On Thursday 25 March 2010 12:39:51 pm Remijan, Michael wrote: > Group: > > I am working on a Web Service client which calls a Weblogic 9 server. > This client also uses WS-Security to Sign (signature) the request. I'm > using Maven to pull down. All efforts to call the web service have failed > on the server side due to Weblogic not being able to verify the signature. > It's been suggested the Digest CXF generates on the client side is not > compatable with the Digest Weblogic creates.
Well, that would be very bizzarre considering the digest is a standard defined by the ws-security spec. If Weblogic is unable to process it, that sounds like a bug on their side. We've tested interop with .NET, Axis2/Rampart, and Metro (as well as some proprietary ones like Actional) so we know the digests CXF generates are correct per standard. The Main.java got stripped out. Is this using the SecurityPolicy support or a manually configured WSS4JOutInterceptor? Are you sure you are using the right keys? Any chance of capturing the raw "on the wire" messages from both a CXF client as well as WebLogic (or other working client) to see comparisons? Dan > > For my project I've pulled in these dependencies. > > cxf-rt-core 2.2.6 > cxf-rt-frontend-jaxws 2.2.6 > cxf-rt-transports-http 2.2.6 > cxf-rt-ws-security 2.2.6 > > and I'm using cxf-codegen-plugin 2.2.3 to generate the client classes. > > I've attached a condensed version of Main.java. Any thoughts? Any > previous issues with Weblogic interoperability? > > > Mike Remijan > Suddenlink Communications > 314.315.9657 > [email protected] -- Daniel Kulp [email protected] http://dankulp.com/blog
