noone to help? -- gurkan
G�rkan Vural wrote: >wss4j/test/wssec/TestWSSecurity10.java also construct such an element. >We are trying to encrypt data with UsernameToken with aes128-cbc >algorithm. I think the problem here is not referencing username token. >since in WSSecurityEngine.java function getSharedKey doesn't try to >resolve SecurityTokenReference. It directly searchs for KeyName element >and throws exception. is this the correct behaviour? >Also someone commented the processSecurityHeader call in >wss4j/test/wssec/TestWSSecurity10.java because of this problem. > >-- >gurkan > >Dittmann Werner wrote: > > > >>HI, >> >>as an addition: KeyInfo may be followed by a SecurityTokenReference >>as well. In this case the Reference can not point to a >>UsernameToken - UT is not designed to hold a key and there >>is no specification how to use a UsernameToken to get a key. >>You should use KeyName if you like to use a named key instead >>of a KeyIdentifier or binary key. >> >>Regards, >>Werner >> >> >> >> >> >>>-----Urspr�ngliche Nachricht----- >>>Von: G�rkan Vural [mailto:[EMAIL PROTECTED] >>>Gesendet: Mittwoch, 11. Mai 2005 09:10 >>>An: [email protected] >>>Betreff: Re: WSS4J TestWSSecurity10.java >>> >>> >>>While processing security headers below, wss4j reads DataReference to >>>decrypt EncryptedData. But when it tries to identify KeyInfo to get >>>SharedKey, it doesn't understand that key is a SecurityTokenReference >>>and tries to find KeyName and throws exception. Do you have >>>any ideas to >>>correct this behaviour? >>> >>><soapenv:Header> >>> <wsse:Security >>>xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040 >>>1-wss-wssecurity-secext-1.0.xsd"> >>> <xenc:ReferenceList><xenc:DataReference >>>URI="#EncDataId-1234"/></xenc:ReferenceList> >>> <wsse:UsernameToken Id="TokenId-1234"> >>> <wsse:Username>username</wsse:Username> >>> <wsse:Password >>>Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- >>>username-token-profile-1.0#PasswordText">password</wsse:Password> >>> </wsse:UsernameToken> >>> </wsse:Security> >>></soapenv:Header> >>><soapenv:Body> >>> <xenc:EncryptedData Id="EncDataId-1234" >>>Type="http://www.w3.org/2001/04/xmlenc#Content";> >>> <xenc:EncryptionMethod >>>Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> >>> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> >>> <wsse:SecurityTokenReference >>>xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040 >>>1-wss-wssecurity-secext-1.0. >>>xsd"> >>> <wsse:Reference URI="#TokenId-1234" >>>ValueType="UsernameToken"/> >>> </wsse:SecurityTokenReference> >>> </ds:KeyInfo> >>> <xenc:CipherData> >>> <xenc:CipherValue>...</xenc:CipherValue> >>> </xenc:CipherData> >>> </xenc:EncryptedData> >>></soapenv:Body> >>> >>> >>>-- >>>gurkan >>> >>> >>>G�rkan Vural wrote: >>> >>> >>> >>> >>> >>>>Why the verification code of username token encryption commented in >>>>TestWSSecurity10.java? When I try to uncomment the call of >>>>verifyEMBED_SECURITY_TOKEN_REF (line 211), it throws an exception >>>>ds:KeyName does not contain a key name. Is it really required? >>>> >>>>-- >>>>G�rkan Vural >>>> >>>> >>>> >>>> >>>> ==========================================================- Bu e-posta sadece yukarida isimleri belirtilen kisiler arasinda �zel haberlesme amacini tasimaktadir. Size yanlislikla ulasmissa l�tfen g�nderen kisiyi bilgilendiriniz ve mesaji sisteminizden siliniz. Turkiye Cumhuriyet Merkez Bankasi A.S. bu mesajin icerigi ile ilgili olarak hicbir hukuksal sorumlulugu kabul etmez. This e-mail communication is intended for the private use of the people named above. If you received this message in error, please immediately notify the sender and delete it from your system. The Central Bank of The Republic of Turkey does not accept legal responsibility for the contents of this message.
