You are going to need to get in touch with the owners of that Web Service so that you can determine *exactly* what it is expecting.
A) Exactly what type of XML Signature does it expect? OASIS WS-Security 2004? Microsoft WS-Security 2002? An enveloped signature inside the SOAP envelope (which is not normally recommended)? B) If the owners have gone to the trouble of requiring signatures, they probably do this so that they can authorize access to the service based upon an authenticated message signature. They might require some sort of out-of-band service level agreement (calling them, signing some papers, getting your certificate placed on their trusted list, etc) prior to invoking their service. Regards, Jonathan Anderson Booz Allen Hamilton -----Original Message----- From: babloosony [mailto:[EMAIL PROTECTED] Sent: Friday, February 11, 2005 8:10 AM To: [EMAIL PROTECTED] Subject: Newbie doubts on XML Signature Hi All, There is a third party web service which exposed its wsdl to clients and I used AXIS 1.2 RC2 to create stubs and have written a web service client program to access the web service. However may the server is expecting a signed xml signature in the soap message to verify them I am not able to successfully get a soap response from the wsdl and instead I get below exception. Exception from server ---------------------------------------------------------------------------- [java] AxisFault [java] faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server [java] faultSubcode: [java] faultString: System.Web.Services.Protocols.SoapException: Server was unable to process request. --- System.Exception: Signature Verification Failed. [java] faultActor: [java] faultNode: [java] faultDetail: [java] {http://xml.apache.org/axis/}stackTrace: AxisFault [java] faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server [java] faultSubcode: [java] faultString: System.Web.Services.Protocols.SoapException: Server was unable to process request. --- System.Exception: Signature Verification Failed. [java] faultActor: [java] faultNode: [java] faultDetail: [java] System.Web.Services.Protocols.SoapException: Server was unable to process request. --- System.Exception: Signature Verification Failed. [java] at org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFaultBuilder.java:2 60) [java] at org.apache.axis.message.SOAPFaultBuilder.endElement(SOAPFaultBuilder.java:16 9) [java] at org.apache.axis.encoding.DeserializationContextImpl.endElement(Deserializati onContextImpl.java:1015) [java] at org.apache.crimson.parser.Parser2.maybeElement(Parser2.java:1712) [java] at org.apache.crimson.parser.Parser2.content(Parser2.java:1963) [java] at org.apache.crimson.parser.Parser2.maybeElement(Parser2.java:1691) [java] at org.apache.crimson.parser.Parser2.content(Parser2.java:1963) [java] at org.apache.crimson.parser.Parser2.maybeElement(Parser2.java:1691) [java] at org.apache.crimson.parser.Parser2.parseInternal(Parser2.java:667) [java] at org.apache.crimson.parser.Parser2.parse(Parser2.java:337) [java] at org.apache.crimson.parser.XMLReaderImpl.parse(XMLReaderImpl.java:448) [java] at javax.xml.parsers.SAXParser.parse(SAXParser.java:345) [java] at org.apache.axis.encoding.DeserializationContextImpl.parse(DeserializationCon textImpl.java:242) [java] at org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:538) [java] at org.apache.axis.Message.getSOAPEnvelope(Message.java:376) [java] at org.apache.axis.client.Call.invokeEngine(Call.java:2583) [java] at org.apache.axis.client.Call.invoke(Call.java:2553) [java] at org.apache.axis.client.Call.invoke(Call.java:2248) [java] at org.apache.axis.client.Call.invoke(Call.java:2171) [java] at org.apache.axis.client.Call.invoke(Call.java:1691) [java] at www.americanexpress.com.schemas.serviceportal.demands.v10.webservices.DOC_Ca rdsOwnedWSSoapStub.getCardsOwned(DOC_CardsOwnedWSSoapStub.java:154) [java] at serviceportal.demands.DOC_CardsOwnedWS.query(DOC_CardsOwnedWS.java:46) [java] at serviceportal.demands.DOC_CardsOwnedWS.main(DOC_CardsOwnedWS.java:62) [java] System.Web.Services.Protocols.SoapException: Server was unable to process request. --- System.Exception: Signature Verification Failed. [java] at org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFaultBuilder.java:2 60) [java] at org.apache.axis.message.SOAPFaultBuilder.endElement(SOAPFaultBuilder.java:16 9) [java] at org.apache.axis.encoding.DeserializationContextImpl.endElement(Deserializati onContextImpl.java:1015) [java] at org.apache.crimson.parser.Parser2.maybeElement(Parser2.java:1712) [java] at org.apache.crimson.parser.Parser2.content(Parser2.java:1963) [java] at org.apache.crimson.parser.Parser2.maybeElement(Parser2.java:1691) [java] at org.apache.crimson.parser.Parser2.content(Parser2.java:1963) [java] at org.apache.crimson.parser.Parser2.maybeElement(Parser2.java:1691) [java] at org.apache.crimson.parser.Parser2.parseInternal(Parser2.java:667) [java] at org.apache.crimson.parser.Parser2.parse(Parser2.java:337) [java] at org.apache.crimson.parser.XMLReaderImpl.parse(XMLReaderImpl.java:448) [java] at javax.xml.parsers.SAXParser.parse(SAXParser.java:345) [java] at org.apache.axis.encoding.DeserializationContextImpl.parse(DeserializationCon textImpl.java:242) [java] at org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:538) [java] at org.apache.axis.Message.getSOAPEnvelope(Message.java:376) [java] at org.apache.axis.client.Call.invokeEngine(Call.java:2583) [java] at org.apache.axis.client.Call.invoke(Call.java:2553) [java] at org.apache.axis.client.Call.invoke(Call.java:2248) [java] at org.apache.axis.client.Call.invoke(Call.java:2171) [java] at org.apache.axis.client.Call.invoke(Call.java:1691) [java] at www.americanexpress.com.schemas.serviceportal.demands.v10.webservices.DOC_Ca rdsOwnedWSSoapStub.getCardsOwned(DOC_CardsOwnedWSSoapStub.java:154) [java] at serviceportal.demands.DOC_CardsOwnedWS.query(DOC_CardsOwnedWS.java:46) [java] at serviceportal.demands.DOC_CardsOwnedWS.main(DOC_CardsOwnedWS.java:62) ---------------------------------------------------------------------------- I am not sure what to do at this point. Can I use any certificate and keys and write a handler that signs my soap request message so that the server can verify that message ? Please suggest .... Thanks & Regards, Kumar.
smime.p7s
Description: S/MIME cryptographic signature