You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@ws.apache.org by Adrian Williamson <aw...@octavo2.demon.co.uk> on 2014/08/06 10:35:30 UTC
Does anyone have an example of using WSSecEncrypt.setUseThisCert()
Hi,
Has anyone got an example of how this method can be used?
I've trying different values for the WSSecEncrypt.setKeyIdentifierType() but
I keep getting application specific error messages back from the private
service I'm calling.
One of the error messages made me stop and ponder the extent of my
ignorance;
WSConstants.X509_KEY_IDENTIFIER it returned:
An invalid security token was provided (Bad ValueType
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-
1.0#X509v3")
So I thought if someone had a nice little test case that used an X509
certificate to encrypt it might help me along.
So I can see how it is supposed to be done.
Thanks
Adrian
RE: Does anyone have an example of using WSSecEncrypt.setUseThisCert()
Posted by Adrian Williamson <aw...@octavo2.demon.co.uk>.
Hi Colm,
This is what worked in the end for me, I’m now trying to work out how to get back to SOAP from the server response, i.e. I’m writing decodeSOAP.
private SOAPMessage encodeSOAP(SOAPMessage soapMessage) throws Exception {
SOAPPart soapPart = soapMessage.getSOAPPart();
SOAPEnvelope soapEnvelope = soapPart.getEnvelope();
//Might be a workaround to the fact the WSDL has ws.live.ie and we are using ws.test.ie etc
soapEnvelope.addNamespaceDeclaration( "dl","http://ws.live.ie/v1/DL-WS/");
WSSecEncrypt builder = new WSSecEncrypt();
WSSecTimestamp builderTS = new WSSecTimestamp();
WSSecSignature builderSig = new WSSecSignature();
java.security.cert.X509Certificate recipientCert = (X509Certificate) keysRSA.getks().getCertificate("wsstestservice");
java.security.cert.X509Certificate ourCert = (X509Certificate) keysRSA.getks().getCertificate("wsstest");
builder.setUseThisCert(recipientCert);
builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
builder.setSymmetricEncAlgorithm(WSConstants.TRIPLE_DES);
builderTS.setTimeToLive(5000);
Document doc = soapEnvelope.getOwnerDocument();
org.apache.wss4j.dom.message.WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
{//Sign the Timestamp and the body this block replaces builderSig.build(doc, crypto, secHeader)
builderSig.setX509Certificate(ourCert);
builderSig.setUserInfo("wsstest", "password1");
builderSig.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
SOAPConstants soapConstants = org.apache.wss4j.dom.util.WSSecurityUtil.getSOAPConstants(doc.getDocumentElement());
List<WSEncryptionPart> wsEncryptionParts = new ArrayList<WSEncryptionPart>();
WSEncryptionPart wsEncryptionPart = new WSEncryptionPart( soapConstants.getBodyQName().getLocalPart(),
soapConstants.getEnvelopeURI(), "Content");
wsEncryptionParts.add(wsEncryptionPart);
builderTS.build(doc, secHeader);
wsEncryptionParts.add(new WSEncryptionPart(builderTS.getId()));
builderSig.setParts(wsEncryptionParts);
builderSig.setUseSingleCertificate(true);
builderSig.prepare(doc, this.crypto, secHeader);
builderSig.appendBSTElementToHeader(secHeader);
List<javax.xml.crypto.dsig.Reference> referenceList = builderSig.addReferencesToSign(wsEncryptionParts, secHeader);
builderSig.computeSignature(referenceList);
}
try
{
builder.build(doc, this.crypto, secHeader);
}
catch (WSSecurityException e)
{
System.err.println("Failed in builder block: " + e.getMessage());
e.printStackTrace();
System.exit(1);
}
return soapMessage;
}
From: Colm O hEigeartaigh [mailto:coheigea@apache.org]
Sent: 08 August 2014 10:56
To: Adrian Williamson
Cc: users@ws.apache.org
Subject: Re: Does anyone have an example of using WSSecEncrypt.setUseThisCert()
> builder.setKeyEnc(WSConstants.TRIPLE_DES);
> builder.setEncryptSymmKey(false);
This is not valid. Triple Des is a symmetric encryption algorithm, and not a key transport algorithm. Also, you want to encrypt the symmetric key here (using the X.509 Certificate). So just comment out the "setEncryptSymmKey(false)" call + change "setKeyEnc" to "setSymmetricEncAlgorithm" and it should work.
> Should the WSSecSignature.setX509Certificate method take care of that?
No, because you need to specify a username + password as well to access the private key required to sign the request.
Colm.
On Wed, Aug 6, 2014 at 4:57 PM, Adrian Williamson <aw...@octavo2.demon.co.uk> wrote:
Hi,
I believe that I am using WSS4J 2.0.2, if you have a specific process for understanding the version please don’t be shy – I’ll use it then we both know that I will have given the correct info.
By core do you mean the JDK? If so then :
java version "1.7.0_55"
Java(TM) SE Runtime Environment (build 1.7.0_55-b13)
Java HotSpot(TM) 64-Bit Server VM (build 24.55-b03, mixed mode)
That error in particular I have avoided by using BST_DIRECT_REFERENCE, I’m afraid I was doing that two-year-old learning technique of pressing all the buttons at once, so I might have been the cause of the error – not knowing my apples from pears:
//This gives Error when calling DDOperation: An invalid security token was provided (Bad ValueType "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3")
java.security.cert.X509Certificate recipientCert = (X509Certificate) keysRSA.getks().getCertificate("wsstestservice");
Document doc = soapEnvelope.getOwnerDocument();
org.apache.wss4j.dom.message.WSSecHeader secHeader = new WSSecHeader();
builder.setKeyIdentifierType(WSConstants.X509_KEY_IDENTIFIER);
builder.setKeyEnc(WSConstants.TRIPLE_DES);
builder.setEncryptSymmKey(false);
builder.setUseThisCert(recipientCert);
try
{
secHeader.insertSecurityHeader(doc);
builder.build(doc, crypto, secHeader);
}
catch (WSSecurityException e)
So I am not too worried about that as I have moved on.
I did find another issue with the WSSecSignature, when using the WSSecSignature.setX509Certificate and then calling WSSecSignature.build it throw a null identifier (merlin.java:744) for the GetPrivateKey() as the calling context WSecSigniture.java:530 had this.user set to null, I worked out that if I used WSSecSignature.setUserInfo and passed in the alias and the JKS password then it stopped moaning and got on with it.
Should the WSSecSignature.setX509Certificate method take care of that?
My work in progress/prototype is below, I’m trying to mimic the SOAPUI WSS specification:
I’ll go and look at those examples.
Cheers,
Adrian
PS Bonus points for identifying Cargo Cult sections….
private SOAPMessage encriptBody(SOAPMessage soapMessage) throws Exception {
SOAPPart soapPart = soapMessage.getSOAPPart();
SOAPEnvelope soapEnvelope = soapPart.getEnvelope();
WSSecEncrypt builder = new WSSecEncrypt();
WSSecTimestamp builderTS = new WSSecTimestamp();
WSSecSignature builderSig = new WSSecSignature();
Crypto crypto = null;
//Class constructor candidates
try {
//Where will I put the properties file?
crypto = CryptoFactory.getInstance("Ball.properties");
}
catch (WSSecurityException e)
{
System.err.println("Crypto crypto = CryptoFactory.getInstance(\"Ball.properties\"): " + e.getMessage());
}
java.security.cert.X509Certificate recipientCert = (X509Certificate) keysRSA.getks().getCertificate("wsstestservice");
java.security.cert.X509Certificate ourCert = (X509Certificate) keysRSA.getks().getCertificate("wsclientcert");
builder.setUseThisCert(recipientCert);
builderSig.setX509Certificate(ourCert);
builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
builderTS.setTimeToLive(5000);
builderSig.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
builderSig.setUserInfo("wsclientcert", "password1");
//End Class constructor candidates
Document doc = soapEnvelope.getOwnerDocument();
org.apache.wss4j.dom.message.WSSecHeader secHeader = new WSSecHeader();
try
{
secHeader.insertSecurityHeader(doc);
builderTS.build(doc, secHeader);
builderSig.build(doc, crypto, secHeader);
builder.build(doc, crypto, secHeader);
}
catch (WSSecurityException e)
{
System.err.println("Failed in builder block: " + e.getMessage());
e.printStackTrace();
System.exit(1);
}
return soapMessage;
}
From: Colm O hEigeartaigh [mailto:coheigea@apache.org]
Sent: 06 August 2014 15:48
To: users@ws.apache.org
Subject: Re: Does anyone have an example of using WSSecEncrypt.setUseThisCert()
Here are some:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/components/crypto/CryptoProviderTest.java?revision=1503186 <http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/components/crypto/CryptoProviderTest.java?revision=1503186&view=co> &view=co
What version of WSS4J? What does the request look like that is generating that error + what core are you using to generate it?
Colm.
On Wed, Aug 6, 2014 at 9:35 AM, Adrian Williamson <aw...@octavo2.demon.co.uk> wrote:
Hi,
Has anyone got an example of how this method can be used?
I've trying different values for the WSSecEncrypt.setKeyIdentifierType() but
I keep getting application specific error messages back from the private
service I'm calling.
One of the error messages made me stop and ponder the extent of my
ignorance;
WSConstants.X509_KEY_IDENTIFIER it returned:
An invalid security token was provided (Bad ValueType
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile- <http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-%0d%0a1.0#X509v3>
1.0#X509v3")
So I thought if someone had a nice little test case that used an X509
certificate to encrypt it might help me along.
So I can see how it is supposed to be done.
Thanks
Adrian
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
Re: Does anyone have an example of using WSSecEncrypt.setUseThisCert()
Posted by Colm O hEigeartaigh <co...@apache.org>.
> builder.setKeyEnc(WSConstants.TRIPLE_DES);
> builder.setEncryptSymmKey(false);
This is not valid. Triple Des is a symmetric encryption algorithm, and not
a key transport algorithm. Also, you want to encrypt the symmetric key here
(using the X.509 Certificate). So just comment out the
"setEncryptSymmKey(false)" call + change "setKeyEnc" to
"setSymmetricEncAlgorithm" and it should work.
> Should the WSSecSignature.setX509Certificate method take care of that?
No, because you need to specify a username + password as well to access the
private key required to sign the request.
Colm.
On Wed, Aug 6, 2014 at 4:57 PM, Adrian Williamson <aw...@octavo2.demon.co.uk>
wrote:
> Hi,
>
>
>
> I believe that I am using WSS4J 2.0.2, if you have a specific process for
> understanding the version please don’t be shy – I’ll use it then we both
> know that I will have given the correct info.
>
>
>
> By core do you mean the JDK? If so then :
>
>
>
> java version "1.7.0_55"
>
> Java(TM) SE Runtime Environment (build 1.7.0_55-b13)
>
> Java HotSpot(TM) 64-Bit Server VM (build 24.55-b03, mixed mode)
>
>
>
> That error in particular I have avoided by using BST_DIRECT_REFERENCE, I’m
> afraid I was doing that two-year-old learning technique of pressing all the
> buttons at once, so I might have been the cause of the error – not knowing
> my apples from pears:
>
>
>
> //This gives Error when calling DDOperation: An invalid security token
> was provided (Bad ValueType "
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
> ")
>
>
>
>
>
> java.security.cert.X509Certificate recipientCert = (X509Certificate)
> keysRSA.getks().getCertificate("wsstestservice");
>
> Document doc = soapEnvelope.getOwnerDocument();
>
> org.apache.wss4j.dom.message.WSSecHeader secHeader = new WSSecHeader();
>
>
>
> builder.setKeyIdentifierType(WSConstants.X509_KEY_IDENTIFIER);
>
> builder.setKeyEnc(WSConstants.TRIPLE_DES);
>
> builder.setEncryptSymmKey(false);
>
> builder.setUseThisCert(recipientCert);
>
>
>
> try
>
> {
>
> secHeader.insertSecurityHeader(doc);
>
> builder.build(doc, crypto, secHeader);
>
> }
>
> catch (WSSecurityException e)
>
>
>
> So I am not too worried about that as I have moved on.
>
>
>
> I did find another issue with the WSSecSignature, when using the
> WSSecSignature.setX509Certificate and then calling WSSecSignature.build it
> throw a null identifier (merlin.java:744) for the GetPrivateKey() as the
> calling context WSecSigniture.java:530 had this.user set to null, I worked
> out that if I used WSSecSignature.setUserInfo and passed in the alias and
> the JKS password then it stopped moaning and got on with it.
>
>
>
> Should the WSSecSignature.setX509Certificate method take care of that?
>
>
>
> My work in progress/prototype is below, I’m trying to mimic the SOAPUI WSS
> specification:
>
>
>
>
>
> I’ll go and look at those examples.
>
>
>
> Cheers,
>
>
>
> Adrian
>
> PS Bonus points for identifying Cargo Cult sections….
>
>
>
>
>
>
>
> private SOAPMessage encriptBody(SOAPMessage soapMessage) throws Exception
> {
>
> SOAPPart soapPart = soapMessage.getSOAPPart();
>
> SOAPEnvelope soapEnvelope = soapPart.getEnvelope();
>
>
>
> WSSecEncrypt builder = new WSSecEncrypt();
>
> WSSecTimestamp builderTS = new WSSecTimestamp();
>
> WSSecSignature builderSig = new WSSecSignature();
>
>
>
>
>
> Crypto crypto = null;
>
> //Class constructor candidates
>
> try {
>
> //Where will I put the properties file?
>
> crypto = CryptoFactory.getInstance("Ball.properties");
>
> }
>
> catch (WSSecurityException e)
>
> {
>
> System.err.println("Crypto crypto =
> CryptoFactory.getInstance(\"Ball.properties\"): " + e.getMessage());
>
> }
>
> java.security.cert.X509Certificate recipientCert = (X509Certificate)
> keysRSA.getks().getCertificate("wsstestservice");
>
> java.security.cert.X509Certificate ourCert = (X509Certificate)
> keysRSA.getks().getCertificate("wsclientcert");
>
>
>
> builder.setUseThisCert(recipientCert);
>
> builderSig.setX509Certificate(ourCert);
>
>
>
> builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
>
> builderTS.setTimeToLive(5000);
>
> builderSig.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
>
> builderSig.setUserInfo("wsclientcert", "password1");
>
> //End Class constructor candidates
>
>
>
>
>
> Document doc = soapEnvelope.getOwnerDocument();
>
> org.apache.wss4j.dom.message.WSSecHeader secHeader = new WSSecHeader();
>
>
>
> try
>
> {
>
> secHeader.insertSecurityHeader(doc);
>
> builderTS.build(doc, secHeader);
>
> builderSig.build(doc, crypto, secHeader);
>
> builder.build(doc, crypto, secHeader);
>
> }
>
> catch (WSSecurityException e)
>
> {
>
> System.err.println("Failed in builder block: " + e.getMessage());
>
> e.printStackTrace();
>
> System.exit(1);
>
> }
>
>
>
> return soapMessage;
>
> }
>
>
>
>
>
>
>
> *From:* Colm O hEigeartaigh [mailto:coheigea@apache.org]
> *Sent:* 06 August 2014 15:48
> *To:* users@ws.apache.org
> *Subject:* Re: Does anyone have an example of using
> WSSecEncrypt.setUseThisCert()
>
>
>
>
>
> Here are some:
>
>
> http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/components/crypto/CryptoProviderTest.java?revision=1503186&view=co
>
> What version of WSS4J? What does the request look like that is generating
> that error + what core are you using to generate it?
>
> Colm.
>
>
>
> On Wed, Aug 6, 2014 at 9:35 AM, Adrian Williamson <aw...@octavo2.demon.co.uk>
> wrote:
>
> Hi,
>
> Has anyone got an example of how this method can be used?
>
> I've trying different values for the WSSecEncrypt.setKeyIdentifierType()
> but
> I keep getting application specific error messages back from the private
> service I'm calling.
>
> One of the error messages made me stop and ponder the extent of my
> ignorance;
>
> WSConstants.X509_KEY_IDENTIFIER it returned:
>
> An invalid security token was provided (Bad ValueType
> "
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-
> 1.0#X509v3
> <http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-%0d%0a1.0#X509v3>
> ")
>
> So I thought if someone had a nice little test case that used an X509
> certificate to encrypt it might help me along.
>
> So I can see how it is supposed to be done.
>
> Thanks
>
> Adrian
>
>
>
>
>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
RE: Does anyone have an example of using WSSecEncrypt.setUseThisCert()
Posted by Adrian Williamson <aw...@octavo2.demon.co.uk>.
Hi,
I believe that I am using WSS4J 2.0.2, if you have a specific process for understanding the version please don’t be shy – I’ll use it then we both know that I will have given the correct info.
By core do you mean the JDK? If so then :
java version "1.7.0_55"
Java(TM) SE Runtime Environment (build 1.7.0_55-b13)
Java HotSpot(TM) 64-Bit Server VM (build 24.55-b03, mixed mode)
That error in particular I have avoided by using BST_DIRECT_REFERENCE, I’m afraid I was doing that two-year-old learning technique of pressing all the buttons at once, so I might have been the cause of the error – not knowing my apples from pears:
//This gives Error when calling DDOperation: An invalid security token was provided (Bad ValueType "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3")
java.security.cert.X509Certificate recipientCert = (X509Certificate) keysRSA.getks().getCertificate("wsstestservice");
Document doc = soapEnvelope.getOwnerDocument();
org.apache.wss4j.dom.message.WSSecHeader secHeader = new WSSecHeader();
builder.setKeyIdentifierType(WSConstants.X509_KEY_IDENTIFIER);
builder.setKeyEnc(WSConstants.TRIPLE_DES);
builder.setEncryptSymmKey(false);
builder.setUseThisCert(recipientCert);
try
{
secHeader.insertSecurityHeader(doc);
builder.build(doc, crypto, secHeader);
}
catch (WSSecurityException e)
So I am not too worried about that as I have moved on.
I did find another issue with the WSSecSignature, when using the WSSecSignature.setX509Certificate and then calling WSSecSignature.build it throw a null identifier (merlin.java:744) for the GetPrivateKey() as the calling context WSecSigniture.java:530 had this.user set to null, I worked out that if I used WSSecSignature.setUserInfo and passed in the alias and the JKS password then it stopped moaning and got on with it.
Should the WSSecSignature.setX509Certificate method take care of that?
My work in progress/prototype is below, I’m trying to mimic the SOAPUI WSS specification:
I’ll go and look at those examples.
Cheers,
Adrian
PS Bonus points for identifying Cargo Cult sections….
private SOAPMessage encriptBody(SOAPMessage soapMessage) throws Exception {
SOAPPart soapPart = soapMessage.getSOAPPart();
SOAPEnvelope soapEnvelope = soapPart.getEnvelope();
WSSecEncrypt builder = new WSSecEncrypt();
WSSecTimestamp builderTS = new WSSecTimestamp();
WSSecSignature builderSig = new WSSecSignature();
Crypto crypto = null;
//Class constructor candidates
try {
//Where will I put the properties file?
crypto = CryptoFactory.getInstance("Ball.properties");
}
catch (WSSecurityException e)
{
System.err.println("Crypto crypto = CryptoFactory.getInstance(\"Ball.properties\"): " + e.getMessage());
}
java.security.cert.X509Certificate recipientCert = (X509Certificate) keysRSA.getks().getCertificate("wsstestservice");
java.security.cert.X509Certificate ourCert = (X509Certificate) keysRSA.getks().getCertificate("wsclientcert");
builder.setUseThisCert(recipientCert);
builderSig.setX509Certificate(ourCert);
builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
builderTS.setTimeToLive(5000);
builderSig.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
builderSig.setUserInfo("wsclientcert", "password1");
//End Class constructor candidates
Document doc = soapEnvelope.getOwnerDocument();
org.apache.wss4j.dom.message.WSSecHeader secHeader = new WSSecHeader();
try
{
secHeader.insertSecurityHeader(doc);
builderTS.build(doc, secHeader);
builderSig.build(doc, crypto, secHeader);
builder.build(doc, crypto, secHeader);
}
catch (WSSecurityException e)
{
System.err.println("Failed in builder block: " + e.getMessage());
e.printStackTrace();
System.exit(1);
}
return soapMessage;
}
From: Colm O hEigeartaigh [mailto:coheigea@apache.org]
Sent: 06 August 2014 15:48
To: users@ws.apache.org
Subject: Re: Does anyone have an example of using WSSecEncrypt.setUseThisCert()
Here are some:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/components/crypto/CryptoProviderTest.java?revision=1503186 <http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/components/crypto/CryptoProviderTest.java?revision=1503186&view=co> &view=co
What version of WSS4J? What does the request look like that is generating that error + what core are you using to generate it?
Colm.
On Wed, Aug 6, 2014 at 9:35 AM, Adrian Williamson <aw...@octavo2.demon.co.uk> wrote:
Hi,
Has anyone got an example of how this method can be used?
I've trying different values for the WSSecEncrypt.setKeyIdentifierType() but
I keep getting application specific error messages back from the private
service I'm calling.
One of the error messages made me stop and ponder the extent of my
ignorance;
WSConstants.X509_KEY_IDENTIFIER it returned:
An invalid security token was provided (Bad ValueType
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile- <http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-%0d%0a1.0#X509v3>
1.0#X509v3")
So I thought if someone had a nice little test case that used an X509
certificate to encrypt it might help me along.
So I can see how it is supposed to be done.
Thanks
Adrian
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
Re: Does anyone have an example of using WSSecEncrypt.setUseThisCert()
Posted by Colm O hEigeartaigh <co...@apache.org>.
Here are some:
http://svn.apache.org/viewvc/webservices/wss4j/trunk/ws-security-dom/src/test/java/org/apache/wss4j/dom/components/crypto/CryptoProviderTest.java?revision=1503186&view=co
What version of WSS4J? What does the request look like that is generating
that error + what core are you using to generate it?
Colm.
On Wed, Aug 6, 2014 at 9:35 AM, Adrian Williamson <aw...@octavo2.demon.co.uk>
wrote:
> Hi,
>
> Has anyone got an example of how this method can be used?
>
> I've trying different values for the WSSecEncrypt.setKeyIdentifierType()
> but
> I keep getting application specific error messages back from the private
> service I'm calling.
>
> One of the error messages made me stop and ponder the extent of my
> ignorance;
>
> WSConstants.X509_KEY_IDENTIFIER it returned:
>
> An invalid security token was provided (Bad ValueType
> "
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-
> 1.0#X509v3")
>
> So I thought if someone had a nice little test case that used an X509
> certificate to encrypt it might help me along.
>
> So I can see how it is supposed to be done.
>
> Thanks
>
> Adrian
>
>
>
>
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com