Hello,
I need to sign and encrypt the timestamp WS-Security header.
My policy file has following assertions:
<sp:SignedParts>
<sp:Body />
<sp:Header Namespace="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
" />
</sp:SignedParts>
<sp:EncryptedParts>
<sp:Body />
<sp:Header Namespace="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
" />
</sp:EncryptedParts>
Above namespace belongs to wsu element.
I can still see following entry in the wsse:Security element:
<wsu:Timestamp wsu:Id="TS-A91AE37C42BC91148914586148175181">
<wsu:Created>2016-03-22T02:46:57.516Z</wsu:Created>
<wsu:Expires>2016-03-22T02:51:57.516Z</wsu:Expires>
</wsu:Timestamp>
If I try to add the namespace of wsse into the signed and encrypted parts
above in order to encrypt and sign entire header as follows:
<sp:SignedParts>
<sp:Body />
<sp:Header Namespace="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
" />
</sp:SignedParts>
<sp:EncryptedParts>
<sp:Body />
<sp:Header Namespace="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
" />
</sp:EncryptedParts>
Then on the CXF server I get:
org.apache.cxf.interceptor.Fault- Exception Message: Found element {
http://www.w3.org/2001/04/xmlenc#}EncryptionMethod but could not find
matching RPC/Literal part
I am using CXF v2.7.11.
Am I doing something wrong?
Thanks,
Giriraj
