I added the ability to encrypt with username token to WSDoAllSender handler. I am testing the client with sample UsernameSigningService of .NET however after sending below message it gives such an error: Microsoft.Web.Services2.Security.SecurityFault: Referenced security token could not be retrieved at Microsoft.Web.Services2.Security.EncryptedData.ResolveDecryptionKey(String algorithmUri, KeyInfo keyInfo) at Microsoft.Web.Services2.Security.EncryptedData.Decrypt() at Microsoft.Web.Services2.Security.Security.LoadXml(XmlElement element) at Microsoft.Web.Services2.Security.SecurityInputFilter.ProcessMessage(SoapEnvelope envelope) at Microsoft.Web.Services2.Pipeline.ProcessInputMessage(SoapEnvelope envelope) at Microsoft.Web.Services2.WebServicesExtension.BeforeDeserializeServer(SoapServerMessage message)
First UsernameToken is for signing and the latter is for encryption. And at the bottom a message from .NET client without signing. Anyone to tell the problem? Here is the message: *<?xml* version="1.0" encoding="UTF-8"*?>* *<soapenv:Envelope* xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"; xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"*>* *<soapenv:Header>* *<wsse:Security* xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; soapenv:mustUnderstand="1"*>* *<wsse:UsernameToken* xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="usernameTokenId-33189144"*>* *<wsse:Username>*somename*</wsse:Username>* *<wsse:Password* Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"*>*somepassword*</wsse:Password>* *<wsu:Created>*2005-05-18T09:10:41Z*</wsu:Created>* *<wsse:Nonce>*LYZfPrTt+61hLBoX3J/Tcg==*</wsse:Nonce>* *</wsse:UsernameToken>* *<ds:Signature* xmlns:ds="http://www.w3.org/2000/09/xmldsig#"*> ... * *</ds:Signature>* *<wsu:Timestamp* xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="id-6109469"*> ... **</wsu:Timestamp>* *<xenc:ReferenceList>* *<xenc:DataReference* URI="#EncDataId-11800260"*></xenc:DataReference>* *</xenc:ReferenceList>* *<wsse:UsernameToken* xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="usernameTokenId-17298525"*>* *<wsse:Username>*somename*</wsse:Username>* *<wsse:Password* Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"*>*somepassword*</wsse:Password>* *<wsu:Created>*2005-05-18T09:10:36Z*</wsu:Created>* *<wsse:Nonce>*ZvBYD+NM7V88F0IWJ9/Ezw==*</wsse:Nonce>* *</wsse:UsernameToken>* *</wsse:Security>* *<wsa:MessageID* xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="id-15926420" soapenv:mustUnderstand="0"*>*uuid:b24b9430-c77c-11d9-8766-fa7ed83c5072*</wsa:MessageID>* *<wsa:To* xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="id-11652231" soapenv:mustUnderstand="0"*>*http://10.5.57.183/UsernameSignCodeService/UsernameSigningService.asmx*</wsa:To>* *<wsa:Action* xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="id-15397900" soapenv:mustUnderstand="0"*>*http://stockservice.contoso.com/wse/samples/2003/06/StockQuoteRequest*</wsa:Action>* *<wsa:From* xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="id-20735553" soapenv:mustUnderstand="0"*>* *<Address* xmlns="http://schemas.xmlsoap.org/ws/2004/03/addressing"*>*http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous*</Address>* *</wsa:From>* *</soapenv:Header>* *<soapenv:Body* xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="id-11800260"*>* *<xenc:EncryptedData* Id="EncDataId-11800260" Type="http://www.w3.org/2001/04/xmlenc#Content"*>* *<xenc:EncryptionMethod* Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"*></xenc:EncryptionMethod>* *<ds:KeyInfo* xmlns:ds="http://www.w3.org/2000/09/xmldsig#"*>* *<wsse:SecurityTokenReference* xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"*>* *<wsse:Reference* URI="#usernameTokenId-17298525" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken"*></wsse:Reference>* *</wsse:SecurityTokenReference>* *</ds:KeyInfo>* *<xenc:CipherData>* *<xenc:CipherValue>*yKLuJVTwB7HAjSpby5L6NYViE7KPBwxR49BVMn1kY0OEClZwpFlSj+c0pjeHR16YqxjNuQEB0clv uz7lEvLpEpaHk5w2e6XRm2TOksk1Uvs6xmBKl4e2acu68P2roDhZkKyXlTO55sO9bf3iT24cDM75 T7oZONQgevlREDbVwbXDsJEFxT8puh5gy3uvDkxNLT7WjvHjUv4vLZbUvM52o+dRona+B9uyeM35 a7+83KbsJfhXycWjbvSayIqysc/aXCCW1ceM/H00lTHE7iG/pPpHcifYEjHh4HRqTglnQbfVCvIs +/ljGr1EnlSw61t3P25DbXClA96nvtCNvmWpdoEypY9mo/7rD3CXkhaNwKe/Oql2eYFHHi25WwYT MfNEutZvDqctuahG+m54kKsAjgVXNtwQfqDCkaeCxPixfgxh1bhema3/GZ4p+b0DWIUGBb0hiHeq o3J9y1hbO+LoKH4kpCdy3b57JxsQjy87deTX+Y7UjKXEMGmpkzE/AhDwkbNVf6WdexinV33Ae0QA Vrr5/GXM+BAodRZV8fW05Wg5F8sQuX7jIx0LowLDxajAasD4YACQwvsd1OOn9vXsRmPT4MD8JxjM ttGAp7z33EA=*</xenc:CipherValue>* *</xenc:CipherData>* *</xenc:EncryptedData>* *</soapenv:Body>* *</soapenv:Envelope>* ---------------------------- *<?xml* version="1.0" encoding="UTF-8"*?>* *<soap:Envelope* xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"; xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"; xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"*>* *<soap:Header>* *<wsa:Action>*http://stockservice.contoso.com/wse/samples/2003/06/StockQuoteRequest*</wsa:Action>* *<wsa:MessageID>*uuid:5cd66ebf-5bc0-47a0-8c3b-879e40da688c*</wsa:MessageID>* *<wsa:ReplyTo>* *<wsa:Address>*http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous*</wsa:Address>* *</wsa:ReplyTo>* *<wsa:To>*http://localhost/UsernameSignCodeService/UsernameSigningService.asmx*</wsa:To>* *<wsse:Security* soap:mustUnderstand="1"*>* *<wsu:Timestamp* wsu:Id="Timestamp-7641834b-2f06-46c0-8353-f924ddbe989f"*>* *<wsu:Created>*2005-05-16T13:19:46Z*</wsu:Created>* *<wsu:Expires>*2005-05-16T13:20:46Z*</wsu:Expires>* *</wsu:Timestamp>* *<wsse:UsernameToken* xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="SecurityToken-da07d2fd-3d45-4e43-8508-a8d29db55113"*>* *<wsse:Username>*somename*</wsse:Username>* *<wsse:Password* Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"*>*somepassword*</wsse:Password>* *<wsse:Nonce>*SW7LGqWosDSOiMDBXJrIOw==*</wsse:Nonce>* *<wsu:Created>*2005-05-16T13:19:46Z*</wsu:Created>* *</wsse:UsernameToken>* *<wsse:UsernameToken* xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; wsu:Id="SecurityToken-43fd3bb2-cfca-4c58-affb-340c24d47704"*>* *<wsse:Username>*somename*</wsse:Username>* *<wsse:Password* Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText"*>*somepassword*</wsse:Password>* *<wsse:Nonce>*cy08iUmJy9n+gzkBc/naYQ==*</wsse:Nonce>* *<wsu:Created>*2005-05-16T13:19:46Z*</wsu:Created>* *</wsse:UsernameToken>* *<xenc:ReferenceList* xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"*>* *<xenc:DataReference* URI="#EncryptedContent-9cb545f4-960b-4fde-947f-c768b4f9fe14" */>* *</xenc:ReferenceList>* *</wsse:Security>* *</soap:Header>* *<soap:Body>* *<xenc:EncryptedData* Id="EncryptedContent-9cb545f4-960b-4fde-947f-c768b4f9fe14" Type="http://www.w3.org/2001/04/xmlenc#Content"; xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"*>* *<xenc:EncryptionMethod* Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"; */>* *<KeyInfo* xmlns="http://www.w3.org/2000/09/xmldsig#"*>* *<wsse:SecurityTokenReference>* *<wsse:Reference* URI="#SecurityToken-da07d2fd-3d45-4e43-8508-a8d29db55113" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken"; */>* *</wsse:SecurityTokenReference>* *</KeyInfo>* *<xenc:CipherData>* *<xenc:CipherValue>*nmBxBL0rX2lZJ4kP+B+TzSgSXRTSswy5c/sB8X4+3DxLckedgV8BTTMSaBOVqcPP5cV/CW7fRaIcQTfaUx8ilODDk7Xkzo9xT8nREZxUIKK+YGu8U9cYNuiXAuyFC9NqmqSsiKDKc2TIEa5jwe7ebkc2rUfpvEZkPL8taRxD2jggS+1iAr7WYmEs0tKLIdo/jdrUbnPpcTSA+63Vlvix9V7M9JKUGMC1+IaUMw1YwIwKd3W3IrEhRhXmwxcj00ptmTHRrASH9AUv/7VFyQCdmk34o1sUGdWHZUoXse0qMAtgMqW+Moup2G7DP+MWiPJ3KARukmPk+Ryg90gE6GPu0Jh3uvQYK0wnD2sDDHWQtCwdghHYjVGoIjHYgOWcT1OFKee8E/GhVW58Mw7njJc+UTL/A3q4a+esiUSv/3pCtsfzaxFGKmDHc4C39ZvyoorjP4PnTtvFLSkum1PmiqDzSPddh9iBuA/3nXeGZxjr5YwPoInv5xnyOVpeqCWsbxou7FgnuSbtMyiHkHXbgKlYfW+l/zA6ObOkxrUH6IpU1gqSYa1TILzB2FQ0sIofC/mMFgmqQIhKKLHlDhru82JH/FrTBW+BxVZfWR3UwrsJd/aPnt5St3VRgQk7QAlH0T0jtFNZhHgrM2K+PiUTpuSZsVjnrpDsJ9GfTm7ax1Y/cHbn34rMrv5jpXl0EoE8IGpEzjt+4X0wb32aO/c+qfM0Fksw36AByiJj6Af+ZYB8PtyyFh5heGY84RsLtltM6nD/9yXK2tn31UBlPabPNhHB7Jy2ObGLdFiua4LNbFRDMYGd5AF8AHjVtvveNI4KgMjmVWeNGcInmCHAhwqVP+582qhcDaTh6JbEpqPbuSm4y3SiXHHY9Key/TGdOOQcqNBQQalF8WwluLDHaYA2PKOuRKlux7J//Zuzwcj1srTN/YnD0Aei7Mi/R1bvk7Ol3Bd6B7YI8uu7T87EAcwsR3HZlz/lO98LPggwUD6mNREubIh2rPwQP6fIOYwUzsJUOrp6/NcrOh8yWNI++oSspo34bnSP7ttXs6gs4ZF6or0ZGBfkWaDlXr5W0WG8OLCNXWunTPIPakZzbzqGpkVMZogjyrdGg7hLnT2b/aqRJfADYeRGbqs0csa8lUbIOP3glPYecPuN35FrwjhqMVLQiTU2acIavLyeZCDnaPv/ee53w3+hmCBvSnHQK2hAPDNTiDydUvo70a3jozZQk5afkGhzYL8K4VZY5Pxr1DFbi5J/npywCVc5yLWrF32cPUBxAqyZEIN4bz02tcsNHxWwh3fZBU1M3WsdfsawxXF1XvP8w3NkDLhY+wJhIEG6MDLsvyZqCCNvb1tb5pP8s3403LkQ+g==*</xenc:CipherValue>* *</xenc:CipherData>* *</xenc:EncryptedData>* *</soap:Body>* *</soap:Envelope>* ==========================================================- Bu e-posta sadece yukarida isimleri belirtilen kisiler arasinda özel haberlesme amacini tasimaktadir. Size yanlislikla ulasmissa lütfen gönderen kisiyi bilgilendiriniz ve mesaji sisteminizden siliniz. Turkiye Cumhuriyet Merkez Bankasi A.S. bu mesajin icerigi ile ilgili olarak hicbir hukuksal sorumlulugu kabul etmez. This e-mail communication is intended for the private use of the people named above. If you received this message in error, please immediately notify the sender and delete it from your system. The Central Bank of The Republic of Turkey does not accept legal responsibility for the contents of this message.
