Hi,
First I'd like to say I'm no stranger to setting up ws-security with glassfish and I'm hoping the issues I'm finding are configuration related.
Summary of the issue: I have set up a helloWorld webservice with sts-issued token security. I have verified that the client gets authenticated by the sts and subsequently calls into the web service successfully. I then set up the exact same binding on my bpel enpoint. When I deploy the bpel comp. app I get this error:
WSP1046: Server side assertion validation failed for "{
http://www.w3.org/2005/08/addressing}UsingAddressing" assertion. Assertion was evaluated as "UNKNOWN".
So I change the xmlns for the UsingAddressing element to wsas or
http://www.w3.org/2006/05/addressing/wsdl and the attempt to deploy the app. But note that the helloWorld webservice used
http://www.w3.org/2005/08/addressing
The app deploys but during deployment glassfish reports:
WSP0075: Policy assertion "{
http://schemas.sun.com/2006/03/wss/server}KeyStore" was evaluated as "UNSUPPORTED".
WSP0075: Policy assertion "{
http://schemas.sun.com/2006/03/wss/server}TrustStore" was evaluated as "UNSUPPORTED".
So with low expectations, the client fires off a request to the bpel endpoint and glassfish spits this out:
.XWSSecurityException: No Matching public key for dVE29ysyFW/iD1la3ddePzM6IWo= subject key identifier found
WSS1816: Error occurred while resolving KeyIdentifier
I'm using a pkcs12 key b/c this is an interop scenario with a .net client. I have searched for days on how to resolve this and finally I'm posting this thread in hopes that someone knows how to resolve this. I'm confused why the same binding works for a traditional webservice endpoint but not for a bpel endpoint.
[Message sent by forum member 'mulepic' (mulepic_at_hotmail.com)]
http://forums.java.net/jive/thread.jspa?messageID=362456