[prev in list] [next in list] [prev in thread] [next in thread]
List: axis-user
Subject: Re: Interop WSE 3.0 and WSS4J - Referenced security token could not be retrieved
From: "=?UTF-8?Q?Jos=C3=A9_Ferreiro?=" <jose.ferreiro () gmail ! com>
Date: 2007-03-30 9:26:35
Message-ID: 4e3ba4880703300226p7dd06f96k4b5a4ab23b493cb3 () mail ! gmail ! com
[Download RAW message or body]
[Attachment #2 (text/plain)]
Hello,
Are you using mutualCertificate10Security or mutualCertificate11Security in
VS.NET 2005?
Can you show your Axis deployement wsdd file?
Thank you
José
On 3/30/07, hunterg1 <ghunter@tier1innovation.com> wrote:
>
>
> I should add that the .NET client example SOAP works, and the java client
> example SOAP does not.
>
> hunterg1 wrote:
> >
> > I am having the same issue. Can anybody help me with this? I am using
> a
> > java client to a .NET service using WSE3.0. I get the same error of
> > 'Referenced security token could not be retrieved' from the .NET
> service.
> > I have tried everything, even comparing a .NET client SOAP message to my
> > java client SOAP message. I am completely stuck now, can anybody please
> > help? I included the entire sample SOAP messages for both types of
> > clients below.
> >
> > Sample .NET client SOAP:
> > <soap:Envelope
> > xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
> > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
> > xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> > xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
> > xmlns:wsse="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> "
> > xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> ">
> > <soap:Header>
> > <wsa:Action
> > wsu:Id="Id-079dc0cf-49b1-44b0-a07a-30e53ada2080">
> http://services.test.org/HelloWorld</wsa:Action>
> > <wsa:MessageID
> >
> wsu:Id="Id-26d2ba57-461a-40a3-903d-91667379e0f0">urn:uuid:da2cc8c7-916a-4070-bd3a-f4bd2cf9deb1</wsa:MessageID>
>
> > <wsa:ReplyTo wsu:Id="Id-d57998cf-75ae-4bb8-aa68-4304eb2d4335">
> >
> > <wsa:Address>
> http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
> </wsa:Address>
> > </wsa:ReplyTo>
> > <wsa:To
> > wsu:Id="Id-c5c4d5cf-cf41-4bc9-b712-f89091cc706c">
> http://dc32740/WebServiceNewSecuritySignandEncrypt/Service.asmx</wsa:To>
> > <wsse:Security soap:mustUnderstand="1">
> > <wsu:Timestamp
> > wsu:Id="Timestamp-dc7023d6-abea-4b20-8535-d70b6e4ba684">
> > <wsu:Created>2007-03-29T20:55:50Z</wsu:Created>
> > <wsu:Expires>2007-03-29T21:00:50Z</wsu:Expires>
> > </wsu:Timestamp>
> > <wsse:BinarySecurityToken
> > ValueType="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
> "
> > EncodingType="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
> "
> > xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> >
> wsu:Id="SecurityToken-53dd7ba0-3646-4c80-858b-445ba0ecafca">MIIBtjCCAWSgAwIBAgIQ0xuO \
> OJAk36FLgEkAGKXh2zAJBgUrDgMCHQUAMBYxFDASBgNVBAMTC1Jvb3QgQWdlbmN5MB4XDTA2MDkxMTE3MjYy \
> NVoXDTM5MTIzMTIzNTk1OVowGTEXMBUGA1UEAxMOU2VydmljZUNsaWVudDEwgZ8wDQYJKoZIhvcNAQEBBQAD \
> gY0AMIGJAoGBAKvhyC+jEPujhtiS8vN2mucQacr8V64A3LKip+vAgGf00WwfsUG1cAY8xEJowWCt+imLTHHd \
> REeLJqZ7ND3Bhc/YX/ENTU6WnCk+RRtyi2QjXDQTZopeKvxPISPMW26eIKoDY8eLDYKkJdQIscAmTElPUr/y \
> Akb7uWOsDRcaELPhAgMBAAGjSzBJMEcGA1UdAQRAMD6AEBLkCS0GHR1PAI1hIdwWZGOhGDAWMRQwEgYDVQQD \
> EwtSb290IEFnZW5jeYIQBjdsAKoAZIoRz7jUqlw19DAJBgUrDgMCHQUAA0EAESRFHKWt94RYik/49D8FY8Xx \
> srl2KFuMz9isMsjYTHIc0GZAL70JSDkoS/BSkBXcsAc+LYTBYoxNyjRFzQoTEQ==</wsse:BinarySecurityToken>
>
> > <xenc:EncryptedKey
> > Id="SecurityToken-ac1a4381-842f-4b28-a09b-6905daa7fb20"
> > xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
> > <xenc:EncryptionMethod
> > Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">
> > <ds:DigestMethod
> > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
> > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> > </xenc:EncryptionMethod>
> > <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
> > <wsse:SecurityTokenReference>
> > <X509Data>
> > <X509IssuerSerial>
> > <X509IssuerName>CN=Root Agency</X509IssuerName>
> >
> >
> <X509SerialNumber>115941452602315739450622432474596853575</X509SerialNumber>
> > </X509IssuerSerial>
> > </X509Data>
> > </wsse:SecurityTokenReference>
> > </KeyInfo>
> > <xenc:CipherData>
> >
> <xenc:CipherValue>TYcinGZA7is3p+qeJzO2qXShZMmthR8wvCLlILYRhIc9gYs1PWgYBcSzHFD8ERFmlj \
> U14LpGImjwV8BrTKG8Y+34WsWzvdWm7NcKCxGef35g2+CMr5ULa4K66oJAI7PrKObStZbMZbMIhMLiN1mxywshMopN4TQLqsyo5yHWuQc=</xenc:CipherValue>
>
> > </xenc:CipherData>
> > <xenc:ReferenceList>
> > <xenc:DataReference
> > URI="#Enc-d8146786-88aa-4856-9006-924cec39cc6a" />
> > </xenc:ReferenceList>
> > </xenc:EncryptedKey>
> > <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
> > <SignedInfo>
> > <ds:CanonicalizationMethod
> > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
> > xmlns:ds="http://www.w3.org/2000/09/xmldsig#" />
> > <SignatureMethod
> > Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
> > <Reference
> URI="#Id-079dc0cf-49b1-44b0-a07a-30e53ada2080">
> > <Transforms>
> > <Transform
> > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
> > </Transforms>
> > <DigestMethod
> > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> >
> <DigestValue>7J8sLlF2RVOpwxDip4fhfYdnppo=</DigestValue>
> > </Reference>
> > <Reference
> URI="#Id-26d2ba57-461a-40a3-903d-91667379e0f0">
> > <Transforms>
> > <Transform
> > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
> > </Transforms>
> > <DigestMethod
> > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> >
> <DigestValue>yfJDR/07H2ZoL78tlSbktJ4s3OI=</DigestValue>
> > </Reference>
> > <Reference
> URI="#Id-d57998cf-75ae-4bb8-aa68-4304eb2d4335">
> > <Transforms>
> > <Transform
> > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
> > </Transforms>
> > <DigestMethod
> > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> >
> <DigestValue>RF9LksVSwjOwlc0cqJXGIU0fZN8=</DigestValue>
> > </Reference>
> > <Reference
> URI="#Id-c5c4d5cf-cf41-4bc9-b712-f89091cc706c">
> > <Transforms>
> > <Transform
> > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
> > </Transforms>
> > <DigestMethod
> > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> >
> <DigestValue>Vuln7MwcXRbHO/5VlDu2ZdCchas=</DigestValue>
> > </Reference>
> > <Reference
> > URI="#Timestamp-dc7023d6-abea-4b20-8535-d70b6e4ba684">
> > <Transforms>
> > <Transform
> > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
> > </Transforms>
> > <DigestMethod
> > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> >
> <DigestValue>3xGYQOw+IBvdgBw4XGMUPHPDhgM=</DigestValue>
> > </Reference>
> > <Reference
> URI="#Id-7d197a0b-5908-468d-9c22-40cda8025a71">
> > <Transforms>
> > <Transform
> > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
> > </Transforms>
> > <DigestMethod
> > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
> >
> <DigestValue>PwbqXRImnXhh4Tog9CF1f32EjOQ=</DigestValue>
> > </Reference>
> > </SignedInfo>
> >
> <SignatureValue>T31FfjdvEMzuKcn/5PkZkHZ4SF4Hh74+SOPWjQWExDLRbrKzZGy5BMuijglUZrbLt6HP \
> a8VhoLCla/tWc7PqKzX/6wONpeAy0YiX83x6z5b7hdEv9gSLdPiShDyIyIxKQ6uGMKq9SA9xdA/SWRKLgqDdlUxIsHJFAqxpLGbLK6c=</SignatureValue>
>
> > <KeyInfo>
> > <wsse:SecurityTokenReference>
> > <wsse:Reference
> > URI="#SecurityToken-53dd7ba0-3646-4c80-858b-445ba0ecafca"
> > ValueType="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
> "
> > />
> > </wsse:SecurityTokenReference>
> > </KeyInfo>
> > </Signature>
> > </wsse:Security>
> > </soap:Header>
> > <soap:Body wsu:Id="Id-7d197a0b-5908-468d-9c22-40cda8025a71">
> > <xenc:EncryptedData
> > Id="Enc-d8146786-88aa-4856-9006-924cec39cc6a"
> > Type="http://www.w3.org/2001/04/xmlenc#Content"
> > xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
> > <xenc:EncryptionMethod
> > Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
> > <xenc:CipherData>
> >
> <xenc:CipherValue>Aa4g0Q+p9UYLRxiOM9vooenXWqYkoQu4yZ7vEzvEhpVmA9/JMPlrnKU2psZcVn5zbmNpV3ZbNj+BkA9FeUzqwZY2PWhK2e/QdXCjpGVYnvw=</xenc:CipherValue>
>
> > </xenc:CipherData>
> > </xenc:EncryptedData>
> > </soap:Body>
> > </soap:Envelope>
> >
> >
> >
> > Sample java client SOAP:
> > <soapenv:Envelope xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"
> > xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing"
> > xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
> > <soapenv:Header>
> > <wsse:Security
> > xmlns:wsse="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> "
> > soapenv:mustUnderstand="1">
> > <xenc:EncryptedKey Id="EncKeyId-3852606">
> > <xenc:EncryptionMethod
> > Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" />
> > <ds:KeyInfo xmlns:ds="
> http://www.w3.org/2000/09/xmldsig#">
> > <wsse:SecurityTokenReference>
> > <ds:X509Data>
> >
> <ds:X509IssuerSerial>
> >
> <ds:X509IssuerName>CN=Root Agency</ds:X509IssuerName>
> >
> >
> <ds:X509SerialNumber>115941452602315739450622432474596853575</ds:X509SerialNumber>
> >
> </ds:X509IssuerSerial>
> > </ds:X509Data>
> > </wsse:SecurityTokenReference>
> > </ds:KeyInfo>
> > <xenc:CipherData>
> >
> >
> <xenc:CipherValue>CnHrkj5imyG0q/I1I2qzrkEPUgmFvecUhqo3y9u7dlfVAEZ3TYP1KvLL5Ibfx9w8sb \
> i1ZJ+4H6bimKQO4NH34oXot1+M7RC7pOQgKMtkiiUV/ePUu+EIivctgp8O5wxQd6Xz/pVlgt5KMurfu/GidwkOSmEo7c4zoAII6MxHcsQ=</xenc:CipherValue>
>
> > </xenc:CipherData>
> > <xenc:ReferenceList>
> > <xenc:DataReference
> URI="#EncDataId-28472268" />
> > </xenc:ReferenceList>
> > </xenc:EncryptedKey>
> > <wsse:BinarySecurityToken
> > xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> > EncodingType="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary
> "
> > ValueType="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
> "
> >
> wsu:Id="CertId-1110094">MIIBtjCCAWSgAwIBAgIQ0xuOOJAk36FLgEkAGKXh2zAJBgUrDgMCHQUAMBYx \
> FDASBgNVBAMTC1Jvb3QgQWdlbmN5MB4XDTA2MDkxMTE3MjYyNVoXDTM5MTIzMTIzNTk1OVowGTEXMBUGA1UE \
> AxMOU2VydmljZUNsaWVudDEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKvhyC+jEPujhtiS8vN2mucQ \
> acr8V64A3LKip+vAgGf00WwfsUG1cAY8xEJowWCt+imLTHHdREeLJqZ7ND3Bhc/YX/ENTU6WnCk+RRtyi2Qj \
> XDQTZopeKvxPISPMW26eIKoDY8eLDYKkJdQIscAmTElPUr/yAkb7uWOsDRcaELPhAgMBAAGjSzBJMEcGA1Ud \
> AQRAMD6AEBLkCS0GHR1PAI1hIdwWZGOhGDAWMRQwEgYDVQQDEwtSb290IEFnZW5jeYIQBjdsAKoAZIoRz7jU \
> qlw19DAJBgUrDgMCHQUAA0EAESRFHKWt94RYik/49D8FY8Xxsrl2KFuMz9isMsjYTHIc0GZAL70JSDkoS/BSkBXcsAc+LYTBYoxNyjRFzQoTEQ==</wsse:BinarySecurityToken>
>
> > <ds:Signature xmlns:ds="
> http://www.w3.org/2000/09/xmldsig#"
> > Id="Signature-2661678">
> > <ds:SignedInfo>
> > <ds:CanonicalizationMethod
> > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
> > <ds:SignatureMethod
> > Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
> > <ds:Reference URI="#id-28472268">
> > <ds:Transforms>
> > <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
> > />
> > </ds:Transforms>
> > <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
> > />
> >
> <ds:DigestValue>qKODJw3FD0Y3ux551lLvFDQxdac=</ds:DigestValue>
> > </ds:Reference>
> > <ds:Reference URI="#id-29087666">
> > <ds:Transforms>
> > <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
> > />
> > </ds:Transforms>
> > <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
> > />
> >
> <ds:DigestValue>lI8Dwho3Ll5S5IGRZKGBN5N36WY=</ds:DigestValue>
> > </ds:Reference>
> > <ds:Reference URI="#id-21886820">
> > <ds:Transforms>
> > <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
> > />
> > </ds:Transforms>
> > <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
> > />
> >
> <ds:DigestValue>eedOjqxbQodrUoTPkDG7TCGesS0=</ds:DigestValue>
> > </ds:Reference>
> > <ds:Reference URI="#id-28113457">
> > <ds:Transforms>
> > <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
> > />
> > </ds:Transforms>
> > <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
> > />
> >
> <ds:DigestValue>k1/s6GPu+FAQ3LsWSRLKj896lZs=</ds:DigestValue>
> > </ds:Reference>
> > <ds:Reference URI="#id-22927632">
> > <ds:Transforms>
> > <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
> > />
> > </ds:Transforms>
> > <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
> > />
> >
> <ds:DigestValue>F0v2H6ovbR7M4PUjsBytnt6X3UU=</ds:DigestValue>
> > </ds:Reference>
> > <ds:Reference
> URI="#Timestamp-32580443">
> > <ds:Transforms>
> > <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
> > />
> > </ds:Transforms>
> > <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"
> > />
> >
> <ds:DigestValue>JamToNJwKmHPNznZPItnQ/mCfHU=</ds:DigestValue>
> > </ds:Reference>
> > </ds:SignedInfo>
> > <ds:SignatureValue>
> >
> JhjlwVhaZ2bzuZin4Wj7iLlQWpj/JRtbrHiqCOvjVNmonIEYMjRWd3KwTuuZxiA0Gu6HxCerFErn
> >
> bVDLpsATQhBZaRQXxezHvV3kmpRXC/AA0ev0FkdB0hk5SBftQvK2zobLtb9SbKqkyXFtq8SrsksS
> > /ouTIppVwJnvzMom4EQ=
> > </ds:SignatureValue>
> > <ds:KeyInfo Id="KeyId-32689826">
> > <wsse:SecurityTokenReference
> > xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> > wsu:Id="STRId-3840954">
> > <wsse:Reference
> URI="#CertId-1110094"
> > ValueType="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3
> "
> > />
> > </wsse:SecurityTokenReference>
> > </ds:KeyInfo>
> > </ds:Signature>
> > <wsu:Timestamp
> > xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> > wsu:Id="Timestamp-32580443">
> > <wsu:Created>2007-03-29T21:36:04.570Z
> </wsu:Created>
> > <wsu:Expires>2007-03-29T21:41:04.570Z
> </wsu:Expires>
> > </wsu:Timestamp>
> > </wsse:Security>
> > <wsa:To
> > xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> > wsu:Id="id-21886820">
> http://dc32740/WebServiceNewSecuritySignandEncrypt/Service.asmx</wsa:To>
> > <wsa:ReplyTo
> > xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> > wsu:Id="id-28113457">
> > <wsa:Address>
> http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous
> </wsa:Address>
> > </wsa:ReplyTo><wsa:MessageID
> > xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> >
> wsu:Id="id-22927632">urn:uuid:971DF6D2EC1A63EE631175204164091</wsa:MessageID>
> > <wsa:Action
> > xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> > wsu:Id="id-29087666">http://services.test.org/HelloWorld</wsa:Action>
> > </soapenv:Header>
> > <soapenv:Body
> > xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> > wsu:Id="id-28472268">
> > <xenc:EncryptedData Id="EncDataId-28472268"
> > Type="http://www.w3.org/2001/04/xmlenc#Content">
> > <xenc:EncryptionMethod
> > Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc" />
> > <xenc:CipherData>
> >
> >
> <xenc:CipherValue>+Fvu4fGMhAuSRXa3Zm0vrXPTsqJOKfj9njAmoOgJDwsgfP1wR/ZAXTpceHVWdbtfzV0fpt8Ya/Sd
>
> >
> oSa+vWsx2EuQJsS1z0sC80XMAFCrdISpX3N+OBK7qAThpJtnVH0ywsOeoyhuye3c+CFrABf9+Td9
> >
> EwkzBRuFkicfRh6X3Db2Lv2hFxjjXnFPIM2t37w5ZkXgBVdY8bIgppuOMdLfKy+SagUDcF0r9YXu
> >
> aLAcuEd/fuoQmdxnvBk9FHGQZnOQ2jHXQqy3kGEU450pqPUnSnb6FRNEspEhrlIw/XzrIO4QunG3
> >
> ztJOnkvq99PCJ27UExrgGUQ/giSIUU5pK9oM0xiJLAHq/abaZeCk1sbUBq5woMm1kO6Ff6cpHa7s
> >
> oaDKLaAwt40Jr9iSEt45C4roaT27xZobPLEr5aZmPWA60GAhjEMj0qC2WTaHwyU9HRGWnQEaKxrg
> > Kn2YHj4Vdt4IEg==</xenc:CipherValue>
> > </xenc:CipherData>
> > </xenc:EncryptedData>
> > </soapenv:Body>
> > </soapenv:Envelope>
> >
> >
> > Freddy Weishaeupl wrote:
> > >
> > > Hi,
> > >
> > > currently I'm trying to use a .NET Client to access a Java webservice.
> At
> > > the .NET side I use the Microsoft WSE 3.0 implementation to sign and
> > > encrypt
> > > the SOAP Body of the SOAP request message. At server-side WSS4J is used
> > > for
> > > checking the signature and decrypting the SOAP Message.
> > >
> > > I'm using the interop certificates (Alice&Bob) of the WSS4J 1.5.1
> > > package.
> > >
> > > Unfortunately at server-side I always get the following error message:
> > >
> -----------------------------------------------------------------------------------------------------------------
>
> > > ...
> > > [23.03.2007 14:53:37] [DEBUG]
> > > [org.apache.xml.security.algorithms.SignatureAlgorithm.<init>] Create
> URI
> > > "http://www.w3.org/2000/09/xmldsig#hmac-sha1" class "class
> > >
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$Integrity
> > > HmacSHA1"
> > > [23.03.2007 14:53:37] [DEBUG]
> > > [org.apache.xml.security.algorithms.JCEMapper.translateURItoJCEID]
> > > Request
> > > for URI http://www.w3.org/2000/09/xmldsig#hmac-sha1
> > > [23.03.2007 14:53:37] [DEBUG]
> > > [org.apache.xml.security.algorithms.implementations.IntegrityHmac
> .<init>]
> > > Created IntegrityHmacSHA1 using HmacSHA1
> > > [23.03.2007 14:53:37] [DEBUG]
> > > [org.apache.xml.security.utils.ElementProxy.<init>]
> setElement("KeyInfo",
> > > "null")
> > > [23.03.2007 14:53:37] [DEBUG]
> > > [
> org.apache.ws.security.message.token.SecurityTokenReference.getTokenElement
> ]
> > > Token reference uri:
> #SecurityToken-d81c5ccf-8197-433f-937b-495421e6a832
> > > org.apache.ws.security.WSSecurityException: Referenced security token
> > > could
> > > not be retrieved. (Reference
> > > "#SecurityToken-d81c5ccf-8197-433f-937b-495421e6a832")
> > > at
> > >
> org.apache.ws.security.message.token.SecurityTokenReference.getTokenElement
> (SecurityTokenReference.java:179)
> > > at
> > > org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(
> SignatureProcessor.java:186)
> > > ...
> > >
> -----------------------------------------------------------------------------------------------------------------------------------------
>
> > >
> > >
> > > Any ideas what's the problem here? Has anyone already tested WSE3.0 in
> > > combination with WSS4J?
> > >
> > > Thanks.
> > >
> > > Best Regards
> > > Freddy
> > >
> > > _________________________________________________________________
> > > Express yourself instantly with MSN Messenger! Download today it's
> FREE!
> > > http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> > > For additional commands, e-mail: wss4j-dev-help@ws.apache.org
> > >
> > >
> > >
> >
> >
>
> --
> View this message in context:
> http://www.nabble.com/Interop-WSE-3.0-and-WSS4J---Referenced-security-token-could-not-be-retrieved-tf3454147.html#a9746894
> Sent from the WSS4J mailing list archive at Nabble.com.
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
--
José Ferreiro
EPFL Communication Systems engineer
ing.sys.com.dipl.EPFL
[Attachment #3 (text/html)]
<div>Hello,</div>
<div><br>Are you using mutualCertificate10Security or mutualCertificate11Security in \
<a href="http://VS.NET">VS.NET</a> 2005?</div> <div>Can you show your Axis \
deployement wsdd file?</div> <div> </div>
<div>Thank you</div>
<div> </div>
<div>José</div><br><br>
<div><span class="gmail_quote">On 3/30/07, <b class="gmail_sendername">hunterg1</b> \
<<a href="mailto:ghunter@tier1innovation.com">ghunter@tier1innovation.com</a>> \
wrote:</span> <blockquote class="gmail_quote" style="PADDING-LEFT: 1ex; MARGIN: 0px \
0px 0px 0.8ex; BORDER-LEFT: #ccc 1px solid"><br>I should add that the .NET client \
example SOAP works, and the java client<br>example SOAP does not.<br> <br>hunterg1 \
wrote:<br>><br>> I am having the same issue. Can anybody help me \
with this? I am using a<br>> java client to a .NET service using \
WSE3.0. I get the same error of<br>> 'Referenced security token \
could not be retrieved' from the .NET service. <br>> I have tried everything, \
even comparing a .NET client SOAP message to my<br>> java client SOAP \
message. I am completely stuck now, can anybody please<br>> \
help? I included the entire sample SOAP messages for both types of \
<br>> clients below.<br>><br>> Sample .NET client \
SOAP:<br>> <soap:Envelope<br>> \
xmlns:soap="<a href="http://schemas.xmlsoap.org/soap/envelope/">http://schemas.xmlsoap.org/soap/envelope/</a>"
<br>> xmlns:xsi="<a \
href="http://www.w3.org/2001/XMLSchema-instance">http://www.w3.org/2001/XMLSchema-instance</a>"<br>> \
xmlns:xsd="<a href="http://www.w3.org/2001/XMLSchema">http://www.w3.org/2001/XMLSchema
</a>"<br>> xmlns:wsa="<a \
href="http://schemas.xmlsoap.org/ws/2004/08/addressing">http://schemas.xmlsoap.org/ws/2004/08/addressing</a>"<br>> \
xmlns:wsse="<a href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd</a>"<br>> \
xmlns:wsu="<a href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec \
urity-utility-1.0.xsd">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
</a>"><br>> \
<soap:Header><br>> \
<wsa:Action<br>> \
wsu:Id="Id-079dc0cf-49b1-44b0-a07a-30e53ada2080"><a \
href="http://services.test.org/HelloWorld">http://services.test.org/HelloWorld \
</a></wsa:Action><br>> \
<wsa:MessageID<br>> \
wsu:Id="Id-26d2ba57-461a-40a3-903d-91667379e0f0">urn:uuid:da2cc8c7-916a-4 \
070-bd3a-f4bd2cf9deb1</wsa:MessageID><br>> \
<wsa:ReplyTo wsu:Id="Id-d57998cf-75ae-4bb8-aa68-4304eb2d4335"> \
<br>><br>> <wsa:Address><a \
href="http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous">http://schemas. \
xmlsoap.org/ws/2004/08/addressing/role/anonymous</a></wsa:Address><br>> \
</wsa:ReplyTo> \
<br>> \
<wsa:To<br>> wsu:Id="Id-c5c4d5cf-cf41-4bc9-b712-f89091cc706c"><a \
href="http://dc32740/WebServiceNewSecuritySignandEncrypt/Service.asmx">http://dc32740/WebServiceNewSecuritySignandEncrypt/Service.asmx
</a></wsa:To><br>> \
<wsse:Security soap:mustUnderstand="1"><br>> \
<wsu:Timestamp<br>> \
wsu:Id="Timestamp-dc7023d6-abea-4b20-8535-d70b6e4ba684"><br>> \
<wsu:Created>2007-03-29T20:55:50Z</wsu:Created> \
<br>> \
<wsu:Expires>2007-03-29T21:00:50Z</wsu:Expires><br>> \
</wsu:Timestamp><br>> \
<wsse:BinarySecurityToken<br>> ValueType="<a \
href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3</a>"<br>> \
EncodingType="<a \
href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary</a>"<br>> \
xmlns:wsu="<a href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd</a>"<br>> \
wsu:Id="SecurityToken-53dd7ba0-3646-4c80-858b-445ba0ecafca">MIIBtjCCAWSgA \
wIBAgIQ0xuOOJAk36FLgEkAGKXh2zAJBgUrDgMCHQUAMBYxFDASBgNVBAMTC1Jvb3QgQWdlbmN5MB4XDTA2MDk \
xMTE3MjYyNVoXDTM5MTIzMTIzNTk1OVowGTEXMBUGA1UEAxMOU2VydmljZUNsaWVudDEwgZ8wDQYJKoZIhvcNA \
QEBBQADgY0AMIGJAoGBAKvhyC+jEPujhtiS8vN2mucQacr8V64A3LKip+vAgGf00WwfsUG1cAY8xEJowWCt+im \
LTHHdREeLJqZ7ND3Bhc/YX/ENTU6WnCk+RRtyi2QjXDQTZopeKvxPISPMW26eIKoDY8eLDYKkJdQIscAmTElPU \
r/yAkb7uWOsDRcaELPhAgMBAAGjSzBJMEcGA1UdAQRAMD6AEBLkCS0GHR1PAI1hIdwWZGOhGDAWMRQwEgYDVQQ \
DEwtSb290IEFnZW5jeYIQBjdsAKoAZIoRz7jUqlw19DAJBgUrDgMCHQUAA0EAESRFHKWt94RYik/49D8FY8Xxs \
rl2KFuMz9isMsjYTHIc0GZAL70JSDkoS/BSkBXcsAc+LYTBYoxNyjRFzQoTEQ==</wsse:BinarySecurityToken>
<br>> \
<xenc:EncryptedKey<br>> \
Id="SecurityToken-ac1a4381-842f-4b28-a09b-6905daa7fb20"<br>> \
xmlns:xenc="<a href="http://www.w3.org/2001/04/xmlenc#">http://www.w3.org/2001/04/xmlenc#</a>
"><br>> \
<xenc:EncryptionMethod<br>> Algorithm="<a \
href="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p">http://www.w3.org/2001/04/xmlen \
c#rsa-oaep-mgf1p</a>"><br>> \
<ds:DigestMethod <br>> xmlns:ds="<a \
href="http://www.w3.org/2000/09/xmldsig#">http://www.w3.org/2000/09/xmldsig#</a>"<br>> \
Algorithm="<a href="http://www.w3.org/2000/09/xmldsig#sha1">http://www.w3.org/2000/09/xmldsig#sha1
</a>" /><br>> \
</xenc:EncryptionMethod><br>> \
<KeyInfo xmlns="<a \
href="http://www.w3.org/2000/09/xmldsig#">http://www.w3.org/2000/09/xmldsig#</a>" \
><br>> \
<wsse:SecurityTokenReference> \
<br>> \
<X509Data><br>> \
<X509IssuerSerial><br>> \
<X509IssuerName>CN=Root Agency</X509IssuerName><br>><br>> \
<X509SerialNumber>115941452602315739450622432474596853575</X509SerialNumber>
<br>> \
</X509IssuerSerial><br>> \
</X509Data><br>> \
</wsse:SecurityTokenReference><br>> \
</KeyInfo><br>> \
<xenc:CipherData> <br>> \
<xenc:CipherValue>TYcinGZA7is3p+qeJzO2qXShZMmthR8wvCLlILYRhIc9gYs1PWgYBcSzHFD8ER \
FmljU14LpGImjwV8BrTKG8Y+34WsWzvdWm7NcKCxGef35g2+CMr5ULa4K66oJAI7PrKObStZbMZbMIhMLiN1mxywshMopN4TQLqsyo5yHWuQc=</xenc:CipherValue>
<br>> \
</xenc:CipherData><br>> \
<xenc:ReferenceList><br>> \
<xenc:DataReference<br>> \
URI="#Enc-d8146786-88aa-4856-9006-924cec39cc6a" \
/><br>> \
</xenc:ReferenceList> \
<br>> \
</xenc:EncryptedKey><br>> \
<Signature xmlns="<a \
href="http://www.w3.org/2000/09/xmldsig#">http://www.w3.org/2000/09/xmldsig#</a>" \
><br>> \
<SignedInfo> <br>> \
<ds:CanonicalizationMethod<br>> Algorithm="<a \
href="http://www.w3.org/2001/10/xml-exc-c14n#">http://www.w3.org/2001/10/xml-exc-c14n#</a>"<br>> \
xmlns:ds="<a href="http://www.w3.org/2000/09/xmldsig#"> \
http://www.w3.org/2000/09/xmldsig#</a>" \
/><br>> \
<SignatureMethod<br>> Algorithm="<a \
href="http://www.w3.org/2000/09/xmldsig#rsa-sha1">http://www.w3.org/2000/09/xmldsig#rsa-sha1</a>" \
/> <br>> \
<Reference URI="#Id-079dc0cf-49b1-44b0-a07a-30e53ada2080"><br>>&nbs \
p; \
<Transforms><br>> \
<Transform<br>> Algorithm="<a \
href="http://www.w3.org/2001/10/xml-exc-c14n#"> \
http://www.w3.org/2001/10/xml-exc-c14n#</a>" \
/><br>> \
</Transforms><br>> \
<DigestMethod<br>> Algorithm="<a \
href="http://www.w3.org/2000/09/xmldsig#sha1">http://www.w3.org/2000/09/xmldsig#sha1 \
</a>" /><br>> \
<DigestValue>7J8sLlF2RVOpwxDip4fhfYdnppo=</DigestValue><br>>   \
; \
</Reference><br>> \
<Reference URI="#Id-26d2ba57-461a-40a3-903d-91667379e0f0"> \
<br>> \
<Transforms><br>> \
<Transform<br>> Algorithm="<a \
href="http://www.w3.org/2001/10/xml-exc-c14n#">http://www.w3.org/2001/10/xml-exc-c14n#</a>" \
/><br> > \
</Transforms><br>> \
<DigestMethod<br>> Algorithm="<a \
href="http://www.w3.org/2000/09/xmldsig#sha1">http://www.w3.org/2000/09/xmldsig#sha1</a>" \
/><br>> \
<DigestValue>yfJDR/07H2ZoL78tlSbktJ4s3OI=</DigestValue> \
<br>> \
</Reference><br>> \
<Reference URI="#Id-d57998cf-75ae-4bb8-aa68-4304eb2d4335"><br>>&nbs \
p; \
<Transforms><br>> \
<Transform <br>> Algorithm="<a \
href="http://www.w3.org/2001/10/xml-exc-c14n#">http://www.w3.org/2001/10/xml-exc-c14n#</a>" \
/><br>> \
</Transforms><br>> \
<DigestMethod<br> > Algorithm="<a \
href="http://www.w3.org/2000/09/xmldsig#sha1">http://www.w3.org/2000/09/xmldsig#sha1</a>" \
/><br>> \
<DigestValue>RF9LksVSwjOwlc0cqJXGIU0fZN8=</DigestValue><br> \
> \
</Reference><br>> \
<Reference URI="#Id-c5c4d5cf-cf41-4bc9-b712-f89091cc706c"><br>>&nbs \
p; \
<Transforms><br>> \
<Transform <br>> Algorithm="<a \
href="http://www.w3.org/2001/10/xml-exc-c14n#">http://www.w3.org/2001/10/xml-exc-c14n#</a>" \
/><br>> \
</Transforms><br>> \
<DigestMethod<br> > Algorithm="<a \
href="http://www.w3.org/2000/09/xmldsig#sha1">http://www.w3.org/2000/09/xmldsig#sha1</a>" \
/><br>> \
<DigestValue>Vuln7MwcXRbHO/5VlDu2ZdCchas=</DigestValue><br> \
> \
</Reference><br>> \
<Reference<br>> \
URI="#Timestamp-dc7023d6-abea-4b20-8535-d70b6e4ba684"><br>>   \
; \
<Transforms><br>> \
<Transform <br>> Algorithm="<a \
href="http://www.w3.org/2001/10/xml-exc-c14n#">http://www.w3.org/2001/10/xml-exc-c14n#</a>" \
/><br>> \
</Transforms><br>> \
<DigestMethod<br> > Algorithm="<a \
href="http://www.w3.org/2000/09/xmldsig#sha1">http://www.w3.org/2000/09/xmldsig#sha1</a>" \
/><br>> \
<DigestValue>3xGYQOw+IBvdgBw4XGMUPHPDhgM=</DigestValue><br> \
> \
</Reference><br>> \
<Reference URI="#Id-7d197a0b-5908-468d-9c22-40cda8025a71"><br>>&nbs \
p; \
<Transforms><br>> \
<Transform <br>> Algorithm="<a \
href="http://www.w3.org/2001/10/xml-exc-c14n#">http://www.w3.org/2001/10/xml-exc-c14n#</a>" \
/><br>> \
</Transforms><br>> \
<DigestMethod<br> > Algorithm="<a \
href="http://www.w3.org/2000/09/xmldsig#sha1">http://www.w3.org/2000/09/xmldsig#sha1</a>" \
/><br>> \
<DigestValue>PwbqXRImnXhh4Tog9CF1f32EjOQ=</DigestValue><br> \
> \
</Reference><br>> \
</SignedInfo><br>> \
<SignatureValue>T31FfjdvEMzuKcn/5PkZkHZ4SF4Hh74+SOPWjQWExDLRbrKzZGy5BMuijglUZrbL \
t6HPa8VhoLCla/tWc7PqKzX/6wONpeAy0YiX83x6z5b7hdEv9gSLdPiShDyIyIxKQ6uGMKq9SA9xdA/SWRKLgqDdlUxIsHJFAqxpLGbLK6c=</SignatureValue>
<br>> \
<KeyInfo><br>> \
<wsse:SecurityTokenReference><br>> \
> ValueType="<a \
href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X \
509v3">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3</a>"<br>> \
/> <br>> \
</wsse:SecurityTokenReference><br>> \
</KeyInfo><br>> \
</Signature><br>> \
</wsse:Security><br>> \
</soap:Header><br> > \
<soap:Body wsu:Id="Id-7d197a0b-5908-468d-9c22-40cda8025a71"><br>> \
<xenc:EncryptedData<br>> \
Id="Enc-d8146786-88aa-4856-9006-924cec39cc6a"<br>> Type="<a \
href="http://www.w3.org/2001/04/xmlenc#Content"> \
http://www.w3.org/2001/04/xmlenc#Content</a>"<br>> xmlns:xenc="<a \
href="http://www.w3.org/2001/04/xmlenc#">http://www.w3.org/2001/04/xmlenc#</a>"&g \
t;<br>> \
<xenc:EncryptionMethod<br>> Algorithm=" <a \
href="http://www.w3.org/2001/04/xmlenc#aes256-cbc">http://www.w3.org/2001/04/xmlenc#aes256-cbc</a>" \
/><br>> \
<xenc:CipherData><br>> \
<xenc:CipherValue>Aa4g0Q+p9UYLRxiOM9vooenXWqYkoQu4yZ7vEzvEhpVmA9/JMPlrnKU2psZcVn5zbmNpV3ZbNj+BkA9FeUzqwZY2PWhK2e/QdXCjpGVYnvw=</xenc:CipherValue>
<br>> \
</xenc:CipherData><br>> \
</xenc:EncryptedData><br>> \
</soap:Body><br>> \
</soap:Envelope><br>><br>><br>><br>> Sample java client SOAP:<br> \
> <soapenv:Envelope xmlns:xenc="<a \
href="http://www.w3.org/2001/04/xmlenc#">http://www.w3.org/2001/04/xmlenc#</a>"<br>> \
xmlns:wsa="<a href="http://schemas.xmlsoap.org/ws/2004/08/addressing">http://schemas.xmlsoap.org/ws/2004/08/addressing
</a>"<br>> xmlns:soapenv="<a \
href="http://schemas.xmlsoap.org/soap/envelope/">http://schemas.xmlsoap.org/soap/envelope/</a>"><br>> \
<soapenv:Header><br>> \
<wsse:Security<br> > xmlns:wsse="<a \
href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xs \
d">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd</a>"<br>> \
soapenv:mustUnderstand="1"> \
<br>> \
<xenc:EncryptedKey \
Id="EncKeyId-3852606"><br>> & \
nbsp; \
<xenc:EncryptionMethod<br>> Algorithm="<a \
href="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"> \
http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p</a>" \
/><br>> & \
nbsp; \
<ds:KeyInfo xmlns:ds="<a \
href="http://www.w3.org/2000/09/xmldsig#">http://www.w3.org/2000/09/xmldsig#</a>">
<br>>   \
; \
<wsse:SecurityTokenReference><br>> & \
nbsp; &nb \
sp; \
<ds:X509Data><br>>   \
; & \
nbsp; &nb \
sp; \
<ds:X509IssuerSerial> \
<br>> \
&n \
bsp; &nbs \
p; \
<ds:X509IssuerName>CN=Root Agency</ds:X509IssuerName><br>><br>> \
<ds:X509SerialNumber>115941452602315739450622432474596853575</ds:X509SerialNumber>
<br>>   \
; & \
nbsp; \
</ds:X509IssuerSerial><br>> &n \
bsp; &nbs \
p; \
</ds:X509Data><br>> &nbs \
p; \
\
</wsse:SecurityTokenReference> \
<br>> \
\
</ds:KeyInfo><br>>   \
; \
<xenc:CipherData><br>><br>> \
<xenc:CipherValue>CnHrkj5imyG0q/I1I2qzrkEPUgmFvecUhqo3y9u7dlfVAEZ3TYP1KvLL5Ibfx9 \
w8sbi1ZJ+4H6bimKQO4NH34oXot1+M7RC7pOQgKMtkiiUV/ePUu+EIivctgp8O5wxQd6Xz/pVlgt5KMurfu/GidwkOSmEo7c4zoAII6MxHcsQ=</xenc:CipherValue>
<br>>   \
; \
</xenc:CipherData><br>> \
\
<xenc:ReferenceList><br>> &nbs \
p; \
\
<xenc:DataReference URI="#EncDataId-28472268" /> \
<br>> \
\
</xenc:ReferenceList><br>> &nb \
sp; \
</xenc:EncryptedKey><br>> \
<wsse:BinarySecurityToken<br>> xmlns:wsu="<a \
href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd</a>"<br>> \
EncodingType="<a \
href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary</a>"<br>> \
ValueType="<a href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3</a>"<br>> \
wsu:Id="CertId-1110094">MIIBtjCCAWSgAwIBAgIQ0xuOOJAk36FLgEkAGKXh2zAJBgUrD \
gMCHQUAMBYxFDASBgNVBAMTC1Jvb3QgQWdlbmN5MB4XDTA2MDkxMTE3MjYyNVoXDTM5MTIzMTIzNTk1OVowGTE \
XMBUGA1UEAxMOU2VydmljZUNsaWVudDEwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKvhyC+jEPujhtiS8 \
vN2mucQacr8V64A3LKip+vAgGf00WwfsUG1cAY8xEJowWCt+imLTHHdREeLJqZ7ND3Bhc/YX/ENTU6WnCk+RRt \
yi2QjXDQTZopeKvxPISPMW26eIKoDY8eLDYKkJdQIscAmTElPUr/yAkb7uWOsDRcaELPhAgMBAAGjSzBJMEcGA \
1UdAQRAMD6AEBLkCS0GHR1PAI1hIdwWZGOhGDAWMRQwEgYDVQQDEwtSb290IEFnZW5jeYIQBjdsAKoAZIoRz7j \
Uqlw19DAJBgUrDgMCHQUAA0EAESRFHKWt94RYik/49D8FY8Xxsrl2KFuMz9isMsjYTHIc0GZAL70JSDkoS/BSkBXcsAc+LYTBYoxNyjRFzQoTEQ==</wsse:BinarySecurityToken>
<br>> \
<ds:Signature xmlns:ds="<a \
href="http://www.w3.org/2000/09/xmldsig#">http://www.w3.org/2000/09/xmldsig#</a>"<br>> \
Id="Signature-2661678"><br>> \
\
<ds:SignedInfo> \
<br>> \
\
<ds:CanonicalizationMethod<br>> Algorithm="<a \
href="http://www.w3.org/2001/10/xml-exc-c14n#">http://www.w3.org/2001/10/xml-exc-c14n#</a>" \
/><br>> & \
nbsp; \
<ds:SignatureMethod <br>> Algorithm="<a \
href="http://www.w3.org/2000/09/xmldsig#rsa-sha1">http://www.w3.org/2000/09/xmldsig#rsa-sha1</a>" \
/><br>> & \
nbsp; \
<ds:Reference URI="#id-28472268"> \
<br>> \
&n \
bsp; \
<ds:Transforms><br>> &nb \
sp;   \
; & \
nbsp; \
<ds:Transform Algorithm="<a href="http://www.w3.org/2001/10/xml-exc-c14n#"> \
http://www.w3.org/2001/10/xml-exc-c14n#</a>"<br>> \
/><br>> & \
nbsp; &nb \
sp; \
</ds:Transforms><br>> &n \
bsp; &nbs \
p; \
<ds:DigestMethod Algorithm=" <a \
href="http://www.w3.org/2000/09/xmldsig#sha1">http://www.w3.org/2000/09/xmldsig#sha1</a>"<br>> \
/><br>> & \
nbsp; &nb \
sp; \
<ds:DigestValue>qKODJw3FD0Y3ux551lLvFDQxdac=</ds:DigestValue> \
<br>> \
\
</ds:Reference><br>> &nb \
sp;   \
; \
<ds:Reference URI="#id-29087666"><br>>   \
; & \
nbsp; \
<ds:Transforms> \
<br>> \
&n \
bsp; \
<ds:Transform Algorithm="<a \
href="http://www.w3.org/2001/10/xml-exc-c14n#">http://www.w3.org/2001/10/xml-exc-c14n#</a>"<br>> \
/><br>> & \
nbsp; &nb \
sp; \
</ds:Transforms> \
<br>> \
&n \
bsp; \
<ds:DigestMethod Algorithm="<a \
href="http://www.w3.org/2000/09/xmldsig#sha1">http://www.w3.org/2000/09/xmldsig#sha1</a>"<br>> \
/><br>> & \
nbsp; &nb \
sp; \
<ds:DigestValue>lI8Dwho3Ll5S5IGRZKGBN5N36WY=</ds:DigestValue> \
<br>> \
\
</ds:Reference><br>> &nb \
sp;   \
; \
<ds:Reference URI="#id-21886820"><br>>   \
; & \
nbsp; \
<ds:Transforms> \
<br>> \
&n \
bsp; \
<ds:Transform Algorithm="<a \
href="http://www.w3.org/2001/10/xml-exc-c14n#">http://www.w3.org/2001/10/xml-exc-c14n#</a>"<br>> \
/><br>> & \
nbsp; &nb \
sp; \
</ds:Transforms> \
<br>> \
&n \
bsp; \
<ds:DigestMethod Algorithm="<a \
href="http://www.w3.org/2000/09/xmldsig#sha1">http://www.w3.org/2000/09/xmldsig#sha1</a>"<br>> \
/><br>> & \
nbsp; &nb \
sp; \
<ds:DigestValue>eedOjqxbQodrUoTPkDG7TCGesS0=</ds:DigestValue> \
<br>> \
\
<br>> \
&n \
bsp; \
<ds:Transform Algorithm="<a \
href="http://www.w3.org/2001/10/xml-exc-c14n#">http://www.w3.org/2001/10/xml-exc-c14n#</a>"<br>> \
/><br>> & \
nbsp; &nb \
sp; \
</ds:Transforms> \
<br>> \
&n \
bsp; \
<ds:DigestMethod Algorithm="<a \
href="http://www.w3.org/2000/09/xmldsig#sha1">http://www.w3.org/2000/09/xmldsig#sha1</a>"<br>> \
/><br>> & \
nbsp; &nb \
sp; \
<ds:DigestValue>k1/s6GPu+FAQ3LsWSRLKj896lZs=</ds:DigestValue> \
<br>> \
\
</ds:Reference><br>> &nb \
sp;   \
; \
<ds:Reference URI="#id-22927632"><br>>   \
; & \
nbsp; \
<ds:Transforms> \
<br>> \
&n \
bsp; \
<ds:Transform Algorithm="<a \
href="http://www.w3.org/2001/10/xml-exc-c14n#">http://www.w3.org/2001/10/xml-exc-c14n#</a>"<br>> \
/><br>> & \
nbsp; &nb \
sp; \
</ds:Transforms> \
<br>> \
&n \
bsp; \
<ds:DigestMethod Algorithm="<a \
href="http://www.w3.org/2000/09/xmldsig#sha1">http://www.w3.org/2000/09/xmldsig#sha1</a>"<br>> \
/><br>> & \
nbsp; &nb \
sp; \
<ds:DigestValue>F0v2H6ovbR7M4PUjsBytnt6X3UU=</ds:DigestValue> \
<br>> \
\
</ds:Reference><br>> &nb \
sp;   \
; \
<ds:Reference URI="#Timestamp-32580443"><br>> &nbs \
p; \
&n \
bsp; \
<ds:Transforms> \
<br>> \
&n \
bsp; \
<ds:Transform Algorithm="<a \
href="http://www.w3.org/2001/10/xml-exc-c14n#">http://www.w3.org/2001/10/xml-exc-c14n#</a>"<br>> \
/><br>> & \
nbsp; &nb \
sp; \
</ds:Transforms> \
<br>> \
&n \
bsp; \
<ds:DigestMethod Algorithm="<a \
href="http://www.w3.org/2000/09/xmldsig#sha1">http://www.w3.org/2000/09/xmldsig#sha1</a>"<br>> \
/><br>> & \
nbsp; &nb \
sp; \
<ds:DigestValue>JamToNJwKmHPNznZPItnQ/mCfHU=</ds:DigestValue> \
<br>> \
\
</ds:Reference><br>> &nb \
sp; \
</ds:SignedInfo><br>> &n \
bsp; \
<ds:SignatureValue><br>> \
JhjlwVhaZ2bzuZin4Wj7iLlQWpj/JRtbrHiqCOvjVNmonIEYMjRWd3KwTuuZxiA0Gu6HxCerFErn <br>> \
bVDLpsATQhBZaRQXxezHvV3kmpRXC/AA0ev0FkdB0hk5SBftQvK2zobLtb9SbKqkyXFtq8SrsksS<br>>&n \
bsp; &nbs \
p; \
/ouTIppVwJnvzMom4EQ=<br>> &nbs \
p; \
</ds:SignatureValue><br>> &nbs \
p; \
<ds:KeyInfo Id="KeyId-32689826"> \
<br>> \
\
<wsse:SecurityTokenReference<br>> xmlns:wsu="<a \
href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.x \
sd">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
</a>"<br>> wsu:Id="STRId-3840954"><br>> &nbs \
p; \
&n \
bsp; \
<wsse:Reference URI="#CertId-1110094"<br>> ValueType="<a \
href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3</a>"<br>> \
/><br>> & \
nbsp; \
</wsse:SecurityTokenReference><br>> \
\
</ds:KeyInfo> <br>> \
</ds:Signature><br>> \
<wsu:Timestamp<br>> xmlns:wsu="<a \
href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.x \
sd">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
</a>"<br>> wsu:Id="Timestamp-32580443"><br>>   \
; \
<wsu:Created>2007-03-29T21:36:04.570Z</wsu:Created><br>> &nb \
sp; \
<wsu:Expires>2007-03-29T21:41: \
04.570Z</wsu:Expires><br>> &nb \
sp; \
</wsu:Timestamp><br>> \
</wsse:Security><br>> \
<wsa:To<br>> xmlns:wsu="<a \
href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd</a>"<br>> \
wsu:Id="id-21886820"><a \
href="http://dc32740/WebServiceNewSecuritySignandEncrypt/Service.asmx">http://dc32740/WebServiceNewSecuritySignandEncrypt/Service.asmx
</a></wsa:To><br>> \
<wsa:ReplyTo<br>> xmlns:wsu="<a \
href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.x \
sd">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
</a>"<br>> wsu:Id="id-28113457"><br>> <wsa:Address><a \
href="http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous">http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</a>
</wsa:Address><br>> \
</wsa:ReplyTo><wsa:MessageID<br>> xmlns:wsu="<a \
href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.x \
sd">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
</a>"<br>> wsu:Id="id-22927632">urn:uuid:971DF6D2EC1A63EE6311752 \
04164091</wsa:MessageID><br>> \
<wsa:Action<br>> xmlns:wsu="<a \
href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd</a>"<br>> \
wsu:Id="id-29087666"><a \
href="http://services.test.org/HelloWorld">http://services.test.org/HelloWorld</a></wsa:Action>
<br>> \
</soapenv:Header><br>> <soapenv:Body<br>> \
xmlns:wsu="<a href="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssec \
urity-utility-1.0.xsd">http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
</a>"<br>> wsu:Id="id-28472268"><br>> \
<xenc:EncryptedData Id="EncDataId-28472268"<br>> Type="<a \
href="http://www.w3.org/2001/04/xmlenc#Content">http://www.w3.org/2001/04/xmlenc#Content
</a>"><br>> \
<xenc:EncryptionMethod<br>> Algorithm="<a \
href="http://www.w3.org/2001/04/xmlenc#aes256-cbc">http://www.w3.org/2001/04/xmlenc#aes256-cbc</a>" \
/><br>> <xenc:CipherData> \
<br>><br>> <xenc:CipherValue>+Fvu4fGMhAuSRXa3Zm0vrXPTsqJOKfj9njAmoOgJDwsgfP1wR/ZAXTpceHVWdbtfzV0fpt8Ya/Sd<br>> \
oSa+vWsx2EuQJsS1z0sC80XMAFCrdISpX3N+OBK7qAThpJtnVH0ywsOeoyhuye3c+CFrABf9+Td9<br>> \
EwkzBRuFkicfRh6X3Db2Lv2hFxjjXnFPIM2t37w5ZkXgBVdY8bIgppuOMdLfKy+SagUDcF0r9YXu <br>> \
aLAcuEd/fuoQmdxnvBk9FHGQZnOQ2jHXQqy3kGEU450pqPUnSnb6FRNEspEhrlIw/XzrIO4QunG3<br>> \
ztJOnkvq99PCJ27UExrgGUQ/giSIUU5pK9oM0xiJLAHq/abaZeCk1sbUBq5woMm1kO6Ff6cpHa7s<br>> \
oaDKLaAwt40Jr9iSEt45C4roaT27xZobPLEr5aZmPWA60GAhjEMj0qC2WTaHwyU9HRGWnQEaKxrg <br>> \
Kn2YHj4Vdt4IEg==</xenc:CipherValue><br>> \
</xenc:CipherData><br>> \
</xenc:EncryptedData><br>> \
</soapenv:Body><br>> </soapenv:Envelope><br>><br>><br> > \
Freddy Weishaeupl wrote:<br>>><br>>> Hi,<br>>><br>>> \
currently I'm trying to use a .NET Client to access a Java webservice. \
At<br>>> the .NET side I use the Microsoft WSE 3.0 implementation to sign and \
<br>>> encrypt<br>>> the SOAP Body of the SOAP request message. At \
server-side WSS4J is used<br>>> for<br>>> checking the signature and \
decrypting the SOAP Message.<br>>><br>>> I'm using the interop \
certificates (Alice&Bob) of the WSS4J 1.5.1<br>>> \
package.<br>>><br>>> Unfortunately at server-side I always get the \
following error message:<br>>> \
-----------------------------------------------------------------------------------------------------------------
<br>>> ...<br>>> [23.03.2007 14:53:37] [DEBUG]<br>>> \
[org.apache.xml.security.algorithms.SignatureAlgorithm.<init>] Create \
URI<br>>> "<a href="http://www.w3.org/2000/09/xmldsig#hmac-sha1"> \
http://www.w3.org/2000/09/xmldsig#hmac-sha1</a>" class "class<br>>> \
org.apache.xml.security.algorithms.implementations.IntegrityHmac$Integrity<br>>> \
HmacSHA1"<br>>> [23.03.2007 14:53:37] [DEBUG] <br>>> \
[org.apache.xml.security.algorithms.JCEMapper.translateURItoJCEID]<br>>> \
Request<br>>> for URI <a \
href="http://www.w3.org/2000/09/xmldsig#hmac-sha1">http://www.w3.org/2000/09/xmldsig#hmac-sha1</a>
<br>>> [23.03.2007 14:53:37] [DEBUG]<br>>> \
[org.apache.xml.security.algorithms.implementations.IntegrityHmac.<init>]<br>>> \
Created IntegrityHmacSHA1 using HmacSHA1<br>>> [23.03.2007 14:53:37] [DEBUG] \
<br>>> [org.apache.xml.security.utils.ElementProxy.<init>] \
setElement("KeyInfo",<br>>> "null")<br>>> [23.03.2007 \
14:53:37] [DEBUG]<br>>> \
[org.apache.ws.security.message.token.SecurityTokenReference.getTokenElement \
]<br>>> Token reference uri: \
#SecurityToken-d81c5ccf-8197-433f-937b-495421e6a832<br>>> \
org.apache.ws.security.WSSecurityException: Referenced security token<br>>> \
could<br>>> not be retrieved. (Reference <br>>> \
"#SecurityToken-d81c5ccf-8197-433f-937b-495421e6a832")<br>>> \
at<br>>> org.apache.ws.security.message.token.SecurityTokenReference.getTokenElement(SecurityTokenReference.java:179)
<br>>> at<br>>> \
org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:186)<br>>> \
...<br>>> -----------------------------------------------------------------------------------------------------------------------------------------
<br>>><br>>><br>>> Any ideas what's the problem here? Has \
anyone already tested WSE3.0 in<br>>> combination with \
WSS4J?<br>>><br>>> Thanks.<br>>><br>>> Best \
Regards<br>>> Freddy <br>>><br>>> \
_________________________________________________________________<br>>> Express \
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/</a><br>>><br>>><br>>> \
---------------------------------------------------------------------<br>>> To \
unsubscribe, e-mail: <a href="mailto:wss4j-dev-unsubscribe@ws.apache.org"> \
wss4j-dev-unsubscribe@ws.apache.org</a><br>>> For additional commands, e-mail: \
<a href="mailto:wss4j-dev-help@ws.apache.org">wss4j-dev-help@ws.apache.org</a><br>>><br>>><br>>><br>><br>><br><br>
--<br>View this message in context: <a \
href="http://www.nabble.com/Interop-WSE-3.0-and-WSS4J---Referenced-security-token-coul \
d-not-be-retrieved-tf3454147.html#a9746894">http://www.nabble.com/Interop-WSE-3.0-and-WSS4J---Referenced-security-token-could-not-be-retrieved-tf3454147.html#a9746894
</a><br>Sent from the WSS4J mailing list archive at <a \
href="http://Nabble.com">Nabble.com</a>.<br><br><br>---------------------------------------------------------------------<br>To \
unsubscribe, e-mail: <a href="mailto:wss4j-dev-unsubscribe@ws.apache.org"> \
wss4j-dev-unsubscribe@ws.apache.org</a><br>For additional commands, e-mail: <a \
href="mailto:wss4j-dev-help@ws.apache.org">wss4j-dev-help@ws.apache.org</a><br><br></blockquote></div><br><br \
clear="all"><br>-- <br>José Ferreiro <br>EPFL Communication Systems \
engineer<br>ing.sys.com.dipl.EPFL
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic