I've done test with http://people.apache.org/repo/m2-snapshot-repository/org/apache/servicemix/servicemix-cxf-bc/2009.02-SNAPSHOT/servicemix-cxf-bc-2009.02-20090417.052350-16-installer.zip
but the result is the same as always - System.Web.Services.Protocols.SoapHeaderException: Microsoft.Web.Services3.Security.SecurityFault: The signature or decryption was invalid Regards, Maciej Freeman Fang wrote: > > Hi, > > I believe the fix for SMXCOMP-618 can address this issue. > > [1]https://issues.apache.org/activemq/browse/SMXCOMP-618 > > Freeman > On 2009-8-19, at 下午3:52, XyLus wrote: > >> >> Here you go : http://www.nabble.com/file/p25039423/PeRCSPoC.jmx >> PeRCSPoC.jmx >> >> Regards, >> Maciej >> >> >> Freeman Fang wrote: >>> >>> Hi, >>> >>> How is your work flow in smx get invoked? >>> I believe you use a standalone jms client sending message to jms >>> consumer of smx, if you, could you also append this standalone jms >>> client? So that I can test your case from my side. >>> Thanks >>> Freeman >>> On 2009-8-14, at 下午10:52, XyLus wrote: >>> >>>> >>>> Hi, >>>> >>>> I've also created CXF server (please find in >>>> http://www.nabble.com/file/p24973027/wse-cxf-sign-server.zip >>>> attachment ). >>>> As long as I did not provide keystore with client certificate I was >>>> getting >>>> error: >>>> >>>> org.apache.ws.security.WSSecurityException: WSHandler: Certificate >>>> path >>>> verification failed for certificate with subject >>>> CN=WSE2QuickStartClient; >>>> nested exception is: >>>> org.apache.ws.security.WSSecurityException: General security error >>>> (Error >>>> during certificate path validation: basic constraints check failed: >>>> this is >>>> not a CA certificate); nested exception is: >>>> java.security.cert.CertPathValidatorException: basic constraints >>>> check >>>> failed: this is not a CA certificate >>>> at >>>> org.apache.ws.security.handler.WSHandler.verifyTrust(WSHandler.java: >>>> 1176) >>>> >>>> So I found working configuration for CXF client <-> CXF server >>>> (however it >>>> does not work as I expected - I thought that client's issuer >>>> certificate >>>> should be only available on server side) >>>> >>>> Anyway, problem I am trying to solve is connecting to .NET >>>> webservice not >>>> CXF... >>>> >>>> Regards, >>>> Maciej >>>> >>>> >>>> >>>> >>>> XyLus wrote: >>>>> >>>>> Hi Freeman >>>>> >>>>> Please find in attachment testcase bundle - it contains standalone >>>>> cxf >>>>> (wse-cxf-sign-client) application, >>>>> smx test flow (smx-testcase) and sample .Net web service code >>>>> (.NET) I am >>>>> trying to connect. >>>>> >>>>> Speaking of cxf server, I have not tried it yet since my goal is to >>>>> work >>>>> out working configuration for smx client <-> .NET web service. >>>>> However I >>>>> will try this as well and send result. >>>>> >>>>> >>>>> >>>>> Regards, >>>>> Maciej >>>>> >>>>> Attachment: http://www.nabble.com/file/p24954647/testcase-bundle.zip >>>>> testcase-bundle.zip >>>>> >>>>> >>>>> >>>>> >>>>> Freeman Fang wrote: >>>>>> >>>>>> Hi, >>>>>> Could you please append your testcase, both the working standalone >>>>>> cxf >>>>>> client and the problem smx one? >>>>>> If possible, also a standalone server what we can test against to >>>>>> reproduce the error, I understand you are using .NET server on >>>>>> windows, but if you can provide a cxf server to simulate the error >>>>>> it >>>>>> would be great. >>>>>> Thanks >>>>>> Freeman >>>>>> On 2009-8-12, at 下午11:14, XyLus wrote: >>>>>> >>>>>>> >>>>>>> Hi All, >>>>>>> >>>>>>> I have to connect to web service ( .NET implementation with WSE >>>>>>> 3.0 on >>>>>>> board) that requires signed >>>>>>> request. I 've played with CXF framework and now I have solution >>>>>>> that works >>>>>>> just fine ( I get successful response from web service) >>>>>>> >>>>>>> When I use cxf bc provider with the same configuration I end up >>>>>>> with >>>>>>> 'The >>>>>>> signature or decryption was invalid' error. >>>>>>> >>>>>>> I attach smx and cxf logs and requests produced by CXF standalone >>>>>>> application and SMX flow. >>>>>>> http://www.nabble.com/file/p24938687/cxf.log cxf.log >>>>>>> http://www.nabble.com/file/p24938687/cxf.xml cxf.xml >>>>>>> http://www.nabble.com/file/p24938687/smx.log smx.log >>>>>>> http://www.nabble.com/file/p24938687/smx.xml smx.xml >>>>>>> >>>>>>> When you compare them they look ALMOST the same what makes me >>>>>>> confused. >>>>>>> (digest value and signature value are different and one >>>>>>> additional >>>>>>> namespace >>>>>>> is avaialbe in smx request >>>>>>> http://java.sun.com/xml/ns/jbi/wsdl-11-wrapper) >>>>>>> >>>>>>> So I turned on debug mode and tried to find root cause of >>>>>>> differences. >>>>>>> However I can't see any meaningful information in logs . On top >>>>>>> of >>>>>>> that I >>>>>>> use the same version of wss4j and xmlsec library in both cases. >>>>>>> >>>>>>> Any help appreciated. >>>>>>> >>>>>>> Regards, >>>>>>> Maciej >>>>>>> -- >>>>>>> View this message in context: >>>>>>> http://www.nabble.com/Once-again%3A-Microsoft.Web.Services3.Security.SecurityFault%3A-The-signature-or-decryption-was-invalid-tp24938687p24938687.html >>>>>>> Sent from the ServiceMix - User mailing list archive at >>>>>>> Nabble.com. >>>>>>> >>>>>> >>>>>> >>>>>> -- >>>>>> Freeman Fang >>>>>> ------------------------ >>>>>> Open Source SOA: http://fusesource.com >>>>>> >>>>>> >>>>>> >>>>> >>>>> >>>> >>>> -- >>>> View this message in context: >>>> http://www.nabble.com/Once-again%3A-Microsoft.Web.Services3.Security.SecurityFault%3A-The-signature-or-decryption-was-invalid-tp24938687p24973027.html >>>> Sent from the ServiceMix - User mailing list archive at Nabble.com. >>>> >>> >>> >>> -- >>> Freeman Fang >>> ------------------------ >>> Open Source SOA: http://fusesource.com >>> >>> >>> >> >> -- >> View this message in context: >> http://www.nabble.com/Once-again%3A-Microsoft.Web.Services3.Security.SecurityFault%3A-The-signature-or-decryption-was-invalid-tp24938687p25039423.html >> Sent from the ServiceMix - User mailing list archive at Nabble.com. >> > > > -- > Freeman Fang > ------------------------ > Open Source SOA: http://fusesource.com > > > -- View this message in context: http://www.nabble.com/Once-again%3A-Microsoft.Web.Services3.Security.SecurityFault%3A-The-signature-or-decryption-was-invalid-tp24938687p25293515.html Sent from the ServiceMix - User mailing list archive at Nabble.com.
