WSS4J: Signature verification failed

Wed, 20 Dec 2006 09:45:02 -0800 

Hello,

I get an error "Signature verification failed" with Axis, WSS4J and signature 
of SOAP-Messages.

I use the following configurtion:
Server:
Tomcat 5.5, Axis2 1.1 with Rampart 1.1, Java 5

Client:
Axis 1.3, Java 5

The client is configured with client.deploy.wsdd:
    <handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
     <parameter name="user" value="client"/>
     <parameter name="passwordCallbackClass" value="client.PWCBHandler"/>
     <parameter name="action" value="Timestamp UsernameToken Signature"/>
     <parameter name="signaturePropFile" value="crypto.properties" />
     <parameter name="signatureKeyIdentifier" value="IssuerSerial" />
     <parameter name="enableNamespacePrefixOptimization" value="false"/>
     <parameter name="disablePrettyXML" value="true"/>
    </handler>

I debugged through the Axis and WSS4J classes on the client-side. It is 
interesting that the org.apache.ws.security.message.EnvelopeIdResolver finds a 
SOAP Body but the Body is empty. In the Log-File I see an entry:

2006-12-20 18:19:28,554 [main] DEBUG  
org.apache.ws.security.message.EnvelopeIdResolver.engineResolve(EnvelopeIdResolver.java:81)
 - enter engineResolve, look for: #id-25567987

2006-12-20 18:19:28,601 [main] DEBUG  
org.apache.ws.security.message.EnvelopeIdResolver.engineResolve(EnvelopeIdResolver.java:139)
 - exit engineResolve, result: XMLSignatureInput/Element/[soapenv:Body: null] 
exclude null comments:false/null

[soapenv:Body: null] -> the SOAP-Body is empty. Some lines before the system 
prints the whole request into logile before WSS4J starts working.

Do you have any ideas what the mistake could be?

The verification fails because the server extracts the full Body from the SOAP 
request, that's why it has another input and says: Signature validation failed.

Thank you,
Matthias
-- 
Der GMX SmartSurfer hilft bis zu 70% Ihrer Onlinekosten zu sparen! 
Ideal für Modem und ISDN: http://www.gmx.net/de/go/smartsurfer

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to