Forum Discussion

Warhead507's avatar
Warhead507
11 years ago

WS-security : Sending a message with signature token

Hi All,

I am new to implementing WS-security using SoapUI. I have created a keystore, added relevant client certificate (using keytool and openSSL i have accomplished upto this). After this i have send a request containg ws-security headers. The request is not getting accepted by my soap-server. I am kind of lost in this, any help would be highly appriciated.

THE RQE STRUCTURE IS :
<soapenv:Envelope xmlns:sam="http://ws.apache.org/axis2/c/samples" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509PKIPathv1" wsu:Id="X509-AB19281E01DD9F9C1B140316523859322">MIIDEDCCAwwwggH0oAMCAQICEDOmBH+xVWMf7WchF4FQqJkwDQYJKoZIhvcNAQEFBQAwMDEOMAwGA1UECgwFT0FTSVMxHjAcBgNVBAMMFU9BU0lTIEludGVyb3AgVGVzdCBDQTAeFw0wNTAzMTkwMDAwMDBaFw0xODAzMTkyMzU5NTlaMEIxDjAMBgNVBAoMBU9BU0lTMSAwHgYDVQQLDBdPQVNJUyBJbnRlcm9wIFRlc3QgQ2VydDEOMAwGA1UEAwwFQWxpY2UwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAKKovfQctVWKNGh65CgjU+A5CIDy/0oGoW3inRoa27tytlxu2q3w/baiASCjH61+BqfdDSWvOQFdcojbBMr6vplJzKTXCpy1yzo5E5jAqg2G25HoSZVz52li873vpltKSXT8bX962w+D0v3AUCL7aY5qwwFPFbGSk/AzeSss/hGbAgMBAAGjgZMwgZAwCQYDVR0TBAIwADAzBgNVHR8ELDAqMCiiJoYkaHR0cDovL2ludGVyb3AuYmJ0ZXN0Lm5ldC9jcmwvY2EuY3JsMA4GA1UdDwEB/wQEAwIEsDAdBgNVHQ4EFgQUCuJdE1B2dUFd1dkLZSzQ5vj6MYgwHwYDVR0jBBgwFoAUwJ0o/MHrNaEd1qqqoBwaTcJJDw8wDQYJKoZIhvcNAQEFBQADggEBAAU6qTqb1vusqy18lJT9sSWxJKIVxyOTlsClpXjm/YZZIVp7VGpX3BTiQIFMh99E06R5Xc8dfrytiz84aFBSmBxNSMkL6JATdiYxTuuAULpAip2YZXS0T8RoX5E3cUIHX+awiv8Id8VbGQjU37jDZpQDOpTgIPEHbg2od1hWaRANLNp8EGgjUEzTIyQvLWr9Qga+vhORQJsD1z+6ScZ/RcPTl0cqm0QOL9su2KWxpBthiPVLzh8Okhr3+BUUrYTDDt+WG6YpBrC4sd7wLF1louK8H1TmM0CtDhTzYvUTAlHUh9Opvbi1nJIgsY6LNBUDg2RPZeAExsvbPYTVcK8jiU8=</wsse:BinarySecurityToken><ds:Signature Id="SIG-11" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><ds:SignedInfo><ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces PrefixList="sam soapenv xsd xsi" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:CanonicalizationMethod><ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference URI="#id-10"><ds:Transforms><ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces PrefixList="sam xsd xsi" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds:Transform></ds:Transforms><ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>oocUln0DTY4ssp1fN3KxbNmYKHw=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>jnohgXxPHNxDe6aUUWI1ahgRKMPFm9ec0y24m7QOjqrb/yNZUcnK3YeBeHdAdZjuh8k7LLraOZSo
nEoicMraUiOaYCDrgDbFBJOaqloQdqiiiO/rVoElV0fQ0gyRlkzYd7foaSpfOH+t6yAhkmgkIuDq
U43wA/Z4Y/xvPPhuXIk=</ds:SignatureValue><ds:KeyInfo Id="KI-AB19281E01DD9F9C1B140316523859323"><wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509PKIPathv1" wsu:Id="STR-AB19281E01DD9F9C1B140316523859324" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"><wsse:Reference URI="#X509-AB19281E01DD9F9C1B140316523859322" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509PKIPathv1"/></wsse:SecurityTokenReference></ds:KeyInfo></ds:Signature></wsse:Security></soapenv:Header>
<soapenv:Body wsu:Id="id-10" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<sam:echoString soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/">
<text xsi:type="xsd:string">test</text>
</sam:echoString>
</soapenv:Body>
</soapenv:Envelope>


THE RESPONSE IS :::

<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header/>
<soapenv:Body>
<soapenv:Fault>
<faultcode>
<Subcode xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<Value>wsse:FailedCheck</Value>
</Subcode>
soapenv:Sender
</faultcode>
<faultstring>Could not find signature</faultstring>
<detail>
<wsse:ProblemSecurityHeader xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">wsse:InvalidSecurity</wsse:ProblemSecurityHeader>
</detail>
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>

Please help...
No RepliesBe the first to reply