All, I got this issue resolved.Here is the problem and the solution.
Problem: I am sending an xml document as part of soap message body.The input xml tags didn't have namespace prefixes pointing to namespaces. My incorrect input xml embedded in soap body was something like this : <?xml version="1.0" encoding="UTF-8"?> <IFX xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns="http://www.ifxforum.org/IFX_150";> <SignonRq> <SessKey>{0}</SessKey> <ClientDt>0000-00-00T00:00:00.000000-00:00</ClientDt> <CustLangPref>en_US</CustLangPref> <ClientApp> <Org>com.webster</Org> <Name>Webster Bank</Name> <Version>1.0</Version> </ClientApp> </SignonRq> </IFX> Solution: The correct xml needed by Axis/WSS4J is with namespace prefixes added to the tags. <?xml version="1.0" encoding="UTF-8"?> <ifx:IFX xmlns:ifx="http://www.ifxforum.org/IFX_150"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> <ifx:SignonRq Id="ID000000"> <ifx:SessKey>{0}</ifx:SessKey> <ifx:ClientDt>0000-00-00T00:00:00.000000-00:00</ifx:ClientDt> <ifx:CustLangPref>en_US</ifx:CustLangPref> <ifx:ClientApp> <ifx:Org>com.webster</ifx:Org> <ifx:Name>Webster Bank</ifx:Name> <ifx:Version>1.0</ifx:Version> </ifx:ClientApp> </ifx:SignonRq> </ifx:IFX> That's the reason I was getting two verification messages: I Verification successful for URI "#STRSAMLId-11930515" W Verification failed for URI "#id-28036099" It seems Signature verification went through fine for SAML but it threw an error when it tried to verify the soap body part. If any one has a better understanding on this issue can correct me or add to this. Thanks, -Rohit --- Montebove Luciano <[EMAIL PROTECTED]> wrote: > My working configuration for the StockQuoteService > sample is: > > Server-config.wsdd: > > <deployment xmlns="http://xml.apache.org/axis/wsdd/"; > > xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> > <globalConfiguration> > <parameter name="adminPassword" value="admin"/> > <parameter > name="enableNamespacePrefixOptimization" > value="true"/> > <parameter name="disablePrettyXML" value="true"/> > <parameter name="sendXsiTypes" value="true"/> > <parameter name="sendMultiRefs" value="true"/> > <parameter name="sendXMLDeclaration" > value="true"/> > </globalConfiguration> > <handler name="LocalResponder" > > type="java:org.apache.axis.transport.local.LocalResponder"/> > <handler name="URLMapper" > type="java:org.apache.axis.handlers.http.URLMapper"/> > <handler name="Authenticate" > > type="java:org.apache.axis.handlers.SimpleAuthenticationHandler"/> > <service name="stock-wss-01" provider="java:RPC" > style="document" use="literal"> > <requestFlow> > <handler > type="java:org.apache.ws.axis.security.WSDoAllReceiver"> > <parameter name="action" value="Timestamp > Signature SAMLTokenUnsigned"/> > <parameter name="signaturePropFile" > value="pa-crypto.properties" /> > </handler> > </requestFlow> > <parameter name="className" > value="samples.stock.StockQuoteService"/> > <parameter name="allowedMethods" > value="getQuote"/> > <parameter name="scope" value="application"/> > </service> > ..... > Client_deploy.wsdd: > <deployment xmlns="http://xml.apache.org/axis/wsdd/"; > xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> > <globalConfiguration > > <parameter > name="enableNamespacePrefixOptimization" > value="false"/> > <requestFlow > > <handler > type="java:org.apache.ws.axis.security.WSDoAllSender" > > > <parameter > name="enableNamespacePrefixOptimization" > value="false"/> > <parameter name="action" > value="Timestamp SAMLTokenSigned"/> > <parameter name="samlPropFile" > value="saml3.properties"/> > <parameter > name="signatureKeyIdentifier" > > value="DirectReference"/> > </handler> > </requestFlow > > </globalConfiguration > > <transport name="java" > pivot="java:org.apache.axis.transport.java.JavaSender"/> > <transport name="http" > pivot="java:org.apache.axis.transport.http.HTTPSender"/> > <transport name="local" > pivot="java:org.apache.axis.transport.local.LocalSender"/> > </deployment> > > Saml3.properties: > > org.apache.ws.security.saml.issuerClass=org.apache.ws.security.saml.SAMLIssuerImpl > org.apache.ws.security.saml.issuer.cryptoProp.file=pd-crypto.properties > org.apache.ws.security.saml.issuer.key.name=user > org.apache.ws.security.saml.issuer.key.password=password > org.apache.ws.security.saml.issuer=user > org.apache.ws.security.saml.subjectNameId.name=uid=joe,ou=people,ou=saml-demo,o=example.com > org.apache.ws.security.saml.subjectNameId.qualifier=www.example.com > org.apache.ws.security.saml.authenticationMethod=password > org.apache.ws.security.saml.confirmationMethod=senderVouches > > Hope this help > > Luciano > > > -----Messaggio originale----- > Da: Rohit Chauhan [mailto:[EMAIL PROTECTED] > > Inviato: lunedì 17 luglio 2006 14.20 > A: Dittmann, Werner; Montebove Luciano; > [email protected]; [EMAIL PROTECTED] > Oggetto: Re: AW: Verification failed for URI > "#id-31386432" > > I tried it with : > > <parameter name="enableNamespacePrefixOptimization" > value="true"/> > > I am still getting the same error. > > Soumadeep, > > I saw your postings back in April on the mailing > list and you seem to be getting the similar error > message. > > Were you able to resolve the problem?Can you share > the information please? > > Thanks, > > -Rohit > > > > > --- "Dittmann, Werner" <[EMAIL PROTECTED]> > wrote: > > > Can you please copy this information also the the > Axis lists as this > > seems to bee a problem of the Axis SOAP engine and > XML serializer - > > WSS4J cannot influence the way Axis serializes the > XML data. > > > > TIA, > > Werner > > > > > -----Ursprüngliche Nachricht----- > > > Von: Montebove Luciano > > [mailto:[EMAIL PROTECTED] > > > Gesendet: Montag, 17. Juli 2006 09:01 > > > An: [EMAIL PROTECTED]; > [email protected] > > > Betreff: R: Verification failed for URI > > "#id-31386432" > > > > > > Rohit, > > > > > > i don't know why (see my previous posts), but > for "senderVouches" to > > > work on the server wsdd you > > need to set > > > "enableNamespacePrefixOptimization" to "true". > > > > > > Luciano > > > > > > -----Messaggio originale----- > > > Da: Rohit Chauhan > > [mailto:[EMAIL PROTECTED] > > > Inviato: lunedì 17 luglio 2006 2.22 > > > A: [email protected] > > > Oggetto: Verification failed for URI > > "#id-31386432" > > > > > > Hi, > > > > > > I am getting Verification failed for URI > > "id-31386432" > > > error on the server. > > > > > > > > > Here are the wsdd settings: > > > > > > Client wsdd: > > > > > > <handler > > > > > > type="java:org.apache.ws.axis.security.WSDoAllSender" > > > > > > > <parameter name="action" value="Timestamp > > SAMLTokenSigned"/> > > > <parameter name="samlPropFile" > > > value="saml.properties"/> > > > <parameter name="signatureKeyIdentifier" > > > value="DirectReference" /> > > > <parameter name="signaturePropFile" > > > value="crypto.client.properties" /> > > > <parameter > > > name="enableNamespacePrefixOptimization" > > value="false" > > > /> > > > <parameter name="disablePrettyXML" > > > value="true"/> > > > <parameter name="user" > > > > value="2721845cfa40e36c8dee088db9a4fbfbd6c70436"/> > > > </handler> > === message truncated === __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
