Which version of WSS4J are you using?
>
> Thanks,
> Ruchith
>
> On 7/21/06, Ravi Krishnamurthy <ra...@savvion.com> wrote:
>>
>> Trying my luck if anybody can suggest any pointers,
>>
>>
>>
>> Hello:
>> Would appreciate if someone could give me some pointers.
>>
>> Thanks,
>> Ravi
>>
>> Ravi Krishnamurthy wrote:
>> Hello:
>> I'm trying to use wss4j with Axis1.4 and trying out the samples that
>> comes
>> with wss4j/interop.
>>
>> On executing the org.apache.ws.axis.oasis.Scenario3 I get
>> the following exception:
>>
>> WSHandler: Check Signature confirmation: stored SV vector not empty;
>> nested
>> exception is:
>> org.apache.ws.security.WSSecurityException: WSHandler:
>> Check Signature confirmation: stored SV vector not empty
>> at
>> org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:351)
>>
>>
>> I monitor the soap messages through the tcpmon and they are below:
>>
>> request soap message:
>> ----------------------
>> <?xml version="1.0" encoding="UTF-8"?>
>> <soapenv:Envelope
>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
>> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
>> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
>> <soapenv:Header>
>> <wsse:Security
>> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
>>
>> soapenv:mustUnderstand="1">
>> <wsu:Timestamp
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>
>> wsu:Id="Timestamp-6559246">
>> <wsu:Created>2006-07-10T20:19:53.011Z</wsu:Created>
>> <wsu:Expires>2006-07-10T20:24:53.011Z</wsu:Expires>
>> </wsu:Timestamp>
>> <xenc:EncryptedKey Id="EncKeyId-13076987">
>> <xenc:EncryptionMethod
>> Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"></xenc:EncryptionMethod>
>>
>> <ds:KeyInfo
>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
>> <wsse:SecurityTokenReference>
>> <wsse:KeyIdentifier
>> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
>>
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">Xeg55vRyK3ZhAEhEf+YT0z986L0=</wsse:KeyIdentifier>
>>
>> </wsse:SecurityTokenReference>
>> </ds:KeyInfo>
>> <xenc:CipherData>
>>
>> <xenc:CipherValue>HEhP2Wm923TOcrC6vcfyf3I7BQPFW6pzZb4oRsV6GHL1THJvLbmjeIGTX9p3/6bLL4lQEy/7M3Sk2znE7QBjTtQuip+WAiJuiKONzQRC175FZTkhNgF6iD62/ikuGMihR3yn/1KZtjMiH8k/gh1Q+sRW0pD8JmEKnBWw2hhX/n8=</xenc:CipherValue>
>>
>> </xenc:CipherData>
>> <xenc:ReferenceList>
>> <xenc:DataReference
>> URI="#EncDataId-30568553"></xenc:DataReference>
>> </xenc:ReferenceList>
>> </xenc:EncryptedKey>
>> <wsse:BinarySecurityToken
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>
>> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
>>
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
>>
>> wsu:Id="CertId-1776694">MIIDDDCCAfSgAwIBAgIQM6YEf7FVYx/tZyEXgVComTANBgkqhkiG9w0BAQUFADAwMQ4wDAYDVQQKDAVPQVNJUzEeMBwGA1UEAwwVT0FTSVMgSW50ZXJvcCBUZXN0IENBMB4XDTA1MDMxOTAwMDAwMFoXDTE4MDMxOTIzNTk1OVowQjEOMAwGA1UECgwFT0FTSVMxIDAeBgNVBAsMF09BU0lTIEludGVyb3AgVGVzdCBDZXJ0MQ4wDAYDVQQDDAVBbGljZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAoqi99By1VYo0aHrkKCNT4DkIgPL/SgahbeKdGhrbu3K2XG7arfD9tqIBIKMfrX4Gp90NJa85AV1yiNsEyvq+mUnMpNcKnLXLOjkTmMCqDYbbkehJlXPnaWLzve+mW0pJdPxtf3rbD4PS/cBQIvtpjmrDAU8VsZKT8DN5Kyz+EZsCAwEAAaOBkzCBkDAJBgNVHRMEAjAAMDMGA1UdHwQsMCowKKImhiRodHRwOi8vaW50ZXJvcC5iYnRlc3QubmV0L2NybC9jYS5jcmwwDgYDVR0PAQH/BAQDAgSwMB0GA1UdDgQWBBQK4l0TUHZ1QV3V2QtlLNDm+PoxiDAfBgNVHSMEGDAWgBTAnSj8wes1oR3WqqqgHBpNwkkPDzANBgkqhkiG9w0BAQUFAAOCAQEABTqpOpvW+6yrLXyUlP2xJbEkohXHI5OWwKWleOb9hlkhWntUalfcFOJAgUyH30TTpHldzx1+vK2LPzhoUFKYHE1IyQvokBN2JjFO64BQukCKnZhldLRPxGhfkTdxQgdf5rCK/wh3xVsZCNTfuMNmlAM6lOAg8QduDah3WFZpEA0s2nwQaCNQTNMjJC8tav1CBr6+E5FAmwPXP7pJxn9Fw9OXRyqbRA4v2y7YpbGkG2GI9UvOHw6SGvf4FRSthMMO35
>>
>> YbpikGsLix3vAsXWWi4rwfVOYzQK0OFPNi9RMCUdSH06m9uLWckiCxjos0FQODZE9l4ATGy9s9hNVwryOJTw==</wsse:BinarySecurityToken>
>>
>> <ds:Signature
>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
>> Id="Signature-2950265">
>> <ds:SignedInfo>
>> <ds:CanonicalizationMethod
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
>>
>> <ds:SignatureMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
>>
>> <ds:Reference URI="#id-30568553">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
>> </ds:Transforms>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
>>
>> <ds:DigestValue>zzx3ig1a7LmzkrkBpLOTIJbLd3s=</ds:DigestValue>
>> </ds:Reference>
>> </ds:SignedInfo>
>>
>> <ds:SignatureValue>IuRirKy+x18gU00p0uhMEDzEAFvpoHMGKcq45ROmpzQ6ZpD/VEghpYjru6Kff0y3tyWzSvW6nA1mH1pudDP1yLxP5geYvXNPQlFV5X+7T60QPlM6ho3sBj2D3IDAZZXZQdJV+fqC7JycqdzLfXU15fHw+ReZm2r7hIPoys9eHgg=</ds:SignatureValue>
>>
>> <ds:KeyInfo Id="KeyId-13452612">
>> <wsse:SecurityTokenReference
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>
>> wsu:Id="STRId-29769356">
>> <wsse:Reference URI="#CertId-1776694"
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"></wsse:Reference>
>>
>> </wsse:SecurityTokenReference>
>> </ds:KeyInfo>
>> </ds:Signature>
>> </wsse:Security>
>> </soapenv:Header>
>> <soapenv:Body
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>
>> wsu:Id="id-30568553">
>> <xenc:EncryptedData Id="EncDataId-30568553"
>> Type="http://www.w3.org/2001/04/xmlenc#Content">
>> <xenc:EncryptionMethod
>> Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"></xenc:EncryptionMethod>
>>
>> <xenc:CipherData>
>>
>> <xenc:CipherValue>oXcNsV8AMx98dJom1wFX1i6y0Q90oPf7SpLM88MqCsc9dbVFkJNwN5prhs3WXUtjQ40IKuBRxX+MRNg+J79tT3sm+ivzH7+qol3JaudVz5ahPyLO7BPHmjOLNFV0YrtVs+dUbjhtJHk152uU6Lty/3l9RKuPbC6FDy6NGNpFolt27gqIfOfnQgGFEYpEFST7Vjt/QD6VoLkA7JdjNsJmQceWtn6jQ0ZUHW5lsBCR1fFRYRCBTSp2NHAHf+PqpFuNJ+8jr4HZhhy71dfxACQ4n7BuS0MelKtF/Sf+Gk4MIGsh27JdGESfPG3IQRW6FGicq92TILQPh1mEWAl+xC9cT08Wv6bscNmTM9hz3e4A7Z2C25GpZGki4NTt3jZgYb3BEXAyUQfxANQVe7MFytRlzKGx9rK9qnX1PcF8/4Oa+UNoBNtid+geXYN9xRXM5jvOlRT0rquvu58bv84XCmnzMT6O/OxXdUlaiBSIrVavgcT36QtjHVC0ov69ViHI5c4KdfcZcjk2ijGryJdv7FoNtQcsG6VwufSGXoGrvlzHP+b1fQCaDG2w+vF/DLsjKjb5</xenc:CipherValue>
>>
>> </xenc:CipherData>
>> </xenc:EncryptedData>
>> </soapenv:Body>
>> </soapenv:Envelope>
>>
>>
>>
>> response soap message:
>> -----------------------
>> <?xml version="1.0" encoding="UTF-8"?>
>> <soapenv:Envelope
>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
>> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
>> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
>> <soapenv:Header>
>> <wsse:Security
>> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
>>
>> soapenv:mustUnderstand="1">
>> <wsu:Timestamp
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
>>
>> <wsu:Created>2006-07-10T20:19:53.301Z</wsu:Created>
>> <wsu:Expires>2006-07-10T20:24:53.301Z</wsu:Expires>
>> </wsu:Timestamp>
>> <xenc:EncryptedKey>
>> <xenc:EncryptionMethod
>> Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"></xenc:EncryptionMethod>
>>
>> <ds:KeyInfo
>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
>> <wsse:SecurityTokenReference>
>> <wsse:KeyIdentifier
>> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
>>
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">CuJdE1B2dUFd1dkLZSzQ5vj6MYg=</wsse:KeyIdentifier>
>>
>> </wsse:SecurityTokenReference>
>> </ds:KeyInfo>
>> <xenc:CipherData>
>>
>> <xenc:CipherValue>DSQ2fgmVjM49zAKL7exQfRZ59jHNTy/GYYH+FipkHibYiUUgEcCCtaN9RE4SwXqmQyy32t6x/+YQSlhPK7o8vTJi3jdkcvjk+NJRUFv5r8YLu2x3dtDX3cnhio979uC7JjHDUmgKg9XbZpFWLLerfiL5jZ2Wn7VLtzyHUvk/qBs=</xenc:CipherValue>
>>
>> </xenc:CipherData>
>> <xenc:ReferenceList>
>> <xenc:DataReference
>> URI="#EncDataId-9012615"></xenc:DataReference>
>> </xenc:ReferenceList>
>> </xenc:EncryptedKey>
>> <wsse:BinarySecurityToken
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>
>> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
>>
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
>>
>> wsu:Id="CertId-2645972">MIIDCjCCAfKgAwIBAgIQYDju2/6sm77InYfTq65x+DANBgkqhkiG9w0BAQUFADAwMQ4wDAYDVQQKDAVPQVNJUzEeMBwGA1UEAwwVT0FTSVMgSW50ZXJvcCBUZXN0IENBMB4XDTA1MDMxOTAwMDAwMFoXDTE4MDMxOTIzNTk1OVowQDEOMAwGA1UECgwFT0FTSVMxIDAeBgNVBAsMF09BU0lTIEludGVyb3AgVGVzdCBDZXJ0MQwwCgYDVQQDDANCb2IwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMCquMva4lFDrv3fXQnKK8CkSU7HvVZ0USyJtlL/yhmHH/FQXHyYY+fTcSyWYItWJYiTZ99PAbD+6EKBGbdfuJNUJCGaTWc5ZDUISqM/SGtacYe/PD/4+g3swNPzTUQAIBLRY1pkr2cm3s5Ch/f+mYVNBR41HnBeIxybw25kkoM7AgMBAAGjgZMwgZAwCQYDVR0TBAIwADAzBgNVHR8ELDAqMCiiJoYkaHR0cDovL2ludGVyb3AuYmJ0ZXN0Lm5ldC9jcmwvY2EuY3JsMA4GA1UdDwEB/wQEAwIEsDAdBgNVHQ4EFgQUXeg55vRyK3ZhAEhEf+YT0z986L0wHwYDVR0jBBgwFoAUwJ0o/MHrNaEd1qqqoBwaTcJJDw8wDQYJKoZIhvcNAQEFBQADggEBAIiVGv2lGLhRvmMAHSlY7rKLVkv+zEUtSyg08FBT8z/RepUbtUQShcIqwWsemDU8JVtsucQLc+g6GCQXgkCkMiC8qhcLAt3BXzFmLxuCEAQeeFe8IATr4wACmEQE37TEqAuWEIanPYIplbxYgwP0OBWBSjcRpKRAxjEzuwObYjbll6vKdFHYIweWhhWPrefquFp7TefTkF4D3rcctTfWJ76I5NrEVld+7PBnnJNpdDEuGsoaiJrwTW3Ixm40RXvG3fYS4h
>>
>> IAPeTCUk3RkYfUkqlaaLQnUrF2hZSgiBNLPe8gGkYORccRIlZCGQDEpcWl1Uf9OHw6fC+3hkqolFd5CVI=</wsse:BinarySecurityToken>
>>
>> <ds:Signature
>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
>> <ds:SignedInfo>
>> <ds:CanonicalizationMethod
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
>>
>> <ds:SignatureMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
>>
>> <ds:Reference URI="#id-9012615">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
>> </ds:Transforms>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
>>
>> <ds:DigestValue>IRfNt/3fQaa0QskrOxRUUA+1GDA=</ds:DigestValue>
>> </ds:Reference>
>> </ds:SignedInfo>
>>
>> <ds:SignatureValue>Np3MfcGB60J5QomOh5Sxy7uUNNyRfmw4xXtnzJQX211PN928V8VyFGztx0AM5EzooUZoSoGA064+3bIe3cZSXYeUOEm625RVD+UDhNUyT5Ed8L1WUJjXAabXWNVeglfqI110DYCHphY9BaTqXYMK5qeUKNFvVaRD+zd4Bm/g/+w=</ds:SignatureValue>
>>
>> <ds:KeyInfo Id="KeyId-19375260">
>> <wsse:SecurityTokenReference
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>
>> wsu:Id="STRId-27799186">
>> <wsse:Reference URI="#CertId-2645972"
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"></wsse:Reference>
>>
>> </wsse:SecurityTokenReference>
>> </ds:KeyInfo>
>> </ds:Signature>
>> </wsse:Security>
>> </soapenv:Header>
>> <soapenv:Body
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>
>> wsu:Id="id-9012615">
>> <xenc:EncryptedData Id="EncDataId-9012615"
>> Type="http://www.w3.org/2001/04/xmlenc#Content">
>> <xenc:EncryptionMethod
>> Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"></xenc:EncryptionMethod>
>>
>> <xenc:CipherData>
>>
>> <xenc:CipherValue>icXz2exE8Wga6dSjPmJM1VPx2S76MVLuERxODdxrST9S6feRTjSXhry9mBFO8ouNKkMtQie1KxCRHe7MSchFYmMaj3C9UFE30RQXrTj/LLRtkTUAoiq8DpQB3RJX2XPQeHibocNrlL4yY17BLblFTg/UBdIxA7mks3OUEFbVXDc+FSgTcTmjG9Cbmt7e77W3Walx+yJDYvo9zaniEMhcxO5kIglnzjrBcf6WlL74NXDtKsRrMgNYqAVz4IkFG6/5bmmq0Nc36MX9C7XHPp/yJZW2M1WHOOWuTnB9hAgtboGMSMBiTfFQ/XYMT14gTeHFOj+OjszNneYXVZPhnw4HgO5TwmO4k7NKLpHnuv/sKILEvmGB3j+kmAbL06bJYn3fRZnio8LetG5089dQllr/KpYEzhwAzk8eHLtNDC1BTghqsKKuNfTWQuvyNY/cHpIJglO4J/FOMMtnG1XNb2m0CV7EZLTecS3V1RTGdlZyDzp03AzA1Ol8O9XJ1mEaKCab9P0nbzahzYk5VNkz6PbEDIDZsz6ApZ74</xenc:CipherValue>
>>
>> </xenc:CipherData>
>> </xenc:EncryptedData>
>> </soapenv:Body>
>> </soapenv:Envelope>
>>
>>
>>
>> Could some one help me in understanding what might be wrong.
>>
>> Thanks,
>> Ravi
>>
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
>> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org