HI Nandana, Attached to this message is the soap message generated by rampart(the one that fails), is quite different and the first big difference I see is that oracle made soap has two (2) BinarySecurityToken and the rampart made just have one.
the error I get in the client side wrap around the soap response message is: *InvalidSecurity FAULT MESSAGE: An invalid token was provided* Any Ideas? I would ask for the Oracle Log, to post it. Marcus V. Sánchez D. ______________________ Enterprise Developer. Sun Certified Java Programmer (SCJP) On Wed, Feb 4, 2009 at 12:21 PM, Nandana Mihindukulasooriya < nandana....@gmail.com> wrote: > Hi Marcus, > From the first look, it seems the policy you have matches the > success SOAP message. Do you get an error from the OWM side when you use > this policy at the client ? If so what is the error message ? The returning > message may not say what the error is, but if you have access to the OWM > logs, you will be able to find out what the error is. And can you attach the > message generated with this policy in Axis2/Rampart client so we can compare > it. > > thanks, > nandana > > > On Wed, Feb 4, 2009 at 10:37 PM, m4rkuz <m4r...@gmail.com> wrote: > >> Hi Eeveryone, >> >> I've trying for a while now to make a proper client for a web service made >> in oracle (OWM ) with Axis2 and Rampart, I had been able to overcome some >> issues about x509v3 and the hole signing process but now in the last part >> the Encription I just don't know how to declare it properly for the client >> to sussesfuly call the WS. >> >> I had an example of a suscessfull soap message (oracle client generated) >> and a copy of my policy for someone to take a quick look and help me out. >> >> >> The files are attached. >> >> that same policy file and without the encription configuration works fine >> if the WS require only signing, so is not totally wrong. >> >> >> >> If someone had an idea how to mimic that message from axis2, would help me >> a lot, >> >> >> Marcus V. Sánchez D. >> ______________________ >> Enterprise Developer. >> Sun Certified Java Programmer (SCJP) >> > > > > -- > Nandana Mihindukulasooriya > WSO2 inc. > > http://nandana83.blogspot.com/ > http://www.wso2.org >
<?xml version='1.0' encoding='UTF-8'?> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"> <soapenv:Header> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1"> <xenc:EncryptedKey Id="EncKeyId-urn:uuid:2B19CE53876911914512337660693932"> <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5" /> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <wsse:SecurityTokenReference> <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">G6Vav3SyoYV9uno6UbDKzGaVUeM=</wsse:KeyIdentifier> </wsse:SecurityTokenReference> </ds:KeyInfo> <xenc:CipherData> <xenc:CipherValue>avZMHMrW37IHbzkj0UKvQih7Pwwvk1N4kxzeey9GJr2Pe4kVJ2T59i9OKAFNjkEJCQgaJ1lEj0DaWz2IiHRECKj152aYU4QXbV0wg8QmzW4BIfzEl71mDTpy4CcR/JDb6axRLpFW/UFQ2+3/ZLx+jfPnFIwUGJh1Q/AQ3fSlbrA=</xenc:CipherValue> </xenc:CipherData> <xenc:ReferenceList> <xenc:DataReference URI="#EncDataId-19647819" /> </xenc:ReferenceList> </xenc:EncryptedKey> <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="CertId-909101">MIICXzCCAcigAwIBAgIESYhpJTANBgkqhkiG9w0BAQUFADB0MQswCQYDVQQGEwJGSzEWMBQGA1UECBMNRmFrZSBQcm92aW5jZTESMBAGA1UEBxMJRmFrZSBDSXR5MREwDwYDVQQKEwhGYWtlIE9yZzESMBAGA1UECxMJRmFrZSBVbml0MRIwEAYDVQQDEwlTYW0gRGF2aXMwHhcNMDkwMjAzMTU1NjIxWhcNMDkwNTA0MTU1NjIxWjB0MQswCQYDVQQGEwJGSzEWMBQGA1UECBMNRmFrZSBQcm92aW5jZTESMBAGA1UEBxMJRmFrZSBDSXR5MREwDwYDVQQKEwhGYWtlIE9yZzESMBAGA1UECxMJRmFrZSBVbml0MRIwEAYDVQQDEwlTYW0gRGF2aXMwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAJnZAvXEkOM6iUgpv9WqhR9/N1qBDzK8hYm0uifE8hyLvIc244PNyLHFH7ntTarRkL16L08Jz70cf4qddY9C2sa2EQYdYwCsAF1838SZ/B97KHAJCnXouDBcQZwqqlBPGtaspFLwokoZd6cg4eoCQ+fGJ5mJCYVopMpaeFuUQ6JhAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAFfwFCDFA+CnOpA+zH+n+oz3nyKrv8b8UgFOd0TWFMv/FltuS6jX1r/3xvazTFiW8lOVIpDGK7IMxpapzGtAoaA2JR4wtuskmbWat2O0Cj61b9nZhSBbDnkWtYADdQhei6yi0ha9wNkfG6mpE36LIBm+xRp9Xk35mWoh/xXEmwew=</wsse:BinarySecurityToken> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-3860801"> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> <ds:Reference URI="#Id-19647819"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> <ds:DigestValue>yKlJJwkS91Vsk9u6KAwzjcxn0Xw=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue> N6MBUwsnlpPhf9W3wdQJ2B08enQfDxN3/pNyM4rrlApgUspuKkHhj2lo/Ri1wcUBzmZCen1WQjn/ MG78KhsPi0Qen639KSsjqRsNrD44KeaDDeqdukU3uI4KCDKTz+vc9Xry1hc1YxyiYVqf4kEVIQzi pi3IK6AxLfSmJi+orao= </ds:SignatureValue> <ds:KeyInfo Id="KeyId-30633470"> <wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-25610032"> <wsse:Reference URI="#CertId-909101" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" /> </wsse:SecurityTokenReference> </ds:KeyInfo> </ds:Signature> </wsse:Security> </soapenv:Header> <soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-19647819"> <xenc:EncryptedData Id="EncDataId-19647819" Type="http://www.w3.org/2001/04/xmlenc#Content"> <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc" /> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"> <wsse:Reference URI="#EncKeyId-urn:uuid:2B19CE53876911914512337660693932" /> </wsse:SecurityTokenReference> </ds:KeyInfo> <xenc:CipherData> <xenc:CipherValue>n1eOBBOgscWoMiqCWRD6dRD8gz1M0/qG1bzopvpzdPN6DWetuRwFr0F1x3aNav8w7iHz+g9Us8HT J6Pu8YN3kDcIZDfYmwtzBZo/tiwhbuqcADOpfdeNm2+1nhKaO6o+tqQTE8qF8z5PVjJmKztbNDQU FF94TJfY1d+k+kayXXapwXHpPNjyljLBFRwxIa88xD/BuwExjjJHTTWC89X1xlejO+0tZHZjX62X nRbGlwYa+CFmAziDw2cEsUpm4S93O/NFAQ/pIXgWIpWnYesBbZJElzfyyJxsOj4Chig1qOiCXj20 4DNjiE6X7x2cqcc3O6wm3t0+nN51A1os+vooJnT7P2Nux/Ytg1cfwy7+BxHlp/2WMEp9cH7buNu6 0ICbfbfm0AHP7Vk=</xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedData> </soapenv:Body> </soapenv:Envelope>