Unable to invoke WS-Security enabled systinet WS endpoints

[Rajiv K Nistala]

Title: Unable to invoke WS-Security enabled systinet WS endpoints

Hi,

I was trying to invoke the systinet webservice from the following URL. http://soap.systinet.net/interop/wss.html. I am using Ping2 WebService Java based.

I am using AXIS with WSS4J as my client. Given below is the SOAP message I am sending and the SOAP fault which I am receiving

<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
<xenc:EncryptedKey>
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"></xenc:EncryptionMethod>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference><wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">MIICQTCCAaoCAQkwDQYJKoZIhvcNAQEEBQAwZjELMAkGA1UEAxMCQ0ExFjAUBgNVBAsTDVNlY3Vy
aXR5IFRlYW0xETAPBgNVBAoTCFN5c3RpbmV0MQ8wDQYDVQQHEwZQcmFndWUxDjAMBgNVBAgTBUN6
ZWNoMQswCQYDVQQGEwJDWjAeFw0wNTA2MDkxMzMwMzVaFw0xNTA2MDcxMzMwMzVaMGwxCzAJBgNV
BAYTAkNaMQ4wDAYDVQQIEwVDemVjaDEPMA0GA1UEBxMGUHJhZ3VlMREwDwYDVQQKEwhTeXN0aW5l
dDEWMBQGA1UECxMNU2VjdXJpdHkgVGVhbTERMA8GA1UEAxMIV1NTVGVzdDEwgZ8wDQYJKoZIhvcN
AQEBBQADgY0AMIGJAoGBAMGp/yS5flv+bDXbiGihpaKhelwKh5whziPtScp2QC9VmAr67fZBjoAE
H3Lv5vdQazMahSBt1NBjESJpaN91BoKcyqBCvVAVAImvtQ7Bh9MYTBU/CzvrpwtxPglxDGLwpBHc
wVWI6yKajC+KuJl3EB9IzUDRmyLxQgBs+yrBIw2vAgMBAAEwDQYJKoZIhvcNAQEEBQADgYEAWwpn
1c8PckiFhenRvrpUfQWFA1BnQ/O//59svVK1L8qGXnXYJSQbCrnfTwO4qUl1UXKY70OC9S/7mlvf
vS8GsYP5yrd4mWo4930CORVYvYK8s0o3p7jUg2qg9emqY8D0gSHj2Czbr3uTuiUfRdI82aoPer75
zhEmqcu/Tt7fO9g=</wsse:KeyIdentifier></wsse:SecurityTokenReference>
</ds:KeyInfo>
<xenc:CipherData><xenc:CipherValue>POkQ3UFxfiX0OCacG5nlpJvXa9HE+hjjdaQyy7jzag6HpoFZYiV2uwdimTvqwutNtnaH0638Mz4u
DPKPsFZlPAqV9GnrMjniZeyx/cZQ1eEUQWuCuNzHgsos519PZZFOveqq8zthDXWS0PtEWmdlAnT2
oycs9rqlfyDK8NLmmbg=</xenc:CipherValue></xenc:CipherData>
<xenc:ReferenceList><xenc:DataReference URI="#EncDataId-2968702"></xenc:DataReference></xenc:ReferenceList></xenc:EncryptedKey>
<xenc:EncryptedData Id="EncDataId-2968702" Type="http://www.w3.org/2001/04/xmlenc#Element"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"></xenc:EncryptionMethod><xenc:CipherData><xenc:CipherValue>vNosHY8Xi8rGhWmrMkZ1wScmG7dqcrlUlp+38YCjvzsjU8g13iYk9Lc4499h/UyonmDALcHF7oKw
axySVIs+LXJRBURrH7YIn38vSUhvA1FWPXSH+tFGw6xKguqVEt3sl4kp4vzCev2aZ1EN3s6SatuN
c6iQuMSsPFbQm5cKK3watwfO89aGxC2zNJmMvPwokQ9pbyiUWm8I44S2QZyhPdobimwsW4rH1k9n
Qubge1ERmruEkkBgQr3xHF9gILokdl/9jwlPe8dvdJdcZKzD5AyzQyFkCp8ZSJrL+FhqflJFpXUI
T3O9XKJSjVmpTggBwI4HsDxojJ5UH9FIDvJa3asIh4+YXF21lgPUINH2Bmro3T8uBfBnOe19QORM
TWVvVeQpQetUFIkdWmrncd7eWtskrZFGsuuPpJXBdVE1wk3wStdWpRKtqRgEkQkB5WWTTCN5V4CA
Y23gFBrE9Q4/j1Y7zYaQhgb62bN/l/RNZx2j4ZHoq88TY25sUqV2g8XQyxt4mYq/4/Tsxv3Vbbdg
vToeG0N1q8p8ZMZqSromDIHrExqXibTsig9RlZLzkD8F</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></wsse:Security></soapenv:Header>
<soapenv:Body>
<ns2:Ping xmlns:ns2="http://xmlsoap.org/Ping">
<ns2:text>text</ns2:text>
</ns2:Ping>
</soapenv:Body>
</soapenv:Envelope>

<?xml version="1.0" encoding="UTF-8"?>
<e:Envelope xmlns:e="http://schemas.xmlsoap.org/soap/envelope/"><e:Body><e:Fault xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><faultcode>wsse:InvalidSecurity</faultcode><faultstring>There is not suitable key for decryption in encryptedKey; id=</faultstring><detail><ijm:idoox-java-mapping.org.systinet.wasp.security.ws.WSSecurityException xmlns:ijm="urn:idoox-java-mapping"><ijm:stack-trace>org.systinet.wasp.security.ws.WSSecurityException: There is not suitable key for decryption in encryptedKey; id=
at com.systinet.wasp.security.ws.impl.WSSecurityHelper.reportWsSecurityException(WSSecurityHelper.java:1093)
at com.systinet.wasp.security.ws.impl.EncryptedKeyObject.getKey(EncryptedKeyObject.java:309)
at com.systinet.wasp.security.ws.impl.EncryptedKeyObject.getTransportedKey(EncryptedKeyObject.java:365)
at com.systinet.wasp.security.ws.impl.EncryptedDataObject.doFinalDecryption(EncryptedDataObject.java:329)
at com.systinet.wasp.security.ws.impl.EncryptedDataObject.doFinal(EncryptedDataObject.java:181)
at com.systinet.wasp.security.ws.impl.EncryptedKeyObject.doFinalDecryption(EncryptedKeyObject.java:530)
at com.systinet.wasp.security.ws.impl.EncryptedKeyObject.doFinal(EncryptedKeyObject.java:260)
at com.systinet.wasp.security.ws.impl.WSSecurityHeaderImpl.decryptAndVerify(WSSecurityHeaderImpl.java:404)
at com.systinet.wasp.security.ws.provider.WSSecurityInputMessage.validateMessage(WSSecurityInputMessage.java:188)
at com.systinet.wasp.security.ws.provider.WSSecurityInputMessage.initStream(WSSecurityInputMessage.java:116)
at org.idoox.transport.RawInputMessage.read(RawInputMessage.java:60)
at com.idoox.xml.ReaderTokenizer.setInput(ReaderTokenizer.java:700)
at com.idoox.soap.EnvelopeInCache.prepareEnvelopeInCache(EnvelopeInCache.java:67)
at com.systinet.wasp.soap.MessageSourceImpl.doEnvelopeCaching(MessageSourceImpl.java:215)
at com.systinet.wasp.soap.MessageSourceImpl.init(MessageSourceImpl.java:138)
at com.systinet.wasp.soap.MessageSourceFactoryImpl.getMessageSource(MessageSourceFactoryImpl.java:36)
at com.idoox.wasp.server.adaptor.XMLAdaptorImpl.startRequest(XMLAdaptorImpl.java:205)
at com.idoox.wasp.server.AdaptorTemplate.doDispatch(AdaptorTemplate.java:377)
at com.idoox.wasp.server.AdaptorTemplate.dispatch(AdaptorTemplate.java:328)
at com.idoox.wasp.server.ServiceConnector.dispatch(ServiceConnector.java:385)
at com.systinet.wasp.ServiceManagerImpl.dispatchRequest(ServiceManagerImpl.java:638)
at com.systinet.wasp.ServiceManagerImpl.dispatch(ServiceManagerImpl.java:473)
at com.systinet.wasp.ServiceManagerImpl$DispatcherConnHandler.handlePost(ServiceManagerImpl.java:2594)
at com.idoox.transport.http.server.Jetty$WaspHttpHandler.handle(Jetty.java:97)
at com.mortbay.HTTP.HandlerContext.handle(HandlerContext.java:1087)
at com.mortbay.HTTP.HttpServer.service(HttpServer.java:675)
at com.mortbay.HTTP.HttpConnection.service(HttpConnection.java:457)
at com.mortbay.HTTP.HttpConnection.handle(HttpConnection.java:317)
at com.mortbay.HTTP.SocketListener.handleConnection(SocketListener.java:99)
at com.mortbay.Util.ThreadedServer.handle(ThreadedServer.java:254)
at com.mortbay.Util.ThreadPool$PoolThreadRunnable.run(ThreadPool.java:607)
at java.lang.Thread.run(Thread.java:534)
</ijm:stack-trace></ijm:idoox-java-mapping.org.systinet.wasp.security.ws.WSSecurityException></detail></e:Fault></e:Body></e:Envelope>

Any help is most appreciated on how I can overcome this problem.

Regards,
Rajiv K Nistala