You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by "Bauer Horscht (JIRA)" <ji...@apache.org> on 2009/09/04 13:27:57 UTC
[jira] Created: (WSS-208) Signature or decryption was invalid
problem when setting WSDoAllSender properties programmatically
(Canonicalization / C14N / SAAJ problem ?)
Signature or decryption was invalid problem when setting WSDoAllSender properties programmatically (Canonicalization / C14N / SAAJ problem ?)
----------------------------------------------------------------------------------------------------------------------------------------------
Key: WSS-208
URL: https://issues.apache.org/jira/browse/WSS-208
Project: WSS4J
Issue Type: Test
Components: WSS4J Handlers
Affects Versions: 1.5.8
Reporter: Bauer Horscht
Assignee: Ruchith Udayanga Fernando
Priority: Blocker
This test case fails to verify signature, if ("The signature or decryption was invalid... "), in case the WSDoAllSender parameters are set in prefixed handler, whicht sets them as MessageContext properties.
In case the same parameters are et via a wsdd file on the AxisEngine, the signature verifies.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
[jira] Updated: (WSS-208) Signature or decryption was invalid
problem when setting WSDoAllSender properties programmatically
(Canonicalization / C14N / SAAJ problem ?)
Posted by "Bauer Horscht (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WSS-208?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Bauer Horscht updated WSS-208:
------------------------------
Attachment: SignatureFail.zip
This is a test case as an Eclipse project. It also includes the keystores and the librabries that are used.
The LaunchClient class is configured to use the wssd file approach, which should result in a signature verification.
The MessageContext.setProperty() approach is commented out.
The client_keystore.jks contains the client's privateKey entry and certificate chain (Client - Root).
The server_truststore.jks contains the client's public certificate.
> Signature or decryption was invalid problem when setting WSDoAllSender properties programmatically (Canonicalization / C14N / SAAJ problem ?)
> ----------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: WSS-208
> URL: https://issues.apache.org/jira/browse/WSS-208
> Project: WSS4J
> Issue Type: Test
> Components: WSS4J Handlers
> Affects Versions: 1.5.8
> Reporter: Bauer Horscht
> Assignee: Ruchith Udayanga Fernando
> Priority: Blocker
> Attachments: SignatureFail.zip
>
>
> This test case fails to verify signature, if ("The signature or decryption was invalid... "), in case the WSDoAllSender parameters are set in prefixed handler, whicht sets them as MessageContext properties.
> In case the same parameters are et via a wsdd file on the AxisEngine, the signature verifies.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
[jira] Commented: (WSS-208) Signature or decryption was invalid
problem when setting WSDoAllSender properties programmatically
(Canonicalization / C14N / SAAJ problem ?)
Posted by "Bauer Horscht (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WSS-208?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12753399#action_12753399 ]
Bauer Horscht commented on WSS-208:
-----------------------------------
I also figured out, that "Signature Encrypt" works fine with both approaches!
No one an idea?
> Signature or decryption was invalid problem when setting WSDoAllSender properties programmatically (Canonicalization / C14N / SAAJ problem ?)
> ----------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: WSS-208
> URL: https://issues.apache.org/jira/browse/WSS-208
> Project: WSS4J
> Issue Type: Test
> Components: WSS4J Handlers
> Affects Versions: 1.5.8
> Reporter: Bauer Horscht
> Assignee: Ruchith Udayanga Fernando
> Priority: Blocker
> Attachments: SignatureFail.zip
>
>
> This test case fails to verify signature, if ("The signature or decryption was invalid... "), in case the WSDoAllSender parameters are set in prefixed handler, whicht sets them as MessageContext properties.
> In case the same parameters are et via a wsdd file on the AxisEngine, the signature verifies.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
[jira] Commented: (WSS-208) Signature or decryption was invalid
problem when setting WSDoAllSender properties programmatically
(Canonicalization / C14N / SAAJ problem ?)
Posted by "Colm O hEigeartaigh (JIRA)" <ji...@apache.org>.
[ https://issues.apache.org/jira/browse/WSS-208?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12753719#action_12753719 ]
Colm O hEigeartaigh commented on WSS-208:
-----------------------------------------
I had a brief look. In the use-case that works, the SOAP message looks like (before security):
483 [main] DEBUG org.apache.axis.client.Call - <?xml version="1.0" encoding="UTF-8"?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><soapenv:Body><sagBloed soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/"><arg0 xsi:type="soapenc:string" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/">Signature</arg0></sagBloed></soapenv:Body></soapenv:Envelope>
whereas for the case that doesn't work it looks like:
543 [main] DEBUG org.apache.axis.client.Call - <?xml version="1.0" encoding="UTF-8"?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Body>
<sagBloed soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<arg0 xsi:type="soapenc:string" xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/">Signature</arg0>
</sagBloed>
</soapenv:Body>
</soapenv:Envelope>
I have no idea why the second case has indentation enabled, I guess this is why signature verification fails.
Colm.
> Signature or decryption was invalid problem when setting WSDoAllSender properties programmatically (Canonicalization / C14N / SAAJ problem ?)
> ----------------------------------------------------------------------------------------------------------------------------------------------
>
> Key: WSS-208
> URL: https://issues.apache.org/jira/browse/WSS-208
> Project: WSS4J
> Issue Type: Test
> Components: WSS4J Handlers
> Affects Versions: 1.5.8
> Reporter: Bauer Horscht
> Assignee: Ruchith Udayanga Fernando
> Priority: Blocker
> Attachments: SignatureFail.zip
>
>
> This test case fails to verify signature, if ("The signature or decryption was invalid... "), in case the WSDoAllSender parameters are set in prefixed handler, whicht sets them as MessageContext properties.
> In case the same parameters are et via a wsdd file on the AxisEngine, the signature verifies.
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org