Good morning, I'm working with wss4j (version 1.6.16), apache axis2 (v. 1.7.0) and Rampart (v. 1.7.0) and I'm trying to send a message receiving the following error and I don't know if the problem is the syntax of the message (builded in SoapUI) or is the Rampart Receiver:
[ERROR] An error was discovered processing the <wsse:Security> header (Cannot handle multiple data references) org.apache.axis2.AxisFault: An error was discovered processing the <wsse:Security> header (Cannot handle multiple data references) at org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:186) at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:95) at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:335) at org.apache.axis2.engine.Phase.invoke(Phase.java:308) at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:250) at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:156) at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:176) at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:163) at javax.servlet.http.HttpServlet.service(HttpServlet.java:647) at javax.servlet.http.HttpServlet.service(HttpServlet.java:728) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:51) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123) at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:502) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:100) at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:953) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:408) at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1041) at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:603) at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310) at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source) at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source) at java.lang.Thread.run(Unknown Source) Caused by: org.apache.ws.security.WSSecurityException: An error was discovered processing the <wsse:Security> header (Cannot handle multiple data references) at org.apache.ws.security.processor.ReferenceListProcessor.checkBSPCompliance(ReferenceListProcessor.java:225) at org.apache.ws.security.processor.ReferenceListProcessor.decryptDataRefEmbedded(ReferenceListProcessor.java:151) at org.apache.ws.security.processor.ReferenceListProcessor.handleReferenceList(ReferenceListProcessor.java:104) at org.apache.ws.security.processor.ReferenceListProcessor.handleToken(ReferenceListProcessor.java:64) at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:402) at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:309) at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:254) at org.apache.rampart.RampartEngine.process(RampartEngine.java:161) at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92) I attach the message. Thank you. Regards, Daniel
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope"; xmlns:soap1="http://SOAP.servidor.service.web";> <soap:Header> <wsse:Security soap:mustUnderstand="true" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";> <xenc:ReferenceList xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";> <xenc:DataReference URI="#ED-4FB4D1F15A7DC991AA14561313605256" /> </xenc:ReferenceList> <wsu:Timestamp wsu:Id="TS-4FB4D1F15A7DC991AA14561313604895"> <wsu:Created>2016-02-22T08:56:00.489Z </wsu:Created> <wsu:Expires>2016-02-25T20:16:00.489Z </wsu:Expires> </wsu:Timestamp> <ds:Signature Id="SIG-4FB4D1F15A7DC991AA14561313604384" xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";> <ec:InclusiveNamespaces PrefixList="soap soap1" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"; /> </ds:CanonicalizationMethod> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"; /> <ds:Reference URI="#id-DA6697AEDC56F8416A14558761448694"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";> <ec:InclusiveNamespaces PrefixList="soap1" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"; /> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; /> <ds:DigestValue>PAyL8OVwfLHADRLbvp4yQX/+MAY=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>a98y9+WeE9rWLOWYtCen1SaQ3FgN4SuBB3eEDxk+OoHBPauwE1KYDnSrQXiag4/YrQi+BU+yJfLZ SyHpRmMs7CEzor9XPsZ067fX88MTtxV9oFwWV/soryZAFuHRxRow1AenIb2Ny8q1EyPktjv03yrj eDBjdoOxws2mdPJjVG8= </ds:SignatureValue> <ds:KeyInfo Id="KI-4FB4D1F15A7DC991AA14561313603982"> <wsse:SecurityTokenReference wsu:Id="STR-4FB4D1F15A7DC991AA14561313604133"> <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"; ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";>MIICaDCCAdGgAwIBAgIEQP9E8TANBgkqhkiG9w0BAQsFADBnMQswCQYDVQQGEwJFUzERMA8GA1UECBMIWmFyYWdvemExETAPBgNVBAcTCFphcmFnb3phMQ0wCwYDVQQKEwRIT01FMQ0wCwYDVQQLEwRIT01FMRQwEgYDVQQDEwtSYW5kb20gVXNlcjAeFw0xNTEyMzEwODQzMThaFw0xNjAzMzAwODQzMThaMGcxCzAJBgNVBAYTAkVTMREwDwYDVQQIEwhaYXJhZ296YTERMA8GA1UEBxMIWmFyYWdvemExDTALBgNVBAoTBEhPTUUxDTALBgNVBAsTBEhPTUUxFDASBgNVBAMTC1JhbmRvbSBVc2VyMIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCGw1jNJlu7ercxHVhogKrT5ho6Yh/FZA9pFNyeaAKakfcUKCKvLGvFcdtj/B8hu9DpulFZDkxD8WSPf9Q4TjjtELmLJL860BgmerRUHlqkpW4LbRaM18XeV3OpjjF3gsjBaOYOBWDtLRIj5zctPeAic11qT/hiXotBJdz6BVpsewIDAQABoyEwHzAdBgNVHQ4EFgQUnBESIHO8VyrIaPtYtCdABby9RvYwDQYJKoZIhvcNAQELBQADgYEAU9h5Xkl0HVYDxnuR7Oq9M6Ew+dfrg/OSn/ZTvFdmqVAoebit2R6CL27kVM4j/RSIrFSrLDqcmaN0p6yh+GjsToHEvGwFx43S4By4J7SjrTOjTSPp3T+hbum1WfUR+9EvyCPIw7DbpW6+mF3u491VSRpQ1NXNUR2Qw5XZN3o0rjk= </wsse:KeyIdentifier> </wsse:SecurityTokenReference> </ds:KeyInfo> </ds:Signature> </wsse:Security> </soap:Header> <soap:Body wsu:Id="id-DA6697AEDC56F8416A14558761448694" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";> <xenc:EncryptedData Id="ED-4FB4D1F15A7DC991AA14561313605256" Type="http://www.w3.org/2001/04/xmlenc#Content"; xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";> <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"; /> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; /> <xenc:CipherData> <xenc:CipherValue>IS+3VbkdVIe15MlhWEVLP+DL/SXS77sqG4+z2ILPDXwtETbKY5FUad+zxhzNoM84corxHvVrVdC/7FuMccN1n5DsnpC9uoGAUu0R7HoSPyiA8a1jH+SKFJvuDBiucjHcfnvGkjV2LNYC6IQOY3jYSiFnOp+OSDvdP+8HAUOBVKrX3+oX8clQGFLonXwt0TtSqPeVJWhT/t4xZpQ7JNoY5zujNgeJVHKnHoV8pAlNeUFCsJ/x3g6glmPXctvzuZWcIGG8R41zHoE0FJEQx4+dGRblwoQUTSyT3Of+yruBG8kf7w1h7yBNOvjz+PbG2G8YcCcAOw9BNwpNJzLFFl2ogAGzQVJtzdqTs3SZQ7L1CcaJl9MQyDdakP+V30nfvPTaoLsn691CxEM6vFFlpMZxNo7pj9nrzDIY8iX3pjtQKXkHaRA0JXkQ+5vM6f8Fl10GuvDHkImxwk/Nv/0TFeT4S6xhM2FcDe5xT5CjZDE+DTeQAYZ0mAaOy9T4CNioZFvaslqbu5t4VHMM/GAqKmhp6Q== </xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedData> </soap:Body> </soap:Envelope>
--------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
