RE: Axis2/Rampart Client Rejects Server Response when Client PC Time Behind Server PC Time

Sun, 08 Jul 2007 21:44:01 -0700 

Hi Tim,

Please enable debug level logging for "org.apache.ws.security.handler"
and send one message.  Then can u please send me the logs?

I will look into the matter.

Thank you,
Dimuthu

http://wso2.org

On Mon, 2007-07-09 at 08:51 +1000, Tim Munro (myDIALS) wrote:
> Hi Guys,
> 
> I still haven't gotten to the bottom of this; am I submitting this request
> for assistance in the wrong place? Below is my policy file.
> 
> Thanks,
> Tim.
> 
> <wsp:Policy wsu:Id="SigOnly"
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurit
> y-utility-1.0.xsd" xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
>       <wsp:ExactlyOne>
>               <wsp:All>
>                       <sp:TransportBinding
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
>                               <wsp:Policy>
>                                       <sp:TransportToken>
>                                               <wsp:Policy>
>                                                       <sp:HttpsToken
> RequireClientCertificate="false"/>
>                                               </wsp:Policy>
>                                       </sp:TransportToken>
>                                       <sp:AlgorithmSuite>
>                                               <wsp:Policy>
>                                                       <sp:Basic256/>
>                                               </wsp:Policy>
>                                       </sp:AlgorithmSuite>
>                                       <sp:Layout>
>                                               <wsp:Policy>
>                                                       <sp:Lax/>
>                                               </wsp:Policy>
>                                       </sp:Layout>
>                                       <sp:IncludeTimestamp/>
>                               </wsp:Policy>
>                       </sp:TransportBinding>
>                       <sp:EndorsingSupportingTokens
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
>                               <wsp:Policy>
>                                       <sp:X509Token
> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/Includ
> eToken/AlwaysToRecipient">
>                                               <wsp:Policy>
>       
> <sp:RequireThumbprintReference/>
>       
> <sp:WssX509V3Token10/>
>                                               </wsp:Policy>
>                                       </sp:X509Token>
>                               </wsp:Policy>
>                       </sp:EndorsingSupportingTokens>
>                       <sp:Wss11
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
>                               <wsp:Policy>
>                                       <sp:MustSupportRefKeyIdentifier/>
>                                       <sp:MustSupportRefIssuerSerial/>
>                                       <sp:MustSupportRefThumbprint/>
>                                       <sp:MustSupportRefEncryptedKey/>
>                               </wsp:Policy>
>                       </sp:Wss11>
>                       <sp:Trust10
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
>                               <wsp:Policy>
>                                       <sp:MustSupportIssuedTokens/>
>                                       <sp:RequireClientEntropy/>
>                                       <sp:RequireServerEntropy/>
>                               </wsp:Policy>
>                       </sp:Trust10>
>                       <sp:TransportBinding
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
>                               <wsp:Policy>
>                                       <sp:TransportToken>
>                                               <wsp:Policy>
>                                                       <sp:HttpsToken
> RequireClientCertificate="false"/>
>                                               </wsp:Policy>
>                                       </sp:TransportToken>
>                                       <sp:AlgorithmSuite>
>                                               <wsp:Policy>
>                                                       <sp:Basic256/>
>                                               </wsp:Policy>
>                                       </sp:AlgorithmSuite>
>                                       <sp:Layout>
>                                               <wsp:Policy>
>                                                       <sp:Lax/>
>                                               </wsp:Policy>
>                                       </sp:Layout>
>                                       <sp:IncludeTimestamp/>
>                               </wsp:Policy>
>                       </sp:TransportBinding>
>                       <sp:EndorsingSupportingTokens
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
>                               <wsp:Policy>
>                                       <sp:X509Token
> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/Includ
> eToken/AlwaysToRecipient">
>                                               <wsp:Policy>
>       
> <sp:RequireThumbprintReference/>
>       
> <sp:WssX509V3Token10/>
>                                               </wsp:Policy>
>                                       </sp:X509Token>
>                               </wsp:Policy>
>                       </sp:EndorsingSupportingTokens>
>                       <sp:Wss11
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
>                               <wsp:Policy>
>                                       <sp:MustSupportRefKeyIdentifier/>
>                                       <sp:MustSupportRefIssuerSerial/>
>                                       <sp:MustSupportRefThumbprint/>
>                                       <sp:MustSupportRefEncryptedKey/>
>                               </wsp:Policy>
>                       </sp:Wss11>
>                       <sp:Trust10
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
>                               <wsp:Policy>
>                                       <sp:MustSupportIssuedTokens/>
>                                       <sp:RequireClientEntropy/>
>                                       <sp:RequireServerEntropy/>
>                               </wsp:Policy>
>                       </sp:Trust10>
> 
>                       <ramp:RampartConfig
> xmlns:ramp="http://ws.apache.org/rampart/policy";> 
>       
> <ramp:user>cc40b01503ff1f5ededf6d07c3a3c56c_81ea973b-e847-4bba-abc9-e6e69109
> 3f9d</ramp:user>
>                               <!-- passwordCallbackClass is set in mydials
> config -->
>                               <!--
> <ramp:passwordCallbackClass>com.mydials.wshelper.PWCBHandler</ramp:passwordC
> allbackClass> -->
>                               
>                               <ramp:signatureCrypto>
>                                       <ramp:crypto
> provider="org.apache.ws.security.components.crypto.Merlin">
>                                               <ramp:property
> name="org.apache.ws.security.crypto.merlin.keystore.type">pkcs12</ramp:prope
> rty>
>                                               <ramp:property
> name="org.apache.ws.security.crypto.merlin.file">MyDialsCert.pfx</ramp:prope
> rty>
>                                               <ramp:property
> name="org.apache.ws.security.crypto.merlin.keystore.password"></ramp:propert
> y>
>                                       </ramp:crypto>
>                               </ramp:signatureCrypto>
>                       </ramp:RampartConfig>
> 
>               </wsp:All>
>       </wsp:ExactlyOne>
> </wsp:Policy>
>

Reply via email to