Colm, Its fixed now, It failed due to the remote soap service doesnt support wss 1.1 and now we got a new error after they upgraded to wss 1.1. Here is the error at soap service while processing the request.
*The Encrypted Header and the Security Header 'MustUnderstand' attribute did not match. Encrypted Header: False. Security Header: True.* so i have tried to update wss4j version from 2.1.5 to 2.1.8, in which the fix for mustUnderstand attribute is available, but it didn't work. Even i tried to add custom soap interceptor extending AbstractSoapInterceptor to add mustUnderstand attribute to EncryptedHeader but it failed to get hold of encrypted header. Regards, Ratnakiran k. On Fri, Jan 5, 2018 at 9:46 PM, kiran k <[email protected]> wrote: > Thanks Colm, > > I'm not pretty sure about the configuration at .Net server, but the remote > webservice team confirmed that they support both wsse and wsse11. > Will check with that team about the configuration, Mean while can you > please check the wsdl file, and let me know is there any policy deprecated. > Please find the wsdl below. > > <?xml version="1.0" encoding="utf-8"?> > <wsdl:definitions name="SecurityTokenService" targetNamespace=" > http://www.websterbank.com/securityservices"; xmlns:wsdl=" > http://schemas.xmlsoap.org/wsdl/"; xmlns:wsap="http://schemas.xml > soap.org/ws/2004/08/addressing/policy" xmlns:wsa10="http://www.w3.org > /2005/08/addressing" xmlns:tns="http://www.websterb > ank.com/securityservices" xmlns:msc="http://schemas.micr > osoft.com/ws/2005/12/wsdl/contract" xmlns:soapenc="http://schemas. > xmlsoap.org/soap/encoding/" xmlns:wsx="http://schemas.xmls > oap.org/ws/2004/09/mex" xmlns:soap="http://schemas.xmlsoap.org/wsdl/soap/"; > xmlns:wsam="http://www.w3.org/2007/05/addressing/metadata"; xmlns:wsa=" > http://schemas.xmlsoap.org/ws/2004/08/addressing"; xmlns:wsp=" > http://schemas.xmlsoap.org/ws/2004/09/policy"; xmlns:wsaw=" > http://www.w3.org/2006/05/addressing/wsdl"; xmlns:soap12="http://schemas.x > mlsoap.org/wsdl/soap12/" xmlns:wsu="http://docs.oasis-o > pen.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" > xmlns:xsd="http://www.w3.org/2001/XMLSchema";> > <wsp:Policy wsu:Id="SecurityTokenServiceSOAP11port_http_policy"> > <wsp:ExactlyOne> > <wsp:All> > <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlso > ap.org/ws/2005/07/securitypolicy"> > <wsp:Policy> > <sp:InitiatorToken> > <wsp:Policy> > <sp:X509Token sp:IncludeToken="http://schema > s.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"> > <wsp:Policy> > <sp:RequireKeyIdentifierReference/> > <sp:WssX509V3Token10/> > </wsp:Policy> > </sp:X509Token> > </wsp:Policy> > </sp:InitiatorToken> > <sp:RecipientToken> > <wsp:Policy> > <sp:X509Token sp:IncludeToken="http://schema > s.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never"> > <wsp:Policy> > <sp:WssX509V3Token10/> > </wsp:Policy> > </sp:X509Token> > </wsp:Policy> > </sp:RecipientToken> > <sp:AlgorithmSuite> > <wsp:Policy> > <sp:Basic256/> > </wsp:Policy> > </sp:AlgorithmSuite> > <sp:Layout> > <wsp:Policy> > <sp:Lax/> > </wsp:Policy> > </sp:Layout> > <sp:IncludeTimestamp/> > <sp:OnlySignEntireHeadersAndBody/> > </wsp:Policy> > </sp:AsymmetricBinding> > <sp:Wss10 xmlns:sp="http://schemas.xmlso > ap.org/ws/2005/07/securitypolicy"> > <wsp:Policy> > <sp:MustSupportRefKeyIdentifier/> > <sp:MustSupportRefIssuerSerial/> > </wsp:Policy> > </sp:Wss10> > <sp:Trust10 xmlns:sp="http://schemas.xmlso > ap.org/ws/2005/07/securitypolicy"> > <wsp:Policy> > <sp:MustSupportIssuedTokens/> > <sp:RequireClientEntropy/> > <sp:RequireServerEntropy/> > </wsp:Policy> > </sp:Trust10> > <sp:TransportBinding xmlns:sp="http://schemas.xmlso > ap.org/ws/2005/07/securitypolicy"> > <wsp:Policy> > <sp:TransportToken> > <wsp:Policy> > <sp:HttpsToken RequireClientCertificate="false"/> > </wsp:Policy> > </sp:TransportToken> > <sp:AlgorithmSuite> > <wsp:Policy> > <sp:Basic256/> > </wsp:Policy> > </sp:AlgorithmSuite> > <sp:Layout> > <wsp:Policy> > <sp:Strict/> > </wsp:Policy> > </sp:Layout> > <sp:IncludeTimestamp/> > </wsp:Policy> > </sp:TransportBinding> > <wsaw:UsingAddressing/> > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > <wsp:Policy wsu:Id="SecurityTokenServiceSOAP11port_http_ > RequestSecurityToken_Input_policy"> > <wsp:ExactlyOne> > <wsp:All> > <sp:SignedParts xmlns:sp="http://schemas.xmlso > ap.org/ws/2005/07/securitypolicy"> > <sp:Body/> > <sp:Header Name="securityCredentials" Namespace=" > http://www.websterbank.com/services"/> > <sp:Header Name="To" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="From" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="MessageID" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="Action" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > </sp:SignedParts> > <sp:EncryptedParts xmlns:sp="http://schemas.xmlso > ap.org/ws/2005/07/securitypolicy"> > <sp:Body/> > <sp:Header Name="securityCredentials" Namespace=" > http://www.websterbank.com/services"/> > </sp:EncryptedParts> > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > <wsp:Policy wsu:Id="SecurityTokenServiceSOAP11port_http_ > RequestSecurityToken_output_policy"> > <wsp:ExactlyOne> > <wsp:All> > <sp:SignedParts xmlns:sp="http://schemas.xmlso > ap.org/ws/2005/07/securitypolicy"> > <sp:Body/> > <sp:Header Name="To" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="From" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="MessageID" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="Action" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > </sp:SignedParts> > <sp:EncryptedParts xmlns:sp="http://schemas.xmlso > ap.org/ws/2005/07/securitypolicy"> > <sp:Body/> > </sp:EncryptedParts> > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > <wsp:Policy wsu:Id="SecurityTokenServiceSOAP12port_http_policy"> > <wsp:ExactlyOne> > <wsp:All> > <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlso > ap.org/ws/2005/07/securitypolicy"> > <wsp:Policy> > <sp:InitiatorToken> > <wsp:Policy> > <sp:X509Token sp:IncludeToken="http://schema > s.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient"> > <wsp:Policy> > <sp:RequireKeyIdentifierReference/> > <sp:WssX509V3Token10/> > </wsp:Policy> > </sp:X509Token> > </wsp:Policy> > </sp:InitiatorToken> > <sp:RecipientToken> > <wsp:Policy> > <sp:X509Token sp:IncludeToken="http://schema > s.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never"> > <wsp:Policy> > <sp:WssX509V3Token10/> > </wsp:Policy> > </sp:X509Token> > </wsp:Policy> > </sp:RecipientToken> > <sp:AlgorithmSuite> > <wsp:Policy> > <sp:Basic256/> > </wsp:Policy> > </sp:AlgorithmSuite> > <sp:Layout> > <wsp:Policy> > <sp:Lax/> > </wsp:Policy> > </sp:Layout> > <sp:IncludeTimestamp/> > <sp:OnlySignEntireHeadersAndBody/> > </wsp:Policy> > </sp:AsymmetricBinding> > <sp:Wss10 xmlns:sp="http://schemas.xmlso > ap.org/ws/2005/07/securitypolicy"> > <wsp:Policy> > <sp:MustSupportRefKeyIdentifier/> > <sp:MustSupportRefIssuerSerial/> > </wsp:Policy> > </sp:Wss10> > <sp:Trust10 xmlns:sp="http://schemas.xmlso > ap.org/ws/2005/07/securitypolicy"> > <wsp:Policy> > <sp:MustSupportIssuedTokens/> > <sp:RequireClientEntropy/> > <sp:RequireServerEntropy/> > </wsp:Policy> > </sp:Trust10> > <sp:TransportBinding xmlns:sp="http://schemas.xmlso > ap.org/ws/2005/07/securitypolicy"> > <wsp:Policy> > <sp:TransportToken> > <wsp:Policy> > <sp:HttpsToken RequireClientCertificate="false"/> > </wsp:Policy> > </sp:TransportToken> > <sp:AlgorithmSuite> > <wsp:Policy> > <sp:Basic256/> > </wsp:Policy> > </sp:AlgorithmSuite> > <sp:Layout> > <wsp:Policy> > <sp:Strict/> > </wsp:Policy> > </sp:Layout> > <sp:IncludeTimestamp/> > </wsp:Policy> > </sp:TransportBinding> > <wsaw:UsingAddressing/> > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > <wsp:Policy wsu:Id="SecurityTokenServiceSOAP12port_http_ > RequestSecurityToken_Input_policy"> > <wsp:ExactlyOne> > <wsp:All> > <sp:SignedParts xmlns:sp="http://schemas.xmlso > ap.org/ws/2005/07/securitypolicy"> > <sp:Body/> > <sp:Header Name="securityCredentials" Namespace=" > http://www.websterbank.com/services"/> > <sp:Header Name="To" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="From" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="MessageID" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="Action" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > </sp:SignedParts> > <sp:EncryptedParts xmlns:sp="http://schemas.xmlso > ap.org/ws/2005/07/securitypolicy"> > <sp:Body/> > <sp:Header Name="securityCredentials" Namespace=" > http://www.websterbank.com/services"/> > </sp:EncryptedParts> > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > <wsp:Policy wsu:Id="SecurityTokenServiceSOAP12port_http_ > RequestSecurityToken_output_policy"> > <wsp:ExactlyOne> > <wsp:All> > <sp:SignedParts xmlns:sp="http://schemas.xmlso > ap.org/ws/2005/07/securitypolicy"> > <sp:Body/> > <sp:Header Name="To" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="From" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="FaultTo" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="ReplyTo" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="MessageID" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="RelatesTo" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > <sp:Header Name="Action" Namespace="http://www.w3.org/2 > 005/08/addressing"/> > </sp:SignedParts> > <sp:EncryptedParts xmlns:sp="http://schemas.xmlso > ap.org/ws/2005/07/securitypolicy"> > <sp:Body/> > </sp:EncryptedParts> > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > <wsdl:types> > <xs:schema elementFormDefault="qualified" targetNamespace=" > http://schemas.xmlsoap.org/ws/2005/02/trust"; xmlns:xs=" > http://www.w3.org/2001/XMLSchema"; xmlns:tns="http://schemas.xmls > oap.org/ws/2005/02/trust"> > <xs:import namespace="http://schemas.xmlsoap.org/ws/2004/09/policy > "/> > <xs:import namespace="http://www.w3.org/2001/XMLSchema"/> > <xs:element name="RequestSecurityToken"> > <xs:complexType> > <xs:sequence> > <xs:element minOccurs="0" maxOccurs="1" ref="q1:AppliesTo" > xmlns:q1="http://schemas.xmlsoap.org/ws/2004/09/policy"/> > <xs:element minOccurs="1" maxOccurs="1" name="KeySize" > type="xs:int"/> > <xs:element minOccurs="0" maxOccurs="1" name="KeyType" > type="xs:string"/> > <xs:element minOccurs="0" maxOccurs="1" name="RequestType" > type="xs:string"/> > <xs:element minOccurs="0" maxOccurs="1" name="TokenType" > type="xs:string"/> > </xs:sequence> > </xs:complexType> > </xs:element> > <xs:element name="KeySize" type="xs:int"/> > <xs:element name="Lifetime" type="tns:Lifetime"/> > <xs:complexType name="Lifetime"> > <xs:sequence> > <xs:element minOccurs="1" maxOccurs="1" name="Created" > type="xs:dateTime"/> > <xs:element minOccurs="1" maxOccurs="1" name="Expires" > type="xs:dateTime"/> > </xs:sequence> > </xs:complexType> > <xs:element name="RequestedAttachedReference"> > <xs:complexType> > <xs:sequence> > <xs:element ref="xs:schema"/> > <xs:any/> > </xs:sequence> > </xs:complexType> > </xs:element> > <xs:element name="RequestedSecurityToken"> > <xs:complexType> > <xs:sequence> > <xs:element ref="xs:schema"/> > <xs:any/> > </xs:sequence> > </xs:complexType> > </xs:element> > <xs:element name="RequestedUnattachedReference"> > <xs:complexType> > <xs:sequence> > <xs:element ref="xs:schema"/> > <xs:any/> > </xs:sequence> > </xs:complexType> > </xs:element> > <xs:element name="TokenType" type="xs:string"/> > </xs:schema> > <xs:schema elementFormDefault="qualified" targetNamespace=" > http://schemas.xmlsoap.org/ws/2004/09/policy"; xmlns:xs=" > http://www.w3.org/2001/XMLSchema"; xmlns:tns="http://schemas.xmls > oap.org/ws/2004/09/policy"> > <xs:import namespace="http://www.w3.org/2005/08/addressing"/> > <xs:element name="AppliesTo" type="tns:AppliesTo"/> > <xs:complexType name="AppliesTo"> > <xs:sequence> > <xs:element minOccurs="0" maxOccurs="1" > ref="q1:EndpointReference" xmlns:q1="http://www.w3.org/2005/08/addressing > "/> > </xs:sequence> > </xs:complexType> > </xs:schema> > <xs:schema elementFormDefault="qualified" targetNamespace=" > http://www.w3.org/2005/08/addressing"; xmlns:xs="http://www.w3.org/20 > 01/XMLSchema" xmlns:tns="http://www.w3.org/2005/08/addressing";> > <xs:element name="EndpointReference" type="tns:EndpointReference"/> > <xs:complexType name="EndpointReference"> > <xs:sequence> > <xs:element minOccurs="0" maxOccurs="1" name="Address" > type="xs:string"/> > </xs:sequence> > </xs:complexType> > </xs:schema> > <xs:schema elementFormDefault="qualified" targetNamespace=" > http://www.websterbank.com/services"; xmlns:xs="http://www.w3.org/20 > 01/XMLSchema" xmlns:tns="http://www.websterbank.com/services";> > <xs:element name="securityCredentials" type="tns:SecurityCredentials" > /> > <xs:complexType name="SecurityCredentials"> > <xs:sequence> > <xs:element minOccurs="0" maxOccurs="1" name="hsaCredentials" > type="tns:HsaCredentials"/> > </xs:sequence> > </xs:complexType> > <xs:complexType name="HsaCredentials"> > <xs:sequence> > <xs:element minOccurs="1" maxOccurs="1" > name="business_partner_id" type="xs:long"/> > <xs:element minOccurs="1" maxOccurs="1" name="account_number" > type="xs:long"/> > <xs:element minOccurs="0" maxOccurs="1" name="application_code" > type="xs:string"/> > <xs:element minOccurs="0" maxOccurs="1" name="tax_id" > type="xs:string"/> > <xs:element minOccurs="1" maxOccurs="1" name="date_of_birth" > type="xs:dateTime"/> > <xs:element minOccurs="0" maxOccurs="1" name="first_name" > type="xs:string"/> > <xs:element minOccurs="0" maxOccurs="1" name="last_name" > type="xs:string"/> > </xs:sequence> > </xs:complexType> > </xs:schema> > <xs:schema elementFormDefault="qualified" targetNamespace=" > http://www.websterbank.com/securityservices"; xmlns:xs=" > http://www.w3.org/2001/XMLSchema";> > <xs:import namespace="http://schemas.xmlsoap.org/ws/2004/09/policy > "/> > <xs:import namespace="http://schemas.xmlsoap.org/ws/2005/02/trust"/> > <xs:element name="RequestSecurityTokenResponse"> > <xs:complexType> > <xs:sequence> > <xs:element minOccurs="0" maxOccurs="1" ref="q1:AppliesTo" > xmlns:q1="http://schemas.xmlsoap.org/ws/2004/09/policy"/> > <xs:element minOccurs="1" maxOccurs="1" ref="q2:KeySize" > xmlns:q2="http://schemas.xmlsoap.org/ws/2005/02/trust"/> > <xs:element minOccurs="0" maxOccurs="1" ref="q3:Lifetime" > xmlns:q3="http://schemas.xmlsoap.org/ws/2005/02/trust"/> > <xs:element minOccurs="0" maxOccurs="1" > ref="q4:RequestedAttachedReference" xmlns:q4="http://schemas.xmlso > ap.org/ws/2005/02/trust"/> > <xs:element minOccurs="0" maxOccurs="1" > ref="q5:RequestedSecurityToken" xmlns:q5="http://schemas.xmlso > ap.org/ws/2005/02/trust"/> > <xs:element minOccurs="0" maxOccurs="1" > ref="q6:RequestedUnattachedReference" xmlns:q6="http://schemas.xmlso > ap.org/ws/2005/02/trust"/> > <xs:element minOccurs="0" maxOccurs="1" ref="q7:TokenType" > xmlns:q7="http://schemas.xmlsoap.org/ws/2005/02/trust"/> > </xs:sequence> > </xs:complexType> > </xs:element> > </xs:schema> > </wsdl:types> > <wsdl:message name="RequestSecurityTokenRequest"> > <wsdl:part name="parameters" element="q1:RequestSecurityToken" > xmlns:q1="http://schemas.xmlsoap.org/ws/2005/02/trust"/> > </wsdl:message> > <wsdl:message name="RequestSecurityTokenRequest_Headers"> > <wsdl:part name="SecurityCredentials" element="q2:securityCredentials" > xmlns:q2="http://www.websterbank.com/services"/> > </wsdl:message> > <wsdl:message name="RequestSecurityTokenResponse"> > <wsdl:part name="parameters" element="tns:RequestSecurityTo > kenResponse"/> > </wsdl:message> > <wsdl:portType name="SecurityTokenServicePortType"> > <wsdl:operation name="RequestSecurityToken"> > <wsdl:input wsaw:Action="http://schemas.xm > lsoap.org/ws/2005/02/trust/RST/Issue" name="RequestSecurityTokenRequest" > message="tns:RequestSecurityTokenRequest"/> > <wsdl:output wsaw:Action="urn:RequestSecurityTokenResponse" > name="RequestSecurityTokenResponse" message="tns:RequestSecurityTo > kenResponse"/> > </wsdl:operation> > </wsdl:portType> > <wsdl:binding name="SecurityTokenServiceSOAP11port_http" > type="tns:SecurityTokenServicePortType"> > <wsp:PolicyReference URI="#SecurityTokenServiceSOAP > 11port_http_policy"/> > <soap12:binding transport="http://schemas.xmlsoap.org/soap/http"/> > <wsdl:operation name="RequestSecurityToken"> > <soap12:operation soapAction="http://schemas.xml > soap.org/ws/2005/02/trust/RST/Issue" style="document"/> > <wsdl:input name="RequestSecurityTokenRequest"> > <wsp:PolicyReference URI="#SecurityTokenServiceSOAP11port_http_ > RequestSecurityToken_Input_policy"/> > <soap12:header message="tns:RequestSecurityTokenRequest_Headers" > part="SecurityCredentials" use="literal"/> > <soap12:body use="literal"/> > </wsdl:input> > <wsdl:output name="RequestSecurityTokenResponse"> > <wsp:PolicyReference URI="#SecurityTokenServiceSOAP11port_http_ > RequestSecurityToken_output_policy"/> > <soap12:body use="literal"/> > </wsdl:output> > </wsdl:operation> > </wsdl:binding> > <wsdl:binding name="SecurityTokenServiceSOAP12port_http" > type="tns:SecurityTokenServicePortType"> > <wsp:PolicyReference URI="#SecurityTokenServiceSOAP > 12port_http_policy"/> > <soap12:binding transport="http://schemas.xmlsoap.org/soap/http"/> > <wsdl:operation name="RequestSecurityToken"> > <soap12:operation soapAction="http://schemas.xml > soap.org/ws/2005/02/trust/RST/Issue" style="document"/> > <wsdl:input name="RequestSecurityTokenRequest"> > <wsp:PolicyReference URI="#SecurityTokenServiceSOAP12port_http_ > RequestSecurityToken_Input_policy"/> > <soap12:header message="tns:RequestSecurityTokenRequest_Headers" > part="SecurityCredentials" use="literal"/> > <soap12:body use="literal"/> > </wsdl:input> > <wsdl:output name="RequestSecurityTokenResponse"> > <wsp:PolicyReference URI="#SecurityTokenServiceSOAP12port_http_ > RequestSecurityToken_output_policy"/> > <soap12:body use="literal"/> > </wsdl:output> > </wsdl:operation> > </wsdl:binding> > <wsdl:service name="SecurityTokenService"> > <wsdl:port name="SecurityTokenServiceSOAP11port_http" > binding="tns:SecurityTokenServiceSOAP11port_http"> > <soap12:address location="<soap-service-location>"/> > <wsa10:EndpointReference> > <wsa10:Address>{SOAP-SERVICE-LOCATION}</wsa10:Address> > <Identity xmlns="http://schemas.xmlsoap. > org/ws/2006/02/addressingidentity"> > <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";> > <X509Data> > <X509Certificate>MIID7TCCAtWgAwIBAgIJAIFuF5hbpEjjMA0GCSqGSIb > 3DQEBCwUAMIGMMQswCQYDVQQGEwJVUzESMBAGA1UECAwJV2lzY29uc2luMRI > wEAYDVQQHDAlNaWx3YXVrZWUxEDAOBgNVBAoMB0hTQUJhbmsxCzAJBgNVBAs > MAklUMRQwEgYDVQQDDAtTdGV2ZW4gQmlyZDEgMB4GCSqGSIb3DQEJARYRc2J > pcmRAaHNhYmFuay5jb20wHhcNMTcwMjAxMTcwMjUyWhcNMTgwMjAxMTcwMjU > yWjCBjDELMAkGA1UEBhMCVVMxEjAQBgNVBAgMCVdpc2NvbnNpbjESMBAGA1U > EBwwJTWlsd2F1a2VlMRAwDgYDVQQKDAdIU0FCYW5rMQswCQYDVQQLDAJJVDE > UMBIGA1UEAwwLU3RldmVuIEJpcmQxIDAeBgkqhkiG9w0BCQEWEXNiaXJkQGh > zYWJhbmsuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssf > yMVwrPfreZqlCXPdGkvDMDIlO7tSQpuhdiFLJSU2RXu0prngQNlCPAVE0hIk > lIBp/BJhMO59nxusUZWB/sNCPikY0Exh5zw6SnUcZFQJuegzW5oGAxCNULbd > pspKRRoZNB6qdzma1GHn2oju0qZ+BoiOWSsPcsKlV4paz/KJIIkCKw5j98 > 0RnTPe698tzYZUE7Go/7mZKVPEHHZNfZwONItnspIQ96wu6F9ceMOo4mgJtn > WLNc3Qt/H0KMDiX1xtT2q/EEtuEZHVnuWqEDSR7k13jZrTx/v0JaDA7iAP3d > i845D5x0Eg8qNkDugiCeGSpfdNzcY4aunG5FK+wOwIDAQABo1AwTjAdBgNVH > Q4EFgQU0MtZ3b/zOULlALC6D//RpCd0QnIwHwYDVR0jBBgwFoAU0MtZ3b/ > zOULlALC6D//RpCd0QnIwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAO > CAQEACjgx9FJcvim+F3bEsqWA8vFZM0RfjmdA69kJPv84+8ycGJy8E7J3pxj > HjYIjsdnAoWIbZEaIixF7xenRnD0C21ucnrn2RHQmosZUT1ISasw3qN1bUzQ > n/++2aBKtLqEAg/SMJUimk6WgY2ndtkN/2+b2k6Xa5sosRLUKTGqbOFZZ0S/ > 73WQCVSf1P/+m1oxheb7U+EXZbI5rtWyFH8ERLxAJW9EWsygNC1UIxJ5psmU > gFLPGfMXi6z7vm4f0Jy8At+J6/7e8GVwLwftaqUYcLw3piGw4CFlzNw9uMcZ > MFIvyaO8YnNBFzgbaf5RgUM/xSIPYbTyBNPUpZUMlK4G/xg==</X509Certificate> > </X509Data> > </KeyInfo> > </Identity> > </wsa10:EndpointReference> > </wsdl:port> > <wsdl:port name="SecurityTokenServiceSOAP12port_http" > binding="tns:SecurityTokenServiceSOAP12port_http"> > <soap12:address location="<soap-service-location>"/> > <wsa10:EndpointReference> > <wsa10:Address>{SOAP-SERVICE-LOCATION}</wsa10:Address> > <Identity xmlns="http://schemas.xmlsoap. > org/ws/2006/02/addressingidentity"> > <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";> > <X509Data> > <X509Certificate>MIID7TCCAtWgAwIBAgIJAIFuF5hbpEjjMA0GCSqGSIb > 3DQEBCwUAMIGMMQswCQYDVQQGEwJVUzESMBAGA1UECAwJV2lzY29uc2luMRI > wEAYDVQQHDAlNaWx3YXVrZWUxEDAOBgNVBAoMB0hTQUJhbmsxCzAJBgNVBAs > MAklUMRQwEgYDVQQDDAtTdGV2ZW4gQmlyZDEgMB4GCSqGSIb3DQEJARYRc2J > pcmRAaHNhYmFuay5jb20wHhcNMTcwMjAxMTcwMjUyWhcNMTgwMjAxMTcwMjU > yWjCBjDELMAkGA1UEBhMCVVMxEjAQBgNVBAgMCVdpc2NvbnNpbjESMBAGA1U > EBwwJTWlsd2F1a2VlMRAwDgYDVQQKDAdIU0FCYW5rMQswCQYDVQQLDAJJVDE > UMBIGA1UEAwwLU3RldmVuIEJpcmQxIDAeBgkqhkiG9w0BCQEWEXNiaXJkQGh > zYWJhbmsuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAssf > yMVwrPfreZqlCXPdGkvDMDIlO7tSQpuhdiFLJSU2RXu0prngQNlCPAVE0hIk > lIBp/BJhMO59nxusUZWB/sNCPikY0Exh5zw6SnUcZFQJuegzW5oGAxCNULbd > pspKRRoZNB6qdzma1GHn2oju0qZ+BoiOWSsPcsKlV4paz/KJIIkCKw5j98 > 0RnTPe698tzYZUE7Go/7mZKVPEHHZNfZwONItnspIQ96wu6F9ceMOo4mgJtn > WLNc3Qt/H0KMDiX1xtT2q/EEtuEZHVnuWqEDSR7k13jZrTx/v0JaDA7iAP3d > i845D5x0Eg8qNkDugiCeGSpfdNzcY4aunG5FK+wOwIDAQABo1AwTjAdBgNVH > Q4EFgQU0MtZ3b/zOULlALC6D//RpCd0QnIwHwYDVR0jBBgwFoAU0MtZ3b/ > zOULlALC6D//RpCd0QnIwDAYDVR0TBAUwAwEB/zANBgkqhkiG9w0BAQsFAAO > CAQEACjgx9FJcvim+F3bEsqWA8vFZM0RfjmdA69kJPv84+8ycGJy8E7J3pxj > HjYIjsdnAoWIbZEaIixF7xenRnD0C21ucnrn2RHQmosZUT1ISasw3qN1bUzQ > n/++2aBKtLqEAg/SMJUimk6WgY2ndtkN/2+b2k6Xa5sosRLUKTGqbOFZZ0S/ > 73WQCVSf1P/+m1oxheb7U+EXZbI5rtWyFH8ERLxAJW9EWsygNC1UIxJ5psmU > gFLPGfMXi6z7vm4f0Jy8At+J6/7e8GVwLwftaqUYcLw3piGw4CFlzNw9uMcZ > MFIvyaO8YnNBFzgbaf5RgUM/xSIPYbTyBNPUpZUMlK4G/xg==</X509Certificate> > </X509Data> > </KeyInfo> > </Identity> > </wsa10:EndpointReference> > </wsdl:port> > </wsdl:service> > </wsdl:definitions> > > > > > > > Regards, > Ratnakiran k. > > On Fri, Jan 5, 2018 at 6:19 PM, Colm O hEigeartaigh <[email protected]> > wrote: > >> Is it an option to set "SecurityVersion.WsSecurity11" for the .NET service >> as the error message indicates? There isn't a way currently to force CXF >> not to use the wsse11:EncryptedHeader block. >> >> Colm. >> >> On Fri, Jan 5, 2018 at 11:11 AM, kirank <[email protected]> wrote: >> >> > Hello, >> > >> > We are facing an issue while communicating with remote web service >> > (implemented in .Net) using cxf client(3.1.6 version), where it worked >> > perfectly with cxf 2.4.6 version. >> > >> > Background: >> > As part of evergreening project, we have recently upgraded the >> application >> > server and java version to wildfly 10 and java 8. The wildfly 10 app >> server >> > is already bundled with cxf 3.1.6 version and wss4j 2.1.5 version. >> > >> > Problem Statement: >> > >> > The soap message header holds EncryptedHeader block and the soap message >> > looks fine and there are no error logs while sending the message, but >> the >> > remote web server returned a soap fault with message "An error occurred >> > when >> > verifying security for the message". When we tried to check with the >> remote >> > web service provider, they shared the exception logs on their side. >> Here is >> > the exception log: >> > >> > / >> > <ExceptionType>System.ServiceModel.Security.MessageSecurityException, >> > System.ServiceModel, Version=4.0.0.0, Culture=neutral, >> > PublicKeyToken=b77a5c561934e089</ExceptionType> >> > <Message>SecurityVersion.WSSecurityJan2004 does not support header >> > decryption. Use SecurityVersion.WsSecurity11 and above or use transport >> > security to encrypt the full message.</Message> >> > / >> > >> > >> > Please find the soap request below. >> > >> > /<soap:Envelope >> > xmlns:soap="http://www.w3.org/2003/05/soap-envelope";><soap: >> > Header><wsse11:EncryptedHeader >> > xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss- >> > wssecurity-secext-1.1.xsd" >> > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis- >> > 200401-wss-wssecurity-utility-1.0.xsd" >> > wsu:Id="EH-e1a54dc5-f0dd-4cb7-8a99-b47e881619f6"><xenc:EncryptedData >> > xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; >> > Id="ED-c90ce2c3-81d3-42ec-b809-9dec329a3fe8" >> > Type="http://www.w3.org/2001/04/xmlenc#Element";><xenc:EncryptionMethod >> > Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/><ds:KeyInfo >> > xmlns:ds="http://www.w3.org/2000/09/xmldsig#";><wsse:Security >> TokenReference >> > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis- >> > 200401-wss-wssecurity-secext-1.0.xsd" >> > xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss- >> > wssecurity-secext-1.1.xsd" >> > wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss- >> > soap-message-security-1.1#EncryptedKey"><wsse:Reference >> > URI="#EK-1dc124a3-97ee-40ce-8fc8-4b7bdf996fea"/></wsse: >> > SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:C >> ipherValue>tY/ >> > 3l1CI9KZbO4jIWeD0BjftZmPHGITo4ily+nMRpbnoL/lUo64RJAVqfx1KvX2di/SbB5v// >> > olitZXSSnrSsj98u2XgNzuSTTArm3gly4K6FI0cfdzIOeaUzB39WTJFfH4If >> > DPw4DpOkwr5gG5saTqXN6OkLRTN+zq00ZDCYY2jTJztUGy2WRIqRs0Jnd0 >> > 2fYsRXlcGPLjFhkfT+vPswdGvIgWdV2esE5ZQQVWnXOZRsBHFnay8sLCMLsIlXPLR+3+ >> > DVwlj9eH9sOp4PhlCblMgw8/xOc8f0MyuCu7ATQyvF67an+ >> > 3DmSLx5oOVcmcVqPSHc1mfRQE0HkdViS+76g0YwoXCVOAKmpohAh7WWiKxHrihG >> > jyIFYKgWRaBXoKNE/DSxiRxyUpR6Zacfhp1qnfFpObw8zeskfTDQKQER2T5tVQQmT47Jav+ >> > kY4biVTB+FTwcx6WMe/eOwPRbyT+DZ/XYcZhY6QlJw0F8eVGqJ7FYeM5/ >> > FEKkeThjrP2gSjvcKAgqfMa5es/YpQyz+y99V+G18qLVeQwWwPOuDmd2IWcV85+ >> > MVz32EbIn7kRFY3kfJcIgpFakkhdX59G0twCVvdutHuCY1s7+lekxR/ >> > ScoXO512rn3bvxNR4rSR1HjxO05b1ZAZ7rUoJJhMbndLKWbveWbMDMmA/5M/ >> > M351PaBny2hokcj2H3qc39Z2Ex2yjX9UZt/Vyv3Z9khDckDN/ >> > n2TuQrpZJK8JpGELIfpzpZw=</xenc:CipherValue></xenc:CipherData></xenc: >> > EncryptedData></wsse11:EncryptedHeader><Action >> > xmlns="http://www.w3.org/2005/08/addressing"; >> > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis- >> > 200401-wss-wssecurity-utility-1.0.xsd" >> > wsu:Id="_628c5544-bf83-4b31-bf4a-419dfb266522">http:// >> > schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</Action><MessageID >> > xmlns="http://www.w3.org/2005/08/addressing"; >> > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis- >> > 200401-wss-wssecurity-utility-1.0.xsd" >> > wsu:Id="_3153031e-3921-4e61-83ca-752525c6aefb">urn:uuid: >> > 46d389b7-e055-417d-a88d-bf1eae2078ab</MessageID><To >> > xmlns="http://www.w3.org/2005/08/addressing"; >> > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis- >> > 200401-wss-wssecurity-utility-1.0.xsd" >> > wsu:Id="_f9d1f8af-5750-45e4-b74c-b09dd7135c53">https:// >> > staging.accounts.hsabank.com/SecurityServices/SecurityTokenService.svc/ >> > Soap12</To><ReplyTo >> > xmlns="http://www.w3.org/2005/08/addressing"; >> > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis- >> > 200401-wss-wssecurity-utility-1.0.xsd" >> > wsu:Id="_862c7ad6-cbf4-4af9-a666-428f388bc0e1"><Address>ht >> > tp://www.w3.org/2005/08/addressing/anonymous</Address> >> > </ReplyTo><wsse:Security >> > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis- >> > 200401-wss-wssecurity-secext-1.0.xsd" >> > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis- >> > 200401-wss-wssecurity-utility-1.0.xsd" >> > soap:mustUnderstand="true"><wsu:Timestamp >> > wsu:Id="TS-a6e0604b-4d16-40b4-bcb6-32fec91d6945"><wsu: >> > Created>2017-12-07T06:22:58.634Z</wsu:Created><wsu: >> > Expires>2017-12-07T06:27:58.634Z</wsu:Expires></wsu: >> > Timestamp><xenc:EncryptedKey >> > xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; >> > Id="EK-1dc124a3-97ee-40ce-8fc8-4b7bdf996fea"><xenc:EncryptionMethod >> > Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/ >> ><ds:KeyInfo >> > xmlns:ds="http://www.w3.org/2000/09/xmldsig#";><wsse: >> > SecurityTokenReference><wsse:KeyIdentifier >> > EncodingType="http://docs.oasis-open.org/wss/2004/01/ >> > oasis-200401-wss-soap-message-security-1.0#Base64Binary" >> > ValueType="http://docs.oasis-open.org/wss/2004/01/oasis- >> > 200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier"> >> > muOBFpTUhZ9dp/MH5GF9KTzXA98=</wsse:KeyIdentifier></wsse: >> > SecurityTokenReference></ds:KeyInfo><xenc:CipherData>< >> > xenc:CipherValue>J3gS7J/pD1z55Jhe3Zu9vzSCTA/S0tOyVH6nyZeEYYOnF3oEtq60/ >> > B2z2fQTnu5mwScCk13HHdp/1uRRi2oN7ujnVYKIHFDUpK7CoYrTk0 >> > kRMGzXwITN1ce317cAGj388akXT5/3Xqh9uVTBQbIZ9/QYThw8DYECpGtJOi >> oexKTjDRRNCUD5 >> > BV+Lb6azJBw3PhkZwje4BqvbPJfqJL17hy+73mXi8ri4h3BI1ywMIDWnR3CnKrbWf >> > Z3skzs+K7eNkX/1EpHiFJ3+1CQ9XtmgeMvx54t3c8PT5VGfuAYMTV >> > AHuNPbrTYVIrRoNZYGqr2FZ14EUrp9oVcE+6HcaASf+g==</xenc: >> > CipherValue></xenc:CipherData><xenc:ReferenceList><xenc:DataReference >> > URI="#ED-010cbc7e-c2d3-4ce0-a457-5935e7666d61"/><xenc:DataReference >> > URI="#ED-c90ce2c3-81d3-42ec-b809-9dec329a3fe8"/></xenc: >> > ReferenceList></xenc:EncryptedKey><wsse:BinarySecurityToken >> > EncodingType="http://docs.oasis-open.org/wss/2004/01/ >> > oasis-200401-wss-soap-message-security-1.0#Base64Binary" >> > ValueType="http://docs.oasis-open.org/wss/2004/01/oasis- >> > 200401-wss-x509-token-profile-1.0#X509v3" >> > wsu:Id="X509-98736b24-9271-46ad-b024-66b9c342122d"> >> > MIIFgDCCBGigAwIBAgITBqnuMCIEN/UUCOX0AnlC8eNXVTANBgkqhkiG9w0B >> > AQsFADCBtTELMAkGA1UEBhMCVVMxETAPBgNVBAgTCElsbGlub2lzMRAwDgYD >> > VQQHEwdDaGljYWdvMSEwHwYDVQQKExhUcnVzdHdhdmUgSG9sZGluZ3MsIElu >> > Yy4xPTA7BgNVBAMTNFRydXN0d2F2ZSBPcmdhbml6YXRpb24gVmFsaWRhdGlv >> > biBTSEEyNTYgQ0EsIExldmVsIDExHzAdBgkqhkiG9w0BCQEWEGNhQHRydXN0 >> > d2F2ZS5jb20wHhcNMTcwMjAyMTYzNjI2WhcNMTkxMjAyMjIzNjI2WjB2MR0w >> > GwYDVQQDExRhbGFjZXh0LmFsYWNyaXRpLmNvbTEeMBwGA1UEChMVQWxhY3Jp >> > dGkgUGF5bWVudHMgTExDMRMwEQYDVQQHEwpQaXNjYXRhd2F5MRMwEQYDVQQI >> > EwpOZXcgSmVyc2V5MQswCQYDVQQGEwJVUzCCASIwDQYJKoZIhvcNAQEBBQAD >> > ggEPADCCAQoCggEBAL67zxPS2fIa8gYHqZGDUw5a9zmH+5NHqah0q98mVwdDK3A9R42tuP/ >> > NY5uwSoTUiSKxDkdjvW8K+Az4qpFfwogiB2ZA6UfWDrNQ3gwDWY1 >> > 9TJeIB0AQQCdTHjW7rluOlaqvMDmcNEA+QsNDqF0Kgad4OsJ+ >> > uahHaOqnKyGyfPtMBcDByOcs8g5HJoMrirq3E8AhWAll2cTCQXhif51S2foaLdX/ >> > 17DGnTzuCLuiDHplbFVfu3lTTTEU8hwUY/mWnhewH403DLNlf8w4bCkb/OM+ >> > T7DXKl0rFsu2xua/Uye7EMsy2A0EX7eytgbfU8hPNePmmcQW++ >> > oy4Fui8mxeN1ECAwEAAaOCAcUwggHBMAwGA1UdEwEB/wQCMAAwDgYDVR0PAQH/ >> > BAQDAgWgMB0GA1UdJQQWMBQGCCsGAQUFBwMCBggrBgEFBQcDATAdBgNVHQ4E >> > FgQUR4oMFsF5Ot7gb9ZYwttMvVyqT7gwHwYDVR0jBBgwFoAUys4dGAN3Hhzz >> > fFiymnCoCIAW9K4wPwYDVR0gBDgwNjA0BgZngQwBAgIwKjAoBggrBgEFBQcC >> > ARYcaHR0cHM6Ly9zc2wudHJ1c3R3YXZlLmNvbS9DQTBWBgNVHREETzBNghRh >> > bGFjZXh0LmFsYWNyaXRpLmNvbYIaYWxhY2V4dC5iaWxsZXJwYXltZW50cy5j >> > b22CGWRldml0Zy5iaWxsZXJwYXltZW50cy5jb20wNgYDVR0fBC8wLTAroCmg >> > J4YlaHR0cDovL2NybC50cnVzdHdhdmUuY29tL09WQ0EyX0wxLmNybDBxBggr >> > BgEFBQcBAQRlMGMwJgYIKwYBBQUHMAGGGmh0dHA6Ly9vY3NwLnRydXN0d2F2 >> > ZS5jb20vMDkGCCsGAQUFBzAChi1odHRwOi8vc3NsLnRydXN0d2F2ZS5jb20v >> > aXNzdWVycy9PVkNBMl9MMS5jcnQwDQYJKoZIhvcNAQELBQADggEBABc38Ifc >> > bsDgcZkfRBlfPEqWWRUc8qlNSk4FELapbq6yipiL90XEqX1dB+fidu/ >> > mHfNMrjMPNzOqW8hEp6IFawT61rO3PEiNjVulhAKif75V80IiaWG0UVkYk6N >> > vkc6jC3PvRkXNJe8Vd8EvIwDBcpFqgyJV3sNPdYTeprYsmaJSwofHekuCc6Ede+2zG8dC+ >> > FctYuLeqU58ZAwlXkptXFnCISRZINFwMqlZmeErDLHj/TXN6tsqdOngaowyn >> oqRs6WltyQGWQU >> > R3moRgIiiZ+8kB1DSzZ1m2WPjoAG9zEpstJYkmm3pN60cWSNUdVQrtKcZMm4MR73hvAmENP >> > lrUmc=</wsse:BinarySecurityToken><ds:Signature >> > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; >> > Id="SIG-a28b8c66-a7b6-44ca-99f6-5d4f8a213ece"><ds:SignedInfo><ds: >> > CanonicalizationMethod >> > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";><ec: >> > InclusiveNamespaces >> > xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"; >> > PrefixList="soap"/></ds:CanonicalizationMethod><ds:SignatureMethod >> > Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference >> > URI="#TS-a6e0604b-4d16-40b4-bcb6-32fec91d6945"><ds: >> > Transforms><ds:Transform >> > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";><ec: >> > InclusiveNamespaces >> > xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"; PrefixList="wsse >> > soap"/></ds:Transform></ds:Transforms><ds:DigestMethod >> > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds: >> > DigestValue>LQAtC5vIdMJ0H+7kZEwuCR9F1HQ=</ds:DigestValue></d >> s:Reference>< >> > ds:Reference >> > URI="#_c799ff1f-4c19-4a27-87de-45462d4e5083"><ds:Transforms> >> <ds:Transform >> > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/></ds: >> > Transforms><ds:DigestMethod >> > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue> >> > ipCJhOWfRxL9Y0y4BeQHbJc184c=</ds:DigestValue></ds:Reference> >> <ds:Reference >> > URI="#_9fad93a0-9903-46cd-a550-d7f79de175a2"><ds:Transforms> >> <ds:Transform >> > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";><ec: >> > InclusiveNamespaces >> > xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"; >> > PrefixList="soap"/></ds:Transform></ds:Transforms><ds:DigestMethod >> > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds: >> > DigestValue>26XJeHpO+26Jg1OOdm0H756Qf3A=</ds:DigestValue></d >> s:Reference>< >> > ds:Reference >> > URI="#_f9d1f8af-5750-45e4-b74c-b09dd7135c53"><ds:Transforms> >> <ds:Transform >> > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";><ec: >> > InclusiveNamespaces >> > xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"; >> > PrefixList="soap"/></ds:Transform></ds:Transforms><ds:DigestMethod >> > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds: >> > DigestValue>DVuPHDnNiP/RBHfUNC9m5+hFGCE=</ds:DigestValue></d >> s:Reference>< >> > ds:Reference >> > URI="#_862c7ad6-cbf4-4af9-a666-428f388bc0e1"><ds:Transforms> >> <ds:Transform >> > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";><ec: >> > InclusiveNamespaces >> > xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"; >> > PrefixList="soap"/></ds:Transform></ds:Transforms><ds:DigestMethod >> > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds: >> > DigestValue>I99qv6L87bpv/9yt6SPNYS4d1qI=</ds:DigestValue></d >> s:Reference>< >> > ds:Reference >> > URI="#_3153031e-3921-4e61-83ca-752525c6aefb"><ds:Transforms> >> <ds:Transform >> > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";><ec: >> > InclusiveNamespaces >> > xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"; >> > PrefixList="soap"/></ds:Transform></ds:Transforms><ds:DigestMethod >> > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>Y/ >> > hkQi3Bvd6XGYlm6zKyDjQUkZw=</ds:DigestValue></ds:Reference><ds:Reference >> > URI="#_628c5544-bf83-4b31-bf4a-419dfb266522"><ds:Transforms> >> <ds:Transform >> > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";><ec: >> > InclusiveNamespaces >> > xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"; >> > PrefixList="soap"/></ds:Transform></ds:Transforms><ds:DigestMethod >> > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue> >> > f3e1YuCquzalH8kQJEoYvlgMSU0=</ds:DigestValue></ds:Reference> >> > </ds:SignedInfo><ds:SignatureValue>J3zheL823nWPjNYc+9CwyaJ8NpI+ >> > LhWwEZzltNhHUSbThCoLkWUZrVMj+oQLLAJNyNh2FgFcdKOQqbf3vvZjNFL >> > EVfIIT5VibdzcpLyFRenl8/qiwHdSiEidf3Vx5A++CQE8yl25885tBCKpycaWdswnXm1VVd >> > S8Aol7rcWh6ameDSOVBSk9etT9+LlXFczhYMwZjb1JE4iXgYlK8nSvOSvrpi >> eBOtTPE7JOoG1+ >> > 0dvQHVzElORPD+t/tuZ9Ki0UPAcJtBnSZLd9Om99YWpSUZ7gPioEOfTIBvblJiFgIE+0/ >> > Y9JrVywiS/Fhd2PgU2ePV7LcwvjPenJnpoPjZOGdA==</ds:SignatureVal >> ue><ds:KeyInfo >> > Id="KI-b0e4c9b7-caea-467a-b5a4-4fc390b6a7a4"><wsse:SecurityT >> okenReference >> > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis- >> > 200401-wss-wssecurity-secext-1.0.xsd" >> > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis- >> > 200401-wss-wssecurity-utility-1.0.xsd" >> > wsu:Id="STR-5c2602e9-59bf-4945-a2ab-dba3d11588ef"><wsse:KeyIdentifier >> > EncodingType="http://docs.oasis-open.org/wss/2004/01/ >> > oasis-200401-wss-soap-message-security-1.0#Base64Binary" >> > ValueType="http://docs.oasis-open.org/wss/2004/01/oasis- >> > 200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier"> >> > R4oMFsF5Ot7gb9ZYwttMvVyqT7g=</wsse:KeyIdentifier></wsse: >> > SecurityTokenReference></ds:KeyInfo></ds:Signature></wsse: >> > Security></soap:Header><soap:Body >> > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis- >> > 200401-wss-wssecurity-utility-1.0.xsd" >> > wsu:Id="_c799ff1f-4c19-4a27-87de-45462d4e5083"><xenc:EncryptedData >> > xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; >> > Id="ED-010cbc7e-c2d3-4ce0-a457-5935e7666d61" >> > Type="http://www.w3.org/2001/04/xmlenc#Content";><xenc:EncryptionMethod >> > Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/><ds:KeyInfo >> > xmlns:ds="http://www.w3.org/2000/09/xmldsig#";><wsse:Security >> TokenReference >> > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis- >> > 200401-wss-wssecurity-secext-1.0.xsd" >> > xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss- >> > wssecurity-secext-1.1.xsd" >> > wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss- >> > soap-message-security-1.1#EncryptedKey"><wsse:Reference >> > URI="#EK-1dc124a3-97ee-40ce-8fc8-4b7bdf996fea"/></wsse: >> > SecurityTokenReference></ds:KeyInfo><xenc:CipherData>< >> > xenc:CipherValue>tC0+IygVFLogc/sv6UC20AzOWtsAz/t6uQCkK5B+ >> > Q15Qjh4LppQGvliJq2Bwavgk8DOsUbzCjMfTdXkelsimQGjZ1O52H2TM7oDj >> > 3B2pP3cUbWKQUw+OcK4Wh5HuicLEXGh3kuogevY1UHdGYLp+ >> > UrByYhBwCB5UWrWVCjCYJWbITkdJlzHOqcfjN7gjqFSICyn4FABUUNqapKFm >> > yoVAGwsfJuzVRZXdUWRT1rPNGmW5gDPaqtq3LSqOlSq3PR9Zz8R4pNWsKD4S >> > lKdZB1WlIMEPrdablLc3XmbWGAFJIzzkhi/ItKnt/xCpzLZbL8ixJsgRFyaUtMBmF3U2fR/ >> > NMqbL2vwyIrbPglwKPz8uIFRSWf2S77BlnSjPnAv3by2nJ986aSYcyVaXaTPiPT8rkI5/ >> > 5qDjuM6FKlE1FKZNdPpvXpB6nYKygHmvePakZt2j7PcQKBlo/skKXnjWFA8uS+ >> > NZ3xn2uU8mZ8177OxAYXWptm8LDsDy5L7vkusxu5BYnuSkF+sNcd/ >> > tgmyZBt01KnjzuAWVllTxB6SsySThNzO2IfJrygsayF3YTPxEMtK9BYiYdRk >> > FtyuzcSb53WsES/W0JahpLrJpauIKhyPJ3H585Y/EUKYDAHsHE/ >> > ftD57y2daIV02nfMx4DEOM6JS8aByRMeEZUYih8+FmyEUCrENoYewAe22GU6WTQtSlDG4b >> > F9mGZsWyIeg0kMs2K4oCq8tpsZNFg4wOVoCEF/mq8N1j8LDuCWLWwmfqRU5buW+ >> > SyxfbC7dBepnlCvYK5FGlLr06OBs8H2gdeL9yRF1ufRCcVNXhD/ >> > kVtWmHqUHieKdJ7AKjVbZ2s1Jhd8UZxwV37Jb2kd7gio3uUS72vCHagV6ii7 >> > yx4xDtXds4MG0CnRdU59C/ZoqJw23MquSP+Yc7FuhbQp9nBn+xmNjdFBenZF8UfZAwKh4j/ >> > LKYjTiKCFJlFUCBp0MgdoFuwua7ryj9eQIHApaAE9KAd1SKewxO3mYcpDMRk >> > dOL+CA/iWYoo5faM0W8eLloNci+chXYLkwbZiAA9MxOyr328NmWjWIISV >> > ecC2nlj7ixAy/IFVNsgD1+Au1RQMT+bpuMu+mueU8pqHhMcEbVW3XPrraAyVzbKw/ >> > Y/E6GeCFuzqqshiS+kKY4</xenc:CipherValue></xenc:CipherData> >> > </xenc:EncryptedData></soap:Body></soap:Envelope> >> > >> > / >> > >> > It would be great if someone is able to put some light on it. >> > >> > Thanks. >> > Ratnakiran k. >> > >> > >> > >> > >> > >> > >> > -- >> > Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html >> > >> >> >> >> -- >> Colm O hEigeartaigh >> >> Talend Community Coder >> http://coders.talend.com >> > >
