 |
 | Home | Contact Us | FAQ | Search & Site Map | Link to Us |
 | Sign In | Join | Other 45 Sites in Network |
.NET Forum / ASP.NET / Web Services / February 2006Axis / WSS4J / Interop
Hello, Anyone succeed to make work a .Net WebService client WSE with WSS4J (I always get the error message 'Signature Verification failed') ? On the server my WSDD config is: <deployment xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java="http://xml.apache.org/axis/wsdd/providers/java"> <globalConfiguration> <parameter name="enableNamespacePrefixOptimization" value="false" /> <parameter name="disablePrettyXML" value="true"/> <requestFlow> <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver"> <parameter name="passwordCallbackClass" value="com.hp.ov.temip.ws.handler.PWCallback"/> <parameter name="action" value="UsernameTokenSignature UsernameToken Encrypt Timestamp"/> <parameter name="decryptionPropFile" value="security.properties" /> </handler> </requestFlow> </globalConfiguration> </deployment> On client's side, I developped with WSE 3.0 Policy framework The following SecureMessage overriden function: public override void SecureMessage(SoapEnvelope envelope, Security security) { //Must Understand Headers security.MustUnderstand = true; security.Timestamp.TtlInSeconds = 60; //User Name Token UsernameToken userToken = new UsernameToken(m_strUsername, m_strPassword, PasswordOption.SendPlainText); security.Tokens.Add(userToken); X509SecurityToken token = null; try { token = GetSecurityToken("CN=10.67.212.35"); } catch (Exception ex) { throw new Exception("Certificate not found : " + ex.Message); } //Define a custom X509 token ISecurityTokenManager stm = SecurityTokenManager.GetSecurityTokenManagerByTokenType(WSTrust.TokenTypes.X509v3); X509SecurityTokenManager x509tm = stm as X509SecurityTokenManager; x509tm.DefaultKeyAlgorithm = "RSA15"; x509tm.DefaultSessionKeyAlgorithm = "TripleDES"; //security.Elements.Add(new EncryptedData(token)); //De-comment this line will encrypt the Body // Add the token to the SOAP header. security.Tokens.Add(token); //Insert the token being used into header //Add Message Signature MessageSignature sig = new MessageSignature(userToken); sig.SignatureOptions = SignatureOptions.IncludeSoapBody; security.Elements.Add(sig); //Insert the encrypted UsernameToken security.Elements.Add(new EncryptedData(token, "#" + userToken.Id)); } Into TOMCAT logs, I can notice that WSS4J is able to: - retrieve my certificate with its public key - Decrypt the UserNameToken But the signature verification fails, some say that it could be due to a pretty-print component that alters the SOAP message after the signature, if so, how to deactivate such pretty-printer ? __________________ Benjamin BALET http://bbalet.free.fr/ Hi, It's probably a server side problem. You need to change these lines in your wsdd. <parameter name="action" value="UsernameTokenSignature UsernameToken Encrypt > Timestamp"/> > <parameter name="decryptionPropFile" value="security.properties" /> I think the first one should just be <parameter name="action" value="Signature UsernameToken Encrypt Timestamp"/> and the second should define the signaturePropFile not decryptionPropFile. If you're doing signature and encryption with just one file you must define it as the signature properties file, and the WSS4J handler uses this for both. <parameter name="signaturePropFile" value="security.properties" /> Hope this helps. Richard. > Hello, > [quoted text clipped - 75 lines] > Benjamin BALET > http://bbalet.free.fr/
Free MagazinesGet these publications absolutely FREE for up to 12 months. There are no hidden fees and no obligation. Simply choose a title, complete the application form and submit it. Read more ...
|
Reply to this Message
|
 Sign In
 Join
 My Latest Posts My Monitored Threads My Blog My Photo Gallery My Profile My Homepage Start New Thread Enable EMail Alerts Rate this Thread
|
©2008 Advenet LLC Privacy Policy - Terms of Use
This website includes both content owned or controlled by Advenet as well as content owned or controlled by third parties.