[
https://issues.apache.org/jira/browse/AXIS2-4852?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Afkham Azeez reassigned AXIS2-4852:
-----------------------------------
Assignee: Prabath Siriwardena
> EncryptedData in body throws mustunderstand exception
> -----------------------------------------------------
>
> Key: AXIS2-4852
> URL: https://issues.apache.org/jira/browse/AXIS2-4852
> Project: Axis2
> Issue Type: Bug
> Components: jaxws
> Reporter: Atul
> Assignee: Prabath Siriwardena
>
> Hi,
> I am writing a jaxws handler that handles the security for my webservices. In
> cases where my body is encrypted, as per ws-security guidelinesi am seeing
> the excepton "mustunderstand ". While in cases my body is not encrypted , i
> see that soap message is correclty processed. I want my handler to be invoked
> for soap body to be decrypted.i debugged the code and it seems it never
> reaches my handler despite the fact that i have specified/implemented
> getHeaders() method correctly. i want to figure out a way by means of which
> it reaches my jaxws handler. Sample soap message is ---
> <S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/";>
> <S:Header>
> <wsse:Security
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
> S:mustUnderstand="true">
> <wsse:BinarySecurityToken
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
>
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>
> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
>
> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v1";
>
> wsu:Id="BST-Vpz9EP4NRbaj6eFvee7pXw22">MIICLjCCAZcCBEjiSZEwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxDzANBgNVBAoTBk9yYWNsZTErMCkGA1UECxMiSjJFRSBUZXN0IEVuY3J5cHRpb24gUHVycG9zZXMgT25seTERMA8GA1UEAxMId2VibG9naWMwHhcNMDgwOTMwMTU0NTIxWhcNMTgwODA5MTU0NTIxWjBeMQswCQYDVQQGEwJVUzEPMA0GA1UEChMGT3JhY2xlMSswKQYDVQQLEyJKMkVFIFRlc3QgRW5jcnlwdGlvbiBQdXJwb3NlcyBPbmx5MREwDwYDVQQDEwh3ZWJsb2dpYzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAq7+NVbxFO+IvuGb9RbkYVjDSMM3wfwyenmKGgxyC8sQq3CIwAdYSFBJX4ugUw8ghsz8P66d7fCGypQAjkV/WaTu9HWbw+R0OzkZXd+ze6K+MLVsdjZl3tAhDectMs993RWOP/RAQFiThEtw1w53Qd7/KeB2J1XKGxLb+vBNe0RkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQCkKtPvXhmB7LFJGA7JsT50/Ge8vfVDLhVQLOE6g9G0jDWN1GVeN7ahPJqYWxQzp7hmvmrqwuSz2fJtPyxE7dNBw1DsencYav/AtUYHAHgwtRJET9bBZ1vtFyn38axiURtk+T/oKWuNPb0PcWKCCMoc+x58E1HcvFOTobOiDrw4JQ==</wsse:BinarySecurityToken>
> <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";>
> <xenc:EncryptionMethod
> Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p";>
> <dsig:DigestMethod
> xmlns:dsig="http://www.w3.org/2000/09/xmldsig#";
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
> </xenc:EncryptionMethod>
> <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#";>
> <wsse:SecurityTokenReference
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>
> <wsse:Reference
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
> URI="#BST-Vpz9EP4NRbaj6eFvee7pXw22"
> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v1"/>
> </wsse:SecurityTokenReference>
> </dsig:KeyInfo>
> <xenc:CipherData>
>
> <xenc:CipherValue>fjI4I5s6F7j0eIHXi06nHZSet6IPH2fF/Fc29JnIDAN3KlASphfuHeLhIJVUQdMLzxqK8n3pxBq0l5cv82J9FhbNdM2su11makHg0sSKFwAal5fwtINuKelDYvywZNcQvXnpE3nfeaCzHMzQYWMhM2dHtg2CEh3UqTe4puek/QA=</xenc:CipherValue>
> </xenc:CipherData>
> <xenc:ReferenceList>
> <xenc:DataReference URI="#_mKGRto58v1Ii2r7JqYgemg22"/>
> <xenc:DataReference URI="#_WxdAqWZWErJW87tKCz7FSA22"/>
> </xenc:ReferenceList>
> </xenc:EncryptedKey>
> <wsu:Timestamp
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
> wsu:Id="Timestamp-8IUl3DY6c1ZUyivMre98zQ22">
> <wsu:Created>2010-10-07T15:40:44Z</wsu:Created>
> <wsu:Expires>2010-10-07T23:40:44Z</wsu:Expires>
> </wsu:Timestamp>
> <wsse:BinarySecurityToken
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
>
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>
> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
>
> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v1";
>
> wsu:Id="BST-7mr5wZEhA2dm3Ds1dEvhGg22">MIICLjCCAZcCBEjiSZEwDQYJKoZIhvcNAQEFBQAwXjELMAkGA1UEBhMCVVMxDzANBgNVBAoTBk9yYWNsZTErMCkGA1UECxMiSjJFRSBUZXN0IEVuY3J5cHRpb24gUHVycG9zZXMgT25seTERMA8GA1UEAxMId2VibG9naWMwHhcNMDgwOTMwMTU0NTIxWhcNMTgwODA5MTU0NTIxWjBeMQswCQYDVQQGEwJVUzEPMA0GA1UEChMGT3JhY2xlMSswKQYDVQQLEyJKMkVFIFRlc3QgRW5jcnlwdGlvbiBQdXJwb3NlcyBPbmx5MREwDwYDVQQDEwh3ZWJsb2dpYzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAq7+NVbxFO+IvuGb9RbkYVjDSMM3wfwyenmKGgxyC8sQq3CIwAdYSFBJX4ugUw8ghsz8P66d7fCGypQAjkV/WaTu9HWbw+R0OzkZXd+ze6K+MLVsdjZl3tAhDectMs993RWOP/RAQFiThEtw1w53Qd7/KeB2J1XKGxLb+vBNe0RkCAwEAATANBgkqhkiG9w0BAQUFAAOBgQCkKtPvXhmB7LFJGA7JsT50/Ge8vfVDLhVQLOE6g9G0jDWN1GVeN7ahPJqYWxQzp7hmvmrqwuSz2fJtPyxE7dNBw1DsencYav/AtUYHAHgwtRJET9bBZ1vtFyn38axiURtk+T/oKWuNPb0PcWKCCMoc+x58E1HcvFOTobOiDrw4JQ==</wsse:BinarySecurityToken>
> <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";
> Id="_WxdAqWZWErJW87tKCz7FSA22"
> Type="http://www.w3.org/2001/04/xmlenc#Element";>
> <xenc:EncryptionMethod
> Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
> <xenc:CipherData>
>
> <xenc:CipherValue>0BucSeV/i5AUWkdZljpmMlGDiVLobTj0v+qlyqN4oGVCPi9O8wSJUDldLmkWr60ZwUb7Q8oYyp1gMMOXSruE9Qk85vJ8MxtRZrE8g2MWkSNiLNv5vmHkb1LT2TDDgC+oCujT9vWRSY+2qQ/oIdXf8VZzH7MHqgxUgQ8uo/OcZ1f2I6A3IWikoKcglTlh6MKpkZ8Q6iCTzME/rkPRPKtH4Rmei26BbcTiRh3+v8pvN3LT04286kPgCVWuZM4KFw6LTg1OqzuUPAM4iLgML8Pp2txM9mJpnR3+ZOvGCXnf5JZaxLR/4G7EZVqd66fOBV1MV/HRs9ioZ7zgSBMI5z0p1yEJJBZZH4J4+AINaOVgqnKxYsUTGaElctGCx9l6XhWIBfu888Axha3VL0rnT46gbwpRNeT6IOpILQUuKtRaIqsHf6pSmCs+i/FL6EoynKitWKMzxWQQweBMuUIQ4Ak6wnDerLBAt+0hWubyjyahxJJZUIlgJzYZ+JMiyUe70MasVEyswdRYKaKkpFfoDoTBHX14y2nhaa/CWGGxXQyu9LuVjmyVFqfynMKNKSHNEG0w0oyuTbERmWqJMnlXEBLyQdhX5u8RBD/xcusOvc6I0n1UDrPMM04KIJRtkcnCm5TRYLy3iZ72Frd8jHrUYz7qmUfB9CYTwwWJaRLJGVLyysna8U3lY59wJ1/JKqy+mLZ+JXYz4Vk8AmZGTuWoprT3rA==</xenc:CipherValue>
> </xenc:CipherData>
> </xenc:EncryptedData>
> <dsig:Signature xmlns:dsig="http://www.w3.org/2000/09/xmldsig#";>
> <dsig:SignedInfo>
> <dsig:CanonicalizationMethod
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> <dsig:SignatureMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
> <dsig:Reference URI="#Timestamp-8IUl3DY6c1ZUyivMre98zQ22">
> <dsig:Transforms>
> <dsig:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> </dsig:Transforms>
> <dsig:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
>
> <dsig:DigestValue>5+nxC4d6eaCqloQT9TtZuB4/yU0=</dsig:DigestValue>
> </dsig:Reference>
> <dsig:Reference URI="#UsernameToken-lwFAU1MrP56xCiry0FHIyQ22">
> <dsig:Transforms>
> <dsig:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> </dsig:Transforms>
> <dsig:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
>
> <dsig:DigestValue>o+UOhtjP03/GirC2HXmRv6G3xWk=</dsig:DigestValue>
> </dsig:Reference>
> <dsig:Reference URI="#Body-Qb70Er2Vw3UOmePVwQ1WoQ22">
> <dsig:Transforms>
> <dsig:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> </dsig:Transforms>
> <dsig:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
>
> <dsig:DigestValue>9YtzdbmCi8ay1UT62QlOCBgs62w=</dsig:DigestValue>
> </dsig:Reference>
> </dsig:SignedInfo>
>
> <dsig:SignatureValue>da1TNn7L57kyhry7sfkwKELf1MQViczU7///RM9tPc6gk2dx+78JzPKaDSl4ooFQsUUk82ZMw4clkAhyFDwp/pUjY3AhHKiC1CdvLtvIKxufbDKjb24j7JUMPwKztOXL2dw+Hrn8YjqwhqdVptW/QSorCEaT7+jdrvEw437ibJ0=</dsig:SignatureValue>
> <dsig:KeyInfo xmlns:dsig="http://www.w3.org/2000/09/xmldsig#";
> Id="KeyInfo-bMB6qO8GwSby3WDdBq98sg22">
> <wsse:SecurityTokenReference
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";>
> <wsse:Reference
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
> URI="#BST-7mr5wZEhA2dm3Ds1dEvhGg22"
> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v1"/>
> </wsse:SecurityTokenReference>
> </dsig:KeyInfo>
> </dsig:Signature>
> </wsse:Security>
> </S:Header>
> <S:Body
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
> wsu:Id="Body-Qb70Er2Vw3UOmePVwQ1WoQ22">
> <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";
> Id="_mKGRto58v1Ii2r7JqYgemg22"
> Type="http://www.w3.org/2001/04/xmlenc#Content";>
> <xenc:EncryptionMethod
> Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
> <xenc:CipherData>
>
> <xenc:CipherValue>ZiCxMQsJBMA/HyOBsD7CCi3UgBrTBIWwJpQin6Fi6eCwP1onslA0A6ZzpeHiY8Z/QzAFNAjlusEBgLb8IkHLqs4VhvLWnNxSma2YSoH1tmDhzCISQWl4Ht1gfe4ezUQ0+pkDXOaFrIjAhsyTGKc/BezfB24JNFNNdI8KXdRvg4v7Nqv5dIoDF+F2SxYNDNYdXRvWZTnvoRSNb1ceU+NxeKuG6TxzkYCs0cFlRATFsHOxVp1dsUKVyZbHn97Gr4JcW+EdOa9vNoxqhHH49bCZ0yOFq8zyVYab4geweyyvR8QXF/F7RVfiDOdrkowrSXOJ5ayXjvSffyjDmPZ1HWdSo8QNpueMhWOqcEFM0GTidK4=</xenc:CipherValue>
> </xenc:CipherData>
> </xenc:EncryptedData>
> </S:Body>
> </S:Envelope>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
