Hi Konstantinos
Just curious to know what configurations did you do in the
client.properties and service.properties file? In order to plug in the
provider "portecle-1.2"?
Did you also change the property name in client,Service.properties File?
From
org.apache.ws.security.crypto.merlin.keystore
To
org.apache.ws.security.crypto.portecle-1.2.keystore
Which version of JDK you were using and did you do any special
configurations in the java.security file in JAVA_HOME/jre/lib/security?
Thanks
Vibhor
-----Original Message-----
From: Konstantinos Pateras [mailto:[EMAIL PROTECTED]
Sent: Monday, March 19, 2007 5:57 PM
To: axis-user@ws.apache.org
Subject: Re: Cannot encrypt SOAP body
I found that the SOAP Monitor phase is the last one called in inflow
messages and the first one called in outflow messages. So I used
tcpmon to see the exchanged SOAP messages and are OK.
Thanks for your interest
On 3/19/07, Konstantinos Pateras <[EMAIL PROTECTED]> wrote:
> I tried with the minimum configuration and I don't get any error but
> the SOAP message is as follows:
>
> <?xml version='1.0' encoding='utf-8'?>
> <soapenv:Envelope xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";
> xmlns:wsa="http://www.w3.org/2005/08/addressing";
> xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope";>
> <soapenv:Header>
> <wsse:Security
>
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wsse
curity-secext-1.0.xsd"
> soapenv:mustUnderstand="true">
> <xenc:EncryptedKey Id="EncKeyId-32486590">
> <xenc:EncryptionMethod
> Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"; />
> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
> <wsse:SecurityTokenReference>
> <ds:X509Data>
> <ds:X509IssuerSerial>
> <ds:X509IssuerName>CN=Authentication
> Server,OU=Edu,O=AIT,L=Athens,ST=Peania,C=GR</ds:X509IssuerName>
> <ds:X509SerialNumber>1173638140</ds:X509SerialNumber>
> </ds:X509IssuerSerial>
> </ds:X509Data>
> </wsse:SecurityTokenReference>
> </ds:KeyInfo>
> <xenc:CipherData>
>
<xenc:CipherValue>KnhinK1pV33fTV5ahejZbG7FEBVN7I2detR3Tr2g/D+ifniNcyw1gR
dW/Kj0fu2YL0s6EQp5GPPAZwmaNNrosKlb55alXflJ9LgLLHG3wR7Be/VsZ/kkOtexcJg1Ou
Zy895ZjOBPc4ijeAyfgawP9B+EViMlWgZxGDxvQiJipE21U/8/EWbYvQuUI7/YkpHJFxUZyO
ly5oXlNX9O6gDxQkgEAUn3MwjeBqqfQzDaI5+FmazNZc7mj1bj+shXCVXA9XCf11N/FCzyCp
CNMOYrU15iy/u5t8lRP58MI5OkoICNWw29M6oz0NtXOmDk7/BLkJG9W+H2tsjWf4jYx2w7Lg
==</xenc:CipherValue>
> </xenc:CipherData>
> <xenc:ReferenceList>
> <xenc:DataReference URI="#EncDataId-30303902" />
> </xenc:ReferenceList>
> </xenc:EncryptedKey>
> </wsse:Security>
>
<wsa:To>http://localhost:8080/axis2/services/ClientServices</wsa:To>
> <wsa:ReplyTo>
>
<wsa:Address>http://www.w3.org/2005/08/addressing/anonymous</wsa:Address
>
> </wsa:ReplyTo>
>
<wsa:MessageID>urn:uuid:97213E266FA84B68CC1174331962751</wsa:MessageID>
> <wsa:Action>urn:grantAccess</wsa:Action>
> </soapenv:Header>
> <soapenv:Body>
> <ns1:grantAccess xmlns:ns1="http://thesis/xsd";>
> <clntReq xmlns="http://thesis/xsd";>
> <appServerIdentity>appserveridentity</appServerIdentity>
> <password>109</password>
> <password>121</password>
> <password>116</password>
> <password>101</password>
> <password>115</password>
> <password>116</password>
> <username>mytest</username>
> </clntReq>
> </ns1:grantAccess>
> </soapenv:Body>
> </soapenv:Envelope>
>
> The SOAP body is in clear text!!! Any suggestions?
>
> On 3/19/07, Konstantinos Pateras <[EMAIL PROTECTED]> wrote:
> > Hi Ruchith,
> >
> > I just use an Axis2.xml file to configure the client and a
Service.xml
> > file to configure the server. I did some tests with only action
> > Encrypt and they failed with the Generic error X509Data invalid
length
> > of data to encrypt or something like that. So I suppose that no
> > encryption was taking place due to an error and the error message
> > wasn't displayed. Any clue on this error?
> >
> > On 3/19/07, Ruchith Fernando <[EMAIL PROTECTED]> wrote:
> > > Hi,
> > >
> > > Did you use the axis2.xml file of the service to configure the
service?
> > >
> > > This can happen is if you have a different configuration in the
> > > service.xml file which does only signature. In this case the
> > > configuration of the axis2.xml will be overridden (unless you use
the
> > > locked="true" attribute of the parameters).
> > >
> > > Thanks,
> > > Ruchith
> > >
> > > p.s. Please use rampart-dev@ws.apache.org for rampart related
posts.
> > >
> > > On 3/19/07, Konstantinos Pateras <[EMAIL PROTECTED]> wrote:
> > > > Hi, I am relatively new in web services and security and I am
facing a
> > > > problem. I have set up Axis2 1.1.1 and Rampart 1.1 and configure
it (I
> > > > followed the configuration instructions for Rampart 1.0 that are
still
> > > > supported). I use the actions Timestamp Sign Encrypt to sign the
body
> > > > and then encrypt it. The messages are generated fine and I get
the
> > > > response from the server but I only see from SOAP monitor the
> > > > signature of the body. The actual data are still there
unencrypted and
> > > > the response is also in plain text.
> > > >
> > > > Client configuration:
> > > >
> > > > <parameter name = "OutflowSecurity">
> > > > <action>
> > > > <items>Timestamp Encrypt Signature</items>
> > > > <user>client</user>
> > > >
<passwordCallbackClass>thesis.PWCBHandler</passwordCallbackClass>
> > > >
<signaturePropFile>client.properties</signaturePropFile>
> > > >
<signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
> > > >
<encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
> > > > <encryptionUser>srv_cert</encryptionUser>
> > > > </action>
> > > > </parameter>
> > > > <parameter name = "InflowSecurity">
> > > > <action>
> > > > <items>Timestamp Encrypt Signature</items>
> > > >
<passwordCallbackClass>thesis.PWCBHandler</passwordCallbackClass>
> > > >
<signaturePropFile>client.properties</signaturePropFile>
> > > > </action>
> > > > </parameter>
> > > >
> > > >
> > > > Server configuration:
> > > >
> > > > <parameter name = "InflowSecurity">
> > > > <action>
> > > > <items>Timestamp Encrypt Signature</items>
> > > >
<passwordCallbackClass>thesis.PWCBHandler</passwordCallbackClass>
> > > >
<signaturePropFile>service.properties</signaturePropFile>
> > > > </action>
> > > > </parameter>
> > > > <parameter name = "OutflowSecurity">
> > > > <action>
> > > > <items>Timestamp Encrypt Signature</items>
> > > > <user>authsrv</user>
> > > >
<passwordCallbackClass>thesis.PWCBHandler</passwordCallbackClass>
> > > >
<signaturePropFile>service.properties</signaturePropFile>
> > > >
<signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
> > > >
<encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
> > > > <encryptionUser>useReqSigCert</encryptionUser>
> > > > </action>
> > > > </parameter>
> > > >
> > > > Please help!
> > > > Thanks in advance
> > > >
> > > >
---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > > For additional commands, e-mail: [EMAIL PROTECTED]
> > > >
> > > >
> > >
> > >
> > > --
> > > www.ruchith.org
> > > www.wso2.org
> > >
> > >
---------------------------------------------------------------------
> > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > For additional commands, e-mail: [EMAIL PROTECTED]
> > >
> > >
> >
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
