Hi Ravi,
Have you set a handler parameter by the name
"enableSignatureConfirmation" any where in your configurations?
Since I couldn't find the "SignatureConfirmation" element in your
response message I think you may have set
"enableSignatureConfirmation" to false at the service. If so please
remove it OR add the same entry to client side, so the client side
handler will not expect a "SignatureConfirmation" element in the
response.
Thanks,
Ruchith
On 7/21/06, Ravi Krishnamurthy <[EMAIL PROTECTED]> wrote:
Thanks Ruchith for your reply.
I'm using wss4j-1.5 with axis 1.4
ALso I debugegd the wss4j source code yesterday and looks like the
following is causing the problem:
File: org.apache.ws.security.handler.WSHandler (line # 315 - 321)
/*
* This indicates this is the last handler: the vector holding
the
* stored Signature values must be empty, otherwise we have an
error
*/
if (!reqData.isNoSerialization()) {
log.debug("Check Signature confirmation - last handler");
if (sigv != null && !sigv.isEmpty()) {
throw new WSSecurityException("WSHandler: Check
Signature confirmation: stored SV vector not empty");
}
}
Looks liek teh reqData.isNoSerialization is false and hence the error. I
changed it to return true and it worked fine.
Since I'm trying the out of the box interop samples, wondering why I'm
getting this error.
thanks for your time again.
Regards,
Ravi
Ruchith Fernando wrote:
> Hi Ravi,
>
> Which version of WSS4J are you using?
>
> Thanks,
> Ruchith
>
> On 7/21/06, Ravi Krishnamurthy <[EMAIL PROTECTED]> wrote:
>>
>> Trying my luck if anybody can suggest any pointers,
>>
>>
>>
>> Hello:
>> Would appreciate if someone could give me some pointers.
>>
>> Thanks,
>> Ravi
>>
>> Ravi Krishnamurthy wrote:
>> Hello:
>> I'm trying to use wss4j with Axis1.4 and trying out the samples that
>> comes
>> with wss4j/interop.
>>
>> On executing the org.apache.ws.axis.oasis.Scenario3 I get
>> the following exception:
>>
>> WSHandler: Check Signature confirmation: stored SV vector not empty;
>> nested
>> exception is:
>> org.apache.ws.security.WSSecurityException: WSHandler:
>> Check Signature confirmation: stored SV vector not empty
>> at
>>
org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:351)
>>
>>
>> I monitor the soap messages through the tcpmon and they are below:
>>
>> request soap message:
>> ----------------------
>> <?xml version="1.0" encoding="UTF-8"?>
>> <soapenv:Envelope
>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";
>> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";
>> xmlns:xsd="http://www.w3.org/2001/XMLSchema";
>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
>> <soapenv:Header>
>> <wsse:Security
>>
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
>>
>> soapenv:mustUnderstand="1">
>> <wsu:Timestamp
>>
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>>
>> wsu:Id="Timestamp-6559246">
>> <wsu:Created>2006-07-10T20:19:53.011Z</wsu:Created>
>> <wsu:Expires>2006-07-10T20:24:53.011Z</wsu:Expires>
>> </wsu:Timestamp>
>> <xenc:EncryptedKey Id="EncKeyId-13076987">
>> <xenc:EncryptionMethod
>>
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5";></xenc:EncryptionMethod>
>>
>> <ds:KeyInfo
>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
>> <wsse:SecurityTokenReference>
>> <wsse:KeyIdentifier
>>
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
>>
>>
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier";>Xeg55vRyK3ZhAEhEf+YT0z986L0=</wsse:KeyIdentifier>
>>
>> </wsse:SecurityTokenReference>
>> </ds:KeyInfo>
>> <xenc:CipherData>
>>
>>
<xenc:CipherValue>HEhP2Wm923TOcrC6vcfyf3I7BQPFW6pzZb4oRsV6GHL1THJvLbmjeIGTX9p3/6bLL4lQEy/7M3Sk2znE7QBjTtQuip+WAiJuiKONzQRC175FZTkhNgF6iD62/ikuGMihR3yn/1KZtjMiH8k/gh1Q+sRW0pD8JmEKnBWw2hhX/n8=</xenc:CipherValue>
>>
>> </xenc:CipherData>
>> <xenc:ReferenceList>
>> <xenc:DataReference
>> URI="#EncDataId-30568553"></xenc:DataReference>
>> </xenc:ReferenceList>
>> </xenc:EncryptedKey>
>> <wsse:BinarySecurityToken
>>
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>>
>>
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
>>
>>
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
>>
>>
wsu:Id="CertId-1776694">MIIDDDCCAfSgAwIBAgIQM6YEf7FVYx/tZyEXgVComTANBgkqhkiG9w0BAQUFADAwMQ4wDAYDVQQKDAVPQVNJUzEeMBwGA1UEAwwVT0FTSVMgSW50ZXJvcCBUZXN0IENBMB4XDTA1MDMxOTAwMDAwMFoXDTE4MDMxOTIzNTk1OVowQjEOMAwGA1UECgwFT0FTSVMxIDAeBgNVBAsMF09BU0lTIEludGVyb3AgVGVzdCBDZXJ0MQ4wDAYDVQQDDAVBbGljZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAoqi99By1VYo0aHrkKCNT4DkIgPL/SgahbeKdGhrbu3K2XG7arfD9tqIBIKMfrX4Gp90NJa85AV1yiNsEyvq+mUnMpNcKnLXLOjkTmMCqDYbbkehJlXPnaWLzve+mW0pJdPxtf3rbD4PS/cBQIvtpjmrDAU8VsZKT8DN5Kyz+EZsCAwEAAaOBkzCBkDAJBgNVHRMEAjAAMDMGA1UdHwQsMCowKKImhiRodHRwOi8vaW50ZXJvcC5iYnRlc3QubmV0L2NybC9jYS5jcmwwDgYDVR0PAQH/BAQDAgSwMB0GA1UdDgQWBBQK4l0TUHZ1QV3V2QtlLNDm+PoxiDAfBgNVHSMEGDAWgBTAnSj8wes1oR3WqqqgHBpNwkkPDzANBgkqhkiG9w0BAQUFAAOCAQEABTqpOpvW+6yrLXyUlP2xJbEkohXHI5OWwKWleOb9hlkhWntUalfcFOJAgUyH30TTpHldzx1+vK2LPzhoUFKYHE1IyQvokBN2JjFO64BQukCKnZhldLRPxGhfkTdxQgdf5rCK/wh3xVsZCNTfuMNmlAM6lOAg8QduDah3WFZpEA0s2nwQaCNQTNMjJC8tav1CBr6+E5FAmwPXP7pJxn9Fw9OXRyqbRA4v2y7YpbGkG2GI9UvOHw6SGvf4FRSthMMO3
5
>>
>>
YbpikGsLix3vAsXWWi4rwfVOYzQK0OFPNi9RMCUdSH06m9uLWckiCxjos0FQODZE9l4ATGy9s9hNVwryOJTw==</wsse:BinarySecurityToken>
>>
>> <ds:Signature
>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
>> Id="Signature-2950265">
>> <ds:SignedInfo>
>> <ds:CanonicalizationMethod
>>
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";></ds:CanonicalizationMethod>
>>
>> <ds:SignatureMethod
>>
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1";></ds:SignatureMethod>
>>
>> <ds:Reference URI="#id-30568553">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";></ds:Transform>
>> </ds:Transforms>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></ds:DigestMethod>
>>
>> <ds:DigestValue>zzx3ig1a7LmzkrkBpLOTIJbLd3s=</ds:DigestValue>
>> </ds:Reference>
>> </ds:SignedInfo>
>>
>>
<ds:SignatureValue>IuRirKy+x18gU00p0uhMEDzEAFvpoHMGKcq45ROmpzQ6ZpD/VEghpYjru6Kff0y3tyWzSvW6nA1mH1pudDP1yLxP5geYvXNPQlFV5X+7T60QPlM6ho3sBj2D3IDAZZXZQdJV+fqC7JycqdzLfXU15fHw+ReZm2r7hIPoys9eHgg=</ds:SignatureValue>
>>
>> <ds:KeyInfo Id="KeyId-13452612">
>> <wsse:SecurityTokenReference
>>
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>>
>> wsu:Id="STRId-29769356">
>> <wsse:Reference URI="#CertId-1776694"
>>
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";></wsse:Reference>
>>
>> </wsse:SecurityTokenReference>
>> </ds:KeyInfo>
>> </ds:Signature>
>> </wsse:Security>
>> </soapenv:Header>
>> <soapenv:Body
>>
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>>
>> wsu:Id="id-30568553">
>> <xenc:EncryptedData Id="EncDataId-30568553"
>> Type="http://www.w3.org/2001/04/xmlenc#Content";>
>> <xenc:EncryptionMethod
>>
Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc";></xenc:EncryptionMethod>
>>
>> <xenc:CipherData>
>>
>>
<xenc:CipherValue>oXcNsV8AMx98dJom1wFX1i6y0Q90oPf7SpLM88MqCsc9dbVFkJNwN5prhs3WXUtjQ40IKuBRxX+MRNg+J79tT3sm+ivzH7+qol3JaudVz5ahPyLO7BPHmjOLNFV0YrtVs+dUbjhtJHk152uU6Lty/3l9RKuPbC6FDy6NGNpFolt27gqIfOfnQgGFEYpEFST7Vjt/QD6VoLkA7JdjNsJmQceWtn6jQ0ZUHW5lsBCR1fFRYRCBTSp2NHAHf+PqpFuNJ+8jr4HZhhy71dfxACQ4n7BuS0MelKtF/Sf+Gk4MIGsh27JdGESfPG3IQRW6FGicq92TILQPh1mEWAl+xC9cT08Wv6bscNmTM9hz3e4A7Z2C25GpZGki4NTt3jZgYb3BEXAyUQfxANQVe7MFytRlzKGx9rK9qnX1PcF8/4Oa+UNoBNtid+geXYN9xRXM5jvOlRT0rquvu58bv84XCmnzMT6O/OxXdUlaiBSIrVavgcT36QtjHVC0ov69ViHI5c4KdfcZcjk2ijGryJdv7FoNtQcsG6VwufSGXoGrvlzHP+b1fQCaDG2w+vF/DLsjKjb5</xenc:CipherValue>
>>
>> </xenc:CipherData>
>> </xenc:EncryptedData>
>> </soapenv:Body>
>> </soapenv:Envelope>
>>
>>
>>
>> response soap message:
>> -----------------------
>> <?xml version="1.0" encoding="UTF-8"?>
>> <soapenv:Envelope
>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";
>> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";
>> xmlns:xsd="http://www.w3.org/2001/XMLSchema";
>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
>> <soapenv:Header>
>> <wsse:Security
>>
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
>>
>> soapenv:mustUnderstand="1">
>> <wsu:Timestamp
>>
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
>>
>> <wsu:Created>2006-07-10T20:19:53.301Z</wsu:Created>
>> <wsu:Expires>2006-07-10T20:24:53.301Z</wsu:Expires>
>> </wsu:Timestamp>
>> <xenc:EncryptedKey>
>> <xenc:EncryptionMethod
>>
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5";></xenc:EncryptionMethod>
>>
>> <ds:KeyInfo
>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
>> <wsse:SecurityTokenReference>
>> <wsse:KeyIdentifier
>>
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
>>
>>
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier";>CuJdE1B2dUFd1dkLZSzQ5vj6MYg=</wsse:KeyIdentifier>
>>
>> </wsse:SecurityTokenReference>
>> </ds:KeyInfo>
>> <xenc:CipherData>
>>
>>
<xenc:CipherValue>DSQ2fgmVjM49zAKL7exQfRZ59jHNTy/GYYH+FipkHibYiUUgEcCCtaN9RE4SwXqmQyy32t6x/+YQSlhPK7o8vTJi3jdkcvjk+NJRUFv5r8YLu2x3dtDX3cnhio979uC7JjHDUmgKg9XbZpFWLLerfiL5jZ2Wn7VLtzyHUvk/qBs=</xenc:CipherValue>
>>
>> </xenc:CipherData>
>> <xenc:ReferenceList>
>> <xenc:DataReference
>> URI="#EncDataId-9012615"></xenc:DataReference>
>> </xenc:ReferenceList>
>> </xenc:EncryptedKey>
>> <wsse:BinarySecurityToken
>>
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>>
>>
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
>>
>>
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
>>
>>
wsu:Id="CertId-2645972">MIIDCjCCAfKgAwIBAgIQYDju2/6sm77InYfTq65x+DANBgkqhkiG9w0BAQUFADAwMQ4wDAYDVQQKDAVPQVNJUzEeMBwGA1UEAwwVT0FTSVMgSW50ZXJvcCBUZXN0IENBMB4XDTA1MDMxOTAwMDAwMFoXDTE4MDMxOTIzNTk1OVowQDEOMAwGA1UECgwFT0FTSVMxIDAeBgNVBAsMF09BU0lTIEludGVyb3AgVGVzdCBDZXJ0MQwwCgYDVQQDDANCb2IwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAMCquMva4lFDrv3fXQnKK8CkSU7HvVZ0USyJtlL/yhmHH/FQXHyYY+fTcSyWYItWJYiTZ99PAbD+6EKBGbdfuJNUJCGaTWc5ZDUISqM/SGtacYe/PD/4+g3swNPzTUQAIBLRY1pkr2cm3s5Ch/f+mYVNBR41HnBeIxybw25kkoM7AgMBAAGjgZMwgZAwCQYDVR0TBAIwADAzBgNVHR8ELDAqMCiiJoYkaHR0cDovL2ludGVyb3AuYmJ0ZXN0Lm5ldC9jcmwvY2EuY3JsMA4GA1UdDwEB/wQEAwIEsDAdBgNVHQ4EFgQUXeg55vRyK3ZhAEhEf+YT0z986L0wHwYDVR0jBBgwFoAUwJ0o/MHrNaEd1qqqoBwaTcJJDw8wDQYJKoZIhvcNAQEFBQADggEBAIiVGv2lGLhRvmMAHSlY7rKLVkv+zEUtSyg08FBT8z/RepUbtUQShcIqwWsemDU8JVtsucQLc+g6GCQXgkCkMiC8qhcLAt3BXzFmLxuCEAQeeFe8IATr4wACmEQE37TEqAuWEIanPYIplbxYgwP0OBWBSjcRpKRAxjEzuwObYjbll6vKdFHYIweWhhWPrefquFp7TefTkF4D3rcctTfWJ76I5NrEVld+7PBnnJNpdDEuGsoaiJrwTW3Ixm40RXvG3fYS4
h
>>
>>
IAPeTCUk3RkYfUkqlaaLQnUrF2hZSgiBNLPe8gGkYORccRIlZCGQDEpcWl1Uf9OHw6fC+3hkqolFd5CVI=</wsse:BinarySecurityToken>
>>
>> <ds:Signature
>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
>> <ds:SignedInfo>
>> <ds:CanonicalizationMethod
>>
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";></ds:CanonicalizationMethod>
>>
>> <ds:SignatureMethod
>>
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1";></ds:SignatureMethod>
>>
>> <ds:Reference URI="#id-9012615">
>> <ds:Transforms>
>> <ds:Transform
>> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";></ds:Transform>
>> </ds:Transforms>
>> <ds:DigestMethod
>> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></ds:DigestMethod>
>>
>> <ds:DigestValue>IRfNt/3fQaa0QskrOxRUUA+1GDA=</ds:DigestValue>
>> </ds:Reference>
>> </ds:SignedInfo>
>>
>>
<ds:SignatureValue>Np3MfcGB60J5QomOh5Sxy7uUNNyRfmw4xXtnzJQX211PN928V8VyFGztx0AM5EzooUZoSoGA064+3bIe3cZSXYeUOEm625RVD+UDhNUyT5Ed8L1WUJjXAabXWNVeglfqI110DYCHphY9BaTqXYMK5qeUKNFvVaRD+zd4Bm/g/+w=</ds:SignatureValue>
>>
>> <ds:KeyInfo Id="KeyId-19375260">
>> <wsse:SecurityTokenReference
>>
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>>
>> wsu:Id="STRId-27799186">
>> <wsse:Reference URI="#CertId-2645972"
>>
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";></wsse:Reference>
>>
>> </wsse:SecurityTokenReference>
>> </ds:KeyInfo>
>> </ds:Signature>
>> </wsse:Security>
>> </soapenv:Header>
>> <soapenv:Body
>>
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>>
>> wsu:Id="id-9012615">
>> <xenc:EncryptedData Id="EncDataId-9012615"
>> Type="http://www.w3.org/2001/04/xmlenc#Content";>
>> <xenc:EncryptionMethod
>>
Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc";></xenc:EncryptionMethod>
>>
>> <xenc:CipherData>
>>
>>
<xenc:CipherValue>icXz2exE8Wga6dSjPmJM1VPx2S76MVLuERxODdxrST9S6feRTjSXhry9mBFO8ouNKkMtQie1KxCRHe7MSchFYmMaj3C9UFE30RQXrTj/LLRtkTUAoiq8DpQB3RJX2XPQeHibocNrlL4yY17BLblFTg/UBdIxA7mks3OUEFbVXDc+FSgTcTmjG9Cbmt7e77W3Walx+yJDYvo9zaniEMhcxO5kIglnzjrBcf6WlL74NXDtKsRrMgNYqAVz4IkFG6/5bmmq0Nc36MX9C7XHPp/yJZW2M1WHOOWuTnB9hAgtboGMSMBiTfFQ/XYMT14gTeHFOj+OjszNneYXVZPhnw4HgO5TwmO4k7NKLpHnuv/sKILEvmGB3j+kmAbL06bJYn3fRZnio8LetG5089dQllr/KpYEzhwAzk8eHLtNDC1BTghqsKKuNfTWQuvyNY/cHpIJglO4J/FOMMtnG1XNb2m0CV7EZLTecS3V1RTGdlZyDzp03AzA1Ol8O9XJ1mEaKCab9P0nbzahzYk5VNkz6PbEDIDZsz6ApZ74</xenc:CipherValue>
>>
>> </xenc:CipherData>
>> </xenc:EncryptedData>
>> </soapenv:Body>
>> </soapenv:Envelope>
>>
>>
>>
>> Could some one help me in understanding what might be wrong.
>>
>> Thanks,
>> Ravi
>>
>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: [EMAIL PROTECTED]
>> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
