Hi All,
I am trying to write a java client program (servlet), which will generate
and sign the SOAP request with the keys provided by thrid party
(keystore.jks). When I deploy the Servlet on tomcat it just works fine. But
on web sphere 8.5 I am getting "*RSA signature is not verified*" . I tried
debugging the issue but not sure what is going wrong.
I tried finding answer online and added IS_BSP_COMPLIANT as false but didnt
help.
Most likely the issue is with signature. Let me know how I can trouble this
issue. Any suggestion would be very helpful.
Thank you for your time and looking forward for some guidance.
Code
--------------------------------------------------------------------------------------------------------------------------------
attstmt.getAttributes().add(attr);
assertion.getAttributeStatements().add(attstmt);
AssertionWrapper assertionWrper = new AssertionWrapper(assertion);
WSSecSAMLToken samlToken = new WSSecSAMLToken();
samlToken.build(soapDocument, assertionWrper, header);
SoapMessageWithoutHeader = nodeToString(soapDocument);
System.out.println("Anupam SOAP Message with SAML 2.0 Assertion :
"+SoapMessageWithoutHeader);
// Inserting the wsu:Timestamp
WSSecTimestamp timestamp = new WSSecTimestamp();
timestamp.setTimeToLive(TIMESTAMP_VALIDATE_PERIOD);
WSSecHeader timestampHeader = new WSSecHeader();
timestampHeader.insertSecurityHeader(soapDocument);
timestamp.build(soapDocument, timestampHeader);
SoapMessageWithoutHeader = nodeToString(soapDocument);
System.out.println("Anupam SOAP Message with time stamp :
"+SoapMessageWithoutHeader);
System.out.println("Anupam path to key store "+pathtoKeyStore);
WSSecSignature builder = new WSSecSignature();
builder.setUserInfo(keyAlias, pwdValue);
builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
java.util.Properties prop = new java.util.Properties();
*prop.setProperty("org.apache.ws.security.crypto.provider",
"org.apache.ws.security.components.crypto.Merlin");*
* prop.setProperty("org.apache.ws.security.crypto.merlin.keystore.type",
"jks");*
*
prop.setProperty("org.apache.ws.security.crypto.merlin.keystore.base64.encoded",
"false");*
*
prop.setProperty("org.apache.ws.security.crypto.merlin.keystore.password",
pwdValue);*
* prop.setProperty("org.apache.ws.security.crypto.merlin.file",
pathtoKeyStore);*
* prop.setProperty(WSHandlerConstants.IS_BSP_COMPLIANT, "false");*
*
//prop.setProperty(WSHandlerConstants.ALLOW_NAMESPACE_QUALIFIED_PASSWORD_TYPES,
"true");*
* Crypto crypto = CryptoFactory.getInstance(prop);*
* builder.prepare(soapDocument, crypto, header);*
Vector parts = new Vector();
parts.add(new WSEncryptionPart(TIMESTAMP_LOCALNAME, TIMESTAMP_QNAME,
CONTENT));
parts.add(new WSEncryptionPart(builder.getBSTTokenId()));
parts.add(new WSEncryptionPart(ASSERTION_LOCALNAME, ASSERTION_QNAME
,ELEMENT));
parts.add(new WSEncryptionPart(SOAPBODY_LOCALNAME,SOAPBODY_QNAME,CONTENT ));
builder.setParts(parts);
builder.prependBSTElementToHeader(header);
builder.computeSignature(builder.addReferencesToSign(parts,header));
Proxy proxy = new Proxy(Proxy.Type.HTTP, new
InetSocketAddress("63.66.64.232",8080));
String jNetURL1= "https://XXX/";;
URL endpoint = new URL(jNetURL1);
HttpURLConnection con = (HttpURLConnection) endpoint.openConnection(proxy);
con.setRequestMethod("POST");
con.setRequestProperty("Content-type", "text/xml; charset=utf-8");
con.setRequestProperty("SOAPAction", "http://jnet.XXX/XX";);
con.setDoInput(true);
con.setDoOutput(true);
OutputStream reqStream = con.getOutputStream();
if(con ==null){
System.out.println("Connection to Jnet is null");
}
String SoapMessageWithSign = nodeToString(soapDocument);
System.out.println("Anupam SOAP Message with after signature :
"+SoapMessageWithSign);
reqStream.write(SoapMessageWithSign.getBytes());
String jNetresponse=null;
try {
BufferedReader httpReader = new BufferedReader(new InputStreamReader(
con.getInputStream()));
String inputLine = null;
StringBuffer buff = new StringBuffer();
System.out.println("value of httpreader "+httpReader.ready());
System.out.println("httpReader value "+httpReader.toString());
while ((inputLine = httpReader.readLine()) != null) {
buff.append(inputLine);
System.out.println("input line "+inputLine);
}
jNetresponse = buff.toString();
//System.out.println("Anupam Post response:"+response);
}catch(SOAPFaultException sfe){
System.out.println(sfe.getMessage());
}
Best regards,
Anupam Nandan
