Excellent, that's fixed that problem. You will have to excuse my simple questions; I've not used ws-policy before.
Is it possible to specify that the client has to include a timestamp in the sent message, but may or may not receive one back? Having <sp:IncludeTimestamp/> returns "[info] [rampart][shp] Timestamp is not in the message", and modifying it to <sp:IncludeTimestamp wsp:Optional="true"/> still comes up with the same error. I've looked in the ws-policy specifications, but as of yet, haven't really found any detailed information on how to include timestamps in one direction, but not the other, so any help would be greatly appreciated. Thanks, Jamie > -----Original Message----- > From: Manjula Peiris [mailto:[EMAIL PROTECTED] > Sent: 08 August 2007 11:22 > To: Apache AXIS C Developers List > Subject: Re: Error: "Key Reference Info is mismatch with policy"? > > Hi Jamie, > > Please check the value of <sp:IncludeToken> attribute in the > <sp:InitiatorToken> element. If it is , > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always To > Recipient then the certificate used to signed the message is sent only by > the client to server. The Client should not see it attached as a > <BinarySecurityToken> in the recieved message. If you want this > <BinarySecurityToken> element to be in the recieved message of the client > please change the <sp:IncludeToken> attribute to > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always . > > If this does not work please send the policy file you are using. > > Thanks > -Manjula. > > > On Tue, 2007-08-07 at 16:26 +0100, Jamie Lyon wrote: > > Hi, > > > > > > > > I'm writing a client to an existing service in Axis2/C. Can anyone > > shed any light as to what could cause the above error message "Key > > Reference Info is mismatch with policy"? It appears to me as though > > it's saying that the namespace or something in the received message is > > not matching what is in the policy.xml. You can see the context of the > > message in the snippet of the debug log below. > > > > > > > > The situation seems odd however, since as you can see from the sent log, > the message sent by the client is perfectly fine. The namespaces, tokens > etc... all seem to match that which is received back from the server. > > > > I have attached the sent and received messages, and below is a snippet > of the debug log: > > [Tue Aug 7 16:13:02 2007] [info] [rampart][shp] Process security > header > > [Tue Aug 7 16:13:02 2007] [info] [rampart][axiom] Checking node > Security for EncryptedKey > > [Tue Aug 7 16:13:02 2007] [info] [rampart][axiom] Checking node > BinarySecurityToken for EncryptedKey > > [Tue Aug 7 16:13:02 2007] [info] [rampart][axiom] Checking node > Signature for EncryptedKey > > [Tue Aug 7 16:13:02 2007] [info] [rampart][axiom] Checking node > SignedInfo for EncryptedKey > > [Tue Aug 7 16:13:02 2007] [info] [rampart][axiom] Checking node > CanonicalizationMethod for EncryptedKey > > [Tue Aug 7 16:13:02 2007] [info] [rampart][axiom] Checking node > SignatureMethod for EncryptedKey > > [Tue Aug 7 16:13:02 2007] [info] [rampart][axiom] Checking node > Reference for EncryptedKey > > [Tue Aug 7 16:13:02 2007] [info] [rampart][axiom] Checking node > Transforms for EncryptedKey > > [Tue Aug 7 16:13:02 2007] [info] [rampart][axiom] Checking node > Transform for EncryptedKey > > [Tue Aug 7 16:13:02 2007] [info] [rampart][axiom] Checking node > DigestMethod for EncryptedKey > > [Tue Aug 7 16:13:02 2007] [info] [rampart][axiom] Checking node > DigestValue for EncryptedKey > > [Tue Aug 7 16:13:02 2007] [info] [rampart][axiom] Checking node > SignatureValue for EncryptedKey > > [Tue Aug 7 16:13:02 2007] [info] [rampart][axiom] Checking node > KeyInfo for EncryptedKey > > [Tue Aug 7 16:13:02 2007] [info] [rampart][axiom] Checking node > SecurityTokenReference for EncryptedKey > > [Tue Aug 7 16:13:02 2007] [info] [rampart][axiom] Checking node > Reference for EncryptedKey > > [Tue Aug 7 16:13:02 2007] [info] [rampart][axiom] Checking node > Security for Signature > > [Tue Aug 7 16:13:02 2007] [info] [rampart][axiom] Checking node > BinarySecurityToken for Signature > > [Tue Aug 7 16:13:02 2007] [info] [rampart][axiom] Checking node > Signature for Signature > > [Tue Aug 7 16:13:02 2007] [info] [rampart][shp] Processing Signature > element. > > [Tue Aug 7 16:13:02 2007] [info] [Rampart][shp]Key Reference Info is > mismatch with policy > > [Tue Aug 7 16:13:02 2007] [info] [rampart][rampart_in_handler] > Security Header processing failed. > > [Tue Aug 7 16:13:02 2007] [debug] engine.c(292) Axis2 engine receive > completed! > > [Tue Aug 7 16:13:02 2007] [error] autogen/axis2_DataService.cpp(1236) > returnNode is NULL: Error code: 2 :: NULL paramater was passed when a non > NULL parameter was expected > > > > > > > > Thanks, > > > > Jamie > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
