Hi Colm,
Actually I am configuring UsernameToken, Encrypt and Signature standards for
my cxf webservice.
With 2.3.7 version of CXF everything working fine. Upgrading to 2.4.1
causing this issue, the keystores and configurations files are same.
With my investigation, I suspect there is conflict is happening with USER
and SIGNATURE_USER.
I am
Tested in following scenarios:
case 1: If I use only Signature standard by passing alias name to
SIGNATURE_USER, exception coming up
as *org.apache.cxf.binding.soap.SoapFault: Empty username for
specified action*. If I
pass same alias name with USER property, it works fine.
case 2: If I use UsernameToken and Signature by passing USERNAMETOKEN
username to USER property
and SIGNATURE aliasname to SIGNATURE_USER. then the original
issue is reproducible.
So my conclusion is, some how signature alias also reffering to USER
property, hence there is no private key for usernametoken user in keystore
and fails.
Please let me know, if any further information is required.
Thanks and Regards
Srini
--
View this message in context:
http://cxf.547215.n5.nabble.com/WS-Security-Issue-with-upgrading-from-CXF-2-3-3-to-CXF-2-4-1-tp4541788p4549716.html
Sent from the cxf-user mailing list archive at Nabble.com.
