Re: Endpoint answers with "policy alternatives can not be satisfied" after sending X509 signed request

Tue, 30 Apr 2013 03:58:22 -0700 

Here's the corresponding request:

Content-Type: text/xml
Headers: {SOAPAction=["http://www.vatm.de/wbci/v1/wbci/annehmenAnfrage";],
Accept=[*/*]}
Payload: <soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";><soap:Header><wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity
-secext-1.0.xsd" soap:mustUnderstand="1"><wsse:BinarySecurityToken
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
xmlns:wsu="http://docs.
oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
Val
ueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
wsu:Id="CertId-847967">MIICyTCCAbGgAwIBAgIEaDIj2jANBgkqhkiG9w0BAQUFADAVMRMwEQYDVQQDEwpjbGl
lbnR1c2VyMB4XDTEzMDQyNjEzNDgxNVoXDTE1MDQyNjEzNDgxNVowFTETMBEGA1UEAxMKY2xpZW50dXNlcjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAJaItkYbWZUJYEb42aZZ/riBzKECCkMYe4cVQ/Z9N3tmoyRjoXS7ZOn1TZFb
gmlK+zq0hLRC5HOBTgFDKJPxy4KJDcD08UkziYYDRHsfWToUBZX9+DNFGjgf3EXF7AZV4uqMRxVdm3hrbXXB245tFpsMYMqwCCOaLstyJzlWwibAopizBgFJiOWSBdiq4LImun3xdH00DezbNAkvoESwW5a3JTyLcJqqIY1qAKFiHVMD7oPzcZwhA
vGAlDfE/EmxwaRvIwWpPBvN6VPof2/nax5A3eHBtB6BFr6+ndVTYifsex0LL60g0+n1VCPlnmSl1wuaf+nCgzjbyN5+xA0U8F0CAwEAAaMhMB8wHQYDVR0OBBYEFO5wN4l8yuVCM1KJUUahcc4wwU/AMA0GCSqGSIb3DQEBBQUAA4IBAQBfvbPN2K
yrhFCxxzTcrjjEua1UUBNqjw7Dhruno2pAG3W0HTiw2GBrecY/Y9hnJ7oEEDm4Caf1b2gec4WNG6taLNpjMkXVX3vqOo0qFpYt96sICtxeB1mdN54oRon7IpnKv/Rcv/FZtW/CZ6tSSiJ1IE/XBLbQ2EPKdR8kskt9aHZjY19mBUoI5sskUT4nC3h
C+jGsN4D8g4T1a8P+w2sCFZO3dteNIBZj39kKIXizkwWG/CTxn9GVC27msaMqSwWFcTcbN/RSJ78mAFapcLc+8dlXbiEKArtCEVe6RgFYoDydt+Hwk5KdkC+cThFsXPivvrBsSqrXTX8WAuD636Pf</wsse:BinarySecurityToken><ds:Signa
ture xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; Id="Signature-923543013">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; />
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1";
/>
<ds:Reference URI="#Id-1985971386">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; />
<ds:DigestValue>A8KaG7BJepFew6I0otruepKWOUQ=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
Wyv5kS3s70N92ToCI7l6Uo+gnZQVojlwaJOh360w4a9aU9j3MSuLQ6bGg0OpjEXz5Y+HnU7aRUDM
+R1WeNouLDluruuYxcvo81+lA8fqBMTaMgb4LbwYTzrm4LwNBePCzPuZ4T9kFEkv7uLtsvRpxZm6
pSOKTYzPw9Hg+5zWBCBH29qYQu9q1GoKXNgNVCnBYBzX/t7KVfZoqAs2PAUHFpVS02p6XEIXt31t
iUNbF6NsgKYCbmyxjiOFEjdr2x/Ggl32p59xc1l+5TKQgDI7muOp2R15N505rRexQARKiUi34KXD
6euxdmasZaJVz3zxN4nUzU/I30bn+teMNU4AQw==
</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-397489402">
<wsse:SecurityTokenReference
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-20040
1-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-1930237244"><wsse:Reference
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
URI="#CertId-8
47967"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
/></wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature></wsse:Security></soap:Header><soap:Body
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
wsu:Id="Id-1985971386">...</soap:Body></soap:Envelope>




--
View this message in context: 
http://cxf.547215.n5.nabble.com/Endpoint-answers-with-policy-alternatives-can-not-be-satisfied-after-sending-X509-signed-request-tp5726909p5726955.html
Sent from the cxf-user mailing list archive at Nabble.com.

Reply via email to