Hi,
Sorry for long post.
I have redeveloped sample application which comes with cxf which in
ws-security/sign_enc.
This application is about encrypting and signing.
In original sample application, all interceptors are configured using Java
code. For a change, I configured interceptors at client side using Java code
and configured interceptors at server side using spring bean configuration.
In this application Client signs following
outProps.put("signatureParts",
"{Element}{" + WSU_NS + "}Timestamp;"
+
"{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body;";
+
"{}{http://www.w3.org/2005/08/addressing}ReplyTo;";);
Now if I configure ws-addressing using spring configuration like below
<jaxws:features>
<wsa:addressing xmlns:wsa="http://cxf.apache.org/ws/addressing";
/>
</jaxws:features>
It works perfect.
But if I configure ws-addressing using java code like one below
bus.getFeatures().add(new WSAddressingFeature());
It gives me exception
SEVERE:
org.apache.ws.security.WSSecurityException: General security error
(WSEncryptBody/WSSignEnvelope: Element to encrypt/sign not found:
http://www.w3.org/2005/08/addressing, ReplyTo)
at
org.apache.ws.security.message.WSSecSignatureBase.addReferencesToSign(WSSecSignatureBase.java:160)
at
org.apache.ws.security.message.WSSecSignature.addReferencesToSign(WSSecSignature.java:409)
at
org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:93)
at
org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:230)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:52)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:260)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:136)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:366)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:319)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:133)
at com.sun.proxy.$Proxy29.sayHello(Unknown Source)
at com.test.cxf9_client.Client.main(Client.java:108)
I do not know why ws-addressing not getting properly inserted in SOAP header
when I configure it using java code.
I have one more question
In the sample application I saw signatureKeyIdentifier is configured using
DirectReference like the one below
inProps.put("signatureKeyIdentifier", "DirectReference")
But when I configured it using DirectReference, it gave me an error.
WSHandler: Signature: unknown key identification
But when I changed it to IssuerSerial, it worked.
I tried to understand what these values mean by reading this
http://ws.apache.org/wss4j/config.html
It says
The configuration values for setting the KeyIdentifiers for signature or
encryption are shown below. See the Javadoc for SIG_KEY_ID and ENC_KEY_ID
for more details:
Value
DirectReference
IssuerSerial
X509KeyIdentifier
SKIKeyIdentifier
EmbeddedKeyName
Thumbprint
EncryptedKeySHA1
But not enough information to understand what these values mean how to
properly use them.
Thanks
--
View this message in context:
http://cxf.547215.n5.nabble.com/Few-doubts-about-a-ws-secuirty-sign-enc-sample-application-in-cxf-tp5724278.html
Sent from the cxf-user mailing list archive at Nabble.com.
