You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by "Dittmann, Werner (JIRA)" <ji...@apache.org> on 2007/06/18 08:32:26 UTC
[jira] Commented: (WSS-81) Compatibility between WSS4J and WebLogic
9 for Encryption
[ https://issues.apache.org/jira/browse/WSS-81?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12505694 ]
Dittmann, Werner commented on WSS-81:
-------------------------------------
WSS4J provides parameters for encryption only. You may
specify encryption and signature parameters separatly in
most cases. Please have a look in the javadoc of
WSHandlerConstants.java, parameter "ENC_KEY_ID" which
maps to "encryptionKeyIdentifier" in the deployment file
of the client. Using this parameter you can specify how
to send/embedd a certificate into the SOAP request.
Regards,
Werner
401-wss-soap-message-security-1.0#Base64Binary">
> Compatibility between WSS4J and WebLogic 9 for Encryption
> ---------------------------------------------------------
>
> Key: WSS-81
> URL: https://issues.apache.org/jira/browse/WSS-81
> Project: WSS4J
> Issue Type: Bug
> Environment: Web service serveur: Web Logic 9
> Web service client : axis+wss4j+bouncy castle on linux
> Reporter: angélique
> Assignee: Davanum Srinivas
> Priority: Blocker
>
> Hello,
> There is a problem of compatibility between Web Logic 9 and WSS4J.
> One one hand, when a weblogic server is configured to do encryption only, the SOAP message generated contain a xml node like this:
> <wsse:BinarySecurityToken wsu:Id="bst_JFDmu9E2O5K4Opex" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">
> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
> </wsse:BinarySecurityToken>
> On the other hand, it's only possible with WSS4J to add the token for signature. When using encryption alone, configuring the client to send a SOAP message with this BinarySecurityToken is not possible.
> Wath can I do to make a SOAP request whith an Encrypted body AND a BinarySecurityToken in the <head> part ?
> Regards,
> Angélique
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org