Hi Veli-Pekka,
Sorry for the late reply. You will be get this done
easily in policy based configuration if it is an option for you.
Parameter based is deprecated and it is always recommended to use the
policy based configuration. We can set the [Token Protection] property
true in the security binding assertion and the token used to sign the
message is also signed. You can find more about WS Security policy in
the article [1].
thanks,
/nandana
[1] - http://wso2.org/library/3132#secBindProps
On Wed, Mar 26, 2008 at 1:05 PM, Veli-Pekka Rannila
<[EMAIL PROTECTED]> wrote:
> Hi,
>
> I still have problems with the item below. Is there any solution for
> this by using OutflowSecurity in axis2.xml? Even negative reply is a
> good reply :-)
>
>
>
> Thanks!
>
>
>
>
> BR,
>
> VP
>
>
>
> ________________________________
>
> From: Veli-Pekka Rannila
> Sent: 19 March 2008 09:31
>
> To: [email protected]
> Subject: FW: Signing the BinarySecurityToken
>
>
>
>
>
> Hi again,
>
> I tried also to chain the outflow handler (using two action elements),
> but with no luck. I received the same error than below.
>
>
>
> Has anyone encountered the same problem with the BinarySecurityToken? If
> so, how did you manage to solve the situation?
>
>
>
> Replies/hints are very welcome!
>
>
>
> Thanks again!
>
>
>
> BR,
>
> VP
>
>
>
> ________________________________
>
> From: Veli-Pekka Rannila
> Sent: 18 March 2008 09:04
> To: [email protected]
> Subject: Signing the BinarySecurityToken
>
>
>
> Hi all,
>
> I use Axis2 v1.3, Rampart v1.3 and Java 1.5 in my project.
>
>
>
> In this project I have to sign Body, Timestamp and BinarySecurityToken
> (BST) in my SOAP message. Body and Timestamp seems to work OK but I have
> problems with the BST. I have tried to put BinarySecurityElement inside
> <signatureParts> element in my Axis2.xml but when I run my client I'll
> receive the following error:
>
>
>
> "org.apache.axis2.AxisFault: WSHandler: Signature: error during message
> processingorg.apache.ws.security.WSSecurityException: General security
> error (WSEncryptBody/WSSignEnvelope: Element to encrypt/sign not found:
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utili
> ty-1.0.xsd, BinarySecurityToken)"
>
>
>
> By reading the error it seems that BST element has not been created yet
> when the signing happens.
>
>
>
>
>
> Below is part of my Axis2.xml (OutflowSecurity) when trying to sign only
> the BinarySecurityToken:
>
>
>
> ****************************************************
>
> <parameter name="OutflowSecurity">
>
> <action>
>
> <items>Timestamp Signature</items>
>
> <user>client</user>
>
> <signaturePropFile>client.properties</signaturePropFile>
>
>
> <passwordCallbackClass>org.cco.service.pwdhandler.PWCBHandler</passwordC
> allbackClass>
>
>
> <signatureParts>{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-2
> 00401-wss-wssecurity-utility-1.0.xsd}BinarySecurityToken</signatureParts
> >
>
> <signatureKeyIdentifier>DirectReference</signatureKeyIdentifier>
>
> </action>
>
> </parameter>
>
> ****************************************************
>
>
>
>
>
> Is there a solution for signing the BST by using the OutflowSecurity
> definitions in Axis2.xml (like above)? Has "ProtectTokens" -element
> something to do with this case (if it does, can you explain how to use
> it)?
>
>
>
> This is quite urgent for me so any help is very much appreciate
> <http://www.ilmainensanakirja.fi/trans?q=P-12.Q-appriciate.Q2-appreciate
> > d!
>
>
>
> Thanks!
>
>
>
> Best Regards,
>
> VP
>
>
>
>
--
Nandana Mihindukulasooriya
Software Engineer
WSO2 inc.
http://nandana83.blogspot.com/
http://nandanasm.wordpress.com/
