Thanks, Colm and others, for the pointers and replies. I was using Axis tools to create the testing SOAP message. After switching to Sun's implementation, the problem went away. I got everything working and the test code was helpful. Thanks again.
Gang -----Original Message----- From: Colm O hEigeartaigh [mailto:cohei...@apache.org] Sent: Monday, August 16, 2010 3:14 PM To: Yang, Gang CTR US USA Cc: wss4j-dev@ws.apache.org Subject: Re: WSSecEncrypt vs WSEncryptBody That looks like a problem caused by interned namespaces in XML Security and Axis SAAJ not being able to handle them. Are you using the Axis SAAJ implementation? If so I suggest either use Sun's SAAJ implementation, or else change from using the SAAJ API's to Axis API's.. Take a look at the methods in SOAPUtil: https://svn.apache.org/repos/asf/webservices/wss4j/trunk/test/wssec/SOAPUtil.java Colm. On Wed, Aug 11, 2010 at 3:28 PM, Yang, Gang CTR US USA <gang.y...@us.army.mil> wrote: > Hi, > > I'm wondering if WSSecEncrypt is ready for use. I was trying to > encrypt a very simple SOAP message with a bare minumum wss4j code > using either > 1.5.6 or 1.5.8. Using WSEncryptBody, it worked. But when I switch over > to WSSecEncrypt since WSEncryptBody seems to be deprecated, I got the > following exception: > > > > org.apache.ws.security.WSSecurityException: Cannot encrypt data; > nested exception is: > org.apache.xml.security.exceptions.XMLSecurityException: Cannot > create a http://www.w3.org/2000/09/xmldsig#:ds:KeyInfo from a > http://www.w3.org/2000/09/xmldsig#:KeyInfo element > at > org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt. > ja > va:583) > at > org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt. > ja > va:444) > at > org.apache.ws.security.message.WSSecEncrypt.encryptForInternalRef(WSSe > cE > ncrypt.java:342) > at > org.apache.ws.security.message.WSSecEncrypt.build(WSSecEncrypt.java:30 > 6) > at > com.ibm.sample.SOAPEncryption.encryptSOAPEnvelope(SOAPEncryption.java: > 13 > 7) > at com.ibm.sample.SOAPEncryption.main(SOAPEncryption.java:159) > Caused by: org.apache.xml.security.exceptions.XMLSecurityException: > Cannot create a http://www.w3.org/2000/09/xmldsig#:ds:KeyInfo from a > http://www.w3.org/2000/09/xmldsig#:KeyInfo element > at > org.apache.xml.security.utils.ElementCheckerImpl$InternedNsChecker.gua > ra nteeThatElementInCorrectSpace(Unknown Source) > at > org.apache.xml.security.utils.ElementProxy.guaranteeThatElementInCorre > ct > Space(Unknown Source) > at org.apache.xml.security.utils.ElementProxy.<init>(Unknown > Source) > at > org.apache.xml.security.utils.SignatureElementProxy.<init>(Unknown > Source) > at org.apache.xml.security.keys.KeyInfo.<init>(Unknown Source) > at > org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt. > ja > va:580) > ... 5 more > > > > Here's the relavent code segment: > > > public SOAPMessage encryptSOAPEnvelope(SOAPEnvelope > unsignedEnvelope) throws Exception { > // GY: Deprecated. Use WSSecEncrypt // > WSEncryptBody wsEncrypt = new WSEncryptBody(); > WSSecEncrypt wsEncrypt = new WSSecEncrypt(); > Document doc = unsignedEnvelope.getOwnerDocument(); > > String alias = "mykey"; > String password = "testit"; > wsEncrypt.setUserInfo(alias, password); > > Crypto crypto = CryptoFactory.getInstance(); // > Document encDoc = wsEncrypt.build(doc, crypto); > Document encDoc = wsEncrypt.build(doc, crypto, null); > > DOMSource src = new DOMSource(encDoc); > MessageFactory mf = MessageFactory.newInstance(); > SOAPMessage soapMsg = mf.createMessage(); > soapMsg.getSOAPPart().setContent(src); > > return soapMsg; > } > > > I followed the WSSecEncrypt code to the point where it tries to clone > the KeyInfo when it generates the exception. It's at > WSSecEncrypt.java:595. This looks like all wss4j internal handling. Is > this a bug? > > Thanks, > Gang > > --------------------------------------------------------------------- > To unsubscribe, e-mail: wss4j-dev-unsubscr...@ws.apache.org > For additional commands, e-mail: wss4j-dev-h...@ws.apache.org > > --------------------------------------------------------------------- To unsubscribe, e-mail: wss4j-dev-unsubscr...@ws.apache.org For additional commands, e-mail: wss4j-dev-h...@ws.apache.org
