Hi Colm, I tried it with ExactlyOnce, but the the the CamelContext did not start due to parsing issues of the blueprint beans.xml.
Looking at: http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/ws-securitypolicy-1.2-spec-os.html in section 7.1 its says: /sp:AlgorithmSuite/wsp:Policy This required element contains one or more policy assertions that indicate the specific algorithm suite to use. So should it be possible to define several policy assertions without the ExactlyOne element? Kai 2014-01-31 Colm O hEigeartaigh <cohei...@apache.org>: > Your policy formulation is invalid, as you are saying that you want both > AlgorithmSuites to be enforced. Instead you need a policy alternative, > something like: > > <sp:AlgorithmSuite> > <wsp:Policy> > <wsp:ExactlyOne> > <sp:Basic128Rsa15 /> > <sp:TripleDes /> > </wsp:ExactlyOne> > </wsp:Policy> > </sp:AlgorithmSuite> > > Colm. > > > On Thu, Jan 30, 2014 at 6:14 PM, Kai Rommel <krommel2...@googlemail.com > >wrote: > > > Hi, > > > > I have a WS Consumer sending a signed and encrypted message. > > In the SOAP Header following algorithm is used: > > -<xenc:EncryptedKey Id="EK45302750" > > xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";><xenc:EncryptionMethod > > Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/> > > In the SOAP Body: > > -<xenc:EncryptedData Id="ED23590466" > > xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; > > Type="http://www.w3.org/2001/04/xmlenc#Content";><xenc:EncryptionMethod > > Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/> > > > > I want to consume this message by a WS-Provider configured via policies: > > When I set the AlgorithmSuite in this way: > > > > <sp:AlgorithmSuite> > > <wsp:Policy> > > <sp:TripleDes /> > > <sp:Basic128Rsa15 /> > > </wsp:Policy> > > </sp:AlgorithmSuite> > > > > I get the error: > > ...org.apache.ws.security.processor.X509Util... > > #Sym Enc Algo: http://www.w3.org/2001/04/xmlenc#rsa-1_5|... > > org.apache.ws.security.components.crypto.AlgorithmSuiteValidator... > > The Key transport method does not match the requirement... > > > > When I set the AlgorithmSuite in this way: > > > > <sp:AlgorithmSuite> > > <wsp:Policy> > > <sp:Basic128Rsa15 /> > > <sp:TripleDes /> > > </wsp:Policy> > > </sp:AlgorithmSuite> > > > > I get the error: > > ...org.apache.ws.security.processor.EncryptedKeyProcessor.. > > > > org.apache.ws.security.processor.X509Util... > > Sym Enc Algo: http://www.w3.org/2001/04/xmlenc#tripledes-cbc|... > > > > #org.apache.ws.security.components.crypto.AlgorithmSuiteValidator#... > > The encryption algorithm does not match the requirement|..... > > > > Isn't it allowed to set several algorithms in the AlgorithmSuite? > > Or do I misinterpret something? > > Thanks. > > Best regards > > Kai > > > > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com >
