473,503 Members | 1,877 Online
Bytes | Software Development & Data Engineering Community
+ Post

Home Posts Topics Members FAQ

Axis / WSS4J / Interop

Hello,

Anyone succeed to make work a .Net WebService client WSE
with WSS4J (I always get the error message 'Signature Verification
failed') ?

On the server my WSDD config is:
<deployment xmlns="http://xml.apache.org/axis/wsdd/"
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
<globalConfiguration>
<parameter name="enableNamespacePrefixOptimization" value="false" />
<parameter name="disablePrettyXML" value="true"/>
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllRece iver">
<parameter name="passwordCallbackClass"
value="com.hp.ov.temip.ws.handler.PWCallback"/>
<parameter name="action" value="UsernameTokenSignature UsernameToken Encrypt
Timestamp"/>
<parameter name="decryptionPropFile" value="security.properties" />
</handler>
</requestFlow>
</globalConfiguration>
</deployment>

On client's side, I developped with WSE 3.0 Policy framework
The following SecureMessage overriden function:

public override void SecureMessage(SoapEnvelope envelope, Security security)
{
//Must Understand Headers
security.MustUnderstand = true;
security.Timestamp.TtlInSeconds = 60;

//User Name Token
UsernameToken userToken = new UsernameToken(m_strUsername, m_strPassword,
PasswordOption.SendPlainText);
security.Tokens.Add(userToken);

X509SecurityToken token = null;
try
{
token = GetSecurityToken("CN=10.67.212.35");
}
catch (Exception ex)
{
throw new Exception("Certificate not found : " + ex.Message);
}

//Define a custom X509 token
ISecurityTokenManager stm =
SecurityTokenManager.GetSecurityTokenManagerByToke nType(WSTrust.TokenTypes.X509v3);
X509SecurityTokenManager x509tm = stm as X509SecurityTokenManager;
x509tm.DefaultKeyAlgorithm = "RSA15";
x509tm.DefaultSessionKeyAlgorithm = "TripleDES";

//security.Elements.Add(new EncryptedData(token)); //De-comment this line
will encrypt the Body
// Add the token to the SOAP header.
security.Tokens.Add(token); //Insert the token being used into header

//Add Message Signature
MessageSignature sig = new MessageSignature(userToken);
sig.SignatureOptions = SignatureOptions.IncludeSoapBody;
security.Elements.Add(sig);

//Insert the encrypted UsernameToken
security.Elements.Add(new EncryptedData(token, "#" + userToken.Id));
}

Into TOMCAT logs, I can notice that WSS4J is able to:
- retrieve my certificate with its public key
- Decrypt the UserNameToken
But the signature verification fails, some say that it could be due
to a pretty-print component that alters the SOAP message after
the signature, if so, how to deactivate such pretty-printer ?

__________________
Benjamin BALET
http://bbalet.free.fr/

Feb 24 '06 #1
1 6590
Hi,
It's probably a server side problem. You need to change these lines in your
wsdd.

<parameter name="action" value="UsernameTokenSignature UsernameToken Encrypt
Timestamp"/>
<parameter name="decryptionPropFile" value="security.properties" />
I think the first one should just be
<parameter name="action" value="Signature UsernameToken Encrypt
Timestamp"/>

and the second should define the signaturePropFile not decryptionPropFile.
If you're doing signature and encryption with just one file you must define
it as the signature properties file, and the WSS4J handler uses this for both.
<parameter name="signaturePropFile" value="security.properties" />

Hope this helps.

Richard.

"bbalet.free.fr" wrote:
Hello,

Anyone succeed to make work a .Net WebService client WSE
with WSS4J (I always get the error message 'Signature Verification
failed') ?

On the server my WSDD config is:
<deployment xmlns="http://xml.apache.org/axis/wsdd/"
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
<globalConfiguration>
<parameter name="enableNamespacePrefixOptimization" value="false" />
<parameter name="disablePrettyXML" value="true"/>
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllRece iver">
<parameter name="passwordCallbackClass"
value="com.hp.ov.temip.ws.handler.PWCallback"/>
<parameter name="action" value="UsernameTokenSignature UsernameToken Encrypt
Timestamp"/>
<parameter name="decryptionPropFile" value="security.properties" />
</handler>
</requestFlow>
</globalConfiguration>
</deployment>

On client's side, I developped with WSE 3.0 Policy framework
The following SecureMessage overriden function:

public override void SecureMessage(SoapEnvelope envelope, Security security)
{
//Must Understand Headers
security.MustUnderstand = true;
security.Timestamp.TtlInSeconds = 60;

//User Name Token
UsernameToken userToken = new UsernameToken(m_strUsername, m_strPassword,
PasswordOption.SendPlainText);
security.Tokens.Add(userToken);

X509SecurityToken token = null;
try
{
token = GetSecurityToken("CN=10.67.212.35");
}
catch (Exception ex)
{
throw new Exception("Certificate not found : " + ex.Message);
}

//Define a custom X509 token
ISecurityTokenManager stm =
SecurityTokenManager.GetSecurityTokenManagerByToke nType(WSTrust.TokenTypes.X509v3);
X509SecurityTokenManager x509tm = stm as X509SecurityTokenManager;
x509tm.DefaultKeyAlgorithm = "RSA15";
x509tm.DefaultSessionKeyAlgorithm = "TripleDES";

//security.Elements.Add(new EncryptedData(token)); //De-comment this line
will encrypt the Body
// Add the token to the SOAP header.
security.Tokens.Add(token); //Insert the token being used into header

//Add Message Signature
MessageSignature sig = new MessageSignature(userToken);
sig.SignatureOptions = SignatureOptions.IncludeSoapBody;
security.Elements.Add(sig);

//Insert the encrypted UsernameToken
security.Elements.Add(new EncryptedData(token, "#" + userToken.Id));
}

Into TOMCAT logs, I can notice that WSS4J is able to:
- retrieve my certificate with its public key
- Decrypt the UserNameToken
But the signature verification fails, some say that it could be due
to a pretty-print component that alters the SOAP message after
the signature, if so, how to deactivate such pretty-printer ?

__________________
Benjamin BALET
http://bbalet.free.fr/

Feb 27 '06 #2

This thread has been closed and replies have been disabled. Please start a new discussion.

Similar topics
3
2688
Problem using axis 1.1 as client
by: Jacky Zhu | last post by:
Hi all, I am having a problem trying to consume a webservice that is developed on ..Net. I can access it without any problem using a .net client, but when I use a java client (based on Axis...
.NET Framework
3
9771
deserialization arrays in Axis SOAP messages
by: parrot toes | last post by:
Summary: I have been trying to make requests of a web service provided by Axis using a dotnet client with code generated by wsdl.exe and have been getting exceptions when trying to process the...
.NET Framework
3
2502
.Net Client gets null while calling Axis 1.2 web services
by: Lilly | last post by:
I was testing a very simple web services written in Axis (1.2RC2) with just a single method, returning a string "test". The method doesn't need any parameters. when I tested it using .Net client,...
.NET Framework
7
8880
C# client consuming a Java Axis (1.2RC2) web service
by: Jamie Phillips | last post by:
I'm sure this topic has been "around the block" a few times, but I have not been able to find ANY solutin that fits this particular problem. I have written a Java Axis web service that has a method...
.NET Framework
4
12294
xsd:dateTime incompatibility between .Net and Apache Axis
by: Lucvdv | last post by:
I have to connect to a server set up by the government, where they used Apache Axis to create a webservice. The code I use to interface to the webservice is generated by wsdl.exe, based on a...
.NET Framework
0
1470
Axis / WSS4J / Interop
by: bbalet.free.fr | last post by:
Hello, Anyone succeed to make work a .Net WebService client WSE with WSS4J (I always get the error message 'Signature Verification failed') ? On the server my WSDD config is: <deployment...
.NET Framework
5
4136
Axis Web Service, .Net Client - Interop issue with SOAP Header
by: vthakur | last post by:
Hello: I have a Axis Web Service that sets the sessionid in the SOAP header for persisting the session. The client is a .Net client that processes the header as an Unknown Header. It sets the...
.NET Framework
0
2211
axis / wss4j client consuming .NET web service
by: cjharrelson | last post by:
I am trying to consume a .NET web service using UsernameToken plain text password authentication. Here is my .wsdd configuration file: <!-- Using the WSDoAllSender security handler in request...
.NET Framework
2
3740
access the axis of the graph
by: smith.mariya | last post by:
hi, i am mariya. i am working on vb.net. i have created the powerpoint addin. i have inserted the chart on the slide through vb.net code. now, i want to remove the gridlines on the chart and want...
.NET Framework
0
7204
marktang
What is ONU?
by: marktang | last post by:
ONU (Optical Network Unit) is one of the key components for providing high-speed Internet services. Its primary function is to act as an endpoint device located at the user's premises. However,...
General
0
7282
Oralloy
Problem With Comparison Operator <=> in G++
by: Oralloy | last post by:
Hello folks, I am unable to find appropriate documentation on the type promotion of bit-fields when using the generalised comparison operator "<=>". The problem is that using the GNU compilers,...
C / C++
0
7342
jinu1996
Maximizing Business Potential: The Nexus of Website Design and Digital Marketing
by: jinu1996 | last post by:
In today's digital age, having a compelling online presence is paramount for businesses aiming to thrive in a competitive landscape. At the heart of this digital strategy lies an intricately woven...
Online Marketing
1
6998
The easy way to turn off automatic updates for Windows 10/11
by: Hystou | last post by:
Overview: Windows 11 and 10 have less user interface control over operating system update behaviour than previous versions of Windows. In Windows 11 and 10, there is no way to turn off the Windows...
Windows Server
0
5586
agi2029
AI Job Threat for Devs
by: agi2029 | last post by:
Let's talk about the concept of autonomous AI software engineers and no-code agents. These AIs are designed to manage the entire lifecycle of a software development project—planning, coding, testing,...
Career Advice
0
3171
Trying to create a lan-to-lan vpn between two differents networks
by: TSSRALBI | last post by:
Hello I'm a network technician in training and I need your help. I am currently learning how to create and manage the different types of VPNs and I have a question about LAN-to-LAN VPNs. The...
Networking - Hardware / Configuration
0
3162
Windows Forms - .Net 8.0
by: adsilva | last post by:
A Windows Forms form does not have the event Unload, like VB6. What one acts like?
Visual Basic .NET
0
1516
transfer the data from one system to another through ip address
by: 6302768590 | last post by:
Hai team i want code for transfer the data from one system to another through IP address by using C# our system has to for every 5mins then we have to update the data what the data is updated ...
C# / C Sharp
0
391
bsmnconsultancy
Comprehensive Guide to Website Development in Toronto: Expert Insights from BSMN Consultancy
by: bsmnconsultancy | last post by:
In today's digital era, a well-designed website is crucial for businesses looking to succeed. Whether you're a small business owner or a large corporation in Toronto, having a strong online presence...
General

By using Bytes.com and it's services, you agree to our Privacy Policy and Terms of Use.

To disable or enable advertisements and analytics tracking please visit the manage ads & tracking page.

BYTES.COM © 2024
About Bytes
Terms Of Use
Privacy Policy
Sitemap
Advertise on Bytes
How to Post and Respond on Bytes
How to Promote and Link on Bytes
How to increase your Ranking on Bytes
Become a Recognized Expert on Bytes
Feedback Welcomed! Contact Us