Please verify the existence or absence of this nomenclature in your
securitydeploy.wsdd descriptor file <requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="Signature NoSerialization"/>
<parameter name="user" value="firstUser"/>
<parameter name="passwordCallbackClass"
value="org.apache.ws.axis.oasis.PWCallback"/>
<parameter name="signaturePropFile" value="crypto.properties" />
<parameter name="signatureParts" value="{}{http://xmlsoap.org/Ping}ticket";
/>
</handler>
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="Signature"/>
<parameter name="user" value="anotherUser"/>
<parameter name="passwordCallbackClass"
value="org.apache.ws.axis.oasis.PWCallback"/>
<parameter name="signaturePropFile" value="crypto.properties" />
</handler>
</requestFlow>
/*Noting this explanation*/Note the action specifier NoSerialization first
handler. In a handler chain of WSS4J handlers every handler but the last
handler must have this action specifier. The NoSerialization specifier
surpresses the very last step of the handler's security processing: Only the
last handler must perform this serialization. In other words NoSerialization
must be specified in every handler BUT must be missing from the last
handlerMartin --
*********************************************************************
This email message and any files transmitted with it contain confidential
information intended only for the person(s) to whom this email message is
addressed. If you have received this email message in error, please notify
the sender immediately by telephone or email and destroy the original
message without making a copy. Thank you.
----- Original Message -----
From: "Ravi Krishnamurthy" <[EMAIL PROTECTED]>
To: "Ruchith Fernando" <[EMAIL PROTECTED]>
Cc: <[email protected]>
Sent: Friday, July 21, 2006 12:41 PM
Subject: Re: Repost: WSSecurityException - Check Signature confirmation (Axis
1.4 + wss4j)
Thanks Ruchith for your reply.
I'm using wss4j-1.5 with axis 1.4
ALso I debugegd the wss4j source code yesterday and looks like the
following is causing the problem:
File: org.apache.ws.security.handler.WSHandler (line # 315 - 321)
/*
* This indicates this is the last handler: the vector holding the
* stored Signature values must be empty, otherwise we have an error
*/
if (!reqData.isNoSerialization()) {
log.debug("Check Signature confirmation - last handler");
if (sigv != null && !sigv.isEmpty()) {
throw new WSSecurityException("WSHandler: Check
Signature confirmation: stored SV vector not empty");
}
}
Looks liek teh reqData.isNoSerialization is false and hence the error. I
changed it to return true and it worked fine.
Since I'm trying the out of the box interop samples, wondering why I'm
getting this error.
thanks for your time again.
Regards,
Ravi
Ruchith Fernando wrote:
> Hi Ravi,
>
> Which version of WSS4J are you using?
>
> Thanks,
> Ruchith
>
> On 7/21/06, Ravi Krishnamurthy <[EMAIL PROTECTED]> wrote:
>>
>> Trying my luck if anybody can suggest any pointers,
>>
>>
>>
>> Hello:
>> Would appreciate if someone could give me some pointers.
>>
>> Thanks,
>> Ravi
>>
>> Ravi Krishnamurthy wrote:
>> Hello:
>> I'm trying to use wss4j with Axis1.4 and trying out the samples that
>> comes
>> with wss4j/interop.
>>
>> On executing the org.apache.ws.axis.oasis.Scenario3 I get
>> the following exception:
>>
>> WSHandler: Check Signature confirmation: stored SV vector not empty;
>> nested
>> exception is:
>> org.apache.ws.security.WSSecurityException: WSHandler:
>> Check Signature confirmation: stored SV vector not empty
>> at
>> org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:351)
>>
>>
>> I monitor the soap messages through the tcpmon and they are below:
>>
>> request soap message:
>> ----------------------
>> <?xml version="1.0" encoding="UTF-8"?>
>> <soapenv:Envelope
>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";
>> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";
>> xmlns:xsd="http://www.w3.org/2001/XMLSchema";
>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
>> <soapenv:Header>
>> <wsse:Security
>> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
>>
>>
>> soapenv:mustUnderstand="1">
>> <wsu:Timestamp
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>>
>>
>> wsu:Id="Timestamp-6559246">
>> <wsu:Created>2006-07-10T20:19:53.011Z</wsu:Created>
>> <wsu:Expires>2006-07-10T20:24:53.011Z</wsu:Expires>
>> </wsu:Timestamp>
>> <xenc:EncryptedKey Id="EncKeyId-13076987">
>> <xenc:EncryptionMethod
>> Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5";></xenc:EncryptionMethod>
>>
>>
>> <ds:KeyInfo
>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
>> <wsse:SecurityTokenReference>
>> <wsse:KeyIdentifier
>> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
>>
>>
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier";>Xeg55vRyK3ZhAEhEf+YT0z986L0=</wsse:KeyIdentifier>
>>
>>
>> </wsse:SecurityTokenReference>
>> </ds:KeyInfo>
>> <xenc:CipherData>
>>
>> <xenc:CipherValue>HEhP2Wm923TOcrC6vcfyf3I7BQPFW6pzZb4oRsV6GHL1THJvLbmjeIGTX9p3/6bLL4lQEy/7M3Sk2znE7QBjTtQuip+WAiJuiKONzQRC175FZTkhNgF6iD62/ikuGMihR3yn/1KZtjMiH8k/gh1Q+sRW0pD8JmEKnBWw2hhX/n8=</xenc:CipherValue>
>>
>>
>> </xenc:CipherData>
>> <xenc:ReferenceList>
>> <xenc:DataReference
>> URI="#EncDataId-30568553"></xenc:DataReference>
>> </xenc:ReferenceList>
>> </xenc:EncryptedKey>
>> <wsse:BinarySecurityToken
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>>
>>
>> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
>>
>>
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
>>
>>
>> wsu:Id="CertId-1776694">MIIDDDCCAfSgAwIBAgIQM6YEf7FVYx/tZyEXgVComTANBgkqhkiG9w0BAQUFADAwMQ4wDAYDVQQKDAVPQVNJUzEeMBwGA1UEAwwVT0FTSVMgSW50ZXJvcCBUZXN0IENBMB4XDTA1MDMxOTAwMDAwMFoXDTE4MDMxOTIzNTk1OVowQjEOMAwGA1UECgwFT0FTSVMxIDAeBgNVBAsMF09BU0lTIEludGVyb3AgVGVzdCBDZXJ0MQ4wDAYDVQQDDAVBbGljZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAoqi99By1VYo0aHrkKCNT4DkIgPL/SgahbeKdGhrbu3K2XG7arfD9tqIBIKMfrX4Gp90NJa85AV1yiNsEyvq+mUnMpNcKnLXLOjkTmMCqDYbbkehJlXPnaWLzve+mW0pJdPxtf3rbD4PS/cBQIvtpjmrDAU8VsZKT8DN5Kyz+EZsCAwEAAaOBkzCBkDAJBgNVHRMEAjAAMDMGA1UdHwQsMCowKKImhiRodHRwOi8vaW50ZXJvcC5iYnRlc3QubmV0L2NybC9jYS5jcmwwDgYDVR0PAQH/BAQDAgSwMB0GA1UdDgQWBBQK4l0TUHZ1QV3V2QtlLNDm+PoxiDAfBgNVHSMEGDAWgBTAnSj8wes1oR3WqqqgHBpNwkkPDzANBgkqhkiG9w0BAQUFAAOCAQEABTqpOpvW+6yrLXyUlP2xJbEkohXHI5OWwKWleOb9hlkhWntUalfcFOJAgUyH30TTpHldzx1+vK2LPzhoUFKYHE1IyQvokBN2JjFO64BQukCKnZhldLRPxGhfkTdxQgdf5rCK/wh3xVsZCNTfuMNmlAM6lOAg8QduDah3WFZpEA0s2nwQaCNQTNMjJC8tav1CBr6+E5FAmwPXP7pJxn9Fw9OXRyqbRA4v2y7YpbGkG2GI9UvOHw6SGvf4FRSthMMO35
>>
>>
>> YbpikGsLix3vAsXWWi4rwfVOYzQK0OFPNi9RMCUdSH06m9uLWckiCxjos0FQODZE9l4ATGy9s9hNVwryOJTw==</wsse:BinarySecurityToken>
>>
>>
>> <ds:Signature
>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
>> Id="Signature-2950265">
>> <ds:SignedInfo>
>> <ds:CanonicalizationMethod
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";></ds:CanonicalizationMethod>
>>
>>
>> <ds:SignatureMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1";></ds:SignatureMethod>
>>
>> <ds:Reference URI="#id-30568553">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";></ds:Transform>
>> </ds:Transforms>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></ds:DigestMethod>
>>
>> <ds:DigestValue>zzx3ig1a7LmzkrkBpLOTIJbLd3s=</ds:DigestValue>
>> </ds:Reference>
>> </ds:SignedInfo>
>>
>> <ds:SignatureValue>IuRirKy+x18gU00p0uhMEDzEAFvpoHMGKcq45ROmpzQ6ZpD/VEghpYjru6Kff0y3tyWzSvW6nA1mH1pudDP1yLxP5geYvXNPQlFV5X+7T60QPlM6ho3sBj2D3IDAZZXZQdJV+fqC7JycqdzLfXU15fHw+ReZm2r7hIPoys9eHgg=</ds:SignatureValue>
>>
>>
>> <ds:KeyInfo Id="KeyId-13452612">
>> <wsse:SecurityTokenReference
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>>
>>
>> wsu:Id="STRId-29769356">
>> <wsse:Reference URI="#CertId-1776694"
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";></wsse:Reference>
>>
>>
>> </wsse:SecurityTokenReference>
>> </ds:KeyInfo>
>> </ds:Signature>
>> </wsse:Security>
>> </soapenv:Header>
>> <soapenv:Body
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>>
>>
>> wsu:Id="id-30568553">
>> <xenc:EncryptedData Id="EncDataId-30568553"
>> Type="http://www.w3.org/2001/04/xmlenc#Content";>
>> <xenc:EncryptionMethod
>> Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc";></xenc:EncryptionMethod>
>>
>>
>> <xenc:CipherData>
>>
>> <xenc:CipherValue>oXcNsV8AMx98dJom1wFX1i6y0Q90oPf7SpLM88MqCsc9dbVFkJNwN5prhs3WXUtjQ40IKuBRxX+MRNg+J79tT3sm+ivzH7+qol3JaudVz5ahPyLO7BPHmjOLNFV0YrtVs+dUbjhtJHk152uU6Lty/3l9RKuPbC6FDy6NGNpFolt27gqIfOfnQgGFEYpEFST7Vjt/QD6VoLkA7JdjNsJmQceWtn6jQ0ZUHW5lsBCR1fFRYRCBTSp2NHAHf+PqpFuNJ+8jr4HZhhy71dfxACQ4n7BuS0MelKtF/Sf+Gk4MIGsh27JdGESfPG3IQRW6FGicq92TILQPh1mEWAl+xC9cT08Wv6bscNmTM9hz3e4A7Z2C25GpZGki4NTt3jZgYb3BEXAyUQfxANQVe7MFytRlzKGx9rK9qnX1PcF8/4Oa+UNoBNtid+geXYN9xRXM5jvOlRT0rquvu58bv84XCmnzMT6O/OxXdUlaiBSIrVavgcT36QtjHVC0ov69ViHI5c4KdfcZcjk2ijGryJdv7FoNtQcsG6VwufSGXoGrvlzHP+b1fQCaDG2w+vF/DLsjKjb5</xenc:CipherValue>
>>
>>
>> </xenc:CipherData>
>> </xenc:EncryptedData>
>> </soapenv:Body>
>> </soapenv:Envelope>
>>
>>
>>
>> response soap message:
>> -----------------------
>> <?xml version="1.0" encoding="UTF-8"?>
>> <soapenv:Envelope
>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";
>> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";
>> xmlns:xsd="http://www.w3.org/2001/XMLSchema";
>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
>> <soapenv:Header>
>> <wsse:Security
>> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
>>
>>
>> soapenv:mustUnderstand="1">
>> <wsu:Timestamp
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
>>
>>
>> <wsu:Created>2006-07-10T20:19:53.301Z</wsu:Created>
>> <wsu:Expires>2006-07-10T20:24:53.301Z</wsu:Expires>
>> </wsu:Timestamp>
>> <xenc:EncryptedKey>
>> <xenc:EncryptionMethod
>> Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5";></xenc:EncryptionMethod>
>>
>>
>> <ds:KeyInfo
>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
>> <wsse:SecurityTokenReference>
>> <wsse:KeyIdentifier
>> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
>>
>>
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier";>CuJdE1B2dUFd1dkLZSzQ5vj6MYg=</wsse:KeyIdentifier>
>>
>>
>> </wsse:SecurityTokenReference>
>> </ds:KeyInfo>
>> <xenc:CipherData>
>>
>> <xenc:CipherValue>DSQ2fgmVjM49zAKL7exQfRZ59jHNTy/GYYH+FipkHibYiUUgEcCCtaN9RE4SwXqmQyy32t6x/+YQSlhPK7o8vTJi3jdkcvjk+NJRUFv5r8YLu2x3dtDX3cnhio979uC7JjHDUmgKg9XbZpFWLLerfiL5jZ2Wn7VLtzyHUvk/qBs=</xenc:CipherValue>
>>
>>
>> </xenc:CipherData>
>> <xenc:ReferenceList>
>> <xenc:DataReference
>> URI="#EncDataId-9012615"></xenc:DataReference>
>> </xenc:ReferenceList>
>> </xenc:EncryptedKey>
>> <wsse:BinarySecurityToken
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>>
>>
>> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
>>
>>
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
>>
>>
>> wsu:Id="CertId-2645972">MIIDCjCCAfKgAwIBAgIQYDju2/6sm77InYfTq65x+DANBgkqhkiG9w0BAQUFADAwMQ4wDAYDVQQKDAVPQVNJUzEeMBwGA1UEAwwVT0FTSVMgSW50ZXJvcCBUZXN0IENBMB4XDTA1MDMxOTAwMDAwMFoXDTE4MDMxOTIzNTk1OVowQDEOMAwGA1UECgwFT0FTSVMxIDAeBgNVBAsMF09BU0lTIEludGVyb3AgVGVzdCBDZXJ0MQwwCgYDVQQDDANCb2IwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMCquMva4lFDrv3fXQnKK8CkSU7HvVZ0USyJtlL/yhmHH/FQXHyYY+fTcSyWYItWJYiTZ99PAbD+6EKBGbdfuJNUJCGaTWc5ZDUISqM/SGtacYe/PD/4+g3swNPzTUQAIBLRY1pkr2cm3s5Ch/f+mYVNBR41HnBeIxybw25kkoM7AgMBAAGjgZMwgZAwCQYDVR0TBAIwADAzBgNVHR8ELDAqMCiiJoYkaHR0cDovL2ludGVyb3AuYmJ0ZXN0Lm5ldC9jcmwvY2EuY3JsMA4GA1UdDwEB/wQEAwIEsDAdBgNVHQ4EFgQUXeg55vRyK3ZhAEhEf+YT0z986L0wHwYDVR0jBBgwFoAUwJ0o/MHrNaEd1qqqoBwaTcJJDw8wDQYJKoZIhvcNAQEFBQADggEBAIiVGv2lGLhRvmMAHSlY7rKLVkv+zEUtSyg08FBT8z/RepUbtUQShcIqwWsemDU8JVtsucQLc+g6GCQXgkCkMiC8qhcLAt3BXzFmLxuCEAQeeFe8IATr4wACmEQE37TEqAuWEIanPYIplbxYgwP0OBWBSjcRpKRAxjEzuwObYjbll6vKdFHYIweWhhWPrefquFp7TefTkF4D3rcctTfWJ76I5NrEVld+7PBnnJNpdDEuGsoaiJrwTW3Ixm40RXvG3fYS4h
>>
>>
>> IAPeTCUk3RkYfUkqlaaLQnUrF2hZSgiBNLPe8gGkYORccRIlZCGQDEpcWl1Uf9OHw6fC+3hkqolFd5CVI=</wsse:BinarySecurityToken>
>>
>>
>> <ds:Signature
>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
>> <ds:SignedInfo>
>> <ds:CanonicalizationMethod
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";></ds:CanonicalizationMethod>
>>
>>
>> <ds:SignatureMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1";></ds:SignatureMethod>
>>
>> <ds:Reference URI="#id-9012615">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";></ds:Transform>
>> </ds:Transforms>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></ds:DigestMethod>
>>
>> <ds:DigestValue>IRfNt/3fQaa0QskrOxRUUA+1GDA=</ds:DigestValue>
>> </ds:Reference>
>> </ds:SignedInfo>
>>
>> <ds:SignatureValue>Np3MfcGB60J5QomOh5Sxy7uUNNyRfmw4xXtnzJQX211PN928V8VyFGztx0AM5EzooUZoSoGA064+3bIe3cZSXYeUOEm625RVD+UDhNUyT5Ed8L1WUJjXAabXWNVeglfqI110DYCHphY9BaTqXYMK5qeUKNFvVaRD+zd4Bm/g/+w=</ds:SignatureValue>
>>
>>
>> <ds:KeyInfo Id="KeyId-19375260">
>> <wsse:SecurityTokenReference
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>>
>>
>> wsu:Id="STRId-27799186">
>> <wsse:Reference URI="#CertId-2645972"
>> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";></wsse:Reference>
>>
>>
>> </wsse:SecurityTokenReference>
>> </ds:KeyInfo>
>> </ds:Signature>
>> </wsse:Security>
>> </soapenv:Header>
>> <soapenv:Body
>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>>
>>
>> wsu:Id="id-9012615">
>> <xenc:EncryptedData Id="EncDataId-9012615"
>> Type="http://www.w3.org/2001/04/xmlenc#Content";>
>> <xenc:EncryptionMethod
>> Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc";></xenc:EncryptionMethod>
>>
>>
>> <xenc:CipherData>
>>
>> <xenc:CipherValue>icXz2exE8Wga6dSjPmJM1VPx2S76MVLuERxODdxrST9S6feRTjSXhry9mBFO8ouNKkMtQie1KxCRHe7MSchFYmMaj3C9UFE30RQXrTj/LLRtkTUAoiq8DpQB3RJX2XPQeHibocNrlL4yY17BLblFTg/UBdIxA7mks3OUEFbVXDc+FSgTcTmjG9Cbmt7e77W3Walx+yJDYvo9zaniEMhcxO5kIglnzjrBcf6WlL74NXDtKsRrMgNYqAVz4IkFG6/5bmmq0Nc36MX9C7XHPp/yJZW2M1WHOOWuTnB9hAgtboGMSMBiTfFQ/XYMT14gTeHFOj+OjszNneYXVZPhnw4HgO5TwmO4k7NKLpHnuv/sKILEvmGB3j+kmAbL06bJYn3fRZnio8LetG5089dQllr/KpYEzhwAzk8eHLtNDC1BTghqsKKuNfTWQuvyNY/cHpIJglO4J/FOMMtnG1XNb2m0CV7EZLTecS3V1RTGdlZyDzp03AzA1Ol8O9XJ1mEaKCab9P0nbzahzYk5VNkz6PbEDIDZsz6ApZ74</xenc:CipherValue>
>>
>>
>> </xenc:CipherData>
>> </xenc:EncryptedData>
>> </soapenv:Body>
>> </soapenv:Envelope>
>>
>>
>>
>> Could some one help me in understanding what might be wrong.
>>
>> Thanks,
>> Ravi
>>
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
