Hi Raghu,
Can you disable body signature from client and service policy and
confirm whether it is working? Leave the header signing and comment only
body as follows. All your configurations seemed to be correct. There
might be bug in Rampart, we have to debug and see..
<sp:SignedParts
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<!--sp:Body/-->
<sp:Header Namespace="http://www.w3.org/2005/08/addressing"/>
</sp:SignedParts>
Regards,
Shankar.
Raghu Udupa wrote:
Shankar,
Per your request, I am attaching a tar.gz file containing server log,
client log as well as log from tcpmon. Right now, the whole soap body is
used while creating the signature. The tar gzip file contains the
following files
$ tar -tf axis2.info.tar
axis2.client.log
axis2.server.log
client.policy.xml
services.xml
tcp.log
Could you look into these log files and advise as to why signature
verification is failing? If you need any additional information, please
let me know,
Regards,
Raghu
-----Original Message-----
From: Uthaiyashankar [mailto:[EMAIL PROTECTED]
Sent: Wednesday, October 08, 2008 12:29 AM
To: Apache AXIS C User List
Subject: Re: signature verification failing
Hi Raghu,
Can you capture the messages (Request and Reply) with tcpmon and send
it? I need full message, not just the body... Also, the client.log
seemed to be not full. can you clear all the logs and then send the
request, and attach the log.
Service.xml and client.policy.xml assertions are correct. It is failing
when validating body signature. How big the message? can you make sure
whether full request is received by the service? you can comment body
sign part from client policy and service.xml and send the message and
see whether it is working.
Regards,
Shankar.
Raghu Udupa wrote:
Thanks, Shankar, Samisa.
Shankar,
I am attaching the following
1) client.log
2) client.policy.xml
3) server log
4) service.xml
5) response
I have configured only the service.xml for the service as per axis2c
user manual. Does the server require a separate policy file in
addition
to service.xml? Server log also has the request in canonicalized
format.
If you need any additional information, please let me know.
Thanks,
Raghu
-----Original Message-----
From: Uthaiyashankar [mailto:[EMAIL PROTECTED]
Sent: Tuesday, October 07, 2008 12:50 AM
To: Apache AXIS C User List
Subject: Re: signature verification failing
Samisa Abeysinghe wrote:
Uthaiyashankar wrote:
(5) Client policy file
(6) Server policy file
Should not those two be the same?
Ideally, it has to be. However, Rampart specific configurations will
be
different. I wanted to make sure those two files are having same
assertions.
Regards,
Shankar.
Samisa...
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
------------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
------------------------------------------------------------------------
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
S.Uthaiyashankar
Software Architect
WSO2 Inc.
http://wso2.com/ - "The Open Source SOA Company"
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
