What does the generated request look like? Colm.
On Tue, Oct 8, 2013 at 1:05 PM, pop-sa <ehab.abdelwhab.atal...@gmail.com>wrote: > Hey all, > I’ve a problem to communicate from a java client with a > secured .Net ASMX service “signature and encryption using user name token” > .NET example is in the follow link > > > http://www.codeproject.com/Articles/12189/Custom-WSE-3-0-Policy-Assertions-for-Signing-and-E > > the return is like this > > Caused by: org.apache.cxf.binding.soap.SoapFault: The signature or > decryption was invalid ---> WSE523: The CipherData contents are invalid. > at > > org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.unmarshalFault(Soap11FaultInInterceptor.java:84) > at > > org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:51) > at > > org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:40) > at > > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271) > at > > org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:113) > at > > org.apache.cxf.jaxws.handler.soap.SOAPHandlerInterceptor.handleMessage(SOAPHandlerInterceptor.java:140) > at > > org.apache.cxf.jaxws.handler.soap.SOAPHandlerInterceptor.handleMessage(SOAPHandlerInterceptor.java:71) > at > > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271) > at > org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:800) > at > > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1592) > at > > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1490) > at > > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1309) > at > org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56) > at > org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:622) > at > > org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62) > at > > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271) > at > org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530) > at > org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463) > at > org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:366) > at > org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:319) > at > org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96) > at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:133) > ... 3 more > Java Result: 1 > > The java message Handler that sends request to the web service is like this > > private void handleOUTBOUNDMessage(SOAPMessageContext messageContext) { > try { > System.out.println("Handle Message handleOUTBOUNDMessage..."); > SOAPPart soapPart = > messageContext.getMessage().getSOAPPart();//.addMimeHeader(null, null); > SOAPEnvelope soapEnvelope = > messageContext.getMessage().getSOAPPart().getEnvelope(); > > soapEnvelope.addNamespaceDeclaration("wsse", > " > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd > "); > soapEnvelope.addNamespaceDeclaration("wsu", > " > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd > "); > soapEnvelope.addNamespaceDeclaration("wsa", > "http://schemas.xmlsoap.org/ws/2004/08/addressing";); > > WSAddressingFeature ws = new WSAddressingFeature(); > ws.setUsingAddressingAdvisory(true); > ws.setAddressingRequired(true); > > WSSecHeader secHeader = new WSSecHeader(); > Document doc = > messageContext.getMessage().getSOAPHeader().getOwnerDocument(); > secHeader.insertSecurityHeader(doc); > > > > > > WSSecUsernameToken builder = new WSSecUsernameToken(); > String password = convertBase64("admin"); > builder.setUserInfo("admin", "admin"); > builder.addCreated(); > builder.addNonce(); > > builder.prepare(doc); > builder.build(doc, secHeader); > > > WSSecurityUtil.setNamespace(builder.getUsernameTokenElement(), > WSConstants.WSU_NS, > WSConstants.WSU_PREFIX); > > String outputString = > org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc); > > WSSecSignature sign = new WSSecSignature(); > sign.setCustomTokenValueType(WSConstants.USERNAMETOKEN_NS + > "#UsernameToken"); > sign.setCustomTokenId(builder.getId()); > sign.setSecretKey(builder.getSecretKey()); > sign.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING); > sign.setSignatureAlgorithm(WSConstants.HMAC_SHA1); > > WSAddressingFeature wsws = new WSAddressingFeature(); > > WSEncryptionPart wsen = new WSEncryptionPart(builder.getId()); > > sign.prepare(doc, null, secHeader); > Document signedDoc = sign.build(doc, null, secHeader); > > WSSecTimestamp secTimestamp = new WSSecTimestamp(); > > > secTimestamp.prepare(doc); > secTimestamp.build(doc, secHeader); > > > Reference ref = new Reference(doc); > > ref.setURI("#" + builder.getId()); > > > ref.setValueType(" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken > "); > > SecurityTokenReference secRef = new > SecurityTokenReference(doc); > > secRef.setReference(ref); > > WSSecurityUtil.setNamespace(secRef.getElement(), > WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX); > > WSSecEncrypt secEncrypt = new WSSecEncrypt(); > > > secEncrypt.setKeyIdentifierType(WSConstants.EMBED_SECURITY_TOKEN_REF); > > secEncrypt.setSecurityTokenReference(secRef); > > byte[] b = new byte[256]; > > ByteBuffer by = ByteBuffer.wrap(builder.getSecretKey()); > by.put(builder.getSecretKey()); > secEncrypt.setKey(by.array()); > > byte[] keyBytes = new byte[16]; > byte[] parameterKeyBytes = password.getBytes("utf-8"); > System.arraycopy(parameterKeyBytes, 0, keyBytes, 0, > Math.min(parameterKeyBytes.length, keyBytes.length)); > > SecretKeySpec secretKeySpec = new SecretKeySpec(keyBytes, > "AES"); > > secEncrypt.setSymmetricKey(secretKeySpec); > > secEncrypt.setKey(keyBytes); > > secEncrypt.setKeyEnc(new String(keyBytes)); > secEncrypt.setKeyEncAlgo(WSConstants.AES_256); > secEncrypt.setSymmetricEncAlgorithm(WSConstants.AES_256); > > // secEncrypt.setCustomEKTokenId(builder.getId()); > > secEncrypt.setDocument(doc); > > secEncrypt.build(doc, null, secHeader); > > /** > * to remove password tag* > */ > boolean passwordRemoved = false; > NodeList nodeList = > builder.getUsernameTokenElement().getChildNodes(); > Node node = null; > for (int i = 0; i < nodeList.getLength(); i++) { > node = > builder.getUsernameTokenElement().getChildNodes().item(i); > if (node.getLocalName().equalsIgnoreCase("Password")) { > builder.getUsernameTokenElement().removeChild(node); > passwordRemoved = true; > } > } > if (!passwordRemoved) { > throw new Exception("Error removing UsernameToken > password"); > } > > WSSecurityUtil.prependChildElement( > secHeader.getSecurityHeader(), > builder.getUsernameTokenElement()); > > outputString = > > org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc); > System.out.println("handleOUTBOUNDMessage outputstring: " + > outputString); > > > } catch (Exception ex) { > ex.printStackTrace(); > } > > } > > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/consuming-secured-net-asmx-web-service-tp5734806.html > Sent from the cxf-dev mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
