Hi,
How is your work flow in smx get invoked?
I believe you use a standalone jms client sending message to jms
consumer of smx, if you, could you also append this standalone jms
client? So that I can test your case from my side.
Thanks
Freeman
On 2009-8-14, at 下午10:52, XyLus wrote:
Hi,
I've also created CXF server (please find in
http://www.nabble.com/file/p24973027/wse-cxf-sign-server.zip
attachment ).
As long as I did not provide keystore with client certificate I was
getting
error:
org.apache.ws.security.WSSecurityException: WSHandler: Certificate
path
verification failed for certificate with subject
CN=WSE2QuickStartClient;
nested exception is:
org.apache.ws.security.WSSecurityException: General security error
(Error
during certificate path validation: basic constraints check failed:
this is
not a CA certificate); nested exception is:
java.security.cert.CertPathValidatorException: basic constraints
check
failed: this is not a CA certificate
at
org.apache.ws.security.handler.WSHandler.verifyTrust(WSHandler.java:
1176)
So I found working configuration for CXF client <-> CXF server
(however it
does not work as I expected - I thought that client's issuer
certificate
should be only available on server side)
Anyway, problem I am trying to solve is connecting to .NET
webservice not
CXF...
Regards,
Maciej
XyLus wrote:
Hi Freeman
Please find in attachment testcase bundle - it contains standalone
cxf
(wse-cxf-sign-client) application,
smx test flow (smx-testcase) and sample .Net web service code
(.NET) I am
trying to connect.
Speaking of cxf server, I have not tried it yet since my goal is to
work
out working configuration for smx client <-> .NET web service.
However I
will try this as well and send result.
Regards,
Maciej
Attachment: http://www.nabble.com/file/p24954647/testcase-bundle.zip
testcase-bundle.zip
Freeman Fang wrote:
Hi,
Could you please append your testcase, both the working standalone
cxf
client and the problem smx one?
If possible, also a standalone server what we can test against to
reproduce the error, I understand you are using .NET server on
windows, but if you can provide a cxf server to simulate the error
it
would be great.
Thanks
Freeman
On 2009-8-12, at 下午11:14, XyLus wrote:
Hi All,
I have to connect to web service ( .NET implementation with WSE
3.0 on
board) that requires signed
request. I 've played with CXF framework and now I have solution
that works
just fine ( I get successful response from web service)
When I use cxf bc provider with the same configuration I end up
with
'The
signature or decryption was invalid' error.
I attach smx and cxf logs and requests produced by CXF standalone
application and SMX flow.
http://www.nabble.com/file/p24938687/cxf.log cxf.log
http://www.nabble.com/file/p24938687/cxf.xml cxf.xml
http://www.nabble.com/file/p24938687/smx.log smx.log
http://www.nabble.com/file/p24938687/smx.xml smx.xml
When you compare them they look ALMOST the same what makes me
confused.
(digest value and signature value are different and one additional
namespace
is avaialbe in smx request
http://java.sun.com/xml/ns/jbi/wsdl-11-wrapper)
So I turned on debug mode and tried to find root cause of
differences.
However I can't see any meaningful information in logs . On top of
that I
use the same version of wss4j and xmlsec library in both cases.
Any help appreciated.
Regards,
Maciej
--
View this message in context:
http://www.nabble.com/Once-again%3A-Microsoft.Web.Services3.Security.SecurityFault%3A-The-signature-or-decryption-was-invalid-tp24938687p24938687.html
Sent from the ServiceMix - User mailing list archive at Nabble.com.
--
Freeman Fang
------------------------
Open Source SOA: http://fusesource.com
--
View this message in context:
http://www.nabble.com/Once-again%3A-Microsoft.Web.Services3.Security.SecurityFault%3A-The-signature-or-decryption-was-invalid-tp24938687p24973027.html
Sent from the ServiceMix - User mailing list archive at Nabble.com.
--
Freeman Fang
------------------------
Open Source SOA: http://fusesource.com
