On Saturday 20 March 2004 06:43 pm, Mei Wu wrote: I found the problem is actually caused by a global handler (samples.security.LogHandler) that I though was undeployed. So, it might be a much simpler question: how do I undeploy such a global handler? I did : java org.apache.axis.client.AdminClient samples/security/serversecuritydeploy.wsdd
My webserver is running at 8080, and it does seem to do some work that prints out a lot of information when I executed it and at last it showed : - org.apache.axis.i18n.resource::handleGetObject(empty00) - NSPop (empty) <Admin>Done processing</Admin> But, the LogHandler is still processing each soap message, I use the original serversecuritydeploy.wsdd packed in the sample : <undeployment xmlns="http://xml.apache.org/axis/wsdd/"; xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> <globalConfiguration> <requestFlow> <!-- define the Server Signature Verification handler configuration --> <handler name="track" type="java:samples.security.LogHandler"> <parameter name="filename" value="MyService.log"/> </handler> </requestFlow> </globalConfiguration> </undeployment> Any clue what went wrong? thanks Mei > Hi, > > I am developing a message level security framework in which secrete key is > included. I am a bit confused about how to create a ds:KeyInfo for such a > secrete key, since if I follow WS-Security to create: > > <ds:KeyInfo> > > <wsse:SecurityTokenReference> > <wsse:Reference URI="#00001"/> > </wsse:SecurityTokenReference> > > </ds:KeyInfo> > > only, it will give me an AxisFault : "Didn't get a key" > > org.apache.xml.security.signature.XMLSignatureException: Didn't get a key > at > org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFaultBuilder.java: >260) at > org.apache.axis.message.SOAPFaultBuilder.endElement(SOAPFaultBuilder.java:1 >69) at > org.apache.axis.encoding.DeserializationContextImpl.endElement(Deserializat >ionContextImpl.java:1015) at > org.apache.xerces.parsers.AbstractSAXParser.endElement(Unknown Source) > at > org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanEndElement(Unknown > Source) > at > org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispat >cher.dispatch(Unknown Source) > at > org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown > Source) > at org.apache.xerces.parsers.XML11Configuration.parse(Unknown > Source) at org.apache.xerces.parsers.XML11Configuration.parse(Unknown > Source) at org.apache.xerces.parsers.XMLParser.parse(Unknown Source) at > org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source) at > javax.xml.parsers.SAXParser.parse(SAXParser.java:345) > at > org.apache.axis.encoding.DeserializationContextImpl.parse(DeserializationCo >ntextImpl.java:242) at > org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:538) at > org.apache.axis.Message.getSOAPEnvelope(Message.java:376) at > org.apache.axis.client.Call.invokeEngine(Call.java:2583) at > org.apache.axis.client.Call.invoke(Call.java:2553) > at org.apache.axis.client.Call.invoke(Call.java:1753) > at samples.security.Client.doService(Client.java:69) > at samples.security.Client.main(Client.java:95) > > > However, I am not able to create a <ds:KeyValue> which is not a DSA or RSA > key, I tried to create a KeyValue and pass a non-standard element (with a > wsse namespace) to it, such as : > KeyValue kv = new KeyValue(doc, securityTokenReference) > > It does not seem to work, it creates an empty <ds:KeyValue> within > <ds:KeyInfo>, which again gets the same AxisFault. > > I create my secrete key as: > > char[] passwordchars = new char[password.length()]; > > SignatureAlgorithm sa = new SignatureAlgorithm(doc, > > "http://www.w3.org/2000/09/xmldsig#hmac-sha1";, > 33); > > SecretKey sk = new SecretKeySpec(password.getBytes(), > sa.getJCEAlgorithmString()); > > I have no idea what KeyInfo can be constructed for HMAC key. > > Thanks very much. > > Mei
