I use Axis2 client with WS-Security to call APS.NET2.0 WSE3.0 Web Service.
Set <encryptionKeyIdentifier>IssuerSerial</encryptionKeyIdentifier>
The message send out like below:
<xenc:EncryptedKey Id="EncKeyId-4779445">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference>
<ds:X509Data>
<ds:X509IssuerSerial>
<ds:X509IssuerName>CN=Root Agency</ds:X509IssuerName>
<ds:X509SerialNumber>119177920819346963742949139381104551659</ds:X509SerialNumber>
</ds:X509IssuerSerial>
</ds:X509Data>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
*******
</xenc:EncryptedKey>
I got error message:
**************************************************************
Microsoft.Web.Services3.Security.SecurityFault:
Referenced security token could not be retrieved --->
System.Exception: WSE590: Failed to resolve the following Key Info
*****************************************************************
If I use a .NET client with the same setting, and it works fine. The message like below.
<xenc:EncryptedKey Id="SecurityToken-556aaf5e-3155-4a3a-b55b-40e80410bf12" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" />
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference>
<X509Data>
<X509IssuerSerial>
<X509IssuerName>CN=Root Agency</X509IssuerName>
<X509SerialNumber>119177920819346963742949139381104551659</X509SerialNumber>
</X509IssuerSerial>
</X509Data>
</wsse:SecurityTokenReference>
</KeyInfo>
*********
</xenc:EncryptedKey>
These two messages are almost equivalent, they apply the same namespace,
but the Axis2 using a prefix "ds", .NET is using the default namespace
declaration (not specifying a prefix).
Is there any way on java side to change to match the .NET format?
Or is there any config need be changed on .NET side?
thanks for your time.
Jason
