FYI On Tuesday, September 23, 2014, Anupam Nandan <[email protected]> wrote:
> Hello > > Can some one please help me on this ? > > Thank you! > > On Sunday, September 21, 2014, Anupam Nandan <[email protected] > <javascript:_e(%7B%7D,'cvml','[email protected]');>> wrote: > >> Hi All, >> >> I am trying to write a java client program (servlet), which will generate >> and sign the SOAP request with the keys provided by thrid party >> (keystore.jks). When I deploy the Servlet on tomcat it just works fine. But >> on web sphere 8.5 I am getting "*RSA signature is not verified*" . I >> tried debugging the issue but not sure what is going wrong. >> >> I tried finding answer online and added IS_BSP_COMPLIANT as false but >> didnt help. >> >> Most likely the issue is with signature. Let me know how I can trouble >> this issue. Any suggestion would be very helpful. >> >> >> Thank you for your time and looking forward for some guidance. >> >> Code >> >> >> -------------------------------------------------------------------------------------------------------------------------------- >> >> attstmt.getAttributes().add(attr); >> >> assertion.getAttributeStatements().add(attstmt); >> >> AssertionWrapper assertionWrper = new AssertionWrapper(assertion); >> >> WSSecSAMLToken samlToken = new WSSecSAMLToken(); >> >> samlToken.build(soapDocument, assertionWrper, header); >> >> SoapMessageWithoutHeader = nodeToString(soapDocument); >> >> System.out.println("Anupam SOAP Message with SAML 2.0 Assertion : >> "+SoapMessageWithoutHeader); >> >> // Inserting the wsu:Timestamp >> >> >> WSSecTimestamp timestamp = new WSSecTimestamp(); >> >> timestamp.setTimeToLive(TIMESTAMP_VALIDATE_PERIOD); >> >> >> WSSecHeader timestampHeader = new WSSecHeader(); >> >> timestampHeader.insertSecurityHeader(soapDocument); >> >> timestamp.build(soapDocument, timestampHeader); >> >> SoapMessageWithoutHeader = nodeToString(soapDocument); >> >> System.out.println("Anupam SOAP Message with time stamp : >> "+SoapMessageWithoutHeader); >> >> System.out.println("Anupam path to key store "+pathtoKeyStore); >> >> WSSecSignature builder = new WSSecSignature(); >> >> builder.setUserInfo(keyAlias, pwdValue); >> >> builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE); >> >> java.util.Properties prop = new java.util.Properties(); >> >> >> *prop.setProperty("org.apache.ws.security.crypto.provider", >> "org.apache.ws.security.components.crypto.Merlin");* >> >> * prop.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", >> "jks");* >> >> * >> prop.setProperty("org.apache.ws.security.crypto.merlin.keystore.base64.encoded", >> "false");* >> >> * >> prop.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", >> pwdValue);* >> >> * prop.setProperty("org.apache.ws.security.crypto.merlin.file", >> pathtoKeyStore);* >> >> * prop.setProperty(WSHandlerConstants.IS_BSP_COMPLIANT, "false");* >> >> * >> //prop.setProperty(WSHandlerConstants.ALLOW_NAMESPACE_QUALIFIED_PASSWORD_TYPES, >> "true");* >> >> * Crypto crypto = CryptoFactory.getInstance(prop);* >> >> * builder.prepare(soapDocument, crypto, header);* >> >> >> Vector parts = new Vector(); >> >> >> >> >> parts.add(new WSEncryptionPart(TIMESTAMP_LOCALNAME, TIMESTAMP_QNAME, >> CONTENT)); >> >> parts.add(new WSEncryptionPart(builder.getBSTTokenId())); >> >> parts.add(new WSEncryptionPart(ASSERTION_LOCALNAME, ASSERTION_QNAME >> ,ELEMENT)); >> >> parts.add(new WSEncryptionPart(SOAPBODY_LOCALNAME,SOAPBODY_QNAME,CONTENT >> )); >> >> builder.setParts(parts); >> >> builder.prependBSTElementToHeader(header); >> >> builder.computeSignature(builder.addReferencesToSign(parts,header)); >> >> Proxy proxy = new Proxy(Proxy.Type.HTTP, new >> InetSocketAddress("63.66.64.232",8080)); >> >> String jNetURL1= "https://XXX/";; >> >> URL endpoint = new URL(jNetURL1); >> >> HttpURLConnection con = (HttpURLConnection) >> endpoint.openConnection(proxy); >> >> con.setRequestMethod("POST"); >> >> con.setRequestProperty("Content-type", "text/xml; charset=utf-8"); >> >> con.setRequestProperty("SOAPAction", "http://jnet.XXX/XX";); >> >> >> con.setDoInput(true); >> >> con.setDoOutput(true); >> >> OutputStream reqStream = con.getOutputStream(); >> >> if(con ==null){ >> >> System.out.println("Connection to Jnet is null"); >> >> } >> >> String SoapMessageWithSign = nodeToString(soapDocument); >> >> System.out.println("Anupam SOAP Message with after signature : >> "+SoapMessageWithSign); >> >> reqStream.write(SoapMessageWithSign.getBytes()); >> >> >> String jNetresponse=null; >> >> try { >> >> BufferedReader httpReader = new BufferedReader(new InputStreamReader( >> >> con.getInputStream())); >> >> String inputLine = null; >> >> StringBuffer buff = new StringBuffer(); >> >> System.out.println("value of httpreader "+httpReader.ready()); >> >> System.out.println("httpReader value "+httpReader.toString()); >> >> while ((inputLine = httpReader.readLine()) != null) { >> >> buff.append(inputLine); >> >> System.out.println("input line "+inputLine); >> >> } >> >> >> jNetresponse = buff.toString(); >> >> >> //System.out.println("Anupam Post response:"+response); >> >> >> }catch(SOAPFaultException sfe){ >> >> System.out.println(sfe.getMessage()); >> >> } >> >> >> Best regards, >> Anupam Nandan >> > > > -- > Best regards, > Anupam Nandan > 201.920.0722 > > -- Best regards, Anupam Nandan 201.920.0722
