How are you turning off BSP compliance? Could you try to figure out why WSSConfig.init() is not getting called in your scenario?
Colm. On Thu, Jul 4, 2013 at 12:47 PM, Massimiliano Masi < [email protected]> wrote: > I saw the following behavior. In version 1.6.10, while turning off BSP > compliance, these two methods are not called. > > JCEMapper.registerDefaultAlgorithms(); > > org.apache.xml.security.Init.init(); > > Calling them directly before calling processSecurityHeader() works. > > > > On Thu, Jul 4, 2013 at 11:18 AM, Colm O hEigeartaigh > <[email protected]>wrote: > >> >> RSA v1.5 works fine with WSS4J. For example, see the tests here: >> >> >> http://svn.apache.org/viewvc/webservices/wss4j/branches/1_6_x-fixes/src/test/java/org/apache/ws/security/message/EncryptionAlgorithmSuiteTest.java?view=markup >> >> Is the wrapping library excluding RSA v1.5 explicitly? >> >> Colm. >> >> >> On Mon, Jul 1, 2013 at 5:13 PM, Massimiliano Masi < >> [email protected]> wrote: >> >>> Hi All, >>> >>> I have the following XML excerpt, with a NON-BSP security header. >>> Java is with unlimited strength policy files. I receive this exception. >>> >>> it seems that the JCE Mapper is unable to resolve rsa-1_5. >>> >>> Is there a FAQ for that? >>> >>> Thanks a lot, >>> >>> >>> Massi >>> >>> Caused by: com.spirit.security.soap.SoapSecurityException: >>> org.apache.ws.security.WSSecurityException: An unsupported signature or >>> encryption algorithm was used (unsupported key transport encryption >>> algorithm: No such algorithm: http://www.w3.org/2001/04/xmlenc#rsa-1_5) >>> >>> at com.spirit.security.soap.SoapSecurity.verifySecurityHeader( >>> SoapSecurity.java:258) >>> >>> at com.spirit.direct.soap.DirectXDRSecurity.processIncoming( >>> DirectXDRSecurity.java:238) >>> >>> ... 25 more >>> >>> Caused by: org.apache.ws.security.WSSecurityException: An unsupported >>> signature or encryption algorithm was used (unsupported key transport >>> encryption algorithm: No such algorithm: >>> http://www.w3.org/2001/04/xmlenc#rsa-1_5) >>> >>> at org.apache.ws.security.util.WSSecurityUtil.getCipherInstance( >>> WSSecurityUtil.java:865) >>> >>> at org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken( >>> EncryptedKeyProcessor.java:96) >>> >>> at org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken( >>> EncryptedKeyProcessor.java:65) >>> >>> at org.apache.ws.security.WSSecurityEngine.processSecurityHeader( >>> WSSecurityEngine.java:396) >>> >>> at org.apache.ws.security.WSSecurityEngine.processSecurityHeader( >>> WSSecurityEngine.java:303) >>> >>> at org.apache.ws.security.WSSecurityEngine.processSecurityHeader( >>> WSSecurityEngine.java:248) >>> >>> at com.spirit.security.soap.SoapSecurity.verifySecurityHeader( >>> SoapSecurity.java:183) >>> >>> ... 26 more >>> >>> Caused by: java.security.NoSuchAlgorithmException: No transformation >>> given >>> >>> at javax.crypto.Cipher.tokenizeTransformation(Cipher.java:288) >>> >>> at javax.crypto.Cipher.getTransforms(Cipher.java:412) >>> >>> at javax.crypto.Cipher.getInstance(Cipher.java:486) >>> >>> at org.apache.ws.security.util.WSSecurityUtil.getCipherInstance( >>> WSSecurityUtil.java:846) >>> >>> ... 32 more >>> >>> >>> >>> >>> >>> >>> <wsse:Security >>> xmlns:wsse=" >>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd >>> " >>> xmlns:wsu=" >>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd >>> " >>> env:mustUnderstand="true"> >>> <xenc:EncryptedKey xmlns:xenc=" >>> http://www.w3.org/2001/04/xmlenc#"; >>> Id="EK-1BA2E95532537EDE35137106980235720"> >>> <xenc:EncryptionMethod Algorithm=" >>> http://www.w3.org/2001/04/xmlenc#rsa-1_5"/> >>> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig# >>> "> >>> <wsse:SecurityTokenReference> >>> <wsse:KeyIdentifier >>> EncodingType=" >>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary >>> " >>> ValueType=" >>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3 >>> " >>> > >>> MIIFEzCCA/ugAwIBAgIQdsrAAPW+inZUyNZDwobyjTANBgkqhkiG9w0BAQsFADBUMQswCQYDVQQGEwJVUzEmMCQGA1UEChMdQ29tbW9ud2VhbHRoIG9mIE1hc3NhY2h1c2V0dHMxHTAbBgNVBAMTFE1hc3NIaVdheSBJc3N1aW5nIENBMB4XDTEzMDMyODAwMDAwMFoXDTE0MDMyODIzNTk1OVoweTEqMCgGA1UEAwwhZGlyZWN0LmhvbHlva2UubWFzc2hpd2F5c3RhZ2UuY29tMRAwDgYDVQQKDAdIb2x5b2tlMSwwKgYDVQQLDCMyLjE2Ljg0MC4xLjExMzg4My4zLjg5LjEwNS4yMDAuMS4xNTELMAkGA1UEBhMCVVMwggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQDg92AAmQbA02He0SbeiPwToxYhXAm1VMM3WEVI/M8cXIBQy/KjZwLnM2ihiUNgJpy9P0pYPMKBMm9HIvB+Wb/Ii7JaQHBV7XIDKyX9pE0j8LcTuxS1MWcR1O+iL1qdfOtjSfiuYc1xfQMscunHJxkvWFGlEMTX9Pa3XfLNJkkk63r1Nxrmtgt4QS5FCa3I3su50HjOcr2xLlixZdxpBjBtxrd3h6cO527QgCuROITWhVhfW6IPeyS5dwzXtV3t1bovp0aX47PDMyKmiuROGKXAYSnLPLX6wzWVB01Z36qQv1PbIPaN6Chg2GEDRUhIQV/RubDT/KbuvvzptWxjPmHPAgMBAAGjggG6MIIBtjAMBgNVHRMBAf8EAjAAMA4GA1UdDwEB/wQEAwIFoDAnBgNVHSUEIDAeBggrBgEFBQcDAgYIKwYBBQUHAwEGCCsGAQUFBwMEMB0GA1UdDgQWBBRhUPF7apEE+57JFRsYFGAw4Ck6ETAsBgNVHREEJTAjgiFkaXJlY3QuaG9seW9rZS5tYXNzaGl3YXlzdGFnZS5jb20wHwYDVR0jBBgwFoAU7fH0HJRRpyZgbKXKjZarDCNvvtIwNwYIKwYBBQUHAQEEKzApMCcGCCsGAQUFBzABhhtodHRwOi8vcGtpLW9jc3Auc3ltYXV0aC5jb20wXQYDVR0fBFYwVDBSoFCgToZMaHR0cDovL3BraS1jcmwuc3ltYXV0aC5jb20vY2FfZWNmNDE1ZjhjNjk3MWY5NmQ1ZjcyNGU5OTg0N2RiNGQvTGF0ZXN0Q1JMLmNybDAsBgpghkgBhvhFARADBB4wHAYSYIZIAYb4RQEQAQQHAQGEwqMPFgYxNDYxMTIwOQYKYIZIAYb4RQEQBQQrMCkCAQAWJGFIUjBjSE02THk5d2Eya3RjbUV1YzNsdFlYVjBhQzVqYjIwPTANBgkqhkiG9w0BAQsFAAOCAQEAU52qNDIFl5vWnN1LkWxBOSaMXHUfXt+MQDmZ8M/YfmXOkcwvBE739w3JTUEqXSKFqb5MUZSuGXM4kcqFjYjrkTszssKxccoRtosfM6RRDeCbqvNlbRj/dGKaj4/uH3xCaeZZLeN0WoxFsKU9nbVaCUQJAqP5vIdG6/MdldLaQr8AbSOtG4NmJReQwj0/XN81IZ9jGP6VMFir970VCyqCd4+8d0nZ98ab+oare6kv6D4+4hK8qKaSFhIQeI8I4/zoo8RYdPZqokId4aR5E2mC9QLtgWyFk/Yf3G+TSthUi0T9QrxWnheMiUNS1gtaeSbJLZmwkXPmN/v+kY9Sp6GDdA== >>> </wsse:KeyIdentifier> >>> </wsse:SecurityTokenReference> >>> </ds:KeyInfo> >>> <xenc:CipherData> >>> <xenc:CipherValue> >>> sPAWtKXEr9I97nMGDNMb4oYxDe2G1XZV5UNfEPB57m71u9hY/JDW61T7VOj0hYUA4jSRX6dwWgjN7FeZ3ejU0Y1qUVGYMKHQP6wOcdaXiRKQ+H7FCuFrUXl2DKUav3M4Ll74g4o42UVnFhOEHW5KVso8zvaOlJgJTyrDHYuLDdmoaxTiS6AbgXqhUrrwVN4qPagGRdLw92ndvUJ8GUd7azLk5BjS/6GIKp2Og3Q4q1Wl0FEwo+Vgr/dR75B0XQJGlGkHyQJcshE762JMzMK/r0NzQoEWsu71ea8iZgwwPueG3tZ+TzAUpTy1JfLstvE1ykCoZm8CP0lZDxpmWe9z8g== >>> </xenc:CipherValue> >>> </xenc:CipherData> >>> <xenc:ReferenceList> >>> <xenc:DataReference URI="#ED-15"/> >>> </xenc:ReferenceList> >>> </xenc:EncryptedKey> >>> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#"Id >>> ="SIG-14"> >>> <ds:SignedInfo> >>> <ds:CanonicalizationMethod Algorithm=" >>> http://www.w3.org/2001/10/xml-exc-c14n#";> >>> <ec:InclusiveNamespaces xmlns:ec=" >>> http://www.w3.org/2001/10/xml-exc-c14n#"; >>> PrefixList="env"/> >>> </ds:CanonicalizationMethod> >>> <ds:SignatureMethod Algorithm=" >>> http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> >>> <ds:Reference URI="#id-13"> >>> <ds:Transforms> >>> <ds:Transform Algorithm=" >>> http://www.w3.org/2001/10/xml-exc-c14n#";> >>> <ec:InclusiveNamespaces >>> xmlns:ec=" >>> http://www.w3.org/2001/10/xml-exc-c14n#"; PrefixList="" >>> /> >>> </ds:Transform> >>> </ds:Transforms> >>> <ds:DigestMethod Algorithm=" >>> http://www.w3.org/2000/09/xmldsig#sha1"/> >>> <ds:DigestValue>QqgS6lIMTvFJKUj5afXvXnQ1W4M= >>> </ds:DigestValue> >>> </ds:Reference> >>> </ds:SignedInfo> >>> <ds:SignatureValue> >>> SB+7/+s4ofbxI0WNoTowg8lDFs0ZLA3tRX7sagn2ljocZBUgMnDTw9+pyppuSnGyZKtFSESgPtLn/uPX8Oj7UhM0v1nsr3mMF3IvK1p1SJzTZMzfOZc7l4L9HMQxZD8xx08wpDWCFbTRD1aJ9wPDYcyADrM9cKyTIwg1fkcC9Om7ryOfjjScPkZa88OdIRY/baITl3nAJt2RXioP4cA4Oxa+u/9r7hu4tzAA3Ow+KO1ngYFxYeJsZWd8j8jqwpIA0JpJyXi98g+pb++GXjtVYy9X/Ri+QY6HUa+fvfua8KW2VRp4uaXVFS3S4J6Rdb3L87oJR2+5bVe9FvqPoNm1mQ== >>> </ds:SignatureValue> >>> <ds:KeyInfo Id="KI-1BA2E95532537EDE35137106980231418"> >>> <wsse:SecurityTokenReference wsu:Id= >>> "STR-1BA2E95532537EDE35137106980231419"> >>> <wsse:KeyIdentifier >>> EncodingType=" >>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary >>> " >>> ValueType=" >>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3 >>> " >>> > >>> MIIFKTCCBBGgAwIBAgIQW2vyszzvr/QDmIonMMTvizANBgkqhkiG9w0BAQsFADBUMQswCQYDVQQGEwJVUzEmMCQGA1UEChMdQ29tbW9ud2VhbHRoIG9mIE1hc3NhY2h1c2V0dHMxHTAbBgNVBAMTFE1hc3NIaVdheSBJc3N1aW5nIENBMB4XDTEyMTIyMzAwMDAwMFoXDTEzMTIyMzIzNTk1OVowgYkxLzAtBgNVBAMMJmRpcmVjdC5tYWluc3RyZWV0ZXIubWFzc2hpd2F5c3RhZ2UuY29tMRowGAYDVQQLDBFDVVNUT00tTUFTUy1ISUUtMTEWMBQGA1UECwwNTVVMVEktQUxMT1dFRDELMAkGA1UEBhMCVXMxFTATBgNVBAoMDG1haW5zdHJlZXRlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALeIw1Ct9T/ptgq9VPErpfGtE6AdiHQHh8JnsDnUla0EsZNEXwK5sGSM911fVaykO6Asf1ltPYUZh/JnipcP2aogUQXMHdle2IjZ4bOC0e9jyCHeOmoFLYkk662qL6tTsvCug90EdIsh55HjZ1WJD1dvZw8Pm5c+OSVXouLFlvtUL1q9qDNms20rnX5VpK55qkwWMwvu4TRDPbXqn7lOroiABUi032iIE5TjGKwQom1KPMRHtQa3XMDn4T+FDx0UFn41v4OjQcTl/hxIci/TeTsSod4ewohTO+Yoh5qIEhSvvjcEMUXYmRE//0Buj8IkstYlUbLeMVW71EOLy5ggB0cCAwEAAaOCAb8wggG7MAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/BAQDAgWgMCcGA1UdJQQgMB4GCCsGAQUFBwMCBggrBgEFBQcDAQYIKwYBBQUHAwQwHQYDVR0OBBYEFPHGf6vRVdoRHpFgTKCd97lMYA3bMDEGA1UdEQQqMCiCJmRpcmVjdC5tYWluc3RyZWV0ZXIubWFzc2hpd2F5c3RhZ2UuY29tMB8GA1UdIwQYMBaAFO3x9ByUUacmYGylyo2Wqwwjb77SMDcGCCsGAQUFBwEBBCswKTAnBggrBgEFBQcwAYYbaHR0cDovL3BraS1vY3NwLnN5bWF1dGguY29tMF0GA1UdHwRWMFQwUqBQoE6GTGh0dHA6Ly9wa2ktY3JsLnN5bWF1dGguY29tL2NhX2VjZjQxNWY4YzY5NzFmOTZkNWY3MjRlOTk4NDdkYjRkL0xhdGVzdENSTC5jcmwwLAYKYIZIAYb4RQEQAwQeMBwGEmCGSAGG+EUBEAEEBwEBhMKjDxYGMTQ2MTEyMDkGCmCGSAGG+EUBEAUEKzApAgEAFiRhSFIwY0hNNkx5OXdhMmt0Y21FdWMzbHRZWFYwYUM1amIyMD0wDQYJKoZIhvcNAQELBQADggEBADYSiYoMmvZT27aIA0+0vCLmEDuaYBqIE8Fhpju07MkBn28IakARzDlHN9zwPqEiHQJUFQXi0uwj8P29HyvWr2ZrsSLR7YCQbkw7zPypPf64M1F9jWDSay7srKsPkcoRsh2KZ+5N4sbklRDlybG+871ul53YotAaoTVOq5Lvukm0HmhEJUwXM+GfaE4V7j9pv4Dc+eAKaUANSlSKgSqpEIb7Ouw1yuUUv8kF3loMA6OePuUYa8biUpUJBWKbhZxoxzWO+43QqX7gOozATsqKXa84QPItJTbjKdtngfaKngm3WO/LJ9PPkWEci/Y2bmX3ypOcnjFpDBuvpA69vrN2oAM= >>> </wsse:KeyIdentifier> >>> </wsse:SecurityTokenReference> >>> </ds:KeyInfo> >>> </ds:Signature> >>> </wsse:Security> >>> >>> >>> >>> -- >>> Massimiliano Masi >>> >>> http://www.mascanc.net/~max >>> >> >> >> >> -- >> Colm O hEigeartaigh >> >> Talend Community Coder >> http://coders.talend.com >> > > > > -- > Massimiliano Masi > > http://www.mascanc.net/~max > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
