WS-RM CreateSequence request lacks WS-Security header
Hi! I'm trying to use a WCF based service that uses the security mode TransportWithMessageCredential and reliableSession ON, i.e. https for transport privacy and WS-RM, requiring UserName type credentials on message level. The problem is that I cannot get SoapUI (V5.3.0)to include wsse:Security header data in the initial WS-RM CreateSequence request, so my server denies to process this request and the whole sequence fails. A subsequent request then includes the wsse:Security header just fine, but too late since CreateSequence failed already. Any hints? Thanks!
An error was discovered processing the <wsse:Security> header
This is my WS-Security configuration with SoapUI 1. Server Keystore - contains server's private key + server's public key + client's public key Client Keystore - contains client's private key + client's public key + server's public key 2.WS-Security Configuration – Keystore Source: path to client keystore Password - client keystore password Default Alias - alias of client's private key Alias Password - password of client's private key and Source: path to server keystore Password - server keystore password Default Alias - alias of server's private key Alias Password - password of server's private key 3. Outgoing WS-Security Configuration - * Username – username : client password : client’s password * Timestamp – Time To Live : 1000000 * Signature Keystore - client keystore Alias - alias of client's private key Password - password of client's private key Key Identifier Type - X.509 Signature Algorithm - RSA-SHA1 * Encryption Keystore - server keystore Alias - alias of server's public key Password - Empty (no password required for public key) Key Identifier Type - X.509 Symmetric Encoding Algorithm - Triple-DES-CBC Key Encryption Algorithm - RSA-OAEP-MGF1P 4. Ingoing WS-Security Configuration - Decrypt Keystore - client keystore Signature Keystore - server keystore Password - password of client's private key 5. Applying the ws-security But the folowing exception is shown, Caused by: org.apache.wss4j.common.ext.WSSecurityException: An error was discovered processing the <wsse:Security> header at org.apache.wss4j.common.crypto.AlgorithmSuiteValidator.checkSymmetricEncryptionAlgorithm(AlgorithmSuiteValidator.java:149) at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.decryptDataRef(EncryptedKeyProcessor.java:550) at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.decryptDataRefs(EncryptedKeyProcessor.java:481) at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:199) at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:76) at org.apache.wss4j.dom.engine.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:344) Pls, check my ws-security configuration to SoapUI. Your advice will be deeply appreciated.Caused by: org.apache.wss4j.common.ext.WSSecurityException: Cannot find key for alias: [client]
This is my ws-security test images with soapui. My configuration of ws-security in soap-ui throws the following exception. Pls, have a look at my config images. The following exception is thrown, Caused by: org.apache.wss4j.common.ext.WSSecurityException: Cannot find key for alias: [client] Original Exception was org.apache.wss4j.common.ext.WSSecurityException: Cannot find key for alias: [client] at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.getAsymmetricDecryptedBytes(EncryptedKeyProcessor.java:301) at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:194) at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:76) at org.apache.wss4j.dom.engine.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:344) at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:280) ... 42 more Caused by: org.apache.wss4j.common.ext.WSSecurityException: Cannot find key for alias: [client] at org.apache.wss4j.common.crypto.Merlin.getPrivateKey(Merlin.java:632) at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.getAsymmetricDecryptedBytes(EncryptedKeyProcessor.java:259) ... 46 more Your advice will be deeply appreciated. Thanks in advance
