Hi Werner,
Thanks for the reply. I'll do that.
Richard.
Dittmann, Werner wrote:
Richard,
sometime ago we had a discussion about the same problem.
I thought we had fixed that problem - but because it was
not listed in JIRA it somehow was lost.
A quick fix: if you are working with a SVN soure and arr able
to rebuild WSS4J then please do the following:
in the java file *.handler.WSHandler.java locate the method
checkReceiverResults(...) and comment out all lines except the last
"return true;" thus the method always returns true. This
solves your problem.
I'll do a similar fix in the SVN during the weekend.
Regards,
Werner
-----Ursprüngliche Nachricht-----
Von: Richard Gregory [mailto:[EMAIL PROTECTED]
Gesendet: Freitag, 17. Februar 2006 09:51
An: [email protected]
Betreff: order of actions
Hi,
I have a service with the Timestamp, UsernameToken and
Encrypt defined
as actions for the WSDoAllReceiver handler in the requestFlow of the
service:
<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="passwordCallbackClass"
value="de.biomax.biors.ws.advancedquery.ServicePWCallback"/>
<parameter name="action" value="Timestamp UsernameToken
Encrypt"/>
<parameter name="decryptionPropFile"
value="crypto.properties4" />
</handler>
A .Net client sends the following SOAP message, which also
has the same
3 actions in the same order in the security header, but I get a
"WSDoAllReceiver: security processing failed (actions
mismatch)" message
returned.
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040
1-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401
-wss-wssecurity-utility-1.0.xsd">
<soap:Header>
<wsa:Action>getBiorsEntry</wsa:Action>
<wsa:MessageID>uuid:e755b5ce-b02a-42ed-b321-0632ba635f9e</wsa:
MessageID>
<wsa:ReplyTo>
<wsa:Address>http://schemas.xmlsoap.org/ws/2004/03/addressing/
role/anonymous</wsa:Address>
</wsa:ReplyTo>
<wsa:To>http://146.107.217.111:8081/biorsWSS4J/services/BiorsA
dvancedQuery</wsa:To>
<wsse:Security soap:mustUnderstand="1">
<wsu:Timestamp
wsu:Id="Timestamp-7a80d432-3325-4f6f-bc6c-4957981d8d37">
<wsu:Created>2006-02-16T16:25:22Z</wsu:Created>
<wsu:Expires>2006-02-16T16:30:22Z</wsu:Expires>
</wsu:Timestamp>
<wsse:UsernameToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401
-wss-wssecurity-utility-1.0.xsd"
wsu:Id="SecurityToken-f755a5d8-7fb8-441e-b8ab-014fa0f54f2b">
<wsse:Username>wss4j</wsse:Username>
<wsse:Password
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-
username-token-profile-1.0#PasswordDigest">LoayOaGBKwfPBdtSWIj
fgEwJvqs=</wsse:Password>
<wsse:Nonce>pKFrLuJH12YOlEhUfzicHA==</wsse:Nonce>
<wsu:Created>2006-02-16T16:25:22Z</wsu:Created>
</wsse:UsernameToken>
<xenc:EncryptedKey
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";>
<xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"; />
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";>
<wsse:SecurityTokenReference>
<wsse:KeyIdentifier
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401
-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier"
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200
401-wss-soap-message-security-1.0#Base64Binary">l8oWQGPoXKiTy6
QBZ1j0uLDFw9w=</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>S8nN6qFC0psXwfAc6TqRuyv7sURb/Z4VtE8tng3vDGOF
EQcJ7/3D440bdmpVAhnFaUAQSuAvxdXQkFt+jecedE0oiBw/6Ag6khIcT4oltKmrEd/pCwQOBJCQeUk1/p767guSMzDx85e9l4+lnGhfybm3IGgEpZU3wL16zCL39Ro=</xenc:CipherValue>
</xenc:CipherData>
<xenc:ReferenceList>
<xenc:DataReference
URI="#EncryptedContent-691448b3-c25a-4059-a1a7-f249538a323a" />
</xenc:ReferenceList>
</xenc:EncryptedKey>
</wsse:Security>
</soap:Header>
<soap:Body>
<xenc:EncryptedData
Id="EncryptedContent-691448b3-c25a-4059-a1a7-f249538a323a"
Type="http://www.w3.org/2001/04/xmlenc#Content";
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";>
<xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"; />
<xenc:CipherData>
<xenc:CipherValue>5ZpTdhcOx8UDMtS6d7rLTPWkX+zup1gemrSpJwC/rgTB
JMJhcGDK5B+cfi17oe5h+N7or9N+uE5XMVPh5xduxpqKAblwKtYKfxe78NPmSZ
LW5mxK9Dsoz34C8Vvte7mgSt4UbGjcl8l9yeUrhq0LMoSI7b9KcQz6DyDrTzlc
ny39TCMTf0NSEg5JSnt0Wun5dGdoBU5GubOUxx+xhczOwtEeyA46jf5NmIKmGp
FgfDkAIxIpeZLBH9XttOL5Ex7pNsUGoyvy86AqG2kjRvEzFZopogp+SDcHiGJC
sbm5aBny10JL6XRSQHBPifnDSQRGH3FmDTtepGHLNbhE04m/F/2q0c0Z6j88Hy
xGxHIt9EigRMyeg+Em5LZj3X5OcK2PmYrmnwzfrlU7y06IFBPkYYzGISAea4nw
yDPtH7X1kM9iHtqitkRunrgdH5oj159GMYHbX8xJnF+R7cV++fa6u0mTENzIvY
XKXHnmc/v7v+eRnFPd2SzIFWYuqMwdXxiOQAq/HJSMuRFuVx5SHiOrEQ==</xe
nc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
</soap:Body>
</soap:Envelope>
I edited the WSDoAllReciever to print out the number
constants relating
to these actions as it does this check, and it's getting the actions
from the SOAP message in the order Encrypt, UsernameToken, Timestamp,
but expecting UsernameToken, Timestamp, Encrypt. I did the
same with a
SOAP message from an axis client (which had the actions in the order
Encrypt Timestamp, UsernameToken in the actual message), and
the headers
were processed in the order UsernameToken, Timestamp,
Encrypt, which is
what the handler expects. If I change the deployment
descriptor so the
actions are listed in the order Encrypt, UsernameToken,
Timestamp, the
.Net client will work, but the axis client now gives the "actions
mismatch" error.
If anyone could help me figure out what is going on here, I'd be very
grateful.
Thanks,
Richard.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
