Hi, I unfortunately don't know much about SOAP, so I don't know if this is a "duh" type question. Please forgive in advance!
I have configured STS and I'm getting a request which is causing an exception. I am looking for hints or pointers on how to handle this scenario. This is the exception: Caused by: org.apache.wss4j.common.ext.WSSecurityException: BSP:R3030: Any BINARY_SECURITY_TOKEN EncodingType attribute MUST have a value of "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"; -- The request I'm receiving is this, which has the EncodingType as the secext namespace. <s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"; xmlns:a="http://www.w3.org/2005/08/addressing"; xmlns:u="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"; xmlns:ac="http://schemas.xmlsoap.org/ws/2006/12/authorization";> <s:Header> <a:Action s:mustUnderstand="1">http://schemas.microsoft.com/windows/pki/2009/01/enrollment/RST/wstep</a:Action> <a:MessageID>urn:uuid:0d5a1441-5891-453b-becf-a2e5f6ea3749</a:MessageID> <a:ReplyTo> <a:Address>http://www.w3.org/2005/08/addressing/anonymous</a:Address> </a:ReplyTo> <a:To s:mustUnderstand="1">https://localhost:9999/sts</a:To> <wsse:Security s:mustUnderstand="1"> <wsse:BinarySecurityToken ValueType="http://schemas.microsoft.com/5.0.0.0/ConfigurationManager/Enrollment/DeviceEnrollmentUserToken"; EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd#base64binary";>...token edited for space...</wsse:BinarySecurityToken> </wsse:Security> </s:Header> <s:Body> <wst:RequestSecurityToken> <wst:TokenType>http://schemas.microsoft.com/5.0.0.0/ConfigurationManager/Enrollment/DeviceEnrollmentToken</wst:TokenType> <wst:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</wst:RequestType> <wsse:BinarySecurityToken ValueType="http://schemas.microsoft.com/windows/pki/2009/01/enrollment#PKCS10"; EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd#base64binary";>...cert edited for space...</wsse:BinarySecurityToken> <ac:AdditionalContext xmlns="http://schemas.xmlsoap.org/ws/2006/12/authorization";> <ac:ContextItem Name="TargetedUserLoggedIn"> <ac:Value>true</ac:Value> </ac:ContextItem> </ac:AdditionalContext> </wst:RequestSecurityToken> </s:Body> </s:Envelope> -- View this message in context: http://cxf.547215.n5.nabble.com/STS-How-to-handle-BinarySecurityToken-when-it-s-not-as-expected-tp5782018.html Sent from the cxf-user mailing list archive at Nabble.com.
