[
https://issues.apache.org/jira/browse/AXIS2-2930?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Deepal Jayasinghe resolved AXIS2-2930.
--------------------------------------
Resolution: Fixed
Please reopen if the issue is still there
> AXIS2 - signature verification failed in Axis2 with Rampart
> -----------------------------------------------------------
>
> Key: AXIS2-2930
> URL: https://issues.apache.org/jira/browse/AXIS2-2930
> Project: Axis 2.0 (Axis2)
> Issue Type: Bug
> Affects Versions: 1.0
> Environment: Window Xp, Tomcat 5.5.20
> Reporter: Boon
> Assignee: Ruchith Udayanga Fernando
>
> AXIS2 - signature verification failed in Axis2 with Rampart
> I encountered the signature verification problem when I tried to build a
> Axis2 client to access an .NET WS and a Axis WS.
> I believe this is the same issue/problem raised by Allen in April 2007. I've
> follow the issue raised by Allen but have not come across the solution for
> the issue.
> Issue details: The signature verification failed in Axis2 in axis-dev
> mailing list on 17 Apr 2007 & 18 Apr 2007.
> The message exchange in the above mailing list mentioned that the issue could
> be cause by some pretty printing that cause some additional chars being
> inserted into the message and which subsequently lead to Signature
> verification problem.
> Could someone from AXIS2/Rampart confirm whether this is the cause of the
> problem and if it is, how can I resolve this or any solution to get around
> this problem.
> Your assistance on this will be very much appreciated. Thank you very much.
> Best regards,
> Boon
> The exception that get thrown back to me is as follow:
> org.apache.axis2.AxisFault: WSDoAllReceiver: security processing failed;
> nested exception is:
> ==========================================================================================
> org.apache.ws.security.WSSecurityException: The signature verification
> failed
> at
> org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:287)
> at
> itree.iacd.webservice.axis2.iap_sp.ServiceProviderStub.notifyRejection(ServiceProviderStub.java:120)
> at
> itree.iacd.webservice.axis2.iap_sp.ServiceProviderClient.notifyRejection(ServiceProviderClient.java:183)
> at
> itree.iacd.webservice.axis2.iap_sp.ServiceProviderClient.main(ServiceProviderClient.java:108)
> ==========================================================================================
> I have appended the discussion from the above mailing list for your
> convenience:
> ===========================================================================================
> Hi Allen,
> Since its the response from the .NET server that causes the signature
> failure I need that particular message in it original form (without
> any xml formatting).
> Thanks,
> Ruchith
> On 4/19/07, Liu, Xiao-Tao (Allen, HPIT-GADSC) <xiaotao....@hp.com> wrote:
> >
> >
> > Hi Ruchith,
> >
> > Do you have any update on this issue? I have searched all the document I
> > could find, but all didn't work. Hope you can help me.
> >
> > Thanks,
> > Allen
> >
> >
> > ________________________________
> > From: Liu, Xiao-Tao (Allen, HPIT-GADSC)
> > Sent: 2007��4��18�� 19:19
> > To: 'rampart-...@ws.apache.org'
> > Subject: RE: The signature verification failed in Axis2 with Rampart
> >
> >
> >
> >
> > Hi Ruchith,
> >
> > I send out my client source code with all necessary configurations/keystore.
> > I created the request message inside the client, using AXIOM. The web
> > service is written in .net and running on IIS.
> >
> > Thanks,
> > Allen
> >
> > -----Original Message-----
> > From: Ruchith Fernando [mailto:ruchith.ferna...@gmail.com]
> > Sent: 2007��4��18�� 19:08
> > To: rampart-...@ws.apache.org
> > Subject: Re: The signature verification failed in Axis2 with Rampart
> >
> > Hi Allen,
> >
> > Can you please send the message that caused the exception (with out xml
> > formatting) and also send the public key cert of the key that was used to
> > sign the message. I'll try to recreate your issue.
> >
> > Thanks,
> > Ruchith
> >
> > On 4/18/07, Liu, Xiao-Tao (Allen, HPIT-GADSC) <xiaotao....@hp.com> wrote:
> > > Hi,
> > >
> > > I am taking use of Axis2 to build a client to access a .net ws with
> > > X509 certificate signature. All the steps are fine except when I
> > > receive the response from .net, the signature verification always failed.
> > >
> > > Warning: Verification failed for URI
> > > "#Id-c59b2f2c-9d10-4107-bea9-e8eb690dd67d"
> > > Exception in thread "main" org.apache.axis2.AxisFault: WSDoAllReceiver:
> > > security processing failed; nested exception is:
> > > org.apache.ws.security.WSSecurityException: The
> > signature
> > > verification failed
> > > at
> > >
> > org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.
> > > java:259)
> > > at
> > >
> > org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllRecei
> > > ve
> > > r.java:91)
> > > at
> > >
> > org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:74)
> > > at
> > org.apache.axis2.engine.Phase.invoke(Phase.java:382)
> > > at
> > >
> > org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:522)
> > > at
> > >
> > org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:487)
> > > at
> > >
> > org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOp
> > > er
> > > ation.java:276)
> > > at
> > >
> > org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxi
> > > sO
> > > peration.java:202)
> > > at
> > >
> > org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:5
> > > 79
> > > )
> > > at
> > >
> > org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:5
> > > 08
> > > )
> > > at ws.axis2.DotNetWSRClient.main(DotNetWSRClient.java:45)
> > > Caused by: org.apache.ws.security.WSSecurityException:
> > The signature
> > > verification failed
> > > at
> > >
> > org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature
> > > (S
> > > ignatureProcessor.java:332)
> > > at
> > >
> > org.apache.ws.security.processor.SignatureProcessor.handleToken(Signat
> > > ur
> > > eProcessor.java:79)
> > > at
> > >
> > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecuri
> > > ty
> > > Engine.java:279)
> > > at
> > >
> > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecuri
> > > ty
> > > Engine.java:201)
> > > at
> > >
> > org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.
> > > java:256)
> > > ... 10 more
> > >
> > > I am suspecting that's probably caused by some PrettyXML or
> > > NamespacePrefixOptimization mechanism when Axis modified the response
> > > body with new lines/breaks/spaces to let it looks better. And I found
> > > there was some specific parameter in Axis configuration for Axis1:
> > >
> > > <globalConfiguration>
> > > <!-- MUST turn off pretty printing otherwise signature verification
> > > fails -->
> > > <parameter name="enableNamespacePrefixOptimization"
> > value="false"/>
> > > <parameter name="disablePrettyXML" value="true"/>
> > >
> > > </globalConfiguration>
> > >
> > >
> > > But I didn't find there is corresponding parameters in Axis2. Has
> > > somebody faced the same problem? I have been struggling with it for
> > > over
> > > 2 days...
> > >
> > > Thanks,
> > > Allen
> > >
> > >
> >
> >
> > --
> > www.ruchith.org
> > www.wso2.org
> ==============================================================================================
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
