Hi,
I'm wondering if WSSecEncrypt is ready for use. I was trying to encrypt
a very simple SOAP message with a bare minumum wss4j code using either
1.5.6 or 1.5.8. Using WSEncryptBody, it worked. But when I switch over
to WSSecEncrypt since WSEncryptBody seems to be deprecated, I got the
following exception:
org.apache.ws.security.WSSecurityException: Cannot encrypt data; nested
exception is:
org.apache.xml.security.exceptions.XMLSecurityException: Cannot
create a http://www.w3.org/2000/09/xmldsig#:ds:KeyInfo from a
http://www.w3.org/2000/09/xmldsig#:KeyInfo element
at
org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt.ja
va:583)
at
org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt.ja
va:444)
at
org.apache.ws.security.message.WSSecEncrypt.encryptForInternalRef(WSSecE
ncrypt.java:342)
at
org.apache.ws.security.message.WSSecEncrypt.build(WSSecEncrypt.java:306)
at
com.ibm.sample.SOAPEncryption.encryptSOAPEnvelope(SOAPEncryption.java:13
7)
at com.ibm.sample.SOAPEncryption.main(SOAPEncryption.java:159)
Caused by: org.apache.xml.security.exceptions.XMLSecurityException:
Cannot create a http://www.w3.org/2000/09/xmldsig#:ds:KeyInfo from a
http://www.w3.org/2000/09/xmldsig#:KeyInfo element
at
org.apache.xml.security.utils.ElementCheckerImpl$InternedNsChecker.guara
nteeThatElementInCorrectSpace(Unknown Source)
at
org.apache.xml.security.utils.ElementProxy.guaranteeThatElementInCorrect
Space(Unknown Source)
at org.apache.xml.security.utils.ElementProxy.<init>(Unknown
Source)
at
org.apache.xml.security.utils.SignatureElementProxy.<init>(Unknown
Source)
at org.apache.xml.security.keys.KeyInfo.<init>(Unknown Source)
at
org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt.ja
va:580)
... 5 more
Here's the relavent code segment:
public SOAPMessage encryptSOAPEnvelope(SOAPEnvelope
unsignedEnvelope) throws Exception {
// GY: Deprecated. Use WSSecEncrypt
// WSEncryptBody wsEncrypt = new WSEncryptBody();
WSSecEncrypt wsEncrypt = new WSSecEncrypt();
Document doc = unsignedEnvelope.getOwnerDocument();
String alias = "mykey";
String password = "testit";
wsEncrypt.setUserInfo(alias, password);
Crypto crypto = CryptoFactory.getInstance();
// Document encDoc = wsEncrypt.build(doc, crypto);
Document encDoc = wsEncrypt.build(doc, crypto, null);
DOMSource src = new DOMSource(encDoc);
MessageFactory mf = MessageFactory.newInstance();
SOAPMessage soapMsg = mf.createMessage();
soapMsg.getSOAPPart().setContent(src);
return soapMsg;
}
I followed the WSSecEncrypt code to the point where it tries to clone
the KeyInfo when it generates the exception. It's at
WSSecEncrypt.java:595. This looks like all wss4j internal handling. Is
this a bug?
Thanks,
Gang
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
