Stefan, at the first look I can't see a problem. To get more info can you pls enable debugging at the client side (WSDoAllReceiver) an monitor it?
There is a log4j.proteries file in the src directory, just enable the correct line and put the file in your classpath. Thanks, Werner Stefan Schmidt wrote: > Werner, > > At the client-side I am using Axis and the WSS4J Axis Handlers: > > <responseFlow > > <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver"> > <parameter name="passwordCallbackClass" > value="com.ibm.dw.bookshop.j2seclient.handlers.PWCallbackHandler"/> > <parameter name="action" value="Signature"/> > <parameter name="signaturePropFile" value="crypto.properties" /> > </handler> > </responseFlow > > At the server-side I am using a JAXRPC Web service running on Geronimo > (which uses Axis for its JAXRPC functionality): > <handler> > <handler-name>Outbound Security Handler</handler-name> > > <handler-class>org.apache.ws.security.handler.WSS4JHandler</handler-class> > <init-param> > <param-name>deployment</param-name> > <param-value>server</param-value> > </init-param> > <init-param> > <param-name>action</param-name> > <param-value>Signature</param-value> > </init-param> > <init-param> > <param-name>passwordCallbackClass</param-name> > > <param-value>com.ibm.dw.bookshop.handlers.PWCallbackHandler</param-value> > </init-param> > <init-param> > <param-name>flow</param-name> > <param-value>response-only</param-value> > </init-param> > <init-param> > <param-name>user</param-name> > > <param-value>16c73ab6-b892-458f-abf5-2f875f74882e</param-value> > </init-param> > <init-param> > <param-name>signaturePropFile</param-name> > <param-value>crypto.properties</param-value> > </init-param> > </handler> > > There is no Handler after this one so I assume the message is not > altered after the signing process. > > Here is my TCPMonitor log: > > Request: > ------------------------------------------------------------------ > POST /DWBookShop/XMethodsNames HTTP/1.0 > Content-Type: text/xml; charset=utf-8 > Accept: application/soap+xml, application/dime, multipart/related, text/* > User-Agent: Axis/1.2.1 > Host: localhost:1235 > Cache-Control: no-cache > Pragma: no-cache > SOAPAction: > "http://ibm.com.dw.bookshop.webservice/getXMethodsWebServiceNames"; > Content-Length: 336 > > <?xml version="1.0" encoding="UTF-8"?> > <soapenv:Envelope > xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> > <soapenv:Body> > <getXMethodsWebServiceNames xmlns="http://ibm.com.dw.bookshop.webservice"/> > </soapenv:Body> > </soapenv:Envelope> > --------------------------------------------------------------------- > > > Response: > ---------------------------------------------------------------------- > > HTTP/1.1 200 OK > Date: Wed, 31 Aug 2005 03:00:21 GMT > Server: Jetty/5.1.5rc0 (Windows XP/5.1 x86 java/1.4.2_09 > Content-Type: text/xml; charset=utf-8 > Connection: close > > > > <?xml version="1.0" encoding="UTF-8"?> > <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> > <soapenv:Header> > <wsse:Security > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; > soapenv:mustUnderstand="1"> > <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> > <ds:SignedInfo> > <ds:CanonicalizationMethod > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";></ds:CanonicalizationMethod> > > <ds:SignatureMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1";></ds:SignatureMethod> > > <ds:Reference URI="#id-12249901"> > <ds:Transforms> > <ds:Transform > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";></ds:Transform> > </ds:Transforms> > <ds:DigestMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";></ds:DigestMethod> > <ds:DigestValue>QqWmAQmtL4ZaZb7/TOcYkg4E8c0=</ds:DigestValue> > </ds:Reference> > </ds:SignedInfo> > <ds:SignatureValue> > FQNJiw+lvL7NTSyif9N/Y5PNGeeSsJRf9jIgcfUTpwUsg+R8x4fLoIufT659OSvzQZNnOT1s/UeJ > > iQSgf+ODzQ== > </ds:SignatureValue> > <ds:KeyInfo Id="KeyId-3882268"> > <wsse:SecurityTokenReference > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; > wsu:Id="STRId-22729241"><ds:X509IssuerSerial> > <ds:X509IssuerName>CN=dims</ds:X509IssuerName> > > <ds:X509SerialNumber>44369778256217224370984914847992022613</ds:X509SerialNumber> > > </ds:X509IssuerSerial></wsse:SecurityTokenReference> > </ds:KeyInfo> > </ds:Signature></wsse:Security></soapenv:Header> > <soapenv:Body > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; > wsu:Id="id-12249901"> > <getXMethodsWebServiceNamesResponse > xmlns="http://ibm.com.dw.bookshop.webservice";> > <result xmlns="" xmlns:ns1="http://arrays/java/lang"; > xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"; > soapenc:arrayType="ns1:StringArray[5]" xsi:type="soapenc:Array"> > <result xsi:type="xsd:string">XSpace</result> > <result xsi:type="xsd:string">XMethods Query Service</result> > <result xsi:type="xsd:string">Dummy replacement for Weather - > Temperature</result> > <result xsi:type="xsd:string">Currency Exchange Rate</result> > <result xsi:type="xsd:string">Delayed Stock Quote</result> > </result> > </getXMethodsWebServiceNamesResponse> > </soapenv:Body> > </soapenv:Envelope> > > Now in my client I should see a list like this: > XSpace > XMethods Query Service > Dummy replacement for Weather - Temperature > Currency Exchange Rate > Delayed Stock Quote > > instead I see this: > null > null > null > null > null > > I can prepare a dummy war file if you would like to test it on Geronimo > yourself. > > I hope this helps. > > Regards, > Stefan > > Werner Dittmann wrote: > >> Stefna, >> >> do you use the Axis handlers and Axis as your SOAP subsystem? >> If yes then it should work - otherwise pls try to get a >> dump of the request (tcpmon) and send it along. >> >> If you don't use the xis handler (and Axis) then make sure >> theat you SOAP system does not modify the request after signature >> processing. >> >> Regards, >> Werner >> >> Stefan Schmidt wrote: >> >> >>> Werner, >>> >>> Thanks for this remark - I wan't aware of the Crimson namespace problem. >>> Now I got one step further. Unfortunately there is still something >>> wrong. I am sending a SOAP array and when I sign the msg I cannot >>> retrieve the string values from this array. Instead I simply get 'null' >>> for each array item. tcpmon shows that the signed msg with the correct >>> array values is send but the client seems to have a problem. There is no >>> error message. Running the WS without security everything works fine. >>> >>> Ideas? >>> >>> Regards, >>> Stefan >>> >>> Werner Dittmann wrote: >>> >>> >>> >>>> Stefan, >>>> >>>> acording to the stack printout you use the crimson parser >>>> at the client side. Crimson does _not_ support namespaces >>>> fully (only partial support). Pls make sure you have a >>>> fully namespace aware parser first in your classpath, e.g. >>>> xerces. >>>> >>>> AFAIK Crimson is the standard parser for JDK 1.4.x, but I'm >>>> not sure if Crimson is supported by Apache anymore. >>>> >>>> Regards, >>>> Werner >>>> >>>> >>>> Stefan Schmidt wrote: >>>> >>>> >>>> >> >> <SNIP> ..... <SNAP> >> >> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: [EMAIL PROTECTED] >>> For additional commands, e-mail: [EMAIL PROTECTED] >>> >>> >>> >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> >> >> > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
