cancel
Showing results for 
Search instead for 
Did you mean: 

SOAPUI not signing/ security header empty

New Contributor

SOAPUI not signing/ security header empty

Hi, Ive been stressed out by this item. Ive followed through the following guide: soapui keystore + security guide , double checked everything (keystore status = OK) and created the corresponding "Outgoing WS-Security Configurations". Added Signature and Timestamp, both items fully configured.

Later I added, to my Request, a Basic Auth (pre-emptive auth: Use global preference) and pointed "Outgoing WSS" to my created configuration.

The service that I need to connect with is stating: "An error occurred when verifying security for the message."

I do believe that the reason behind all of this is because Im not seeing a security or signature token anywhere (or they are empty). I even tried creating a Mock Service, in order to review the exact message that Im sending and its as follows (extracted from raw):
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope" xmlns:wcf="http://wcf.dian.colombia">
<soap:Header xmlns:wsa="http://www.w3.org/2005/08/addressing"><wsseSmiley Frustratedecurity xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"/><wsa:Action>htt...>
<soap:Body>
<wcf:GetStatus>
<wcf:trackId>1d1</wcf:trackId>
</wcf:GetStatus>
</soap:Body>
</soap:Envelope>

 

As stated, this is almost empty. I reviewed other cases on site and they tended to go into two directions:
* Incorrect or missing configuration: Im pretty sure Ive followed through every required step, I even checked multiple guides on this item.

* Invalid JKS store: I tried with multiple certificates, even created one following a guide from smartbear for this purpose (right now, Im unsure which) and, as stated, all of them show Status = OK.

 

Im terrible frustrated by this, which I do require for work, so if anyone could point me out on the correct direction... Ill really appreciate it.

 

Thanks!

 

 

Tags (3)
1 REPLY 1
New Contributor

Re: SOAPUI not signing/ security header empty

Sorry, but there have been further updates... its fixed!!! The guide that I was following stated an incorrect namespace for the signage document. Ive found out this through the error log (soapui.log within soapui program folder) and within Ive found:

2019-09-07 13:52:51,653 ERROR [SoapUI] An error occurred [Signature creation failed (Cannot setup signature data structure)], see error log for details
2019-09-07 13:52:51,654 ERROR [errorlog] org.apache.ws.security.WSSecurityException: Signature creation failed (Cannot setup signature data structure)
org.apache.ws.security.WSSecurityException: Signature creation failed (Cannot setup signature data structure)
at org.apache.ws.security.message.WSSecSignatureBase.addReferencesToSign(WSSecSignatureBase.java:191)
at org.apache.ws.security.message.WSSecSignature.addReferencesToSign(WSSecSignature.java:411)
at org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:383)
at com.eviware.soapui.impl.wsdl.support.wss.entries.SignatureEntry.process(SignatureEntry.java:246)
at com.eviware.soapui.impl.wsdl.support.wss.OutgoingWss.processOutgoing(OutgoingWss.java:174)
at com.eviware.soapui.impl.wsdl.submit.filters.WssRequestFilter.filterWsdlRequest(WssRequestFilter.java:58)
at com.eviware.soapui.impl.wsdl.submit.filters.AbstractRequestFilter.filterAbstractHttpRequest(AbstractRequestFilter.java:39)
at com.eviware.soapui.impl.wsdl.submit.filters.AbstractRequestFilter.filterRequest(AbstractRequestFilter.java:33)
at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.filterRequest(HttpClientRequestTransport.java:322)
at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.sendRequest(HttpClientRequestTransport.java:184)
at com.eviware.soapui.impl.wsdl.WsdlSubmit.run(WsdlSubmit.java:119)
at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
at java.util.concurrent.FutureTask.run(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
Caused by: org.apache.ws.security.WSSecurityException: General security error (WSEncryptBody/WSSignEnvelope: Element to encrypt/sign not found: http://schemas.xmlsoap.org/soap/envelope/, Body)
at org.apache.ws.security.message.WSSecSignatureBase.addReferencesToSign(WSSecSignatureBase.java:160)
... 15 more

New Here?
Join us and watch the welcome video:
SeptemberNews
Join the exciting event
SeptemberHubBub
Top Kudoed Authors
Join the September Hub-bub to show off, learn and win