HI, as an addition: KeyInfo may be followed by a SecurityTokenReference as well. In this case the Reference can not point to a UsernameToken - UT is not designed to hold a key and there is no specification how to use a UsernameToken to get a key. You should use KeyName if you like to use a named key instead of a KeyIdentifier or binary key.
Regards, Werner > -----Urspr�ngliche Nachricht----- > Von: G�rkan Vural [mailto:[EMAIL PROTECTED] > Gesendet: Mittwoch, 11. Mai 2005 09:10 > An: [email protected] > Betreff: Re: WSS4J TestWSSecurity10.java > > > While processing security headers below, wss4j reads DataReference to > decrypt EncryptedData. But when it tries to identify KeyInfo to get > SharedKey, it doesn't understand that key is a SecurityTokenReference > and tries to find KeyName and throws exception. Do you have > any ideas to > correct this behaviour? > > <soapenv:Header> > <wsse:Security > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040 > 1-wss-wssecurity-secext-1.0.xsd"> > <xenc:ReferenceList><xenc:DataReference > URI="#EncDataId-1234"/></xenc:ReferenceList> > <wsse:UsernameToken Id="TokenId-1234"> > <wsse:Username>username</wsse:Username> > <wsse:Password > Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- > username-token-profile-1.0#PasswordText">password</wsse:Password> > </wsse:UsernameToken> > </wsse:Security> > </soapenv:Header> > <soapenv:Body> > <xenc:EncryptedData Id="EncDataId-1234" > Type="http://www.w3.org/2001/04/xmlenc#Content";> > <xenc:EncryptionMethod > Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> > <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> > <wsse:SecurityTokenReference > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040 > 1-wss-wssecurity-secext-1.0. > xsd"> > <wsse:Reference URI="#TokenId-1234" > ValueType="UsernameToken"/> > </wsse:SecurityTokenReference> > </ds:KeyInfo> > <xenc:CipherData> > <xenc:CipherValue>...</xenc:CipherValue> > </xenc:CipherData> > </xenc:EncryptedData> > </soapenv:Body> > > > -- > gurkan > > > G�rkan Vural wrote: > > >Why the verification code of username token encryption commented in > >TestWSSecurity10.java? When I try to uncomment the call of > >verifyEMBED_SECURITY_TOKEN_REF (line 211), it throws an exception > >ds:KeyName does not contain a key name. Is it really required? > > > >-- > >G�rkan Vural > > > > > > > ==========================================================- > Bu e-posta sadece yukarida isimleri belirtilen kisiler > arasinda �zel haberlesme amacini tasimaktadir. Size > yanlislikla ulasmissa l�tfen g�nderen kisiyi bilgilendiriniz > ve mesaji sisteminizden siliniz. Turkiye Cumhuriyet Merkez > Bankasi A.S. bu mesajin icerigi ile ilgili olarak hicbir > hukuksal sorumlulugu kabul etmez. > > This e-mail communication is intended for the private use of > the people named above. If you received this message in > error, please immediately notify the sender and delete it > from your system. The Central Bank of The Republic of Turkey > does not accept legal responsibility for the contents of this message. >
