Re: CXF client/WCF server interop

Colm O hEigeartaigh Fri, 17 Jan 2014 01:52:21 -0800

Could you paste the security policy of the service + I will take a look?

Colm.



On Fri, Jan 17, 2014 at 2:22 AM, Walters, Jay M <[email protected]> wrote:

> I have a third party MS WCF Webservice which is using some variant of STS,
> that I have been trying to call from a CXF client.  This is WSDL first.
>
> I have been trying the simple STS examples I find on the website and
> around the network,  I am not close to getting this type of packet with the
> off the internet examples to reproduce this soap envelope which is sent to
> the STS server by a Metro client or a C# client.
>
> Is this secure conversation?  I expect there is a working example in the
> source if somebody could point me towards it?
>
> Thanks in advance.
>
> <S:Envelope xmlns:S="http://www.w3.org/2003/05/soap-envelope";
> xmlns:wsse11="
> http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd";
> xmlns:wsse="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
> xmlns:xs="http://www.w3.org/2001/XMLSchema"; xmlns:ds="
> http://www.w3.org/2000/09/xmldsig#"; xmlns:wsc="
> http://schemas.xmlsoap.org/ws/2005/02/sc"; xmlns:xenc="
> http://www.w3.org/2001/04/xmlenc#"; xmlns:exc14n="
> http://www.w3.org/2001/10/xml-exc-c14n#";>
>   <S:Header>
>     <To xmlns="http://www.w3.org/2005/08/addressing"; wsu:Id="_5007">
> http://hostname:8030/SecurityTokenService/username</To>
>     <Action xmlns="http://www.w3.org/2005/08/addressing"; wsu:Id="_5006">
> http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</Action>
>     <ReplyTo xmlns="http://www.w3.org/2005/08/addressing"; wsu:Id="_5005">
>     <Address>http://www.w3.org/2005/08/addressing/anonymous</Address>
> </ReplyTo>
>     <MessageID xmlns="http://www.w3.org/2005/08/addressing";
> wsu:Id="_5004">uuid:fqef</MessageID>
>     <wsse:Security S:mustUnderstand="true">
>       <wsu:Timestamp xmlns:ns20="
> http://schemas.xmlsoap.org/ws/2006/02/addressingidentity"; xmlns:ns19="
> http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512";
> xmlns:ns18="http://schemas.xmlsoap.org/soap/envelope/"; wsu:Id="_5">
>         <wsu:Created>2014-01-17T02:00:30Z</wsu:Created>
>         <wsu:Expires>2014-01-17T02:05:30Z</wsu:Expires>
>       </wsu:Timestamp>
>       <xenc:EncryptedKey xmlns:ns20="
> http://schemas.xmlsoap.org/ws/2006/02/addressingidentity"; xmlns:ns19="
> http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512";
> xmlns:ns18="http://schemas.xmlsoap.org/soap/envelope/"; Id="_5002">
>         <xenc:EncryptionMethod Algorithm="
> http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
>         <ds:KeyInfo xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> xsi:type="KeyInfoType">
>           <wsse:SecurityTokenReference>
>             <wsse:KeyIdentifier ValueType="
> http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1";
> EncodingType="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
> ">fjkqefq=</wsse:KeyIdentifier>
>           </wsse:SecurityTokenReference>
>         </ds:KeyInfo>
>         <xenc:CipherData>
>         <xenc:CipherValue>akjefefe</xenc:CipherValue>
>         </xenc:CipherData>
>       </xenc:EncryptedKey>
>       <ns19:DerivedKeyToken xmlns:ns19="
> http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512";
> xmlns:ns20="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity";
> xmlns:ns18="http://schemas.xmlsoap.org/soap/envelope/"; wsu:Id="_3">
>         <wsse:SecurityTokenReference>
>           <wsse:Reference URI="#_5002" ValueType="
> http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey
> "/>
>         </wsse:SecurityTokenReference>
>         <ns19:Offset>0</ns19:Offset>
>         <ns19:Length>24</ns19:Length>
>         <ns19:Nonce>xyzzy</ns19:Nonce>
>       </ns19:DerivedKeyToken>
>       <ns19:DerivedKeyToken xmlns:ns19="
> http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512";
> xmlns:ns20="http://schemas.xmlsoap.org/ws/2006/02/addressingidentity";
> xmlns:ns18="http://schemas.xmlsoap.org/soap/envelope/"; wsu:Id="_4">
>         <wsse:SecurityTokenReference>
>           <wsse:Reference URI="#_5002" ValueType="
> http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey
> "/>
>         </wsse:SecurityTokenReference>
>         <ns19:Offset>0</ns19:Offset>
>         <ns19:Length>32</ns19:Length>
>         <ns19:Nonce>xyzzy</ns19:Nonce>
>       </ns19:DerivedKeyToken>
>       <xenc:ReferenceList xmlns:ns20="
> http://schemas.xmlsoap.org/ws/2006/02/addressingidentity"; xmlns:ns19="
> http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512";
> xmlns:ns18="http://schemas.xmlsoap.org/soap/envelope/";>
>         <xenc:DataReference URI="#_5010"/>
>         <xenc:DataReference URI="#_5011"/>
>         <xenc:DataReference URI="#_5012"/>
>       </xenc:ReferenceList>
>       <xenc:EncryptedData xmlns:ns20="
> http://schemas.xmlsoap.org/ws/2006/02/addressingidentity"; xmlns:ns19="
> http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512";
> xmlns:ns18="http://schemas.xmlsoap.org/soap/envelope/"; Id="_5012" Type="
> http://www.w3.org/2001/04/xmlenc#Element";>
>         <xenc:EncryptionMethod Algorithm="
> http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
>         <ds:KeyInfo xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> xsi:type="KeyInfoType">
>           <wsse:SecurityTokenReference>
>             <wsse:Reference URI="#_4"/>
>           </wsse:SecurityTokenReference>
>         </ds:KeyInfo>
>         <xenc:CipherData>
>         <xenc:CipherValue>abc</xenc:CipherValue>
>         </xenc:CipherData>
>       </xenc:EncryptedData>
>       <xenc:EncryptedData xmlns:ns20="
> http://schemas.xmlsoap.org/ws/2006/02/addressingidentity"; xmlns:ns19="
> http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512";
> xmlns:ns18="http://schemas.xmlsoap.org/soap/envelope/"; Id="_5011" Type="
> http://www.w3.org/2001/04/xmlenc#Element";>
>         <xenc:EncryptionMethod Algorithm="
> http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
>         <ds:KeyInfo xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> xsi:type="KeyInfoType">
>           <wsse:SecurityTokenReference>
>             <wsse:Reference URI="#_4"/>
>           </wsse:SecurityTokenReference>
>         </ds:KeyInfo>
>
> <xenc:CipherData><xenc:CipherValue>eqef</xenc:CipherValue></xenc:CipherData>
>       </xenc:EncryptedData>
>     </wsse:Security>
>   </S:Header>
>   <S:Body wsu:Id="_5008">
>     <xenc:EncryptedData xmlns:ns20="
> http://schemas.xmlsoap.org/ws/2006/02/addressingidentity"; xmlns:ns19="
> http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512";
> xmlns:ns18="http://schemas.xmlsoap.org/soap/envelope/"; Id="_5010" Type="
> http://www.w3.org/2001/04/xmlenc#Content";>
>       <xenc:EncryptionMethod Algorithm="
> http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>
>       <ds:KeyInfo xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> xsi:type="KeyInfoType">
>         <wsse:SecurityTokenReference>
>           <wsse:Reference URI="#_4"/>
>         </wsse:SecurityTokenReference>
>       </ds:KeyInfo>
>       <xenc:CipherData>
>           <xenc:CipherValue>bgdwd </xenc:CipherValue>
>       </xenc:CipherData>
>     </xenc:EncryptedData>
>   </S:Body>
> </S:Envelope>
>
>


-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Re: CXF client/WCF server interop

Reply via email to