Hi Konstantinos Just curious to know what configurations did you do in the client.properties and service.properties file? In order to plug in the provider "portecle-1.2"?
Did you also change the property name in client,Service.properties File? From org.apache.ws.security.crypto.merlin.keystore To org.apache.ws.security.crypto.portecle-1.2.keystore Which version of JDK you were using and did you do any special configurations in the java.security file in JAVA_HOME/jre/lib/security? Thanks Vibhor -----Original Message----- From: Konstantinos Pateras [mailto:[EMAIL PROTECTED] Sent: Monday, March 19, 2007 5:57 PM To: axis-user@ws.apache.org Subject: Re: Cannot encrypt SOAP body I found that the SOAP Monitor phase is the last one called in inflow messages and the first one called in outflow messages. So I used tcpmon to see the exchanged SOAP messages and are OK. Thanks for your interest On 3/19/07, Konstantinos Pateras <[EMAIL PROTECTED]> wrote: > I tried with the minimum configuration and I don't get any error but > the SOAP message is as follows: > > <?xml version='1.0' encoding='utf-8'?> > <soapenv:Envelope xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" > xmlns:wsa="http://www.w3.org/2005/08/addressing" > xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope"> > <soapenv:Header> > <wsse:Security > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse curity-secext-1.0.xsd" > soapenv:mustUnderstand="true"> > <xenc:EncryptedKey Id="EncKeyId-32486590"> > <xenc:EncryptionMethod > Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" /> > <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> > <wsse:SecurityTokenReference> > <ds:X509Data> > <ds:X509IssuerSerial> > <ds:X509IssuerName>CN=Authentication > Server,OU=Edu,O=AIT,L=Athens,ST=Peania,C=GR</ds:X509IssuerName> > <ds:X509SerialNumber>1173638140</ds:X509SerialNumber> > </ds:X509IssuerSerial> > </ds:X509Data> > </wsse:SecurityTokenReference> > </ds:KeyInfo> > <xenc:CipherData> > <xenc:CipherValue>KnhinK1pV33fTV5ahejZbG7FEBVN7I2detR3Tr2g/D+ifniNcyw1gR dW/Kj0fu2YL0s6EQp5GPPAZwmaNNrosKlb55alXflJ9LgLLHG3wR7Be/VsZ/kkOtexcJg1Ou Zy895ZjOBPc4ijeAyfgawP9B+EViMlWgZxGDxvQiJipE21U/8/EWbYvQuUI7/YkpHJFxUZyO ly5oXlNX9O6gDxQkgEAUn3MwjeBqqfQzDaI5+FmazNZc7mj1bj+shXCVXA9XCf11N/FCzyCp CNMOYrU15iy/u5t8lRP58MI5OkoICNWw29M6oz0NtXOmDk7/BLkJG9W+H2tsjWf4jYx2w7Lg ==</xenc:CipherValue> > </xenc:CipherData> > <xenc:ReferenceList> > <xenc:DataReference URI="#EncDataId-30303902" /> > </xenc:ReferenceList> > </xenc:EncryptedKey> > </wsse:Security> > <wsa:To>http://localhost:8080/axis2/services/ClientServices</wsa:To> > <wsa:ReplyTo> > <wsa:Address>http://www.w3.org/2005/08/addressing/anonymous</wsa:Address > > </wsa:ReplyTo> > <wsa:MessageID>urn:uuid:97213E266FA84B68CC1174331962751</wsa:MessageID> > <wsa:Action>urn:grantAccess</wsa:Action> > </soapenv:Header> > <soapenv:Body> > <ns1:grantAccess xmlns:ns1="http://thesis/xsd"> > <clntReq xmlns="http://thesis/xsd"> > <appServerIdentity>appserveridentity</appServerIdentity> > <password>109</password> > <password>121</password> > <password>116</password> > <password>101</password> > <password>115</password> > <password>116</password> > <username>mytest</username> > </clntReq> > </ns1:grantAccess> > </soapenv:Body> > </soapenv:Envelope> > > The SOAP body is in clear text!!! Any suggestions? > > On 3/19/07, Konstantinos Pateras <[EMAIL PROTECTED]> wrote: > > Hi Ruchith, > > > > I just use an Axis2.xml file to configure the client and a Service.xml > > file to configure the server. I did some tests with only action > > Encrypt and they failed with the Generic error X509Data invalid length > > of data to encrypt or something like that. So I suppose that no > > encryption was taking place due to an error and the error message > > wasn't displayed. Any clue on this error? > > > > On 3/19/07, Ruchith Fernando <[EMAIL PROTECTED]> wrote: > > > Hi, > > > > > > Did you use the axis2.xml file of the service to configure the service? > > > > > > This can happen is if you have a different configuration in the > > > service.xml file which does only signature. In this case the > > > configuration of the axis2.xml will be overridden (unless you use the > > > locked="true" attribute of the parameters). > > > > > > Thanks, > > > Ruchith > > > > > > p.s. Please use rampart-dev@ws.apache.org for rampart related posts. > > > > > > On 3/19/07, Konstantinos Pateras <[EMAIL PROTECTED]> wrote: > > > > Hi, I am relatively new in web services and security and I am facing a > > > > problem. I have set up Axis2 1.1.1 and Rampart 1.1 and configure it (I > > > > followed the configuration instructions for Rampart 1.0 that are still > > > > supported). I use the actions Timestamp Sign Encrypt to sign the body > > > > and then encrypt it. The messages are generated fine and I get the > > > > response from the server but I only see from SOAP monitor the > > > > signature of the body. The actual data are still there unencrypted and > > > > the response is also in plain text. > > > > > > > > Client configuration: > > > > > > > > <parameter name = "OutflowSecurity"> > > > > <action> > > > > <items>Timestamp Encrypt Signature</items> > > > > <user>client</user> > > > > <passwordCallbackClass>thesis.PWCBHandler</passwordCallbackClass> > > > > <signaturePropFile>client.properties</signaturePropFile> > > > > <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier> > > > > <encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier> > > > > <encryptionUser>srv_cert</encryptionUser> > > > > </action> > > > > </parameter> > > > > <parameter name = "InflowSecurity"> > > > > <action> > > > > <items>Timestamp Encrypt Signature</items> > > > > <passwordCallbackClass>thesis.PWCBHandler</passwordCallbackClass> > > > > <signaturePropFile>client.properties</signaturePropFile> > > > > </action> > > > > </parameter> > > > > > > > > > > > > Server configuration: > > > > > > > > <parameter name = "InflowSecurity"> > > > > <action> > > > > <items>Timestamp Encrypt Signature</items> > > > > <passwordCallbackClass>thesis.PWCBHandler</passwordCallbackClass> > > > > <signaturePropFile>service.properties</signaturePropFile> > > > > </action> > > > > </parameter> > > > > <parameter name = "OutflowSecurity"> > > > > <action> > > > > <items>Timestamp Encrypt Signature</items> > > > > <user>authsrv</user> > > > > <passwordCallbackClass>thesis.PWCBHandler</passwordCallbackClass> > > > > <signaturePropFile>service.properties</signaturePropFile> > > > > <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier> > > > > <encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier> > > > > <encryptionUser>useReqSigCert</encryptionUser> > > > > </action> > > > > </parameter> > > > > > > > > Please help! > > > > Thanks in advance > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > -- > > > www.ruchith.org > > > www.wso2.org > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]