You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by "Wang, Jason" <Ja...@delta.com> on 2006/10/09 04:55:09 UTC
Problems when Interoperate with .NET by X509 token
Hi,
I'm working on a project to call a .Net Web Service from a Java client
by X509 certificate.
On server side, I use WSE 3.0 and WS policy, WSS4J 1.5.0 and Axis2 1.0
on the Java client side.
I used the Hello World Web Service and enabled WSSE with WSE
Configuration Tool.
To verify the .NET Web service works fine, I created a .NET client with
policy,
It works very well.
But once I called from my Java Client, I always got following error
message:
======================================================
Referenced security token could not be retrieved,
System.Exception: WSE590: Failed to resolve the following Key Info
<KeyInfo ....>
.......
</KeyInfo>
======================================================
Here is the key info from .NET client Side,
<soap:Envelope **** >
<soap:Header>
<wsse:Security soap:mustUnderstand="1">
<xenc:EncryptedKey
Id="SecurityToken-9235ed81-093c-4ffc-9e7d-1c1e8b7083af"
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference>
<X509Data>
<X509IssuerSerial>
<X509IssuerName>CN=Root Agency</X509IssuerName>
<X509SerialNumber>119177920819346963742949139381104551659</X509SerialNum
ber>
</X509IssuerSerial>
</X509Data>
</wsse:SecurityTokenReference>
</KeyInfo>
******
</xenc:EncryptedKey>
******
</wsse:Security>
</soap:Header>
<soap:Body>
******
</soap:Body>
</soap:Envelope>
And following is the key info from Java side,
<processingStep description="Unprocessed message">
<soapenv:Envelope **** >
<soapenv:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse
curity-secext-1.0.xsd" soapenv:mustUnderstand="1">
<xenc:EncryptedKey Id="EncKeyId-9992755">
<xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
<ds:KeyInfo
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference>
<ds:X509Data>
<ds:X509IssuerSerial>
<ds:X509IssuerName>CN=Root
Agency</ds:X509IssuerName>
<ds:X509SerialNumber>119177920819346963742949139381104551659</ds:X509Ser
ialNumber>
</ds:X509IssuerSerial>
</ds:X509Data>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
******
</xenc:EncryptedKey>
******
</wsse:Security>
</soap:Header>
<soap:Body>
******
</soap:Body>
</soap:Envelope>
I didn't see any big differences here, I don't know what's the problem.
And I tried using X509KeyIdentifier and SKIKeyIdentifier from Java side,
but always got the same error.
Is there any one has meet the same problem before?
thanks.
Jason