I am getting the following exception on the server side when trying to encrypt individual elements:
| org.jboss.ws.wsse.FailedCheckException: Signature is invalid. | at org.jboss.ws.wsse.SignatureVerificationOperation.process(SignatureVerificationOperation.java:59) | at org.jboss.ws.wsse.SecurityDecoder.decode(SecurityDecoder.java:123) | at org.jboss.ws.wsse.SecurityDecoder.decode(SecurityDecoder.java:185) | at org.jboss.ws.wsse.WSSecurityDispatcher.handleInbound(WSSecurityDispatcher.java:143) | at org.jboss.ws.wsse.WSSecurityHandler.handleInboundSecurity(WSSecurityHandler.java:68) | at org.jboss.ws.wsse.WSSecurityHandlerInbound.handleRequest(WSSecurityHandlerInbound.java:42) | I am following this example from the wiki with a few differences: http://wiki.jboss.org/wiki/Wiki.jsp?page=WSSecurityComplexExample - i am declaring rules globally instead of at the operation level - i want to sign the complete message - i want to encrypt individual elements when i sign and encrypt everything then it all works. when i just encrypt individual elements without signing then it all works. any ideas? jboss-wsse-client.xml | <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | xsi:schemaLocation="http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd"> | <config> | <sign type="x509v3" alias="wsse"/> | <encrypt type="x509v3" alias="wsse"> | <targets> | <target type="qname" contentOnly="true">{http://service.security.pay.net/jaws}creditCardNumber</target> | </targets> | </encrypt> | <requires> | <signature/> | <encryption> | <targets> | <target type="qname">{http://service.security.pay.net/jaws}creditCardNumber</target> | </targets> | </encryption> | </requires> | </config> | </jboss-ws-security> jboss-wsse-server.xml | <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" | xsi:schemaLocation="http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd"> | <key-store-file>META-INF/wsse.keystore</key-store-file> | <key-store-password>jbossws</key-store-password> | <trust-store-file>META-INF/wsse.truststore</trust-store-file> | <trust-store-password>jbossws</trust-store-password> | <config> | <sign type="x509v3" alias="wsse"/> | <encrypt type="x509v3" alias="wsse"> | <targets> | <target type="qname" contentOnly="true">{http://service.security.pay.net/jaws}creditCardNumber</target> | </targets> | </encrypt> | <requires> | <signature/> | <encryption> | <targets> | <target type="qname">{http://service.security.pay.net/jaws}creditCardNumber</target> | </targets> | </encryption> | </requires> | </config> | </jboss-ws-security> View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=3983095#3983095 Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=3983095 _______________________________________________ jboss-user mailing list jboss-user@lists.jboss.org https://lists.jboss.org/mailman/listinfo/jboss-user