Re: AW: WSDoAllReceiver Question

[Werner Dittmann]

Shawn,

IMO the namespace definition for UsernameToken has changed for
OASIS WSS Version 1.0 (they changed the namespace several times during
the specification work). The correct namespace is now:

http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0

thus the sign element sould read
{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0}UsernameToken

Regards,
Werner

BTW, signing the SOAP body should not fail. Is it a very special SOAP
body you use?

Werner


Shawn McKinney schrieb:

I should point out that before posting on this topic I
scoured the web and Google for examples on how to do
this.  I tried adding a signatureParts elements, but
got this exception:

 faultString: WSDoAllSender: Error during Signatur
with UsernameToken
secretorg.apache.ws.security.WSSecurityException:
General security error (WSEncryptBody/WSSignEnvelope:
Element to encrypt/sign not found:
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd,
UsernameToken)
 faultActor:
 faultNode:
 faultDetail:

{http://xml.apache.org/axis/}stackTrace:WSDoAllSender:

Error during Signatur with UsernameToken
secretorg.apache.ws.security.WSSecurityException:
General security error (WSEncryptBody/WSSignEnvelope:
Element to encrypt/sign not found:
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd,
UsernameToken)
        at
org.apache.ws.axis.security.WSDoAllSender.performUT_SIGNAction(WSDoAllSender.java:512)
        at
org.apache.ws.axis.security.WSDoAllSender.invoke(WSDoAllSender.java:336)
        at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
        at
org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
        at
org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
        at
org.apache.axis.client.AxisClient.invoke(AxisClient.java:127)
        at
org.apache.axis.client.Call.invokeEngine(Call.java:2765)
        at
org.apache.axis.client.Call.invoke(Call.java:2748)
        at
org.apache.axis.client.Call.invoke(Call.java:1784)
        at
samples.message.TestIFXMsg.doit(TestIFXMsg.java:155)
        at
samples.message.TestIFXMsg.main(TestIFXMsg.java:177)

{http://xml.apache.org/axis/}hostname:redhat4hp

The client-side .wsdd follows:

   <requestFlow >
    <handler
type="java:org.apache.ws.axis.security.WSDoAllSender"

          <parameter name="action"

value="UsernameTokenSignature Encrypt"/> <parameter name="passwordCallbackClass"

value="com.fnf.xes.framework.axis.security.client.PWClientCallback"/>
      <parameter name="passwordType"

value="PasswordText" /> <parameter name="addUTElements" value="Nonce

Created" />
      <parameter name="encryptionPropFile"

value="crypto.client.properties" /> <parameter name="encryptionKeyIdentifier"

value="X509KeyIdentifier" />               
      <parameter name="encryptionUser"
value="xespublickey" />

<parameter name="signatureParts" value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken";

/>                   

<parameter name="encryptionParts" value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken";

/>                   
    </handler>