Hi Vivek,
The same class (WSSecTimestamp) in WSS4J is used in both
configurations when
building timestamps. And we were able to successfully interop with
.NET in the last
interop at MSFT, which included many scenarios which included timestamps. Anyway
I will go through the timstamp elements made by both configurations to
check whether
they are identical.
thanks,
/nandana
On Thu, Feb 14, 2008 at 5:28 PM, Sanjay Vivek
<[EMAIL PROTECTED]> wrote:
> Hi everyone,
>
> I'm attempting to consume a policy based Rampart service with a .NET
> client. However, I'm getting the following error:
>
> "System.Web.Services.Protocols.SoapException: The timestamp could not be
> validated"
>
> I don't get this error when I consume a similiar parameter based Rampart
> service. Is the formatting for the timestamp in a policy based service
> different to a parameter based service? The tcpmon logs are given below.
> Any pointers on how I should proceed would be very helpful. Cheers.
>
> The SOAP request:
>
>
> <?xml version="1.0" encoding="utf-8"?>
> <log>
> <outputMessage utc="11/02/2008 14:36:53"
> messageId="urn:uuid:65be6012-0969-4ff4-80dd-8bafedee04e2">
> <processingStep description="Unprocessed message"> <soap:Envelope
> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> xmlns:xsd="http://www.w3.org/2001/XMLSchema";>
> <soap:Body>
> <getGroupMembers
> xmlns="http://webservicesSecurity.grouper.middleware.internet2.edu/xsd";>
> <groupName>ncl:services:students</groupName>
> </getGroupMembers>
> </soap:Body>
> </soap:Envelope>
> </processingStep>
> <processingStep description="Entering SOAP filter
> Microsoft.Web.Services3.Design.UsernameOverTransportAssertion+ClientOutp
> utFilter" />
> <processingStep description="Exited SOAP filter
> Microsoft.Web.Services3.Design.UsernameOverTransportAssertion+ClientOutp
> utFilter" />
> <processingStep description="Processed message"> <soap:Envelope
> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> xmlns:xsd="http://www.w3.org/2001/XMLSchema";
> xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing";
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse
> curity-secext-1.0.xsd"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
> urity-utility-1.0.xsd">
> <soap:Header>
> <wsa:Action>urn:getGroupMembers</wsa:Action>
> <wsa:MessageID>urn:uuid:65be6012-0969-4ff4-80dd-8bafedee04e2</wsa:Messag
> eID>
> <wsa:ReplyTo>
> <wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anony
> mous</wsa:Address>
> </wsa:ReplyTo>
> <wsa:To>http://pod.ncl.ac.uk:8083/sanjaygrouper/services/SecureGrouperSe
> rvice</wsa:To>
> <wsse:Security soap:mustUnderstand="1">
> <wsu:Timestamp wsu:Id="Timestamp-82f65036-c550-4ce8-a2be-d9907049e6be">
> <wsu:Created>2008-02-11T14:36:53Z</wsu:Created>
> <wsu:Expires>2008-02-11T14:41:53Z</wsu:Expires>
> </wsu:Timestamp>
> <wsse:UsernameToken
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec
> urity-utility-1.0.xsd"
> wsu:Id="SecurityToken-ddb6e418-ba28-4735-9cc3-1c2d16ec68d6">
> <wsse:Username>[EMAIL PROTECTED]</wsse:Username>
> <wsse:Password
> Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-t
> oken-profile-1.0#PasswordText">wspwd</wsse:Password>
> <wsse:Nonce>hn8l+0Qibhcl+99lBeiN4g==</wsse:Nonce>
> <wsu:Created>2008-02-11T14:36:53Z</wsu:Created>
> </wsse:UsernameToken>
> </wsse:Security>
> </soap:Header>
> <soap:Body>
> <getGroupMembers
> xmlns="http://webservicesSecurity.grouper.middleware.internet2.edu/xsd";>
> <groupName>ncl:services:students</groupName>
> </getGroupMembers>
> </soap:Body>
> </soap:Envelope>
> </processingStep>
> </outputMessage>
> </log>
>
>
> And the SOAP response:
>
>
>
> <?xml version="1.0" encoding="utf-8"?>
> <log>
> <inputMessage utc="11/02/2008 14:36:53"
> messageId="urn:uuid:FAE2878FEC187ECEFE1202740115631">
> <processingStep description="Unprocessed message"> <soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";
> xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing";>
> <soapenv:Header>
> <wsa:To>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous<
> /wsa:To>
> <wsa:MessageID>urn:uuid:FAE2878FEC187ECEFE1202740115631</wsa:MessageID>
> <wsa:Action>http://schemas.xmlsoap.org/ws/2004/08/addressing/fault</wsa:
> Action>
> <wsa:RelatesTo>urn:uuid:65be6012-0969-4ff4-80dd-8bafedee04e2</wsa:Relate
> sTo>
> </soapenv:Header>
> <soapenv:Body>
> <soapenv:Fault>
> <faultcode>soapenv:Server</faultcode>
> <faultstring>The timestamp could not be validated</faultstring> <detail
> /> </soapenv:Fault> </soapenv:Body> </soapenv:Envelope>
> </processingStep> <processingStep description="Entering SOAP filter
> Microsoft.Web.Services3.Design.UsernameOverTransportAssertion+ClientInpu
> tFilter" />
> <processingStep description="Exited SOAP filter
> Microsoft.Web.Services3.Design.UsernameOverTransportAssertion+ClientInpu
> tFilter" />
> <processingStep description="Processed message"> <soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";
> xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing";>
> <soapenv:Header />
> <soapenv:Body>
> <soapenv:Fault>
> <faultcode>soapenv:Server</faultcode>
> <faultstring>The timestamp could not be validated</faultstring> <detail
> /> </soapenv:Fault> </soapenv:Body> </soapenv:Envelope>
> </processingStep> </inputMessage> </log>
>
> Regards
> --------------
> Sanjay Vivek
> Web Analyst
> Middleware Team
> ISS
> University of Newcastle Upon Tyne
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
