Hi Emmanuel and thanks for the so fast reply :) So I tried what you wrote me and I obtain those files :
CLIENT ------ <deployment xmlns="http://xml.apache.org/axis/wsdd/"; xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> <transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender"/> <globalConfiguration > <requestFlow > <handler type="java:org.apache.ws.axis.security.WSDoAllSender" > <parameter name="action" value="Signature Encrypt"/> <parameter name="user" value="privatekey"/> <parameter name="passwordCallbackClass" value="eteaching.webservice.security.WSMainPasswordCallback"/> <parameter name="signaturePropFile" value="crypto.properties" /> <parameter name="encryptionUser" value="privatekey" /> <parameter name="encryptionPropFile" value="crypto.properties" /> <parameter name="encryptionKeyIdentifier" value="X509KeyIdentifier" /> </handler> </requestFlow> </globalConfiguration> </deployment> SERVER ------ <deployment xmlns="http://xml.apache.org/axis/wsdd/"; xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> <service name="MoodleETeaching" provider="java:RPC"> <requestFlow> <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver"> <parameter name="passwordCallbackClass" value="eteaching.webservice.security.WSMoodlePasswordCallback"/> <parameter name="action" value="Signature Encrypt"/> <parameter name="signaturePropFile" value="crypto.properties" /> <parameter name="decryptionPropFile" value="crypto.properties" /> </handler> </requestFlow> <parameter name="scope" value="Session" /> <parameter name="className" value="eteaching.webservice.MoodleETeaching"/> <parameter name="allowedMethods" value="*"/> </deployment> but the server error stays :( I wonder why it wasn't working when I didn't specifiy the encryptionPropFile and the decryptionPropFile... the soap requests won't be encrypted ? I'm following the tutorials on this page : http://ws.apache.org/wss4j/package.html on "Combine Signature and Encryption" ! "Yes, the encryption is done with the public key so only the owner of the private key can decrypt it." Yes, but does wss3j automatically select the private key for the decryption on the server ? or must I specify something in my deployment wsdd ??? Best regards Tabin Cédric > Hi Tabin! > > In the client wsdd configuration settings you have to set the > encryption properties also, meaning the parameters: encryptionUser > (which should be the alias of the certificate used to encrypt), > encryptionKeyIdentifier and encryptionPropFile (crypto.properties). > > On the server side you have to set the decryptionPropFile > (crypto.properties to locate the keystore with the private key that > should be used to decrypt). > > Yes, the encryption is done with the public key so only the owner of the > private key can decrypt it. > > Hope it helps! > > Emanuel > > On 2/15/06, Tabin Cédric -[ thecaptain ]- <[EMAIL PROTECTED]> > wrote: >> Hi all ! >> >> I'm trying to set up the Signature Encrypt between my >> client/webservice. As I can see, the signature & encryption are okay >> for my client but the server doesn't work : he throws me an Server >> Error (not very useful :D). Here are my configurations : >> >> CLIENT >> ------ >> >> <deployment xmlns="http://xml.apache.org/axis/wsdd/"; >> xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> >> <transport name="http" >> pivot="java:org.apache.axis.transport.http.HTTPSender"/> >> <globalConfiguration > >> <requestFlow > >> <handler type="java:org.apache.ws.axis.security.WSDoAllSender" > >> <parameter name="action" value="Signature Encrypt"/> >> <parameter name="user" value="privatekey"/> >> <parameter name="passwordCallbackClass" >> value="eteaching.webservice.security.WSMainPasswordCallback"/> >> <parameter name="signaturePropFile" value="crypto.properties" /> >> </handler> >> </requestFlow> >> </globalConfiguration> >> </deployment> >> >> I use the xml like this into axis : >> EngineConfiguration config = new >> FileProvider("mainclientconfig.wsdd"); MoodleETeachingService service >> = new MoodleETeachingServiceLocator(config, url); >> >> My crypto.properties : >> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin >> org.apache.ws.security.crypto.merlin.keystore.type=jks >> org.apache.ws.security.crypto.merlin.keystore.password=security >> org.apache.ws.security.crypto.merlin.keystore.alias=privatekey >> org.apache.ws.security.crypto.merlin.alias.password=security >> org.apache.ws.security.crypto.merlin.file=privateKeyStore >> >> and also my keys into the privateKeyStore : >> Type keystore : jks >> Fournisseur keystore : SUN >> >> publickey, 14 fév. 2006, trustedCertEntry, Emprunte du certificat >> (MD5) : ..... >> privateky, 14 fév. 2004, keyEntry, Emprunte du certificat (MD5) : >> ..... >> >> SERVER >> ------ >> >> I also put the same crypto.properties with this deployment file : >> <deployment xmlns="http://xml.apache.org/axis/wsdd/"; >> xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> >> >> <service name="MoodleETeaching" provider="java:RPC"> >> >> <requestFlow> >> <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver"> >> <parameter name="passwordCallbackClass" >> value="eteaching.webservice.security.WSMoodlePasswordCallback"/> >> <parameter name="action" value="Signature Encrypt"/> >> <parameter name="signaturePropFile" value="crypto.properties" /> >> </handler> >> </requestFlow> >> >> <parameter name="scope" value="Session" /> >> <parameter name="className" >> value="eteaching.webservice.MoodleETeaching"/> >> <parameter name="allowedMethods" value="*"/> >> >> </service> >> </deployment> >> >> I think I've got a problem understanding the using of the certificates >> into wss4j (how to say : encrypt with his public key, decrypt with my >> private key ?)... >> >> Thank you for the help :) >> >> Best regards >> >> Tabin Cédric >> >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
