Forum Discussion

rekotc's avatar
rekotc
New Member
2 months ago
Solved

Signature\Encryption tags missing in Security Header

Hello everybody,

I'm doing some tests with wssecurity in a soap webservice. I configured the following actions: Timestamp, Signature, Encryption. I tried to call the service using soapUI configured to use soap1.1, and the request is generated fine, this is the header I get:

<soapenv:Header>
		<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
			<xenc:EncryptedKey Id="EK-5E380F04DDF708DA85176529291691680" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
				[...]
			</xenc:EncryptedKey>
			<ds:Signature Id="SIG-5E380F04DDF708DA85176529291689979" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
				[...]
			</ds:Signature>
			<wsu:Timestamp wsu:Id="TS-5E380F04DDF708DA85176529291689474">
				<wsu:Created>2025-12-09T15:08:36.892Z</wsu:Created>
				<wsu:Expires>2025-12-09T16:31:56.892Z</wsu:Expires>
			</wsu:Timestamp>
		</wsse:Security>
	</soapenv:Header>

Then I tried the same identical security configuration using soap1.2 (this service can be called in both ways), and this time I get a security error (actions mismatch), I checked the request being generated by soapUI and this is what I see:

<soapenv:Header>
		<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
			<wsu:Timestamp wsu:Id="TS-8A0903C9A345FE6A54176528027465213">
				<wsu:Created>2025-12-09T11:37:54.652Z</wsu:Created>
				<wsu:Expires>2025-12-09T13:01:14.652Z</wsu:Expires>
			</wsu:Timestamp>
		</wsse:Security>
	</soapenv:Header>

Why are the two tags EncryptedKeys and Signature missing here? I believe this is the root cause of the error.

Thanks in advance.

  • Hi rekotc​ 

    Sounds, Nothing is wrong with SOAP 1.2 or WS-Security itself.
    The Signature and Encryption tags are missing because WS-Security is not attached to the SOAP 1.2 request.

    Once you assign the Outgoing WSS profile to the SOAP 1.2 request, the problem should be resolved is what i believe.

    Hope this helps - Happy to help further!!
    Thank you very much and have a great one!
    Warm regards

     

1 Reply

  • Humashankar's avatar
    Humashankar
    Icon for Champion Level 3 rankChampion Level 3

    Hi rekotc​ 

    Sounds, Nothing is wrong with SOAP 1.2 or WS-Security itself.
    The Signature and Encryption tags are missing because WS-Security is not attached to the SOAP 1.2 request.

    Once you assign the Outgoing WSS profile to the SOAP 1.2 request, the problem should be resolved is what i believe.

    Hope this helps - Happy to help further!!
    Thank you very much and have a great one!
    Warm regards