Hello Can some one please help me on this ?
Thank you! On Sunday, September 21, 2014, Anupam Nandan <[email protected]> wrote: > Hi All, > > I am trying to write a java client program (servlet), which will generate > and sign the SOAP request with the keys provided by thrid party > (keystore.jks). When I deploy the Servlet on tomcat it just works fine. But > on web sphere 8.5 I am getting "*RSA signature is not verified*" . I > tried debugging the issue but not sure what is going wrong. > > I tried finding answer online and added IS_BSP_COMPLIANT as false but > didnt help. > > Most likely the issue is with signature. Let me know how I can trouble > this issue. Any suggestion would be very helpful. > > > Thank you for your time and looking forward for some guidance. > > Code > > > -------------------------------------------------------------------------------------------------------------------------------- > > attstmt.getAttributes().add(attr); > > assertion.getAttributeStatements().add(attstmt); > > AssertionWrapper assertionWrper = new AssertionWrapper(assertion); > > WSSecSAMLToken samlToken = new WSSecSAMLToken(); > > samlToken.build(soapDocument, assertionWrper, header); > > SoapMessageWithoutHeader = nodeToString(soapDocument); > > System.out.println("Anupam SOAP Message with SAML 2.0 Assertion : > "+SoapMessageWithoutHeader); > > // Inserting the wsu:Timestamp > > > WSSecTimestamp timestamp = new WSSecTimestamp(); > > timestamp.setTimeToLive(TIMESTAMP_VALIDATE_PERIOD); > > > WSSecHeader timestampHeader = new WSSecHeader(); > > timestampHeader.insertSecurityHeader(soapDocument); > > timestamp.build(soapDocument, timestampHeader); > > SoapMessageWithoutHeader = nodeToString(soapDocument); > > System.out.println("Anupam SOAP Message with time stamp : > "+SoapMessageWithoutHeader); > > System.out.println("Anupam path to key store "+pathtoKeyStore); > > WSSecSignature builder = new WSSecSignature(); > > builder.setUserInfo(keyAlias, pwdValue); > > builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE); > > java.util.Properties prop = new java.util.Properties(); > > > *prop.setProperty("org.apache.ws.security.crypto.provider", > "org.apache.ws.security.components.crypto.Merlin");* > > * prop.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", > "jks");* > > * > prop.setProperty("org.apache.ws.security.crypto.merlin.keystore.base64.encoded", > "false");* > > * > prop.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", > pwdValue);* > > * prop.setProperty("org.apache.ws.security.crypto.merlin.file", > pathtoKeyStore);* > > * prop.setProperty(WSHandlerConstants.IS_BSP_COMPLIANT, "false");* > > * > //prop.setProperty(WSHandlerConstants.ALLOW_NAMESPACE_QUALIFIED_PASSWORD_TYPES, > "true");* > > * Crypto crypto = CryptoFactory.getInstance(prop);* > > * builder.prepare(soapDocument, crypto, header);* > > > Vector parts = new Vector(); > > > > > parts.add(new WSEncryptionPart(TIMESTAMP_LOCALNAME, TIMESTAMP_QNAME, > CONTENT)); > > parts.add(new WSEncryptionPart(builder.getBSTTokenId())); > > parts.add(new WSEncryptionPart(ASSERTION_LOCALNAME, ASSERTION_QNAME > ,ELEMENT)); > > parts.add(new WSEncryptionPart(SOAPBODY_LOCALNAME,SOAPBODY_QNAME,CONTENT > )); > > builder.setParts(parts); > > builder.prependBSTElementToHeader(header); > > builder.computeSignature(builder.addReferencesToSign(parts,header)); > > Proxy proxy = new Proxy(Proxy.Type.HTTP, new > InetSocketAddress("63.66.64.232",8080)); > > String jNetURL1= "https://XXX/";; > > URL endpoint = new URL(jNetURL1); > > HttpURLConnection con = (HttpURLConnection) endpoint.openConnection(proxy); > > con.setRequestMethod("POST"); > > con.setRequestProperty("Content-type", "text/xml; charset=utf-8"); > > con.setRequestProperty("SOAPAction", "http://jnet.XXX/XX";); > > > con.setDoInput(true); > > con.setDoOutput(true); > > OutputStream reqStream = con.getOutputStream(); > > if(con ==null){ > > System.out.println("Connection to Jnet is null"); > > } > > String SoapMessageWithSign = nodeToString(soapDocument); > > System.out.println("Anupam SOAP Message with after signature : > "+SoapMessageWithSign); > > reqStream.write(SoapMessageWithSign.getBytes()); > > > String jNetresponse=null; > > try { > > BufferedReader httpReader = new BufferedReader(new InputStreamReader( > > con.getInputStream())); > > String inputLine = null; > > StringBuffer buff = new StringBuffer(); > > System.out.println("value of httpreader "+httpReader.ready()); > > System.out.println("httpReader value "+httpReader.toString()); > > while ((inputLine = httpReader.readLine()) != null) { > > buff.append(inputLine); > > System.out.println("input line "+inputLine); > > } > > > jNetresponse = buff.toString(); > > > //System.out.println("Anupam Post response:"+response); > > > }catch(SOAPFaultException sfe){ > > System.out.println(sfe.getMessage()); > > } > > > Best regards, > Anupam Nandan > -- Best regards, Anupam Nandan 201.920.0722
