Thanks Ruchith for your reply.
I'm using the client_deploy.wsdd and deploy.wsdd from the wss4j\interop
samples of wss4j:
client_deploy.wsdd : C:\software\wss4j\interop\org\apache\ws\axis\oasis
depoy.wsdd for the service:
C:\software\wss4j\interop\org\apache\ws\axis\oasis\ping
I have attached them with this email. I get the mentioned exception when
I do the ping3 and above.
The only change I remember doing was to rename the wstest.properties to
wssec.properties. Anyway I will look into it.
Regards,
Ravi
Ruchith Fernando wrote:
Hi Ravi,
Have you set a handler parameter by the name
"enableSignatureConfirmation" any where in your configurations?
Since I couldn't find the "SignatureConfirmation" element in your
response message I think you may have set
"enableSignatureConfirmation" to false at the service. If so please
remove it OR add the same entry to client side, so the client side
handler will not expect a "SignatureConfirmation" element in the
response.
Thanks,
Ruchith
On 7/21/06, Ravi Krishnamurthy <[EMAIL PROTECTED]> wrote:
Thanks Ruchith for your reply.
I'm using wss4j-1.5 with axis 1.4
ALso I debugegd the wss4j source code yesterday and looks like the
following is causing the problem:
File: org.apache.ws.security.handler.WSHandler (line # 315 - 321)
/*
* This indicates this is the last handler: the vector holding
the
* stored Signature values must be empty, otherwise we have an
error
*/
if (!reqData.isNoSerialization()) {
log.debug("Check Signature confirmation - last handler");
if (sigv != null && !sigv.isEmpty()) {
throw new WSSecurityException("WSHandler: Check
Signature confirmation: stored SV vector not empty");
}
}
Looks liek teh reqData.isNoSerialization is false and hence the error. I
changed it to return true and it worked fine.
Since I'm trying the out of the box interop samples, wondering why I'm
getting this error.
thanks for your time again.
Regards,
Ravi
Ruchith Fernando wrote:
> Hi Ravi,
>
> Which version of WSS4J are you using?
>
> Thanks,
> Ruchith
>
> On 7/21/06, Ravi Krishnamurthy <[EMAIL PROTECTED]> wrote:
>>
>> Trying my luck if anybody can suggest any pointers,
>>
>>
>>
>> Hello:
>> Would appreciate if someone could give me some pointers.
>>
>> Thanks,
>> Ravi
>>
>> Ravi Krishnamurthy wrote:
>> Hello:
>> I'm trying to use wss4j with Axis1.4 and trying out the samples that
>> comes
>> with wss4j/interop.
>>
>> On executing the org.apache.ws.axis.oasis.Scenario3 I get
>> the following exception:
>>
>> WSHandler: Check Signature confirmation: stored SV vector not empty;
>> nested
>> exception is:
>> org.apache.ws.security.WSSecurityException: WSHandler:
>> Check Signature confirmation: stored SV vector not empty
>> at
>>
org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:351)
>>
>>
>> I monitor the soap messages through the tcpmon and they are below:
>>
>> request soap message:
>> ----------------------
>> <?xml version="1.0" encoding="UTF-8"?>
>> <soapenv:Envelope
>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";
>> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";
>> xmlns:xsd="http://www.w3.org/2001/XMLSchema";
>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
>> <soapenv:Header>
>> <wsse:Security
>>
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
>>
>> soapenv:mustUnderstand="1">
>> <wsu:Timestamp
>>
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>>
>> wsu:Id="Timestamp-6559246">
>> <wsu:Created>2006-07-10T20:19:53.011Z</wsu:Created>
>> <wsu:Expires>2006-07-10T20:24:53.011Z</wsu:Expires>
>> </wsu:Timestamp>
>> <xenc:EncryptedKey Id="EncKeyId-13076987">
>> <xenc:EncryptionMethod
>>
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5";></xenc:EncryptionMethod>
>>
>> <ds:KeyInfo
>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
>> <wsse:SecurityTokenReference>
>> <wsse:KeyIdentifier
>>
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
>>
>>
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier";>Xeg55vRyK3ZhAEhEf+YT0z986L0=</wsse:KeyIdentifier>
>>
>> </wsse:SecurityTokenReference>
>> </ds:KeyInfo>
>> <xenc:CipherData>
>>
>>
<xenc:CipherValue>HEhP2Wm923TOcrC6vcfyf3I7BQPFW6pzZb4oRsV6GHL1THJvLbmjeIGTX9p3/6bLL4lQEy/7M3Sk2znE7QBjTtQuip+WAiJuiKONzQRC175FZTkhNgF6iD62/ikuGMihR3yn/1KZtjMiH8k/gh1Q+sRW0pD8JmEKnBWw2hhX/n8=</xenc:CipherValue>
>>
>> </xenc:CipherData>
>> <xenc:ReferenceList>
>> <xenc:DataReference
>> URI="#EncDataId-30568553"></xenc:DataReference>
>> </xenc:ReferenceList>
>> </xenc:EncryptedKey>
>> <wsse:BinarySecurityToken
>>
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>>
>>
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
>>
>>
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
>>
>>
wsu:Id="CertId-1776694">MIIDDDCCAfSgAwIBAgIQM6YEf7FVYx/tZyEXgVComTANBgkqhkiG9w0BAQUFADAwMQ4wDAYDVQQKDAVPQVNJUzEeMBwGA1UEAwwVT0FTSVMgSW50ZXJvcCBUZXN0IENBMB4XDTA1MDMxOTAwMDAwMFoXDTE4MDMxOTIzNTk1OVowQjEOMAwGA1UECgwFT0FTSVMxIDAeBgNVBAsMF09BU0lTIEludGVyb3AgVGVzdCBDZXJ0MQ4wDAYDVQQDDAVBbGljZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAoqi99By1VYo0aHrkKCNT4DkIgPL/SgahbeKdGhrbu3K2XG7arfD9tqIBIKMfrX4Gp90NJa85AV1yiNsEyvq+mUnMpNcKnLXLOjkTmMCqDYbbkehJlXPnaWLzve+mW0pJdPxtf3rbD4PS/cBQIvtpjmrDAU8VsZKT8DN5Kyz+EZsCAwEAAaOBkzCBkDAJBgNVHRMEAjAAMDMGA1UdHwQsMCowKKImhiRodHRwOi8vaW50ZXJvcC5iYnRlc3QubmV0L2NybC9jYS5jcmwwDgYDVR0PAQH/BAQDAgSwMB0GA1UdDgQWBBQK4l0TUHZ1QV3V2QtlLNDm+PoxiDAfBgNVHSMEGDAWgBTAnSj8wes1oR3WqqqgHBpNwkkPDzANBgkqhkiG9w0BAQUFAAOCAQEABTqpOpvW+6yrLXyUlP2xJbEkohXHI5OWwKWleOb9hlkhWntUalfcFOJAgUyH30TTpHldzx1+vK2LPzhoUFKYHE1IyQvokBN2JjFO64BQukCKnZhldLRPxGhfkTdxQgdf5rCK/wh3xVsZCNTfuMNmlAM6lOAg8QduDah3WFZpEA0s2nwQaCNQTNMjJC8tav1CBr6+E5FAmwPXP7pJxn9Fw9OXRyqbRA4v2y7YpbGkG2GI9UvOHw6SGvf4FRSthMMO3
5
>>
>>
YbpikGsLix3vAsXWWi4rwfVOYzQK0OFPNi9RMCUdSH06m9uLWckiCxjos0FQODZE9l4ATGy9s9hNVwryOJTw==</wsse:BinarySecurityToken>
>>
>> <ds:Signature
>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
>> Id="Signature-2950265">
>> <ds:SignedInfo>
>> <ds:CanonicalizationMethod
>>
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";></ds:CanonicalizationMethod>
>>
>> <ds:SignatureMethod
>>
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1";></ds:SignatureMethod>
>>
>> <ds:Reference URI="#id-30568553">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";></ds:Transform>
>> </ds:Transforms>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></ds:DigestMethod>
>>
>> <ds:DigestValue>zzx3ig1a7LmzkrkBpLOTIJbLd3s=</ds:DigestValue>
>> </ds:Reference>
>> </ds:SignedInfo>
>>
>>
<ds:SignatureValue>IuRirKy+x18gU00p0uhMEDzEAFvpoHMGKcq45ROmpzQ6ZpD/VEghpYjru6Kff0y3tyWzSvW6nA1mH1pudDP1yLxP5geYvXNPQlFV5X+7T60QPlM6ho3sBj2D3IDAZZXZQdJV+fqC7JycqdzLfXU15fHw+ReZm2r7hIPoys9eHgg=</ds:SignatureValue>
>>
>> <ds:KeyInfo Id="KeyId-13452612">
>> <wsse:SecurityTokenReference
>>
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>>
>> wsu:Id="STRId-29769356">
>> <wsse:Reference URI="#CertId-1776694"
>>
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";></wsse:Reference>
>>
>> </wsse:SecurityTokenReference>
>> </ds:KeyInfo>
>> </ds:Signature>
>> </wsse:Security>
>> </soapenv:Header>
>> <soapenv:Body
>>
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>>
>> wsu:Id="id-30568553">
>> <xenc:EncryptedData Id="EncDataId-30568553"
>> Type="http://www.w3.org/2001/04/xmlenc#Content";>
>> <xenc:EncryptionMethod
>>
Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc";></xenc:EncryptionMethod>
>>
>> <xenc:CipherData>
>>
>>
<xenc:CipherValue>oXcNsV8AMx98dJom1wFX1i6y0Q90oPf7SpLM88MqCsc9dbVFkJNwN5prhs3WXUtjQ40IKuBRxX+MRNg+J79tT3sm+ivzH7+qol3JaudVz5ahPyLO7BPHmjOLNFV0YrtVs+dUbjhtJHk152uU6Lty/3l9RKuPbC6FDy6NGNpFolt27gqIfOfnQgGFEYpEFST7Vjt/QD6VoLkA7JdjNsJmQceWtn6jQ0ZUHW5lsBCR1fFRYRCBTSp2NHAHf+PqpFuNJ+8jr4HZhhy71dfxACQ4n7BuS0MelKtF/Sf+Gk4MIGsh27JdGESfPG3IQRW6FGicq92TILQPh1mEWAl+xC9cT08Wv6bscNmTM9hz3e4A7Z2C25GpZGki4NTt3jZgYb3BEXAyUQfxANQVe7MFytRlzKGx9rK9qnX1PcF8/4Oa+UNoBNtid+geXYN9xRXM5jvOlRT0rquvu58bv84XCmnzMT6O/OxXdUlaiBSIrVavgcT36QtjHVC0ov69ViHI5c4KdfcZcjk2ijGryJdv7FoNtQcsG6VwufSGXoGrvlzHP+b1fQCaDG2w+vF/DLsjKjb5</xenc:CipherValue>
>>
>> </xenc:CipherData>
>> </xenc:EncryptedData>
>> </soapenv:Body>
>> </soapenv:Envelope>
>>
>>
>>
>> response soap message:
>> -----------------------
>> <?xml version="1.0" encoding="UTF-8"?>
>> <soapenv:Envelope
>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";
>> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";
>> xmlns:xsd="http://www.w3.org/2001/XMLSchema";
>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
>> <soapenv:Header>
>> <wsse:Security
>>
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
>>
>> soapenv:mustUnderstand="1">
>> <wsu:Timestamp
>>
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
>>
>> <wsu:Created>2006-07-10T20:19:53.301Z</wsu:Created>
>> <wsu:Expires>2006-07-10T20:24:53.301Z</wsu:Expires>
>> </wsu:Timestamp>
>> <xenc:EncryptedKey>
>> <xenc:EncryptionMethod
>>
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5";></xenc:EncryptionMethod>
>>
>> <ds:KeyInfo
>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
>> <wsse:SecurityTokenReference>
>> <wsse:KeyIdentifier
>>
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
>>
>>
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier";>CuJdE1B2dUFd1dkLZSzQ5vj6MYg=</wsse:KeyIdentifier>
>>
>> </wsse:SecurityTokenReference>
>> </ds:KeyInfo>
>> <xenc:CipherData>
>>
>>
<xenc:CipherValue>DSQ2fgmVjM49zAKL7exQfRZ59jHNTy/GYYH+FipkHibYiUUgEcCCtaN9RE4SwXqmQyy32t6x/+YQSlhPK7o8vTJi3jdkcvjk+NJRUFv5r8YLu2x3dtDX3cnhio979uC7JjHDUmgKg9XbZpFWLLerfiL5jZ2Wn7VLtzyHUvk/qBs=</xenc:CipherValue>
>>
>> </xenc:CipherData>
>> <xenc:ReferenceList>
>> <xenc:DataReference
>> URI="#EncDataId-9012615"></xenc:DataReference>
>> </xenc:ReferenceList>
>> </xenc:EncryptedKey>
>> <wsse:BinarySecurityToken
>>
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>>
>>
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
>>
>>
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
>>
>>
wsu:Id="CertId-2645972">MIIDCjCCAfKgAwIBAgIQYDju2/6sm77InYfTq65x+DANBgkqhkiG9w0BAQUFADAwMQ4wDAYDVQQKDAVPQVNJUzEeMBwGA1UEAwwVT0FTSVMgSW50ZXJvcCBUZXN0IENBMB4XDTA1MDMxOTAwMDAwMFoXDTE4MDMxOTIzNTk1OVowQDEOMAwGA1UECgwFT0FTSVMxIDAeBgNVBAsMF09BU0lTIEludGVyb3AgVGVzdCBDZXJ0MQwwCgYDVQQDDANCb2IwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMCquMva4lFDrv3fXQnKK8CkSU7HvVZ0USyJtlL/yhmHH/FQXHyYY+fTcSyWYItWJYiTZ99PAbD+6EKBGbdfuJNUJCGaTWc5ZDUISqM/SGtacYe/PD/4+g3swNPzTUQAIBLRY1pkr2cm3s5Ch/f+mYVNBR41HnBeIxybw25kkoM7AgMBAAGjgZMwgZAwCQYDVR0TBAIwADAzBgNVHR8ELDAqMCiiJoYkaHR0cDovL2ludGVyb3AuYmJ0ZXN0Lm5ldC9jcmwvY2EuY3JsMA4GA1UdDwEB/wQEAwIEsDAdBgNVHQ4EFgQUXeg55vRyK3ZhAEhEf+YT0z986L0wHwYDVR0jBBgwFoAUwJ0o/MHrNaEd1qqqoBwaTcJJDw8wDQYJKoZIhvcNAQEFBQADggEBAIiVGv2lGLhRvmMAHSlY7rKLVkv+zEUtSyg08FBT8z/RepUbtUQShcIqwWsemDU8JVtsucQLc+g6GCQXgkCkMiC8qhcLAt3BXzFmLxuCEAQeeFe8IATr4wACmEQE37TEqAuWEIanPYIplbxYgwP0OBWBSjcRpKRAxjEzuwObYjbll6vKdFHYIweWhhWPrefquFp7TefTkF4D3rcctTfWJ76I5NrEVld+7PBnnJNpdDEuGsoaiJrwTW3Ixm40RXvG3fYS4
h
>>
>>
IAPeTCUk3RkYfUkqlaaLQnUrF2hZSgiBNLPe8gGkYORccRIlZCGQDEpcWl1Uf9OHw6fC+3hkqolFd5CVI=</wsse:BinarySecurityToken>
>>
>> <ds:Signature
>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
>> <ds:SignedInfo>
>> <ds:CanonicalizationMethod
>>
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";></ds:CanonicalizationMethod>
>>
>> <ds:SignatureMethod
>>
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1";></ds:SignatureMethod>
>>
>> <ds:Reference URI="#id-9012615">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";></ds:Transform>
>> </ds:Transforms>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></ds:DigestMethod>
>>
>> <ds:DigestValue>IRfNt/3fQaa0QskrOxRUUA+1GDA=</ds:DigestValue>
>> </ds:Reference>
>> </ds:SignedInfo>
>>
>>
<ds:SignatureValue>Np3MfcGB60J5QomOh5Sxy7uUNNyRfmw4xXtnzJQX211PN928V8VyFGztx0AM5EzooUZoSoGA064+3bIe3cZSXYeUOEm625RVD+UDhNUyT5Ed8L1WUJjXAabXWNVeglfqI110DYCHphY9BaTqXYMK5qeUKNFvVaRD+zd4Bm/g/+w=</ds:SignatureValue>
>>
>> <ds:KeyInfo Id="KeyId-19375260">
>> <wsse:SecurityTokenReference
>>
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>>
>> wsu:Id="STRId-27799186">
>> <wsse:Reference URI="#CertId-2645972"
>>
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";></wsse:Reference>
>>
>> </wsse:SecurityTokenReference>
>> </ds:KeyInfo>
>> </ds:Signature>
>> </wsse:Security>
>> </soapenv:Header>
>> <soapenv:Body
>>
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>>
>> wsu:Id="id-9012615">
>> <xenc:EncryptedData Id="EncDataId-9012615"
>> Type="http://www.w3.org/2001/04/xmlenc#Content";>
>> <xenc:EncryptionMethod
>>
Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc";></xenc:EncryptionMethod>
>>
>> <xenc:CipherData>
>>
>>
<xenc:CipherValue>icXz2exE8Wga6dSjPmJM1VPx2S76MVLuERxODdxrST9S6feRTjSXhry9mBFO8ouNKkMtQie1KxCRHe7MSchFYmMaj3C9UFE30RQXrTj/LLRtkTUAoiq8DpQB3RJX2XPQeHibocNrlL4yY17BLblFTg/UBdIxA7mks3OUEFbVXDc+FSgTcTmjG9Cbmt7e77W3Walx+yJDYvo9zaniEMhcxO5kIglnzjrBcf6WlL74NXDtKsRrMgNYqAVz4IkFG6/5bmmq0Nc36MX9C7XHPp/yJZW2M1WHOOWuTnB9hAgtboGMSMBiTfFQ/XYMT14gTeHFOj+OjszNneYXVZPhnw4HgO5TwmO4k7NKLpHnuv/sKILEvmGB3j+kmAbL06bJYn3fRZnio8LetG5089dQllr/KpYEzhwAzk8eHLtNDC1BTghqsKKuNfTWQuvyNY/cHpIJglO4J/FOMMtnG1XNb2m0CV7EZLTecS3V1RTGdlZyDzp03AzA1Ol8O9XJ1mEaKCab9P0nbzahzYk5VNkz6PbEDIDZsz6ApZ74</xenc:CipherValue>
>>
>> </xenc:CipherData>
>> </xenc:EncryptedData>
>> </soapenv:Body>
>> </soapenv:Envelope>
>>
>>
>>
>> Could some one help me in understanding what might be wrong.
>>
>> Thanks,
>> Ravi
>>
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
<deployment xmlns="http://xml.apache.org/axis/wsdd/";
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";>
<!--
Usage of cert/key identifiers (parameter: user / encryptionUser):
For the interop tests we have two different certificate/key pairs:
Server certificate:
contained in bob.pfx
identified with: bob
Client certificate:
contained in alice.pfx
identified with: alice
The Server uses it's certificate/private key to sign its request, the client
uses the server's certificate/pub key to encrypt requests
The client uses it's certificate/private key to sign its request, the server
uses the client's certificate/pub key to encrypt responses-
-->
<!-- define the service, using the WSDoAllSender security handler in request
flow -->
<service name="Ping1">
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="user" value="Chris"/>
<parameter name="passwordCallbackClass"
value="org.apache.ws.axis.oasis.PWCallback1"/>
<parameter name="action" value="UsernameToken"/>
<parameter name="passwordType" value="PasswordText" />
</handler>
</requestFlow>
</service>
<service name="Ping2">
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="UsernameToken Encrypt"/>
<parameter name="user" value="Chris"/>
<parameter name="passwordCallbackClass"
value="org.apache.ws.axis.oasis.PWCallback1"/>
<parameter name="passwordType" value="PasswordText" />
<parameter name="addUTElements" value="Nonce Created" />
<parameter name="encryptionPropFile" value="wssec.properties" />
<parameter name="encryptionKeyIdentifier" value="SKIKeyIdentifier" />
<!-- Use the Server's cert/key to encrypt the request -->
<parameter name="encryptionUser" value="bob" />
<parameter name="encryptionParts"
value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken";
/>
</handler>
</requestFlow>
</service>
<service name="Ping2a">
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="UsernameTokenSignature Encrypt Timestamp"/>
<parameter name="user" value="Chris"/>
<parameter name="passwordCallbackClass"
value="org.apache.ws.axis.oasis.PWCallback1"/>
<parameter name="encryptionPropFile" value="wssec.properties" />
<parameter name="encryptionKeyIdentifier" value="SKIKeyIdentifier" />
<!-- Use the Server's cert/key to encrypt the request -->
<parameter name="encryptionUser" value="bob" />
<parameter name="encryptionParts"
value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken";
/>
</handler>
</requestFlow>
</service>
<service name="Ping3">
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="Signature Encrypt Timestamp"/>
<!-- Use the Client's cert/key to sign the request -->
<parameter name="user" value="alice"/>
<parameter name="passwordCallbackClass"
value="org.apache.ws.axis.oasis.PWCallback1"/>
<parameter name="signatureKeyIdentifier" value="DirectReference" />
<parameter name="signaturePropFile" value="wssec.properties" />
<parameter name="encryptionKeyIdentifier" value="SKIKeyIdentifier" />
<parameter name="encryptionUser" value="bob" />
</handler>
</requestFlow>
<responseFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="passwordCallbackClass"
value="org.apache.ws.axis.oasis.PWCallback1"/>
<parameter name="action" value="Signature Encrypt Timestamp"/>
<parameter name="signaturePropFile" value="wssec.properties" />
</handler>
</responseFlow>
</service>
<service name="Ping4">
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="Signature Encrypt Timestamp"/>
<!-- Use the Client's cert/key to sign the request -->
<parameter name="user" value="alice"/>
<parameter name="passwordCallbackClass"
value="org.apache.ws.axis.oasis.PWCallback1"/>
<parameter name="signatureKeyIdentifier" value="DirectReference" />
<parameter name="signaturePropFile" value="wssec.properties" />
<parameter name="encryptionKeyIdentifier" value="EmbeddedKeyName" />
<parameter name="EmbeddedKeyCallbackClass"
value="org.apache.ws.axis.oasis.PWCallback1" />
<parameter name="EmbeddedKeyName" value="SessionKey" />
</handler>
</requestFlow>
<responseFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="passwordCallbackClass"
value="org.apache.ws.axis.oasis.PWCallback"/>
<parameter name="action" value="Signature Encrypt Timestamp"/>
<parameter name="signaturePropFile" value="wssec.properties" />
</handler>
</responseFlow>
</service>
<service name="Ping5">
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="Signature NoSerialization"/>
<!-- Use the Client's cert/key to sign the request -->
<parameter name="user" value="alice"/>
<parameter name="passwordCallbackClass"
value="org.apache.ws.axis.oasis.PWCallback1"/>
<parameter name="signatureKeyIdentifier" value="DirectReference" />
<parameter name="signaturePropFile" value="wssec.properties" />
<parameter name="signatureParts" value="{}{http://xmlsoap.org/Ping}ticket";
/>
</handler>
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="Signature Timestamp"/>
<!-- Use the Client's cert/key to sign the request -->
<parameter name="user" value="alice"/>
<parameter name="passwordCallbackClass"
value="org.apache.ws.axis.oasis.PWCallback1"/>
<parameter name="signatureKeyIdentifier" value="SKIKeyIdentifier" />
<parameter name="signaturePropFile" value="wssec.properties" />
</handler>
</requestFlow>
</service>
<service name="Ping6">
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="Encrypt Signature Timestamp"/>
<!-- Use the Client's cert/key to sign the request -->
<parameter name="user" value="alice"/>
<parameter name="passwordCallbackClass"
value="org.apache.ws.axis.oasis.PWCallback1"/>
<parameter name="signatureKeyIdentifier" value="DirectReference" />
<parameter name="signaturePropFile" value="wssec.properties" />
<parameter name="encryptionKeyIdentifier" value="SKIKeyIdentifier" />
<!-- Use the Server's cert/key to encrypt the request -->
<parameter name="encryptionUser" value="bob" />
</handler>
</requestFlow>
<responseFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="passwordCallbackClass"
value="org.apache.ws.axis.oasis.PWCallback1"/>
<parameter name="action" value="Encrypt Signature Timestamp"/>
<parameter name="signaturePropFile" value="wssec.properties" />
</handler>
</responseFlow>
</service>
<service name="Ping7">
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="Signature Encrypt Timestamp"/>
<parameter name="user" value="alice"/>
<parameter name="passwordCallbackClass"
value="org.apache.ws.axis.oasis.PWCallback1"/>
<parameter name="signatureKeyIdentifier" value="DirectReference" />
<parameter name="signatureParts"
value="{}{http://schemas.xmlsoap.org/soap/envelope/}Body;STRTransform"; />
<parameter name="signaturePropFile" value="wssec.properties" />
<parameter name="encryptionKeyIdentifier" value="SKIKeyIdentifier" />
<parameter name="encryptionUser" value="bob" />
<parameter name="encryptionPropFile" value="wssec.properties" />
</handler>
</requestFlow>
<responseFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="passwordCallbackClass"
value="org.apache.ws.axis.oasis.PWCallback1"/>
<parameter name="action" value="Signature Encrypt Timestamp"/>
<parameter name="signaturePropFile" value="wssec.properties" />
<parameter name="decryptionPropFile" value="wssec.properties" />
</handler>
</responseFlow>
</service>
<service name="STPing1">
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="Timestamp SAMLTokenUnsigned"/>
<parameter name="samlPropFile" value="saml.properties"/>
</handler>
</requestFlow>
</service>
<!--
The saml3.properties file defines a SAML token with "sender vouches"
option. Thus no further user specific data is required here. The
SAML issuer takes all the data from its data store (for the bare bone
SAML issuer included here: these data is in the saml properties file).
The SAML issuer uses its own certificate to sign, own certificate store,
etc.
The DoAllSender then gets the issuer's data (key name, key password)
and forwards it to the SignEnvelope. The SignEnvelope now signs the
SAML token _and_ at least one part of the message (SOAP Body if nothing
was specified, or the specified part).
-->
<service name="STPing3">
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="Timestamp SAMLTokenSigned"/>
<parameter name="samlPropFile" value="saml3.properties"/>
<parameter name="signatureKeyIdentifier" value="DirectReference" />
</handler>
</requestFlow>
</service>
<!--
The saml4.properties file defines a SAML token with "holder-of-key"
option. Because the DoAllSender handler acts as both, user and requestor,
we need the user specific data here. The handler gets this information,
forwards it to our (bare bone) SAML issuer. The SAML issuer creates
the SAML token and includes the user's certificate, and signs the
whole token with its certificate / Private Key.
DoAllSender forwards the user's information to SignEnvelope that uses
this to sign the message (SOAP Body if nothing was specified, or the
specified part). Because the issuer signed the SAML token the user's
certificate (contained in the token) can be trusted.
-->
<service name="STPing4">
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
<parameter name="action" value="Timestamp SAMLTokenSigned"/>
<parameter name="samlPropFile" value="saml4.properties"/>
<parameter name="signatureKeyIdentifier" value="DirectReference" />
<parameter name="user" value="16c73ab6-b892-458f-abf5-2f875f74882e"/>
<parameter name="passwordCallbackClass"
value="org.apache.ws.axis.oasis.PWCallback"/>
<parameter name="signaturePropFile" value="crypto.properties" />
<parameter name="signatureKeyIdentifier" value="DirectReference" />
</handler>
</requestFlow>
</service>
<transport name="java" pivot="java:org.apache.axis.transport.java.JavaSender"/>
<transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender"/>
<transport name="local"
pivot="java:org.apache.axis.transport.local.LocalSender"/>
</deployment>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
