Hi Martin, thanks for your response (again). I've solved the problem by downgrading to axis2-1.6.4. Now the client stubs generated by wsdl2java work ok.
Maybe it's just a bug in Axis2 2-1.7.1 (??). >> how would client signing with rsa-sha1 algorithm be able to communicate with >> any webservice expecting rsa-sha256 signature? This web service expects a rsa-sha1, as I said in previous messages. According to [1] and [2], WS SecurityPolicy specifies that rsa-sha1 must be the signature algorithm. I'm not familiar with WS Security anyway. Regards. Enrique Refs: [1] https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Fuse/6.0/html/Web_Services_Security_Guide/files/MsgProtect-SOAP-SpecifyAlgorithmSuite.html [2] http://cxf.apache.org/docs/ws-securitypolicy.html On Thu, Mar 10, 2016 at 2:31 PM, Martin Gainty <mgai...@hotmail.com> wrote: > Item1: > > SHA1 is used for encryption/decryption only > > http://coheigea.blogspot.com/2013/03/signature-and-encryption-key.html > > Item2: > > <sp:AsymmetricBinding > > <wsp:Policy> > <sp:InitiatorToken> > <wsp:Policy> > <sp:X509Token > sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";> > <wsp:Policy> > <sp:WssX509V3Token10/> > </wsp:Policy> > </sp:X509Token> > </wsp:Policy> > </sp:InitiatorToken> > <sp:RecipientToken> > <wsp:Policy> > <sp:X509Token > sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";> > <wsp:Policy> > <sp:WssX509V3Token10/> > </wsp:Policy> > </sp:X509Token> > </wsp:Policy> > </sp:RecipientToken> > <sp:AlgorithmSuite> > <wsp:Policy> > <sp:Basic128/> > </wsp:Policy> > </sp:AlgorithmSuite> > > notice that AlgorithmSuite sp:Basic128 is common to both initiator and > recipient > > how would client signing with rsa-sha1 algorithm be able to communicate with > any webservice expecting rsa-sha256 signature? > > Please explain > Martin > ______________________________________________ > > > > > > > ________________________________ > Date: Wed, 9 Mar 2016 19:34:04 +0100 > Subject: RE: WSsecurity: SignatureMethod error > From: enrique.sori...@gmail.com > To: java-user@axis.apache.org > > > On Mar 9, 2016 15:34, "Martin Gainty" <mgai...@hotmail.com> wrote: >> >> 2000 spec you are >> currently implementing: >> <ds:KeyInfo xmlns:ds="http:// >>www.w3.org/2000/09/xmldsig#"> >> >> does not acommodate >>256 bit signatures >> >> your current option will only >>allow 2000 xmldsig spec which is why >>you are defaulting to rsa-sha1 >>algorithm in SignatureMethod > > I want to use rsa-sha1, I don't want to use rsa-sha256 (which is the > signature method my client is currently using). > > Regards. --------------------------------------------------------------------- To unsubscribe, e-mail: java-user-unsubscr...@axis.apache.org For additional commands, e-mail: java-user-h...@axis.apache.org
