Rohit, i don't know why (see my previous posts), but for "senderVouches" to work on the server wsdd you need to set "enableNamespacePrefixOptimization" to "true".
Luciano -----Messaggio originale----- Da: Rohit Chauhan [mailto:[EMAIL PROTECTED] Inviato: lunedì 17 luglio 2006 2.22 A: [email protected] Oggetto: Verification failed for URI "#id-31386432" Hi, I am getting Verification failed for URI "id-31386432" error on the server. Here are the wsdd settings: Client wsdd: <handler type="java:org.apache.ws.axis.security.WSDoAllSender" > <parameter name="action" value="Timestamp SAMLTokenSigned"/> <parameter name="samlPropFile" value="saml.properties"/> <parameter name="signatureKeyIdentifier" value="DirectReference" /> <parameter name="signaturePropFile" value="crypto.client.properties" /> <parameter name="enableNamespacePrefixOptimization" value="false" /> <parameter name="disablePrettyXML" value="true"/> <parameter name="user" value="2721845cfa40e36c8dee088db9a4fbfbd6c70436"/> </handler> Server WSDD: <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver"> <parameter name="passwordCallbackClass" value="com.fnf.xes.framework.axis.security.server.PWServerCallback"/> <parameter name="action" value="Timestamp Signature SAMLTokenUnsigned"/> <parameter name="signaturePropFile" value="crypto.server.properties"/> <parameter name="enableNamespacePrefixOptimization" value="false" /> <parameter name="disablePrettyXML" value="true"/> </handler> My saml.properties file is as follows: org.apache.ws.security.saml.issuerClass=org.apache.ws.security.saml.SAMLIssuerImpl org.apache.ws.security.saml.issuer.cryptoProp.file=crypto.client.properties org.apache.ws.security.saml.issuer.key.name=clientkey org.apache.ws.security.saml.issuer.key.password=clientkeypassword org.apache.ws.security.saml.issuer=www.example.com org.apache.ws.security.saml.subjectNameId.name=myuser org.apache.ws.security.saml.subjectNameId.qualifier=www.example.com org.apache.ws.security.saml.authenticationMethod=password org.apache.ws.security.saml.confirmationMethod=senderVouches My crypto.client.properties file is follows: org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin org.apache.ws.security.crypto.merlin.keystore.type=jks org.apache.ws.security.crypto.merlin.keystore.password=client org.apache.ws.security.crypto.merlin.file=client.keystore I have created a keystore using keytool from sun java. Reference I Verification successful for URI "#STRSAMLId-1345122" [7/16/06 19:14:55:493 EDT] 0000003f Reference W Verification failed for URI "#id-31386432" [7/16/06 19:14:55:503 EDT] 0000003f SystemErr R org.apache.ws.security.WSSecurityException: The signature verification failed at org.apache.ws.security.WSSecurityEngine.verifyXMLSignature(WSSecurityEngine.java:627) at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:320) I would appreciate any help in getting this error resolved. Thanks, Rohit __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
