[prev in list] [next in list] [prev in thread] [next in thread]
List: wss4j-dev
Subject: [jira] Issue Comment Edited: (WSS-198) Problem when body is signed
From: "Dobri Kitipov (JIRA)" <jira () apache ! org>
Date: 2009-06-16 8:34:07
Message-ID: 1709829049.1245141247506.JavaMail.jira () brutus
[Download RAW message or body]
[ https://issues.apache.org/jira/browse/WSS-198?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12719976#action_12719976 \
]
Dobri Kitipov edited comment on WSS-198 at 6/16/09 1:32 AM:
------------------------------------------------------------
Hi Colm,
thank you fir the fast answer.
My fast check with wss4j-1.5.8-SNAPSHOT.jar throws another exception:
com.mycompany.client.api.WSClientException: org.apache.axis2.AxisFault: Missing \
encryption result for id : http://com:name at \
com.mycompany.client.impl.WSStaxClientImpl.sendReceive(WSStaxClientImpl.java:150) at \
com.mycompany.security.samples.SampleSecurityClient.invokeWebService(SampleSecurityClient.java:96)
at com.mycompany.security.samples.SampleSecurityClient.main(SampleSecurityClient.java:35)
Caused by: org.apache.axis2.AxisFault: Missing encryption result for id : \
http://com:name at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:523)
at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:370)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:416)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:548)
at com.mycompany.client.impl.WSStaxClientImpl.sendReceive(WSStaxClientImpl.java:146)
... 2 more
I am not sure that I have checked it correctly. Do I need to update and other jars?
I will try to find some time to debug it.
Regards,
Dobri
was (Author: dobri):
Hi Colm,
thank you fir the fast answer.
My fast check with throws another exception:
com.mycompany.client.api.WSClientException: org.apache.axis2.AxisFault: Missing \
encryption result for id : http://com:name at \
com.mycompany.client.impl.WSStaxClientImpl.sendReceive(WSStaxClientImpl.java:150) at \
com.mycompany.security.samples.SampleSecurityClient.invokeWebService(SampleSecurityClient.java:96)
at com.mycompany.security.samples.SampleSecurityClient.main(SampleSecurityClient.java:35)
Caused by: org.apache.axis2.AxisFault: Missing encryption result for id : \
http://com:name at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:523)
at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:370)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:416)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:548)
at com.mycompany.client.impl.WSStaxClientImpl.sendReceive(WSStaxClientImpl.java:146)
... 2 more
> Problem when body is signed and then an XPath is encrypted
> ----------------------------------------------------------
>
> Key: WSS-198
> URL: https://issues.apache.org/jira/browse/WSS-198
> Project: WSS4J
> Issue Type: Bug
> Affects Versions: 1.5.7
> Reporter: Dobri Kitipov
> Assignee: Colm O hEigeartaigh
> Fix For: 1.5.8
>
> Attachments: send_to_server_side_before_encryption.xml, \
> signed_doc_after_decryption.xml
>
> Hi everybody,
> there is a problem when when a message body is signed and then an XPath expression \
> pointing to a body element is encrypted. The problem is that the verification of \
> the signature cannot pass. This is caused by the fact that there is a difference \
> between the signed body and the body used for signature verification. The body used \
> for signature verification is modified because after XPath element decryption an ID \
> is added to the element. This ID is used to verify the decryption, but changes the \
> original body. I am doing the tests with :
> Rampart from the trunk with WSS4J 1.5.7.
> Exception thrown is:
> [WARN] Verification failed for URI "#Id-11235685"
> [WARN] Expected Digest: o0jyc1pJHEawRaLNry+cnYeCc80=
> [WARN] Actual Digest: VMEF6KgvE6t3PNLlYR49LGEW+xM=
> [ERROR] The signature or decryption was invalid
> org.apache.axis2.AxisFault: The signature or decryption was invalid
> at org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:172)
> at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:95)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163)
> at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275)
> at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:133)
> at com.mycompany.deployment.server.SAGAdminServlet.doPost(SAGAdminServlet.java:30)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
> at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
> at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
> at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
> at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
> at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
> at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
> at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
> at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:875)
> at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
> at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
> at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
> at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
> at java.lang.Thread.run(Thread.java:595)
> Caused by: org.apache.ws.security.WSSecurityException: The signature or decryption \
> was invalid at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:527)
> at org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:97)
> at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:326)
> at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:243)
> at org.apache.rampart.RampartEngine.process(RampartEngine.java:151)
> at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92)
> ... 22 more
> I will try to apply a patch tomorrow.
> Any comments and ideas are appreciated.
> Regards,
> Dobri
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic