Hi Bernanrd, can you try to change the InitiatorToken: <sp:InitiatorToken> <wsp:Policy> <sp:X509Token sp:IncludeToken=" http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never"> <wsp:Policy> <sp:WssX509V3Token10/> <sp:RequireIssuerSerialReference/> </wsp:Policy> </sp:X509Token> </wsp:Policy> </sp:InitiatorToken>
In my case it work. Regards, Jorge El lun., 14 may. 2018 a las 5:03, Bernard Paris (<bernard.pa...@uclouvain.be>) escribió: > Hi devs, > > We need to useWS-SecurityPolicy with x509Token to query a ws, so we > defined an address endpoint with policy, something like > <address format="soap11" statistics="enable" trace="enable" uri=" > https://remote.server"> > <enableAddressing version="submission"/> > <enableSec policy="gov:policies/the-policy-POL.xml"/> > </address> > > Here is the initiatorToken part of the policy file I defined in the policy > file: > > <wsp:ExactlyOne> > <wsp:All> > <sp:AsymmetricBinding xmlns:sp=" > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy"> > <wsp:Policy> > <sp:InitiatorToken> > <wsp:Policy> > <sp:X509Token sp:IncludeToken=" > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"> > > <wsp:Policy> > <sp:RequireIssuerSerialReference /> > <sp:WssX509V3Token10 /> > </wsp:Policy> > </sp:X509Token> > </wsp:Policy> > </sp:InitiatorToken> > > …. expecting I will got some "ds:X509Data" datas in the SOAP header to > send, something like > > <ds:KeyInfo Id="KI-EAF95CB2EABEB3293D13643957589981127"> > <wsse:SecurityTokenReference > wsu:Id="STR-EAF95CB2EABEB3293D13643957589981128"> > <ds:X509Data> > <ds:X509IssuerSerial> > > <ds:X509IssuerName>CN=WSJanusTEST_BULL001</ds:X509IssuerName> > <ds:X509SerialNumber>1243600900</ds:X509SerialNumber> > > > Unfortunately the only thing I get is > > <ds:KeyInfo Id="KeyId-171B34AA705833EBA0152628551959217"> > <wsse:SecurityTokenReference xmlns:wsu=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" > wsu:Id="STRId-171B34AA705833EBA0152628551959218"> > <wsse:Reference > URI="#CertId-171B34AA705833EBA0152628551959116" ValueType=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3 > "/> > </wsse:SecurityTokenReference> > </ds:KeyInfo> > > > Could you tell me where I'm wrong ? > Here are the related carbon logs: > [2018-05-14 10:44:27,520] [EI-Core] DEBUG - WSDoAllSender WSDoAllSender: > enter invoke() > [2018-05-14 10:44:27,520] [EI-Core] DEBUG - AsymmetricBindingBuilder > AsymmetricBindingBuilder build invoked > [2018-05-14 10:44:27,520] [EI-Core] DEBUG - BindingBuilder Processing > symmetric binding: Setting up encryption token and signature token > [2018-05-14 10:44:27,520] [EI-Core] DEBUG - BindingBuilder Obtaining the > Encryption Token > [2018-05-14 10:44:27,521] [EI-Core] DEBUG - BindingBuilder Token > inclusion: 3 > [2018-05-14 10:44:27,521] [EI-Core] DEBUG - BindingBuilder User : CertEcole > [2018-05-14 10:44:27,521] [EI-Core] DEBUG - RampartUtil loading class : > be.ucl.sgsi.sisg.bp.PWCBHandler > [2018-05-14 10:44:27,521] [EI-Core] DEBUG - BindingBuilder Password : > aSecret > [2018-05-14 10:44:27,521] [EI-Core] DEBUG - RampartUtil Loading Signature > crypto > [2018-05-14 10:44:27,521] [EI-Core] DEBUG - RampartUtil Using provider: > org.apache.ws.security.components.crypto.Merlin > [2018-05-14 10:44:27,521] [EI-Core] DEBUG - RampartUtil Cache Hit : Crypto > Object was found in cache. > [2018-05-14 10:44:27,527] [EI-Core] DEBUG - AsymmetricBindingBuilder > AsymmetricBindingBuilder build invoked : DONE > > > > > Thanks for any help, > Bernard > > _______________________________________________ > Dev mailing list > Dev@wso2.org > http://wso2.org/cgi-bin/mailman/listinfo/dev >
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev