Richard, I was refering to the current HEAD of SVN. In 1.1 this function is contained in the handler as far as I can remember (e.g. WSDoAllReceiver.java ). In the current header we refactored the layout of the handlers and handler classes.
In 1.1 this is code part that looks similar to the function in WSHandler. Regards, Werner > -----Ursprüngliche Nachricht----- > Von: Richard Gregory [mailto:[EMAIL PROTECTED] > Gesendet: Freitag, 17. Februar 2006 16:39 > An: Dittmann, Werner > Cc: [email protected] > Betreff: Re: AW: order of actions > > Hi Werner, > > The version of WSS4J that have (1.1.0) does not have the method > checkReceiverResults() in WSHandler.java. > > Regards, > > Richard. > > Dittmann, Werner wrote: > > >Richard, > > > >sometime ago we had a discussion about the same problem. > > > >I thought we had fixed that problem - but because it was > >not listed in JIRA it somehow was lost. > > > >A quick fix: if you are working with a SVN soure and arr able > >to rebuild WSS4J then please do the following: > > > >in the java file *.handler.WSHandler.java locate the method > >checkReceiverResults(...) and comment out all lines except the last > >"return true;" thus the method always returns true. This > >solves your problem. > > > >I'll do a similar fix in the SVN during the weekend. > > > >Regards, > >Werner > > > > > > > >>-----Ursprüngliche Nachricht----- > >>Von: Richard Gregory [mailto:[EMAIL PROTECTED] > >>Gesendet: Freitag, 17. Februar 2006 09:51 > >>An: [email protected] > >>Betreff: order of actions > >> > >>Hi, > >> > >>I have a service with the Timestamp, UsernameToken and > >>Encrypt defined > >>as actions for the WSDoAllReceiver handler in the > requestFlow of the > >>service: > >> > >><handler type="java:org.apache.ws.axis.security.WSDoAllReceiver"> > >> <parameter name="passwordCallbackClass" > >>value="de.biomax.biors.ws.advancedquery.ServicePWCallback"/> > >> <parameter name="action" value="Timestamp UsernameToken > >>Encrypt"/> > >> <parameter name="decryptionPropFile" > >>value="crypto.properties4" /> > >></handler> > >> > >>A .Net client sends the following SOAP message, which also > >>has the same > >>3 actions in the same order in the security header, but I get a > >>"WSDoAllReceiver: security processing failed (actions > >>mismatch)" message > >>returned. > >> > >><?xml version="1.0" encoding="utf-8"?> > >> <soap:Envelope > >>xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"; > >>xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > >>xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > >>xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"; > >>xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040 > >>1-wss-wssecurity-secext-1.0.xsd" > >>xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401 > >>-wss-wssecurity-utility-1.0.xsd"> > >> <soap:Header> > >> <wsa:Action>getBiorsEntry</wsa:Action> > >> > >><wsa:MessageID>uuid:e755b5ce-b02a-42ed-b321-0632ba635f9e</wsa: > >>MessageID> > >> <wsa:ReplyTo> > >> > >><wsa:Address>http://schemas.xmlsoap.org/ws/2004/03/addressing/ > >>role/anonymous</wsa:Address> > >> </wsa:ReplyTo> > >> > >><wsa:To>http://146.107.217.111:8081/biorsWSS4J/services/BiorsA > >>dvancedQuery</wsa:To> > >> <wsse:Security soap:mustUnderstand="1"> > >> <wsu:Timestamp > >>wsu:Id="Timestamp-7a80d432-3325-4f6f-bc6c-4957981d8d37"> > >> <wsu:Created>2006-02-16T16:25:22Z</wsu:Created> > >> <wsu:Expires>2006-02-16T16:30:22Z</wsu:Expires> > >> </wsu:Timestamp> > >> <wsse:UsernameToken > >>xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401 > >>-wss-wssecurity-utility-1.0.xsd" > >>wsu:Id="SecurityToken-f755a5d8-7fb8-441e-b8ab-014fa0f54f2b"> > >> <wsse:Username>wss4j</wsse:Username> > >> <wsse:Password > >>Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- > >>username-token-profile-1.0#PasswordDigest">LoayOaGBKwfPBdtSWIj > >>fgEwJvqs=</wsse:Password> > >> <wsse:Nonce>pKFrLuJH12YOlEhUfzicHA==</wsse:Nonce> > >> <wsu:Created>2006-02-16T16:25:22Z</wsu:Created> > >> </wsse:UsernameToken> > >> <xenc:EncryptedKey > >>xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";> > >> <xenc:EncryptionMethod > >>Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"; /> > >> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";> > >> <wsse:SecurityTokenReference> > >> <wsse:KeyIdentifier > >>ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401 > >>-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier" > >>EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200 > >>401-wss-soap-message-security-1.0#Base64Binary">l8oWQGPoXKiTy6 > >>QBZ1j0uLDFw9w=</wsse:KeyIdentifier> > >> </wsse:SecurityTokenReference> > >> </KeyInfo> > >> <xenc:CipherData> > >> > >><xenc:CipherValue>S8nN6qFC0psXwfAc6TqRuyv7sURb/Z4VtE8tng3vDGOF > >> > >> > >EQcJ7/3D440bdmpVAhnFaUAQSuAvxdXQkFt+jecedE0oiBw/6Ag6khIcT4olt > KmrEd/pCwQOBJCQeUk1/p767guSMzDx85e9l4+lnGhfybm3IGgEpZU3wL16zCL > 39Ro=</xenc:CipherValue> > > > > > >> </xenc:CipherData> > >> <xenc:ReferenceList> > >> <xenc:DataReference > >>URI="#EncryptedContent-691448b3-c25a-4059-a1a7-f249538a323a" /> > >> </xenc:ReferenceList> > >> </xenc:EncryptedKey> > >> </wsse:Security> > >> </soap:Header> > >> <soap:Body> > >> <xenc:EncryptedData > >>Id="EncryptedContent-691448b3-c25a-4059-a1a7-f249538a323a" > >>Type="http://www.w3.org/2001/04/xmlenc#Content"; > >>xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";> > >> <xenc:EncryptionMethod > >>Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"; /> > >> <xenc:CipherData> > >> > >><xenc:CipherValue>5ZpTdhcOx8UDMtS6d7rLTPWkX+zup1gemrSpJwC/rgTB > >>JMJhcGDK5B+cfi17oe5h+N7or9N+uE5XMVPh5xduxpqKAblwKtYKfxe78NPmSZ > >>LW5mxK9Dsoz34C8Vvte7mgSt4UbGjcl8l9yeUrhq0LMoSI7b9KcQz6DyDrTzlc > >>ny39TCMTf0NSEg5JSnt0Wun5dGdoBU5GubOUxx+xhczOwtEeyA46jf5NmIKmGp > >>FgfDkAIxIpeZLBH9XttOL5Ex7pNsUGoyvy86AqG2kjRvEzFZopogp+SDcHiGJC > >>sbm5aBny10JL6XRSQHBPifnDSQRGH3FmDTtepGHLNbhE04m/F/2q0c0Z6j88Hy > >>xGxHIt9EigRMyeg+Em5LZj3X5OcK2PmYrmnwzfrlU7y06IFBPkYYzGISAea4nw > >>yDPtH7X1kM9iHtqitkRunrgdH5oj159GMYHbX8xJnF+R7cV++fa6u0mTENzIvY > >>XKXHnmc/v7v+eRnFPd2SzIFWYuqMwdXxiOQAq/HJSMuRFuVx5SHiOrEQ==</xe > >>nc:CipherValue> > >> </xenc:CipherData> > >> </xenc:EncryptedData> > >> </soap:Body> > >> </soap:Envelope> > >> > >>I edited the WSDoAllReciever to print out the number > >>constants relating > >>to these actions as it does this check, and it's getting > the actions > >>from the SOAP message in the order Encrypt, UsernameToken, > Timestamp, > >>but expecting UsernameToken, Timestamp, Encrypt. I did the > >>same with a > >>SOAP message from an axis client (which had the actions in > the order > >>Encrypt Timestamp, UsernameToken in the actual message), and > >>the headers > >>were processed in the order UsernameToken, Timestamp, > >>Encrypt, which is > >>what the handler expects. If I change the deployment > >>descriptor so the > >>actions are listed in the order Encrypt, UsernameToken, > >>Timestamp, the > >>.Net client will work, but the axis client now gives the "actions > >>mismatch" error. > >> > >>If anyone could help me figure out what is going on here, > I'd be very > >>grateful. > >> > >>Thanks, > >> > >>Richard. > >> > >>------------------------------------------------------------ > --------- > >>To unsubscribe, e-mail: [EMAIL PROTECTED] > >>For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > >> > > > > > > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
