Hi everyone,
I'm attempting to invoke a simple Rampart enabled EchoService from a .NET
client. However, I get a "The timestamp could not be validated" error
everytime. I've disabled the Timestamp option on the service side but it
doesn't make any difference. I've compared the Timestamp formatting between a
.NET and Java client and there's not much difference at all as shown below:
### .NET ###
<wsu:Timestamp wsu:Id="Timestamp-74569579-8e34-407f-a10c-c27d3b119b80">
<wsu:Created>2008-07-23T14:55:04Z</wsu:Created>
<wsu:Expires>2008-07-23T15:00:04Z</wsu:Expires>
</wsu:Timestamp>
### Java ###
<wsu:Timestamp
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
wsu:Id="Timestamp-1035988">
<wsu:Created>2008-07-24T08:59:27.952Z</wsu:Created>
<wsu:Expires>2008-07-24T09:04:27.952Z</wsu:Expires>
</wsu:Timestamp>
I've searched the web and one of the issues raised was that a .NET client
appends the Timestamp at the top of the security header while a Java client
appends the Timestamp at the bottom of the security header. Could this be an
issue? Although I doubt the ordering of WSSE elements should make any
difference.
I've posted both the SOAP request (from a .NET client) and response (from a
Rampart enabled service) messages at the bottom of this email for further
reference. Any insight would be greatly appreciated. Cheers.
Regards
--------------
Sanjay Vivek
SOAP Request from a .NET client
################################
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
<soap:Header>
<wsa:Action>urn:echo</wsa:Action>
<wsa:MessageID>urn:uuid:1673e489-d3be-4810-b40e-854423fef2c2</wsa:MessageID>
<wsa:ReplyTo>
<wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:Address>
</wsa:ReplyTo>
<wsa:To>http://128.240.2.3:8083/rampart-echo/services/RampartEchoService.RampartEchoServiceHttpSoap11Endpoint</wsa:To>
<wsse:Security>
<wsu:Timestamp
wsu:Id="Timestamp-74569579-8e34-407f-a10c-c27d3b119b80">
<wsu:Created>2008-07-23T14:55:04Z</wsu:Created>
<wsu:Expires>2008-07-23T15:00:04Z</wsu:Expires>
</wsu:Timestamp>
</wsse:Security>
</soap:Header>
<soap:Body>
<echo xmlns="http://service.echo.rampart";>
<arg>hello</arg>
</echo>
</soap:Body>
</soap:Envelope>
SOAP Response from a Rampart enabled service
############################################
<?xml version='1.0' encoding='utf-8'?>
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";>
<soapenv:Header
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing";>
<wsa:To>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:To>
<wsa:MessageID>urn:uuid:42C68E847DB869C8CA1216824473152</wsa:MessageID>
<wsa:Action>http://schemas.xmlsoap.org/ws/2004/08/addressing/fault</wsa:Action>
<wsa:RelatesTo>urn:uuid:257f8523-4b91-4073-b87a-76c0b3e4151f</wsa:RelatesTo>
</soapenv:Header>
<soapenv:Body>
<soapenv:Fault
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>
<faultcode>wsse:InvalidSecurity</faultcode>
<faultstring>The timestamp could not be validated</faultstring>
<detail />
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
