Hi Ruchith,
thanks for your answer. Here is my the SOAP request message from the .NET
client side:
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing";
xmlns:wsse="http://docs
.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.
org/2001/XMLSchema-instance">
<soap:Header>
<wsa:Action />
<wsa:MessageID>
urn:uuid:336e0fac-2ec9-4764-807f-85f910bb3a43
</wsa:MessageID>
<wsa:ReplyTo>
<wsa:Address>
http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
</wsa:Address>
</wsa:ReplyTo>
<wsa:To>
http://lt0085.muc:7511/wss4j/services/simple_webservice
</wsa:To>
<wsse:Security soap:mustUnderstand="1">
<wsu:Timestamp
wsu:Id="Timestamp-1df6d91a-682a-4c6f-ae3e-f5e633d02bd8">
<wsu:Created>2007-03-26T07:04:06Z</wsu:Created>
<wsu:Expires>2007-03-26T07:09:06Z</wsu:Expires>
</wsu:Timestamp>
<xenc:EncryptedKey
Id="SecurityToken-cd50df54-59e6-4950-b56f-abf1e7193bcf"
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";>
<xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"; />
<KeyInfo
xmlns="http://www.w3.org/2000/09/xmldsig#";>
<wsse:SecurityTokenReference>
<wsse:KeyIdentifier
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509Subject
KeyIdentifier">
CuJdE1B2dUFd1dkLZSzQ5vj6MYg=
</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>
BLw6Yq5pDJzZ35jlBZr1d4HcjP2+CxDP3teDZlmRH1a9D2kMcav0P5sdDeNiOB2v3oFglbeY0+2bHyx8/CEG09Ib+AWBdmBL5Hd3nA8oPhFXXbKL5wephlTOKZmwMJ83QnPMOaGRmiDEYlIUPzq59P37qTxd9sFzUXksBhga2Cg=
</xenc:CipherValue>
</xenc:CipherData>
<xenc:ReferenceList>
<xenc:DataReference
URI="#Enc-3822b5d1-14c1-45a0-aad8-f0200ffd62ac" />
</xenc:ReferenceList>
</xenc:EncryptedKey>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#";>
<SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; />
<SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"; />
<Reference
URI="#Id-03903826-2208-4b5f-9ffd-954a0a5085a7">
<Transforms>
<Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; />
</Transforms>
<DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; />
<DigestValue>
OmO33V9Um/jr91cGFibiz+zUO/E=
</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>
wpxb8M16R3dSGZIU4nTjv4quYxU=
</SignatureValue>
<KeyInfo>
<wsse:SecurityTokenReference>
<wsse:Reference
URI="#SecurityToken-cd50df54-59e6-4950-b56f-abf1e7193bcf"
ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey";
/>
</wsse:SecurityTokenReference>
</KeyInfo>
</Signature>
</wsse:Security>
</soap:Header>
<soap:Body wsu:Id="Id-03903826-2208-4b5f-9ffd-954a0a5085a7">
<xenc:EncryptedData
Id="Enc-3822b5d1-14c1-45a0-aad8-f0200ffd62ac"
Type="http://www.w3.org/2001/04/xmlenc#Content";
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";>
<xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"; />
<xenc:CipherData>
<xenc:CipherValue>
Naz3DviV7qFJkcnwgKRpN85TdE5a65mA/NEyQXPVkI4=
</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
</soap:Body>
</soap:Envelope>
From: "Ruchith Fernando" <[EMAIL PROTECTED]>
To: "Freddy Weishaeupl" <[EMAIL PROTECTED]>
CC: [email protected]
Subject: Re: Interop WSE 3.0 and WSS4J - Referenced security token could
not be retrieved
Date: Sun, 25 Mar 2007 13:05:29 +0530
Hi,
Can you please post the message that the java service gets from the .NET
client?
Thanks,
Ruchith
On 3/23/07, Freddy Weishaeupl <[EMAIL PROTECTED]> wrote:
Hi,
currently I'm trying to use a .NET Client to access a Java webservice. At
the .NET side I use the Microsoft WSE 3.0 implementation to sign and
encrypt
the SOAP Body of the SOAP request message. At server-side WSS4J is used
for
checking the signature and decrypting the SOAP Message.
I'm using the interop certificates (Alice&Bob) of the WSS4J 1.5.1 package.
Unfortunately at server-side I always get the following error message:
-----------------------------------------------------------------------------------------------------------------
...
[23.03.2007 14:53:37] [DEBUG]
[org.apache.xml.security.algorithms.SignatureAlgorithm.<init>] Create URI
"http://www.w3.org/2000/09/xmldsig#hmac-sha1"; class "class
org.apache.xml.security.algorithms.implementations.IntegrityHmac$Integrity
HmacSHA1"
[23.03.2007 14:53:37] [DEBUG]
[org.apache.xml.security.algorithms.JCEMapper.translateURItoJCEID] Request
for URI http://www.w3.org/2000/09/xmldsig#hmac-sha1
[23.03.2007 14:53:37] [DEBUG]
[org.apache.xml.security.algorithms.implementations.IntegrityHmac.<init>]
Created IntegrityHmacSHA1 using HmacSHA1
[23.03.2007 14:53:37] [DEBUG]
[org.apache.xml.security.utils.ElementProxy.<init>] setElement("KeyInfo",
"null")
[23.03.2007 14:53:37] [DEBUG]
[org.apache.ws.security.message.token.SecurityTokenReference.getTokenElement]
Token reference uri: #SecurityToken-d81c5ccf-8197-433f-937b-495421e6a832
org.apache.ws.security.WSSecurityException: Referenced security token
could
not be retrieved. (Reference
"#SecurityToken-d81c5ccf-8197-433f-937b-495421e6a832")
at
org.apache.ws.security.message.token.SecurityTokenReference.getTokenElement(SecurityTokenReference.java:179)
at
org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:186)
...
-----------------------------------------------------------------------------------------------------------------------------------------
Any ideas what's the problem here? Has anyone already tested WSE3.0 in
combination with WSS4J?
Thanks.
Best Regards
Freddy
_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
--
www.ruchith.org
www.wso2.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
_________________________________________________________________
Don't just search. Find. Check out the new MSN Search!
http://search.msn.click-url.com/go/onm00200636ave/direct/01/
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
