Need help in invoking secure web-service from SoapUI
Hi,
I am trying to invoke a secure web-service (OSB proxy service exposed as web-service) from SoapUI. The web-service has OWSM policy "oracle/wss11_message_protection_service_policy" implemented on it. I am able to invoke this WS successfully from OSB console. When invoking this service from OSB console, I pass keystore.recipient.alias as test (this has already been setup in keystore). The key was created using the below mentioned command:
keytool -genkey -alias test -keyalg "RSA" -sigalg "SHA1withRSA" -dname "CN=test, C=US" -keystore test.jks
The above command generates an RSA key, with RSA-SHA1 as the signature algorithm.
My requirement says to invoke this WS from SoapUI. I have performed the following steps -
1.) Create project from wsdl
2.) Opened project properties -> Security Configuration -> Keystore -> added test.jks created above. Kept default alias as blank.
3.) Security Configuration -> Outgoing WS -Security Config -> Added a name "Sample", rest fields kept blank.
3.1.) Added 3 WSS entries under "Sample"
3.1.1) Timestamp -> set to 300000
3.1.2) Signature ->
Keystore: test.jks
Alias: test
Key Identifier: Subject Key Identifier
Signature Algo: http://www.w3.org/2000/09/xmldsig#rsa-sha1
Signature Canonicalization: default
Single certificate: Yes
3.1.3) Encryption ->
Keystore: test.jks
Alias: test
Key Identifier: Subject Key Identifier
Signature Encoding Algo: default
Key encrypting algorithm: default
Signature Canonicalization: default
Create encrypted key: Yes
4.) Security Configuration -> Incoming WS -Security Config -> Added a name "Sample_Incoming", selected decrypt and signature keytores as test.jks
5.) Opened Request1 test case
5.1) Under "Aut" selected Outgoing WSS as "Sample" and Incoming WSS as "Sample_Incoming"
5.2) Ran the test case
The error message I got was -
Please let me know if I am missing or executing any step in incorrect way.
TIA,
Sid
I am trying to invoke a secure web-service (OSB proxy service exposed as web-service) from SoapUI. The web-service has OWSM policy "oracle/wss11_message_protection_service_policy" implemented on it. I am able to invoke this WS successfully from OSB console. When invoking this service from OSB console, I pass keystore.recipient.alias as test (this has already been setup in keystore). The key was created using the below mentioned command:
keytool -genkey -alias test -keyalg "RSA" -sigalg "SHA1withRSA" -dname "CN=test, C=US" -keystore test.jks
The above command generates an RSA key, with RSA-SHA1 as the signature algorithm.
My requirement says to invoke this WS from SoapUI. I have performed the following steps -
1.) Create project from wsdl
2.) Opened project properties -> Security Configuration -> Keystore -> added test.jks created above. Kept default alias as blank.
3.) Security Configuration -> Outgoing WS -Security Config -> Added a name "Sample", rest fields kept blank.
3.1.) Added 3 WSS entries under "Sample"
3.1.1) Timestamp -> set to 300000
3.1.2) Signature ->
Keystore: test.jks
Alias: test
Key Identifier: Subject Key Identifier
Signature Algo: http://www.w3.org/2000/09/xmldsig#rsa-sha1
Signature Canonicalization: default
Single certificate: Yes
3.1.3) Encryption ->
Keystore: test.jks
Alias: test
Key Identifier: Subject Key Identifier
Signature Encoding Algo: default
Key encrypting algorithm: default
Signature Canonicalization: default
Create encrypted key: Yes
4.) Security Configuration -> Incoming WS -Security Config -> Added a name "Sample_Incoming", selected decrypt and signature keytores as test.jks
5.) Opened Request1 test case
5.1) Under "Aut" selected Outgoing WSS as "Sample" and Incoming WSS as "Sample_Incoming"
5.2) Ran the test case
The error message I got was -
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Body>
<soapenv:Fault>
<faultcode>soapenv:Server</faultcode>
<faultstring>BEA-386200: General web service security error</faultstring>
<detail>
<con:fault xmlns:con="http://www.bea.com/wli/sb/context">
<con:errorCode>BEA-386200</con:errorCode>
<con:reason>General web service security error</con:reason>
<con:location>
<con:path>request-pipeline</con:path>
</con:location>
</con:fault>
</detail>
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>
Please let me know if I am missing or executing any step in incorrect way.
TIA,
Sid