Date: Wed, 24 Sep 2014 13:08:15 -0400
Subject: Re: Web sphere 8.5 and WSS4J1. 6. 9 signing issue.
From: [email protected]
To: [email protected]; [email protected]
Hi Colm
Thank you for your reply. I already tried with WSS4J 1.16.15 earlier. But same
error. I was almost losing hope on this before your reply.
I will re try with 1.6.16 as soon as I get the setup again and let you know.
Thank you for your time .
MG>if after changing libraries you are calling no joy ..more than likely your
private key is bad
MG>can we see the ASN.1 output of private key.... if for no other reason than
to verify attributes are non-negative?
MG>Thanks and Regards,
On Wednesday, September 24, 2014, Colm O hEigeartaigh <[email protected]>
wrote:
Could you try with a more recent version of WSS4J (1.6.16)?
Colm.
On Tue, Sep 23, 2014 at 6:18 PM, Anupam Nandan <[email protected]> wrote:
Hello
Can some one please help me on this ?
Thank you!
On Sunday, September 21, 2014, Anupam Nandan <[email protected]> wrote:
Hi All, I am trying to write a java client program (servlet), which will
generate and sign the SOAP request with the keys provided by thrid party
(keystore.jks). When I deploy the Servlet on tomcat it just works fine. But on
web sphere 8.5 I am getting "RSA signature is not verified" . I tried debugging
the issue but not sure what is going wrong.I tried finding answer online and
added IS_BSP_COMPLIANT as false but didnt help.Most likely the issue is with
signature. Let me know how I can trouble this issue. Any suggestion would be
very helpful.
Thank you for your time and looking forward for some guidance. Code
--------------------------------------------------------------------------------------------------------------------------------
attstmt.getAttributes().add(attr);
assertion.getAttributeStatements().add(attstmt);
AssertionWrapper assertionWrper = new
AssertionWrapper(assertion); WSSecSAMLToken samlToken =
new WSSecSAMLToken(); samlToken.build(soapDocument,
assertionWrper, header);
SoapMessageWithoutHeader = nodeToString(soapDocument);
System.out.println("Anupam SOAP Message with SAML 2.0 Assertion :
"+SoapMessageWithoutHeader); //
Inserting the wsu:Timestamp
WSSecTimestamp timestamp = new WSSecTimestamp();
timestamp.setTimeToLive(TIMESTAMP_VALIDATE_PERIOD);
WSSecHeader timestampHeader = new WSSecHeader();
timestampHeader.insertSecurityHeader(soapDocument);
timestamp.build(soapDocument, timestampHeader);
SoapMessageWithoutHeader = nodeToString(soapDocument);
System.out.println("Anupam SOAP Message with time stamp :
"+SoapMessageWithoutHeader);
System.out.println("Anupam path to key store "+pathtoKeyStore);
WSSecSignature builder = new WSSecSignature();
builder.setUserInfo(keyAlias, pwdValue);
builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
java.util.Properties prop = new java.util.Properties();
prop.setProperty("org.apache.ws.security.crypto.provider",
"org.apache.ws.security.components.crypto.Merlin");
prop.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", "jks");
prop.setProperty("org.apache.ws.security.crypto.merlin.keystore.base64.encoded",
"false");
prop.setProperty("org.apache.ws.security.crypto.merlin.keystore.password",
pwdValue);
prop.setProperty("org.apache.ws.security.crypto.merlin.file", pathtoKeyStore);
prop.setProperty(WSHandlerConstants.IS_BSP_COMPLIANT, "false");
//prop.setProperty(WSHandlerConstants.ALLOW_NAMESPACE_QUALIFIED_PASSWORD_TYPES,
"true"); Crypto crypto =
CryptoFactory.getInstance(prop);
builder.prepare(soapDocument, crypto, header);
Vector parts = new Vector();
parts.add(new WSEncryptionPart(TIMESTAMP_LOCALNAME,
TIMESTAMP_QNAME, CONTENT)); parts.add(new
WSEncryptionPart(builder.getBSTTokenId())); parts.add(new
WSEncryptionPart(ASSERTION_LOCALNAME, ASSERTION_QNAME ,ELEMENT));
parts.add(new WSEncryptionPart(SOAPBODY_LOCALNAME,SOAPBODY_QNAME,CONTENT ));
builder.setParts(parts);
builder.prependBSTElementToHeader(header);
builder.computeSignature(builder.addReferencesToSign(parts,header));
Proxy proxy = new Proxy(Proxy.Type.HTTP, new
InetSocketAddress("63.66.64.232",8080));
String jNetURL1= "https://XXX/";; URL endpoint = new
URL(jNetURL1); HttpURLConnection con =
(HttpURLConnection) endpoint.openConnection(proxy);
con.setRequestMethod("POST");
con.setRequestProperty("Content-type", "text/xml; charset=utf-8");
con.setRequestProperty("SOAPAction", "http://jnet.XXX/XX";);
con.setDoInput(true);
con.setDoOutput(true); OutputStream
reqStream = con.getOutputStream();
if(con ==null){
System.out.println("Connection to Jnet is null");
} String SoapMessageWithSign =
nodeToString(soapDocument); System.out.println("Anupam
SOAP Message with after signature : "+SoapMessageWithSign);
reqStream.write(SoapMessageWithSign.getBytes());
String jNetresponse=null; try {
BufferedReader httpReader = new BufferedReader(new
InputStreamReader(
con.getInputStream()));
String inputLine = null; StringBuffer buff = new
StringBuffer(); System.out.println("value of httpreader
"+httpReader.ready()); System.out.println("httpReader
value "+httpReader.toString());
while ((inputLine = httpReader.readLine()) != null) {
buff.append(inputLine);
System.out.println("input line "+inputLine);
}
jNetresponse = buff.toString();
//System.out.println("Anupam Post
response:"+response);
}catch(SOAPFaultException sfe){
System.out.println(sfe.getMessage());
}
Best regards,
Anupam Nandan
--
Best regards,
Anupam Nandan201.920.0722
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com
--
Best regards,
Anupam Nandan201.920.0722
