The question is what is that SecurityTokenReference referring to? EncryptedKeySHA1 is only applicable when referring to an EncryptedKey. This should work fine when the EncryptedData structure is referring back to the EncryptedKey. However, the EncryptedKey must refer to an X.509 certificate / public key, and encrypted key SHA-1 is not applicable here. In this case, we fallback to Thumbprint SHA1.
Colm. On Mon, Mar 2, 2015 at 1:07 PM, Laurent FLEIFEL <[email protected]> wrote: > Hi everyone, > > > I'm not sure if it's the right place or if I need to ask my question in > ws.apache.org mail list. > > > I'm using CXF 3.0.4 to encrypt a Webservice, and I want the KeyIdentifier > to be set to EncryptedKeySHA1. To do so, I added the parameters <entry > key="encryptionKeyIdentifier" value="EncryptedKeySHA1"></entry> to the > context.xml in the WSS4JOutInterceptor bean. > > > But in the outbound request, I got that : > > <wsse:SecurityTokenReference> > <wsse:KeyIdentifier > EncodingType=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"; > ValueType=" > http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1 > ">QgB9VjsaVwwYNx/MowOS058pegY=</wsse:KeyIdentifier> > </wsse:SecurityTokenReference> > > > So weirdly I got a Thumbprint keyIdentifier. Is it a bug or do I need to > configure it differently ? > > Laurent Fleifel > > PS. : here is the full applicationContext.xml : > > <?xml version="1.0" encoding="UTF-8"?> > <beans xmlns="http://www.springframework.org/schema/beans"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:jaxws=" > http://cxf.apache.org/jaxws"; > xmlns:util="http://www.springframework.org/schema/util"; xmlns:context=" > http://www.springframework.org/schema/context"; > xsi:schemaLocation=" http://www.springframework.org/schema/beans > http://www.springframework.org/schema/beans/spring-beans.xsd > http://cxf.apache.org/jaxws > http://cxf.apache.org/schemas/jaxws.xsd > http://www.springframework.org/schema/context > http://www.springframework.org/schema/context/spring-context.xsd > http://www.springframework.org/schema/util > http://www.springframework.org/schema/util/spring-util-3.0.xsd";> > > <!-- prendre en compte les parametres systemes de la jvm --> > <context:property-placeholder location="classpath:test.properties" /> > > <!-- endpointAddress est passe en parametre de la jvm -Dwsendpoint= > http://localhost:8080/crm-batch/services/jobWS --> > <bean id="ProjectServices" class="primavera.ws.ProjectPortType" > factory-bean="clientFactory" factory-method="create" /> > <bean id="clientFactory" > class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean"> > <property name="serviceClass" value="primavera.ws.ProjectPortType" /> > <property name="address" > value="http://port-128:8206/p6ws/services/ProjectService"; /> > <property name="inInterceptors"> > <list> > <ref bean="logIn" /> > <ref bean="signResponse" /> > </list> > </property> > <property name="outInterceptors"> > <list> > <ref bean="logOut" /> > <ref bean="saajOut" /> > <ref bean="signRequest" /> > </list> > </property> > </bean> > <bean id="logIn" class="org.apache.cxf.interceptor.LoggingInInterceptor" /> > <bean id="logOut" class="org.apache.cxf.interceptor.LoggingOutInterceptor" > /> > <bean id="saajOut" > class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor" /> > > <bean id="signRequest" > class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> > <constructor-arg> > <map> > <entry key="action" value="UsernameToken Timestamp Signature Encrypt" /> > <entry key="user" value="username" /> > <entry key="passwordType" value="PasswordText" /> > <entry key="signatureUser" value="serverwsalias" /> > <entry key="encryptionUser" value="serverwsalias" /> > <entry key="passwordCallbackClass" value="main.ClientPasswordCallback" /> > <entry key="signaturePropFile" value="/crypt.properties"></entry> > <entry key="signatureParts" > value="{Element}{ > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;Body"; > /> > <entry key="encryptionPropFile" value="/crypt.properties"></entry> > <entry key="encryptionParts" > value="{Element}{ > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken;Body"; > /> > <entry key="encryptionKeyIdentifier" value="EncryptedKeySHA1"></entry> > </map> > </constructor-arg> > </bean> > <bean id="signResponse" > class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> > <constructor-arg> > <map> > <entry key="action" value="Encrypt" /> > <entry key="encryptionUser" value="serverwsalias" /> > <entry key="decryptionPropFile" value="/crypt.properties"></entry> > </map> > </constructor-arg> > </bean> > </beans> > > And here is my pom.xml : > > <project xmlns="http://maven.apache.org/POM/4.0.0"; xmlns:xsi=" > http://www.w3.org/2001/XMLSchema-instance"; > xsi:schemaLocation="http://maven.apache.org/POM/4.0.0 > http://maven.apache.org/xsd/maven-4.0.0.xsd";> > <modelVersion>4.0.0</modelVersion> > <groupId>asco</groupId> > <artifactId>testPrimaveraWS</artifactId> > <version>1.0</version> > <properties> > <project.build.sourceEncoding>UTF-8</project.build.sourceEncoding> > <cxf.version>3.0.4</cxf.version> > <spring.version>3.1.3.RELEASE</spring.version> > </properties> > <dependencies> > <dependency> > <groupId>org.springframework</groupId> > <artifactId>spring-context</artifactId> > <version>4.1.5.RELEASE</version> > </dependency> > <dependency> > <groupId>org.springframework.ws</groupId> > <artifactId>spring-ws-security</artifactId> > <version>2.2.0.RELEASE</version> > </dependency> > <dependency> > <groupId>org.apache.cxf</groupId> > <artifactId>cxf-rt-ws-security</artifactId> > <version>${cxf.version}</version> > </dependency> > <dependency> > <groupId>org.apache.cxf</groupId> > <artifactId>cxf-rt-databinding-jaxb</artifactId> > <version>${cxf.version}</version> > </dependency> > <dependency> > <groupId>org.apache.cxf</groupId> > <artifactId>cxf-rt-frontend-jaxws</artifactId> > <version>${cxf.version}</version> > </dependency> > <dependency> > <groupId>org.apache.cxf</groupId> > <artifactId>cxf-rt-transports-http</artifactId> > <version>${cxf.version}</version> > </dependency> > </dependencies> > <build> > <plugins> > <plugin> > <groupId>org.jvnet.jax-ws-commons</groupId> > <artifactId>jaxws-maven-plugin</artifactId> > <version>2.2</version> > <executions> > <execution> > <id>wsClient</id> > <phase>compile</phase> > <goals> > <goal>wsimport</goal> > </goals> > </execution> > </executions> > <configuration> > <sourceDestDir>src/main/java</sourceDestDir> > <packageName>primavera.ws</packageName> > <wsdlUrls> > <wsdlUrl>http://port-128:8206/p6ws/services/ProjectService?wsdl</wsdlUrl> > </wsdlUrls> > </configuration> > </plugin> > </plugins> > </build> > </project> > > > > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
