Axis / WSS4J / Interop - .NET Framework

bbalet.free.fr

Hello,

Anyone succeed to make work a .Net WebService client WSE
with WSS4J (I always get the error message 'Signature Verification
failed') ?

On the server my WSDD config is:
<deployment xmlns="http://xml.apache.org/axis/wsdd/"
xmlns:java="htt p://xml.apache.org/axis/wsdd/providers/java">
<globalConfigur ation>
<parameter name="enableNam espacePrefixOpt imization" value="false" />
<parameter name="disablePr ettyXML" value="true"/>
<requestFlow>
<handler type="java:org. apache.ws.axis. security.WSDoAl lReceiver">
<parameter name="passwordC allbackClass"
value="com.hp.o v.temip.ws.hand ler.PWCallback"/>
<parameter name="action" value="Username TokenSignature UsernameToken Encrypt
Timestamp"/>
<parameter name="decryptio nPropFile" value="security .properties" />
</handler>
</requestFlow>
</globalConfigura tion>
</deployment>

On client's side, I developped with WSE 3.0 Policy framework
The following SecureMessage overriden function:

public override void SecureMessage(S oapEnvelope envelope, Security security)
{
//Must Understand Headers
security.MustUn derstand = true;
security.Timest amp.TtlInSecond s = 60;

//User Name Token
UsernameToken userToken = new UsernameToken(m _strUsername, m_strPassword,
PasswordOption. SendPlainText);
security.Tokens .Add(userToken) ;

X509SecurityTok en token = null;
try
{
token = GetSecurityToke n("CN=10.67.212 .35");
}
catch (Exception ex)
{
throw new Exception("Cert ificate not found : " + ex.Message);
}

//Define a custom X509 token
ISecurityTokenM anager stm =
SecurityTokenMa nager.GetSecuri tyTokenManagerB yTokenType(WSTr ust.TokenTypes. X509v3);
X509SecurityTok enManager x509tm = stm as X509SecurityTok enManager;
x509tm.DefaultK eyAlgorithm = "RSA15";
x509tm.DefaultS essionKeyAlgori thm = "TripleDES" ;

//security.Elemen ts.Add(new EncryptedData(t oken)); //De-comment this line
will encrypt the Body
// Add the token to the SOAP header.
security.Tokens .Add(token); //Insert the token being used into header

//Add Message Signature
MessageSignatur e sig = new MessageSignatur e(userToken);
sig.SignatureOp tions = SignatureOption s.IncludeSoapBo dy;
security.Elemen ts.Add(sig);

//Insert the encrypted UsernameToken
security.Elemen ts.Add(new EncryptedData(t oken, "#" + userToken.Id));
}

Into TOMCAT logs, I can notice that WSS4J is able to:
- retrieve my certificate with its public key
- Decrypt the UserNameToken
But the signature verification fails, some say that it could be due
to a pretty-print component that alters the SOAP message after
the signature, if so, how to deactivate such pretty-printer ?

_______________ ___
Benjamin BALET
http://bbalet.free.fr/

Feb 24 '06 #1

Subscribe Reply

6598

Richard Gregory

Hi,
It's probably a server side problem. You need to change these lines in your
wsdd.

<parameter name="action" value="Username TokenSignature UsernameToken Encrypt

Timestamp"/>
<parameter name="decryptio nPropFile" value="security .properties" />
I think the first one should just be
<parameter name="action" value="Signatur e UsernameToken Encrypt
Timestamp"/>

and the second should define the signaturePropFi le not decryptionPropF ile.
If you're doing signature and encryption with just one file you must define
it as the signature properties file, and the WSS4J handler uses this for both.
<parameter name="signature PropFile" value="security .properties" />

Hope this helps.

Richard.

"bbalet.free.fr " wrote:
Hello,

Anyone succeed to make work a .Net WebService client WSE
with WSS4J (I always get the error message 'Signature Verification
failed') ?

On the server my WSDD config is:
<deployment xmlns="http://xml.apache.org/axis/wsdd/"
xmlns:java="htt p://xml.apache.org/axis/wsdd/providers/java">
<globalConfigur ation>
<parameter name="enableNam espacePrefixOpt imization" value="false" />
<parameter name="disablePr ettyXML" value="true"/>
<requestFlow>
<handler type="java:org. apache.ws.axis. security.WSDoAl lReceiver">
<parameter name="passwordC allbackClass"
value="com.hp.o v.temip.ws.hand ler.PWCallback"/>
<parameter name="action" value="Username TokenSignature UsernameToken Encrypt
Timestamp"/>
<parameter name="decryptio nPropFile" value="security .properties" />
</handler>
</requestFlow>
</globalConfigura tion>
</deployment>

On client's side, I developped with WSE 3.0 Policy framework
The following SecureMessage overriden function:

public override void SecureMessage(S oapEnvelope envelope, Security security)
{
//Must Understand Headers
security.MustUn derstand = true;
security.Timest amp.TtlInSecond s = 60;

//User Name Token
UsernameToken userToken = new UsernameToken(m _strUsername, m_strPassword,
PasswordOption. SendPlainText);
security.Tokens .Add(userToken) ;

X509SecurityTok en token = null;
try
{
token = GetSecurityToke n("CN=10.67.212 .35");
}
catch (Exception ex)
{
throw new Exception("Cert ificate not found : " + ex.Message);
}

//Define a custom X509 token
ISecurityTokenM anager stm =
SecurityTokenMa nager.GetSecuri tyTokenManagerB yTokenType(WSTr ust.TokenTypes. X509v3);
X509SecurityTok enManager x509tm = stm as X509SecurityTok enManager;
x509tm.DefaultK eyAlgorithm = "RSA15";
x509tm.DefaultS essionKeyAlgori thm = "TripleDES" ;

//security.Elemen ts.Add(new EncryptedData(t oken)); //De-comment this line
will encrypt the Body
// Add the token to the SOAP header.
security.Tokens .Add(token); //Insert the token being used into header

//Add Message Signature
MessageSignatur e sig = new MessageSignatur e(userToken);
sig.SignatureOp tions = SignatureOption s.IncludeSoapBo dy;
security.Elemen ts.Add(sig);

//Insert the encrypted UsernameToken
security.Elemen ts.Add(new EncryptedData(t oken, "#" + userToken.Id));
}

Into TOMCAT logs, I can notice that WSS4J is able to:
- retrieve my certificate with its public key
- Decrypt the UserNameToken
But the signature verification fails, some say that it could be due
to a pretty-print component that alters the SOAP message after
the signature, if so, how to deactivate such pretty-printer ?

_______________ ___
Benjamin BALET
http://bbalet.free.fr/

Feb 27 '06 #2

Similar topics

2690

Problem using axis 1.1 as client

by: Jacky Zhu | last post by:

Hi all, I am having a problem trying to consume a webservice that is developed on ..Net. I can access it without any problem using a .net client, but when I use a java client (based on Axis 1.1), some methods work, some don't. The error message I got is "org.apache.axis.types.URI$MalformedURIException: No scheme found in URI..."

.NET Framework

9782

deserialization arrays in Axis SOAP messages

by: parrot toes | last post by:

Summary: I have been trying to make requests of a web service provided by Axis using a dotnet client with code generated by wsdl.exe and have been getting exceptions when trying to process the response. As a result of seraching news groups I guessed that the SOAP response defines an array element in a way that causes the dotnet...

.NET Framework

2507

.Net Client gets null while calling Axis 1.2 web services

by: Lilly | last post by:

I was testing a very simple web services written in Axis (1.2RC2) with just a single method, returning a string "test". The method doesn't need any parameters. when I tested it using .Net client, it returns null. Could anyone please tell me what could ne wrong? I've beening fighting this problem for days now, but still no luck.. Could...

.NET Framework

8886

C# client consuming a Java Axis (1.2RC2) web service

by: Jamie Phillips | last post by:

I'm sure this topic has been "around the block" a few times, but I have not been able to find ANY solutin that fits this particular problem. I have written a Java Axis web service that has a method which returns an object with the following characteristics: public class MMPerson { public string firstName; public string surname; public int...

.NET Framework

12297

xsd:dateTime incompatibility between .Net and Apache Axis

by: Lucvdv | last post by:

I have to connect to a server set up by the government, where they used Apache Axis to create a webservice. The code I use to interface to the webservice is generated by wsdl.exe, based on a .wsdl file they sent me. Now a problem turns up with a date field they implemented as xsd:dateTime, even though it only contains a date.

.NET Framework

1481

Axis / WSS4J / Interop

by: bbalet.free.fr | last post by:

.NET Framework

4146

Axis Web Service, .Net Client - Interop issue with SOAP Header

by: vthakur | last post by:

Hello: I have a Axis Web Service that sets the sessionid in the SOAP header for persisting the session. The client is a .Net client that processes the header as an Unknown Header. It sets the session id received from the Service request on subsequent requests to the service. However the Axis Web service does not process the SOAP header...

.NET Framework

2218

axis / wss4j client consuming .NET web service

by: cjharrelson | last post by:

I am trying to consume a .NET web service using UsernameToken plain text password authentication. Here is my .wsdd configuration file:  <deployment xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java="http://xml.apache.org/axis/wsdd/providers/java"> <transport name="http"...

.NET Framework

3747

access the axis of the graph

by: smith.mariya | last post by:

hi, i am mariya. i am working on vb.net. i have created the powerpoint addin. i have inserted the chart on the slide through vb.net code. now, i want to remove the gridlines on the chart and want to remove the y axis. i am not able to get the exact object and properties of the axis . can u plz tell me, what should i do? the code is as, ...

.NET Framework

7924

Problem With Comparison Operator <=> in G++

by: Oralloy | last post by:

Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers, it seems that the internal comparison operator "<=>" tries to promote arguments from unsigned to signed. This is as boiled down as I can make it. ...

C / C++

8130

Maximizing Business Potential: The Nexus of Website Design and Digital Marketing

by: jinu1996 | last post by:

In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven tapestry of website design and digital marketing. It's not merely about having a website; it's about crafting an immersive digital experience that...

Online Marketing

7677

The easy way to turn off automatic updates for Windows 10/11

by: Hystou | last post by:

Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows Update option using the Control Panel or Settings app; it automatically checks for updates and installs any it finds, whether you like it or not. For...

Windows Server

5514

Access Europe - Using VBA to create a class based on a table - Wed 1 May

by: isladogs | last post by:

The next Access Europe User Group meeting will be on Wednesday 1 May 2024 starting at 18:00 UK time (6PM UTC+1) and finishing by 19:30 (7.30PM). In this session, we are pleased to welcome a new presenter, Adolph Dupré who will be discussing some powerful techniques for using class modules. He will explain when you may want to use classes...

Microsoft Access / VBA

5219

Couldn’t get equations in html when convert word .docx file to html file in C#.

by: conductexam | last post by:

I have .net C# application in which I am extracting data from word file and save it in database particularly. To store word all data as it is I am converting the whole word file firstly in HTML and then checking html paragraph one by one. At the time of converting from word file to html my equations which are in the word document file was convert...

C# / C Sharp

3653

Trying to create a lan-to-lan vpn between two differents networks

by: TSSRALBI | last post by:

Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The last exercise I practiced was to create a LAN-to-LAN VPN between two Pfsense firewalls, by using IPSEC protocols. I succeeded, with both firewalls in...

Networking - Hardware / Configuration

3643

Windows Forms - .Net 8.0

by: adsilva | last post by:

A Windows Forms form does not have the event Unload, like VB6. What one acts like?

Visual Basic .NET

2115

transfer the data from one system to another through ip address

by: 6302768590 | last post by:

Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated we have to send another system

C# / C Sharp

1223

How to add payments to a PHP MySQL app.

by: muto222 | last post by:

How can i add a mobile payment intergratation into php mysql website.

PHP