Re: AW: AW: help - client side config for wss4j

[anpu selvan]

Hi werner,

               i changed the action to signature (name="action" value="Signature").

even for that i got the same exception - signature verification failed.

but when i used the client-config.wsdd , that works fine.

i think my method for setting values for that properties is something wrong (i am sure that i am setting correct values). could u please check my method ?

does it correct way to set the properties?

 

this is my class to configure the properties

 

public EngineConfiguration createClientConfig() {
  AxisProperties.setProperty("enableNamespacePrefixOptimization",
           "false");
   SimpleProvider clientConfig = new SimpleProvider();
   Handler securitySenderHandler = (Handler) new WSDoAllSender();
   Handl er securityReceiverHandler = (Handler) new WSDoAllReceiver();

 

// here read all the config-properties from

 // a file (user,signatureKeyIdentifier,.....)

   securitySenderHandler.setOption(WSHandlerConstants.USER, user);
   securitySenderHandler.setOption(WSHandlerConstants.SIG_KEY_ID,
     signatureKeyIdentifier);
   securitySenderHandler.setOption(WSHandlerConstants.ENC_KEY_ID,
     encryptionKeyIdentifier);
   securitySenderHandler.setOption(WSHandlerConstants.SIG_PROP_FILE, signaturePropFile);
   securitySenderHandler.setOption(WSHandlerConstants.PW_CALLBACK_CLASS,
     passwordCallbackClass);
   securitySenderHandler.setOption(WSHandlerConstants.ENCRYPTION_USER, encryptionUser);
   securitySenderHandler.setOption(WSHandlerConstants.ACTION, action);
   
   
           // set all the properties securitySenderHandler 
   securityReceiverHandler.setOption(WSHandlerConstants.ACTION, action);
   securityReceiverHandler.setOption(WSHandlerConstants.PW_CALLBACK_CLASS,
     passwordCallbackClass);
   //securityReceiverHandler.setOption(WSHandlerConstants.ENC_PROP_FILE, signaturePropFile);
   securityReceiverHandler.setOption(WSHandlerConstants.SIG_PROP_FILE, signaturePropFile);
   
      
   
   SimpleChain reqHandler = new SimpleChain();
   SimpleChain respHandler = new SimpleChain();
   // add the sender handler to the request
   reqHandler.addHandler(securitySenderHandler);
   // add the reveiver handler to the response
   respHandler.addHandler(securityReceiverHandler);
   Handler pivot = (Handler) new HTTPSender();
   
   Handler transport = new SimpleTargetedChain(reqHandler, pivot,
     respHandler);
   

   clientConfig.deployTransport(HTTPTransport.DEFAULT_TRANSPORT_NAME,
    transport);
   
   return clientConfig;

}

 

and when i call the service i am using this way

 

EngineConfiguration configuration=clientConfiguration.createClientConfig();
   
   service = new InvoiceServiceLocator(configuration);

 

 

does it correct?

 

thanks

anpu

 

"Dittmann, Werner" <[EMAIL PROTECTED]> wrote:

Anpu,

 

looking at the data I don't see any issues that could cause the

fault. In any case the verfication for the Body part fails, that is

the computed hash value of the decrypted data does not match

tha hash value that is send with the request.

 

Just a a try: can you temporarily switch of encryption in the

response path (both server and client) to see if the Signature

work in the "plain text case" without encryption processing?

 

Another thing to look at: do you use the same xml-sec libraries

in both cases? CLASSPATH settings?

 

I know, its very vague but I don't see a problem in the data you

provided.

 

Regards,

Werner

---

Von: anpu selvan [mailto:[EMAIL PROTECTED]
Gesendet: Montag, 19. Dezember 2005 10:38
An: Dittmann, Werner; wss4j-dev@ws.apache.org
Betreff: Re: AW: help - client side config for wss4j

Hi,

 

when i used the client config file it was working fine.

 

this is client the config file

 

<?xml version="1.0" encoding="UTF-8"?>

<deployment xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">

<service name="InvoiceServices">

 

<requestFlow>

<handler type="java:org.apache.ws.axis.security.WSDoAllSender">

<parameter name="signatureKeyIdentifier" value="DirectReference"/>

<parameter name="user" value="client"/>

<parameter name="encryptionKeyIdentifier" value="SKIKeyIdentifier"/>

<parameter name="signaturePropFile" value="client.properties"/>

<parameter name="encryptionUser" value="server"/>

<parameter name="passwordCallbackClass" value="Client1PasswordCallback"/>

<parameter name="action" value="Signature Encrypt Timestamp"/>

</handler>

</requestFlow>

<responseFlow>

<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">

<parameter name="signaturePropFile" value="client.properties"/>

<parameter name="passwordCallbackClass" value="Client1PasswordCallback"/>

<parameter name="action" value="Signature Encrypt Timestamp"/>

</handler>

</responseFlow>

</service>

<transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender"/>

</deployment>

 

this is the soap request

 

POS T /axis/services/InvoiceServices HTTP/1.0

Content-Type: text/xml; charset=utf-8

Accept: application/soap+xml, application/dime, multipart/related, text/*

User-Agent: Axis/1.3

Host: 127.0.0.1:8080

Cache-Control: no-cache

Pragma: no-cache

SOAPAction: ""

Content-Length: 6442

 

SNIP SNAP

__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com