HI, I am getting below error while accessing WCF service with wshttpbinding Cannot resolve KeyInfo for verifying signature: KeyInfo 'SecurityKeyIdentifier ( IsReadOnly = False, Count = 1, Clause[0] = LocalIdKeyIdentifierClause(LocalId = 'uuid-e86a9da2-b8a4-413c-8e48-16126dad54f0-1', Owner = '') ) ', available tokens 'SecurityTokenResolver ( TokenCount = 1, TokenEntry[0] = (AllowedReferenceStyle=Internal, Token=System.ServiceModel.Security.Tokens.SecurityContextSecurityToken, Parameters=System.ServiceModel.Security.Tokens.SecureConversationSecurityTokenParameters: InclusionMode: AlwaysToRecipient
I am not sure how Identifier element of SecurityContextToken is referring to Reference element of SecurityTokenReference. As per service provider: Id of SecurityContextToken should refer the Reference element of SecurityTokenReference. Please help how can we make this change client side. My Request look like: <soap:Envelope xmlns:soap="http://www.w3.org/2003/05/ soap-envelope"> <soap:Header> <Action xmlns="http://www.w3.org/2005/08/addressing";>http://example.service/GetfileID</Action> <MessageI D xmlns="http://www.w3.org/2005/08/addressing";>urn:uuid:e53bd47b-6538-47df-8b23-19a82430de6 f</MessageID> <To xmlns="http://www.w3.org/2005/08/addressing";>https://testexampleservice/exampleService.svc</To> <ReplyTo xmlns="http://www.w3.org/200 5/08/addressing"> <Address>http://www.w3.org/2005/08/addressing/anonymous</Address> </ReplyTo > <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecur ity-secext-1.0.xsd" soap:mustUnderstand="true"> <c:SecurityContextToken xmlns:c="http://schemas.xmlsoap.org/ws/2005/02/sc"; xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401 -wss-wssecurity-utility-1.0.xsd" u:Id="uuid-e86a9da2-b8a4-413c-8e48-16126dad54f0-1"> <c:Identifier>urn:uuid:c4bcae77-3f58-4312-a43a-c1c0553c103c</c:Identifier> </c:SecurityContextToken> <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecuri ty-utility-1.0.xsd" wsu:Id="G32964ac3-836a-49ea-a360-95a0955e9189"> <wsu:Created>2016-03-26T 13:50:27.220Z</wsu:Created> <wsu:Expires>2016-03-26T13:55:27.220Z</wsu:Expires> </wsu:Timesta mp> <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"; Id="G1a92270a-2297-46d3- 9e54-771837debfd9"> <dsig:SignedInfo> <dsig:CanonicalizationMethod Algorithm="http://www.w3.o rg/2001/10/xml-exc-c14n#"> <c14nEx:InclusiveNamespaces xmlns:c14nEx="http://www.w3.org/2001/ 10/xml-exc-c14n#" PrefixList="soap"/> </dsig:CanonicalizationMethod> <dsig:SignatureMethod Al gorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"/> <dsig:Reference URI="#G32964ac3-836a-49ea-a360-95a0955e9189"> <dsig:Transforms> <dsig:Transform Algorithm="http://www.w3.org/2001 /10/xml-exc-c14n#"> <c14nEx:InclusiveNamespaces xmlns:c14nEx="http://www.w3.org/2001/10/xml-exc-c14n#"; PrefixList=""/> </dsig:Transform> </dsig:Transforms> <dsig:DigestMethod Algorithm=" http://www.w3.org/2000/09/xmldsig#sha1"/> <dsig:DigestValue>3/umcmPhDrC8ZQ0yUWzJJQz8QMk=</dsig:DigestValue> </dsig:Reference> </dsig:SignedInfo> <dsig:SignatureValue>nNK+1MjSfVkxTypa8lDu nlGmsS4= </dsig:SignatureValue> <dsig:KeyInfo Id="G0916089d-f0b9-466b-b641-3cce13e3bf36"> <wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecur ity-utility-1.0.xsd" wsu:Id="G58fd702d-c13e-4932-968d-73dec0ce288c"> <wsse:Reference URI="#urn:uuid:c4bcae77-3f58-4312-a43a-c1c0553c103c" ValueType="http://docs.oasis-open.org/ws-sx/w s-secureconversation/200512/sct"/> </wsse:SecurityTokenReference> </dsig:KeyInfo> </dsig:Signa ture> </wsse:Security> </soap:Header> <soap:Body> <ns2:GetfileID xmlns:ns2="http://example.service/Batch"; xmlns:ns3="http://schemas.microsoft.com/2003/10/Serializatio n/" xmlns="http://www.caqh.org/SOAP/WSDL/CORERule2.2.0.xsd"/> </soap:Body> </soap:Envelope> -- View this message in context: http://cxf.547215.n5.nabble.com/SecurityContextToken-is-refering-to-wrong-SecurityTokenReference-tp5767249.html Sent from the cxf-dev mailing list archive at Nabble.com.
