Try DirectReference instead of X509KeyIdentifier for the encryptionKeyIdentifier parametes.
And as I am aware of it, yes wss4j automatically selects the private key to decrypt the message. Emanuel On 2/15/06, Tabin Cédric -[ thecaptain ]- <[EMAIL PROTECTED]> wrote: > Hi Emmanuel and thanks for the so fast reply :) > > So I tried what you wrote me and I obtain those files : > > CLIENT > ------ > <deployment xmlns="http://xml.apache.org/axis/wsdd/"; > xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> > <transport name="http" > pivot="java:org.apache.axis.transport.http.HTTPSender"/> > <globalConfiguration > > <requestFlow > > <handler type="java:org.apache.ws.axis.security.WSDoAllSender" > > <parameter name="action" value="Signature Encrypt"/> > <parameter name="user" value="privatekey"/> > <parameter name="passwordCallbackClass" > value="eteaching.webservice.security.WSMainPasswordCallback"/> > <parameter name="signaturePropFile" value="crypto.properties" /> > <parameter name="encryptionUser" value="privatekey" /> > <parameter name="encryptionPropFile" value="crypto.properties" /> > <parameter name="encryptionKeyIdentifier" value="X509KeyIdentifier" /> > </handler> > </requestFlow> > </globalConfiguration> > </deployment> > > SERVER > ------ > <deployment xmlns="http://xml.apache.org/axis/wsdd/"; > xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> > > <service name="MoodleETeaching" provider="java:RPC"> > > <requestFlow> > <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver"> > <parameter name="passwordCallbackClass" > value="eteaching.webservice.security.WSMoodlePasswordCallback"/> > <parameter name="action" value="Signature Encrypt"/> > <parameter name="signaturePropFile" value="crypto.properties" /> > <parameter name="decryptionPropFile" value="crypto.properties" /> > </handler> > </requestFlow> > > <parameter name="scope" value="Session" /> > <parameter name="className" > value="eteaching.webservice.MoodleETeaching"/> > <parameter name="allowedMethods" value="*"/> > > </deployment> > > but the server error stays :( I wonder why it wasn't working when I didn't > specifiy the encryptionPropFile and the decryptionPropFile... the soap > requests won't be encrypted ? I'm following the tutorials on this page : > http://ws.apache.org/wss4j/package.html on "Combine Signature and > Encryption" ! > > "Yes, the encryption is done with the public key so only the owner of the > private key can decrypt it." Yes, but does wss3j automatically select the > private key for the decryption on the server ? or must I specify something > in my deployment wsdd ??? > > Best regards > > Tabin Cédric > > > Hi Tabin! > > > > In the client wsdd configuration settings you have to set the > > encryption properties also, meaning the parameters: encryptionUser > > (which should be the alias of the certificate used to encrypt), > > encryptionKeyIdentifier and encryptionPropFile (crypto.properties). > > > > On the server side you have to set the decryptionPropFile > > (crypto.properties to locate the keystore with the private key that > > should be used to decrypt). > > > > Yes, the encryption is done with the public key so only the owner of the > > private key can decrypt it. > > > > Hope it helps! > > > > Emanuel > > > > On 2/15/06, Tabin Cédric -[ thecaptain ]- <[EMAIL PROTECTED]> > > wrote: > >> Hi all ! > >> > >> I'm trying to set up the Signature Encrypt between my > >> client/webservice. As I can see, the signature & encryption are okay > >> for my client but the server doesn't work : he throws me an Server > >> Error (not very useful :D). Here are my configurations : > >> > >> CLIENT > >> ------ > >> > >> <deployment xmlns="http://xml.apache.org/axis/wsdd/"; > >> xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> > >> <transport name="http" > >> pivot="java:org.apache.axis.transport.http.HTTPSender"/> > >> <globalConfiguration > > >> <requestFlow > > >> <handler type="java:org.apache.ws.axis.security.WSDoAllSender" > > >> <parameter name="action" value="Signature Encrypt"/> > >> <parameter name="user" value="privatekey"/> > >> <parameter name="passwordCallbackClass" > >> value="eteaching.webservice.security.WSMainPasswordCallback"/> > >> <parameter name="signaturePropFile" value="crypto.properties" /> > >> </handler> > >> </requestFlow> > >> </globalConfiguration> > >> </deployment> > >> > >> I use the xml like this into axis : > >> EngineConfiguration config = new > >> FileProvider("mainclientconfig.wsdd"); MoodleETeachingService service > >> = new MoodleETeachingServiceLocator(config, url); > >> > >> My crypto.properties : > >> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin > >> org.apache.ws.security.crypto.merlin.keystore.type=jks > >> org.apache.ws.security.crypto.merlin.keystore.password=security > >> org.apache.ws.security.crypto.merlin.keystore.alias=privatekey > >> org.apache.ws.security.crypto.merlin.alias.password=security > >> org.apache.ws.security.crypto.merlin.file=privateKeyStore > >> > >> and also my keys into the privateKeyStore : > >> Type keystore : jks > >> Fournisseur keystore : SUN > >> > >> publickey, 14 fév. 2006, trustedCertEntry, Emprunte du certificat > >> (MD5) : ..... > >> privateky, 14 fév. 2004, keyEntry, Emprunte du certificat (MD5) : > >> ..... > >> > >> SERVER > >> ------ > >> > >> I also put the same crypto.properties with this deployment file : > >> <deployment xmlns="http://xml.apache.org/axis/wsdd/"; > >> xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> > >> > >> <service name="MoodleETeaching" provider="java:RPC"> > >> > >> <requestFlow> > >> <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver"> > >> <parameter name="passwordCallbackClass" > >> value="eteaching.webservice.security.WSMoodlePasswordCallback"/> > >> <parameter name="action" value="Signature Encrypt"/> > >> <parameter name="signaturePropFile" value="crypto.properties" /> > >> </handler> > >> </requestFlow> > >> > >> <parameter name="scope" value="Session" /> > >> <parameter name="className" > >> value="eteaching.webservice.MoodleETeaching"/> > >> <parameter name="allowedMethods" value="*"/> > >> > >> </service> > >> </deployment> > >> > >> I think I've got a problem understanding the using of the certificates > >> into wss4j (how to say : encrypt with his public key, decrypt with my > >> private key ?)... > >> > >> Thank you for the help :) > >> > >> Best regards > >> > >> Tabin Cédric > >> > >> > >> > >> --------------------------------------------------------------------- > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
