Forum Discussion
UPDATE
Below is the modified ws-security configuration in soapui of my project. First I'd like to show you the input soap message sample.
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:soap="http://soap.aaa.com/"> <soapenv:Header/> <soapenv:Body> <soap:sayHello> <!--Optional:--> <arg0>?</arg0> </soap:sayHello> </soapenv:Body> </soapenv:Envelope>
And Both modified Username and Encryption configuration of soapui :
The exception and soap fault are thrown,
Caused by: javax.xml.bind.UnmarshalException: Unexpected Element (URI: "http://www.w3.org/2001/04/xmlenc#", local: "EncryptedData"). needed element is (none).
The following encrypted soap message is shown like this,
<soapenv:Envelope xmlns:soap="http://soap.aaa.com/" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"> <soapenv:Header><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><xenc:EncryptedKey Id="EK-45F443F2E8A873A23714704707693412" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference><ds:X509Data><ds:X509IssuerSerial><ds:X509IssuerName>CN=joseph</ds:X509IssuerName><ds:X509SerialNumber>1602876047</ds:X509SerialNumber></ds:X509IssuerSerial></ds:X509Data></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>gOq6T+xnGCV7DGSBCxIKfH+YFuTslWumgfHIzgg1nTrryr9uRxkQ/Bn8J08wX4mjwamyrG+l9bd4LDmodeuVxKGqrrwd3lBnAQv8fytn20ds6L6PF5L3LZhagX8fumdEmCNT37SaMdZGwOqu/LCw8phBizuPRemIAsZ4+9LBpcsFncfJ9PBp0pG2lMM6JUKWHerMNM/GBhU5ytWyMG6MhkITFG3v3D1wJl8vW9L6m5iTEwek8TobcIYPJ12HWYqvQ4NGNhM/ppRD8NBTpUcFEqvute+bNlsXR3oRxrrhwbIkaKyxPUY277Vyqa1DyQF6+AonmJlLZnJIZsw3PPpqCA==</xenc:CipherValue></xenc:CipherData><xenc:ReferenceList><xenc:DataReference URI="#ED-45F443F2E8A873A23714704707693523"/></xenc:ReferenceList></xenc:EncryptedKey><wsse:UsernameToken wsu:Id="UsernameToken-45F443F2E8A873A23714704707693261"><wsse:Username>servicekey</wsse:Username><wsse:Password Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">y+6Ka5uzvrJwZv7ufIojMXObVhM=</wsse:Password><wsse:Nonce EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary">sIewqYgHFO9P8qMHSIP9KQ==</wsse:Nonce><wsu:Created>2016-08-06T08:06:09.324Z</wsu:Created></wsse:UsernameToken></wsse:Security></soapenv:Header> <soapenv:Body> <soap:sayHello> <!--Optional:--> <arg0><xenc:EncryptedData Id="ED-45F443F2E8A873A23714704707693523" Type="http://www.w3.org/2001/04/xmlenc#Content" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"><wsse:Reference URI="#EK-45F443F2E8A873A23714704707693412"/></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>mI1uKSc1Vz0BLZWzVKT/nM3Q0wjUxOpgAWtYzzOl/qk=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></arg0> </soap:sayHello> </soapenv:Body> </soapenv:Envelope>
I think service side of soap webservice can not recognize the element EncryptedData of input soap message . Any suggestion, pls?
- Anonymous9 years ago
This is the modified SoapUI Encryption configuration. Pls, have a look at it.
And the returned SOAP message is almost correct except one thing. The encrypted element is not decrypted. Pls, have a look at these request and response soap messages,
== request soap
<soapenv:Envelope xmlns:soap="http://soap.aaa.com/" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"> <soapenv:Header>.......</soapenv:Header> <soapenv:Body> <soap:sayHello> <!--Optional:--> <xenc:EncryptedData Id="ED-5F86AA7F44351E460314705512463574" Type="http://www.w3.org/2001/04/xmlenc#Element" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"><wsse:Reference URI="#EK-5F86AA7F44351E460314705512463472"/></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>fSA8Yk9FKQe4RoAegZesV7qMqeHrgC22Lgfss4FEkrrSMRtlcjqrkKK0AO8PkEsM8PTqvpp+DC53GmdN89Ij5vzUsdEdMxgdXzFEsYFmlR6GRSx8WpJwDQGET6BesYFmTSLDyvpksBJX4g1e0IGtTQxFjamC8gSr</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData> </soap:sayHello> </soapenv:Body> </soapenv:Envelope>
== response soap
HTTP/1.1 200 OK Connection: keep-alive X-Powered-By: Undertow/1 Server: WildFly/10 Content-Type: text/xml;charset=UTF-8 Content-Length: 229 Date: Sun, 07 Aug 2016 06:27:26 GMT <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"> <soap:Body> <ns2:sayHelloResponse xmlns:ns2="http://soap.aaa.com/"> <return>Hello null</return> </ns2:sayHelloResponse> </soap:Body> </soap:Envelope>
I have no idea how to decrypt and display the encrypted arg0 element in soapui.
How about your advice, pls. Thanks in advance.
Related Content
- 6 months ago
- 3 years ago