Hello, dev.
I have following problem. I'm trying to use Java server with XFire soap
framework 1.2.4 (It uses wss4j 1.5.0 to implement ws-security) with .Net 2.0
with WSE 3.0 web services client. So, I have configured Net client to use
UsernameToken and message signing and encryption. When I run Net client
WSSecurityEngine throws following Exception:
org.apache.ws.security.WSSecurityException: General security error
(Unexpected number of X509Data: for decryption (KeyId))
This exception appears in EncryptedKeyProcessor class in line 181:
179: X509Certificate[] certs =
secRef.getKeyIdentifier(crypto);
180: if (certs == null || certs.length < 1 || certs[0] ==
null) {
181: throw new
WSSecurityException(WSSecurityException.FAILURE,
182: "invalidX509Data", new Object[]{"for
decryption (KeyId)"});
Tracing through to getKeyIdentifier method in SecurityKeyReference class, it
seems like the value type of key identifier is not supported. Namely,
incoming value type of key identifer is:
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#Thumbprin
tSHA1
But expected value type is:
X509Security.getType(). That is:
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1
.0#X509v3 or
SKI_URI constant. That is:
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1
.0#X509SubjectKeyIdentifier or
THUMB_URI constant. That is
http://docs.oasis-open.org/wss/2004/xx/oasis-2004xx-wss-soap-message-securit
y-1.0#ThumbprintSHA1
So, as you can see, incoming value type is not corresponds any of expected
value types.
I hope for your help. Thank's
P.S.: Similar error was there:
http://www.mail-archive.com/[email protected]/msg00613.html
Sincerely, Vadim Gindin
[EMAIL PROTECTED]
