users@jax-rpc.java.net

XWS problem

From: Sels Wannes <Wannes.Sels_at_cronos.be>
Date: Mon, 4 Jul 2005 16:52:17 +0200

Hi all,

 

We're trying to use a secured webservice with our own javascript client.
The service I got from here:
http://msdn.microsoft.com/architecture/default.aspx?pull=/library/en-us/
dnbda/html/wssinteropjwsdp15.asp . My security config for the service is
as follows:

 <xwss:JAXRPCSecurity
xmlns:xwss="http://java.sun.com/xml/ns/xwss/config">

<xwss:Service>

    <xwss:SecurityConfiguration dumpMessages="true">

            <xwss:RequireSignature/>

     </xwss:SecurityConfiguration>

 </xwss:Service>

<xwss:SecurityEnvironmentHandler>

    com.sun.xml.wss.sample.SecurityEnvironmentHandler

</xwss:SecurityEnvironmentHandler>

</xwss:JAXRPCSecurity>

 

We're using our own test certificates (see attachments) which I've
imported into catalina.home/xws-security/etc/server-truststore.jks . The
clients request looks like this:

 

<?xml version="1.0" encoding="UTF-8"?>

<SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:tns="http://wss.samples.microsoft.com"
xmlns:wsdl="http://schemas.xmlsoap.org/wsdl/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

        <SOAP-ENV:Header>

<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse
curity-secext-1.0.xsd">

                        <ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">

                                <ds:SignedInfo>

                                        <ds:CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>

                                        <ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>

                                        <ds:Reference URI="#Body">

                                                <ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>

 
<ds:DigestValue>nAWqEctvN0YBK583AOEFhDKURnI=</ds:DigestValue>

                                        </ds:Reference>

                                </ds:SignedInfo>

                                <ds:SignatureValue>

 
jKg1zawmJSgM/i2xcuQ0uQDNB8g33mT1H/0CnaL0Kc8DV/k4YELmbuci7PdUBUxcVY1OnOAe

 
vFpuFh2HDe1SrIxlkH1Dj6XatZq/NmQH9ecja/Jj6Mu+cs7hUxDpjEf7sBBObGPxLmrbUNqp

    lfmtKpgckY5ZIhsyQATsY8AyhNk=

  </ds:SignatureValue>

                                <ds:KeyInfo>

      <X509Data xmlns="http://www.w3.org/2000/09/xmldsig#">

        <X509Certificate>

 
MIIDuzCCAySgAwIBAgIKG+YxcQAAAAAAAjANBgkqhkiG9w0BAQUFADAPMQ0wCwYDVQQDEwRr

 
emVuMB4XDTA1MDcwMTExMzMwMVoXDTA2MDcwMTExNDMwMVowgZkxCzAJBgNVBAYTAkJFMRAw

 
DgYDVQQIEwdBbnR3ZXJwMRAwDgYDVQQHEwdLb250aWNoMQ0wCwYDVQQKEwRrWmVuMR8wHQYD

 
VQQLDBZSZXNlYXJjaCAmIERldmVsb3BtZW50MRIwEAYDVQQDEwlOaWNrIE9vbXMxIjAgBgkq

 
hkiG9w0BCQEWE25pY2sub29tc0Bjcm9ub3MuYmUwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJ

 
AoGBAL77WBAQITePR+54H7dI1zRmdnhujcmgWpCRTWFDq5A7vudkMf01clGKa2lu1FbnCA/k

 
vkA/93c+sQQGv3MPPRcZJ5RW5vjtpRWs2gimRYHpkeWGskWG0wVsaFIBQtH6cNupqypQMGkD

 
8XS/wSioQYAjQ2m3by+INK2CKG7tI3ORAgMBAAGjggGRMIIBjTAOBgNVHQ8BAf8EBAMCBsAw

 
HQYDVR0OBBYEFI5KKh49OCl2MBNU+O0013hzmdCEMBMGA1UdJQQMMAoGCCsGAQUFBwMDMB8G

 
A1UdIwQYMBaAFPN2tXITdsqwDeYnpcVmCITOY8hWMHEGA1UdHwRqMGgwZqBkoGKGLmh0dHA6

 
Ly93czAzLWJwZWwuaWNvbm9zLmJlL0NlcnRFbnJvbGwva3plbi5jcmyGMGZpbGU6Ly9cXHdz

 
MDMtYnBlbC5pY29ub3MuYmVcQ2VydEVucm9sbFxremVuLmNybDCBsgYIKwYBBQUHAQEEgaUw

 
gaIwTgYIKwYBBQUHMAKGQmh0dHA6Ly93czAzLWJwZWwuaWNvbm9zLmJlL0NlcnRFbnJvbGwv

 
d3MwMy1icGVsLmljb25vcy5iZV9remVuLmNydDBQBggrBgEFBQcwAoZEZmlsZTovL1xcd3Mw

 
My1icGVsLmljb25vcy5iZVxDZXJ0RW5yb2xsXHdzMDMtYnBlbC5pY29ub3MuYmVfa3plbi5j

 
cnQwDQYJKoZIhvcNAQEFBQADgYEASh8D+AA2JxsN1TRnGK/BoHDKV5AW96NCksvKzeQcPL4t

 
KdRHhyiu9fCSSdON0O6Jq0qL416G+pXlkRc0xYNdIT1GZcdU2/QqHYBuSxjygovI00m7ynlH

          kzqHCkyWSiQYIS8ergfdH3AFHzdbLH4MGcDYvayXv3mQZqvPA7yRWw0=

        </X509Certificate>

      </X509Data>

    </ds:KeyInfo>

                        </ds:Signature>

                </wsse:Security>

        </SOAP-ENV:Header>

        <SOAP-ENV:Body Id="Body">

                <submitOrder xmlns="http://wss.samples.microsoft.com">

                        <OrderImpl_1 xmlns="">

<creditCardExpM xsi:type="xsd:int">0</creditCardExpM>

<creditCardExpY xsi:type="xsd:int">0</creditCardExpY>

<creditCardNum xsi:type="xsd:string">bla</creditCardNum>

<id xsi:type="xsd:long">0</id>

</OrderImpl_1>

</submitOrder>

</SOAP-ENV:Body>

</SOAP-ENV:Envelope>

 

To which the server responds:

 

INFO: ==== Response Start ====

<?xml version="1.0" encoding="UTF-8"?>

<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:enc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:ns0="http://wss.samples.microsoft.com"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

<env:Body>

<env:Fault>

<faultcode
xmlns:ans1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse
curity-secext-1.0.xsd">ans1:PolicyViolation</faultcode>

<faultstring>Receiver requirement for signature target:
//*[local-name()='Body' and
namespace-uri()='http://schemas.xmlsoap.org/soap/envelope/'] , has not
been met</faultstring>

</env:Fault>

</env:Body>

</env:Envelope>

==== Response End ====

 

I'm not really sure what the message means. Any thoughts?

 

 

Kind regards,

 

Wannes






© Oracle | By contributing to this project, you are agreeing to the terms of use described here.