You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by Babu J <ba...@rsi.ramco.com> on 2006/05/04 08:47:12 UTC
signing
Hi
Iam new to webservice security, i need to access the dot net service, So the service request
should be digital signed one using username token. dot net side using WSE 2.0, but Java side how can i prepare the signed request. please help me. and also i dont know what type of signing they used ( i mean x509, or xml encryption).
Please refer this request xml.
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<soap:Header>
<wsa:Action>SWS_WEB_SR_INVOKE</wsa:Action>
<wsa:MessageID>uuid:19aa9796-bbd2-4c04-b8a8-8b80aff39d45</wsa:MessageID>
<wsa:ReplyTo>
<wsa:Address>http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous</wsa:Address>
</wsa:ReplyTo>
<wsa:To>http://s5404/vwwebsrv/SWS_SWSGP_WS.asmx</wsa:To>
<wsse:Security soap:mustUnderstand="1">
<wsu:Timestamp wsu:Id="Timestamp-b06383f5-6c94-4fb7-84fc-139be5cad963">
<wsu:Created>2006-04-20T05:56:26Z</wsu:Created>
<wsu:Expires>2006-04-20T06:01:26Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SecurityToken-42db4e1b-c65e-466b-ba99-85c1448dd7ee">
<wsse:Username>Adminuser</wsse:Username>
<wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">FRsCYNuaEn1CKxTcf53AzaxuMFc=</wsse:Password>
<wsse:Nonce>uNMhCvK7IESUXBKr0a+dog==</wsse:Nonce>
<wsu:Created>2006-04-20T05:56:26Z</wsu:Created>
</wsse:UsernameToken>
<xenc:ReferenceList xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:DataReference URI="#EncryptedContent-67f088b1-d575-437d-b9d1-cf3e06460688" />
</xenc:ReferenceList>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" />
<SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1" />
<Reference URI="#Id-6b429841-ffc7-466c-ba59-114dec6d3479">
<Transforms>
<Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</Transforms>
<DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<DigestValue>mtbJHdZSR2BjXVyyBQvQ3qIz0No=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>XCxGMu5aBbLf1cJWIEe0rMsi8Uo=</SignatureValue>
<KeyInfo>
<wsse:SecurityTokenReference>
<wsse:Reference URI="#SecurityToken-42db4e1b-c65e-466b-ba99-85c1448dd7ee" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken" />
</wsse:SecurityTokenReference>
</KeyInfo>
</Signature>
</wsse:Security>
</soap:Header>
<soap:Body wsu:Id="Id-6b429841-ffc7-466c-ba59-114dec6d3479">
<xenc:EncryptedData Id="EncryptedContent-67f088b1-d575-437d-b9d1-cf3e06460688" Type="http://www.w3.org/2001/04/xmlenc#Content" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" />
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference>
<wsse:Reference URI="#SecurityToken-42db4e1b-c65e-466b-ba99-85c1448dd7ee" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken" />
</wsse:SecurityTokenReference>
</KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>5ZdYnbjxfYTJ+Vj/S+GLSrD1qYTFzsd/0ebdWnPNgmZrCTHomJpE0nIvkfIdKzbqMq61DZY+a9tgtonOxmcLfSWF4Wu3+V9+C8maGAJenscGD+XDpfA5QVPplmcnSgbmcqmYEVr7YLvz7a2wY+y9dAPIBcuGMO2nxZPdWDhC+6tCNqPVuT/TQ5dQXZShLPQhBHuksrwYBD9/uGoe30Ny7wNAhu8Bpq3QEUSqs6SwgoeSUYWJrimIOywXBK9oAcnjunsNhwVHvzZP1F5wRKb+zby2sSgJNJu2DCh2eWqNryHpi+4vHF4cWrrWZgY//ZhGE5O4T2pdKtUb/fwrD9qN4e+LH4jv6os+Tw8FWiMKUkQqhhTDVLAEJYsWVk/BTXVHVVZGiXPX/FY0iU08Zu7uSrc9KGqXWZmWgPhMga5Ziz1VRP5uyzTt1zZkuZs5HC151r/gAj0906ogosquwW6K7+A+UjenVmo6Bx//Y8PV2gf/EuysxUNUra8H5qUrF7g5LEb0+uApqof075/P8rbqW+9Sh89aWfICdAR9DHGl6i/SSGzeHxGY9T46W/hGv4Z5</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
</soap:Body>
</soap:Envelope>
please help me to create a request like this.
Regards
Babu J
Ramco System.
Indian
DISCLAIMER:
Information transmitted by this e-mail may be proprietary to Ramco Systems Ltd., and / or the authors of the information and is intended for use only by the individual or entity to which it is addressed, and may contain confidential or legally privileged information. If you are not the intended recipient or it appears that this mail has been forwarded to you without proper authority, you are not authorised to access, read, disclose, copy, use or otherwise deal with it and any such actions are prohibited and may be unlawful.
Internet communications cannot be guaranteed to be secure or error-free as information could be intercepted, corrupted, lost, arrive late or contain viruses. Ramco Systems Limited therefore does not accept liability for any errors, omissions, viruses or computer problems experienced as a result of this transmission.
If you have received this e-mail in error, please notify us immediately at mail to: mailadmin@rsi.ramco.com and delete this mail from your records. Notice is hereby given that no representation, contract or other binding obligation shall be created by this e-mail.
---------------------------------------------------------------------
To unsubscribe, e-mail: sandesha-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: sandesha-dev-help@ws.apache.org