Forum Discussion

ATILIUS's avatar
New Contributor
10 years ago

How to sign a message with SoapUI


Using a webservice with ws-security, I have a small java program, which signs by cxf messages send over the web service.
Now I would like to test some messages by using SoapUI.
Unfortunately, I am not able to configure SoapUI in order to sign the outgoing messages.
At the Outgoing WS-Security configurations tab, I have added an item Signature with Keystore, alias, password... and at the Keystores tab I have added the corresponding jks file with the key.
At the Auth tab of the request page, I have set the outgoing wss.
Still, all messages send from SoapUI are not signed.

Could anyone please let me know, how to configure SoapUI so, that it signs the outgoing messages?

Maybe I need to add some parts items at the Outgoing WS-Security configurations tab.
For more information, I list the corresponding policy file for signing below.



policy file:
<?xml version="1.0" encoding="UTF-8"?>
xsi:schemaLocation=" ... policy.xsd ... policy.xsd
<sp:AsymmetricBinding xmlns:sp=''>
<sp:X509Token sp:IncludeToken=''>
<sp:WssX509V3Token10 />
<sp:X509Token sp:IncludeToken=''>
<sp:WssX509V3Token10 />
<sp:Basic256 />
<sp:Strict />
<sp:OnlySignEntireHeadersAndBody />
<sp:Wss10 xmlns:sp=''>
<sp:MustSupportRefEmbeddedToken />
<sp:SignedParts xmlns:sp=''>
<sp:Body />

5 Replies

  • ATILIUS's avatar
    New Contributor
    Hello Marcus!

    Thanks for the link, but I was on this page before allready and checked it.
    Still, SoapUI doesn't sign my messages.
    What is the minimum requirement to sign a message with SoapUI?
  • pgupta's avatar
    New Contributor

    I am trying to configure security in similar way in SOAP UI to get connected to Apache CXF services but I am getting below exception:

    These policy alternatives can not be satisfied:
    {}X509Token: The received token does not match the token inclusion requirement
    {}Layout: Layout does not match the requirements

    Just want to ask if you have encountered similar issue. If yes then what is the possible solution for it. I would highly appreciate if you can give me any pointers on how to configure X509 token in SOAP UI.

    Thanks, Puneet.
  • Hi,

    SoapUI does not currently support the ws-security Layout policy,however, we have an internal feature request of SOAP-2357 for this.
    • georgianad's avatar

      Hi MarcusJ,


      I am interested to know if this request has been completed : SOAP-2357.

      Our service is using strict layout and we cannot test it using SOAP UI.

      If I change the layout to lax layout, everything is working properly.


      Could you tell me if the latest SoapUI version supports the ws-security Layout policy?


      Thank you,


      Best regards,