I am using WSS4j 1.5.9 while creating the request. The Service Provider is using 1.5.1 for signature verification and decryption.
Thanks, Rameshwer Jangra ________________________________ From: Colm O hEigeartaigh <[email protected]> To: [email protected]; Rameshwer Jangra <[email protected]> Sent: Thursday, April 19, 2012 8:10 AM Subject: Re: Help Required - Adding wsu:Id in <ds:Signature> What version of WSS4J are you using? Colm. On Tue, Apr 17, 2012 at 7:34 PM, Rameshwer Jangra <[email protected]> wrote: > Hi, > I am using WSS4J for invoking a secured web service. The request XML > generated by my client is almost the same as the sample provided by the > Service Provider. The only difference is an additional "wsu:Id" attribute > defined for <ds:Signature> tag. > > Here's what my code is generating: > > <ds:Signature Id="Signature-22" > xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> > > Here's what the Service Provider is expecting > > <ds:Signature Id="Signature-16906910" wsu:Id="Id-8819824" > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";> > > I suspect that due to this missing tag I am getting the exception, pasted > below, when I am try to invoke the service. I am not able to figure out how > the highlighted tag will get added to the XML. Is there any > configuration/attribute that I can change while invoking > the WSSecSignature.build()? > > Gone through the API documentation and the code but could not find anything > specific to this. Will appreciate any help/guidance in resolving this. > > -------------------------------------------- > Caused by: java.lang.NullPointerException > at > org.apache.ws.security.util.WSSecurityUtil.findElementById(WSSecurityUtil.java:298) > at > org.apache.ws.security.util.WSSecurityUtil.getElementByWsuId(WSSecurityUtil.java:438) > at > org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:297) > at > org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:79) > at > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:279) > at > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:201) > at org.apache.rampart.RampartEngine.process(RampartEngine.java:71) > at > org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:69) > at org.apache.axis2.engine.Phase.invoke(Phase.java:381) > at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:518) > at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:483) > at > org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:319) > at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:247) > ... 12 more > ---------------------------------------------- > > Thanks, > Rameshwer Jangra > > > > > > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
