[
http://jira.codehaus.org/browse/XFIRE-1053?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_100638
]
Hima commented on XFIRE-1053:
-----------------------------
Also I wanted to add that I came across certain issues reported to different
forums on net, which talk about possiblity of the SOAP request getting modified
before it reaches the other end.
In Axis, it is recommended to disable this formatting thru different options
like disablePrettyXML. Is there such thing in XFire?
> Signature Verification Failure with XFire
> -----------------------------------------
>
> Key: XFIRE-1053
> URL: http://jira.codehaus.org/browse/XFIRE-1053
> Project: XFire
> Issue Type: Bug
> Components: WS-Security
> Reporter: Hima
> Assignee: Dan Diephouse
>
> I get the Signature Verification Failed exception when I try to implement
> WS-Security with XFire.
> I am using XFire 1.2.6. I wrote a proxy client to access the webservice that
> is implemented using Axis 1.3.
> I used WAS 6.0 environment to run my client.
>
> The version of wss4j and xmlsec jars are:
> wss4j 1.5.2
> xmlsec 1.4.0
> Here is a part of configuration I used:
> client.addOutHandler(new DOMOutHandler());
> Properties config= new Properties();
> config.setProperty("deployment", "client");
> config.setProperty("flow", "request-only");
> config.setProperty(WSHandlerConstants.ACTION,
> WSHandlerConstants.SIGNATURE);
> config.setProperty(WSHandlerConstants.USER, "serveralias");
> config.setProperty(WSHandlerConstants.SIG_PROP_FILE,
> "META-INF/xfire/outsecurity_sign.properties");
>
> config.setProperty(WSHandlerConstants.SIG_KEY_ID,"DirectReference");
> config.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS,
> PasswordHandler.class.getName());
> config.setProperty(WSHandlerConstants.MUST_UNDERSTAND, "false");
> client.addOutHandler(new WSS4JOutHandler(config));
> outsecurity_sign.properties has the below entries:
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
> org.apache.ws.security.crypto.merlin.keystore.type=jks
> org.apache.ws.security.crypto.merlin.keystore.alias=serveralias
> org.apache.ws.security.crypto.merlin.keystore.password=changeit
> org.apache.ws.security.crypto.merlin.alias.password=changeit
> org.apache.ws.security.crypto.merlin.file=META-INF/xfire/mykeystore.keystore
> Important Note:
> I monitored the SOAP request with TCPMON and found that canonicalization
> alogrithm is set by XFire to:
> http://www.w3.org/2001/10/xml-exc-c14n#
> There are other clients who are successfully able to access the same
> webservice but are implemented in Axis 1.3. They are sending this algorithm
> as:
> http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments
> Not sure if this is the cause of this problem. If this is the case then XFire
> code needs a modification since I believe the alogrithm is by default
> hardcoded as http://www.w3.org/2001/10/xml-exc-c14n#
> Please correct me if I am wrong. Please help.
> Thanks
> hima
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators:
http://jira.codehaus.org/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
---------------------------------------------------------------------
To unsubscribe from this list please visit:
http://xircles.codehaus.org/manage_email
