Laurent,
IMO this is a wrong SIgnature or similar. The .Net client
uses the WS-Address specfication to set up its request. Also
the .Net server expects a request with WS-Address elements.
There is a WS-Address implementation for Apache. Maybe you
can use this. Also some people on this list use it to
work with .Net servers / .Net clients.
Regards,
Werner
Laurent COLLET wrote:
> Hi,
>
> I work on testing interoperability between Java and .net WebServices. At
> present, my main problem is to sign request.
>
> My client can send a signed request to the server, but the server
> response with a soap error:
> :
> (snippet of the result on the client side)
> Erreur: WSE402: The message does not conform to the policy it was mapped to.
> AxisFault
> faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Client
> faultSubcode:
> faultString: WSE402: The message does not conform to the policy it was
> mapped to.
> faultActor: http://server04/ServiceSecurise/Service1.asmx
> faultNode:
> faultDetail:
> {http://xml.apache.org/axis/}stackTrace:WSE402: The message does not
> conform to the policy it was mapped to.
> at
> org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFaultBuilder.java:221)
> at
> org.apache.axis.message.SOAPFaultBuilder.endElement(SOAPFaultBuilder.java:128)
> at
> org.apache.axis.encoding.DeserializationContext.endElement(DeserializationContext.java:1087)
> at org.apache.xerces.parsers.AbstractSAXParser.endElement(Unknown
> Source)
> at
> org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanEndElement(Unknown
> Source)
> at
> org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(Unknown
> Source)
> at
> org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown
> Source)
> at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
> at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
> at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
> at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source)
> at org.apache.xerces.jaxp.SAXParserImpl$JAXPSAXParser.parse(Unknown
> Source)
> at javax.xml.parsers.SAXParser.parse(SAXParser.java:375)
> at
> org.apache.axis.encoding.DeserializationContext.parse(DeserializationContext.java:227)
> at org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:696)
> at org.apache.axis.Message.getSOAPEnvelope(Message.java:424)
> at
> org.apache.axis.message.addressing.handler.AddressingHandler.processClientResponse(AddressingHandler.java:300)
> at
> org.apache.axis.message.addressing.handler.AddressingHandler.invoke(AddressingHandler.java:110)
> at
> org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
> at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
> at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
> at org.apache.axis.client.AxisClient.invoke(AxisClient.java:190)
> at org.apache.axis.client.Call.invokeEngine(Call.java:2765)
> at org.apache.axis.client.Call.invoke(Call.java:2748)
> at org.apache.axis.client.Call.invoke(Call.java:2424)
> at org.apache.axis.client.Call.invoke(Call.java:2347)
> at org.apache.axis.client.Call.invoke(Call.java:1804)
> at
> wss.Service1Soap_BindingStub.helloWorld(Service1Soap_BindingStub.java:115)
> at ws.Main.main(Main.java:102)
>
> I checked all the certificate and the policy on the server is correct:
> I catch the xml message from the Java Client and from the .net Client.
> Here is the main difference between the 2 files:
>
>
> WSS4J CLIENT:
> ...
> - <#> <ds:Signature xmlns:ds="*http://www.w3.org/2000/09/xmldsig#*";>
> <ds:SignedInfo>
> <ds:CanonicalizationMethod
> Algorithm="*http://www.w3.org/2001/10/xml-exc-c14n#*"; />
> <ds:SignatureMethod
> Algorithm="*http://www.w3.org/2000/09/xmldsig#rsa-sha1*"; />
> - <#> <ds:Reference URI="*#id-20259687*">
> - <#> <ds:Transforms>
> <ds:Transform
> Algorithm="*http://www.w3.org/2001/10/xml-exc-c14n#*"; />
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="*http://www.w3.org/2000/09/xmldsig#sha1*"; />
> <ds:DigestValue>V9LIVl8g9d9u1dvhWrcUwXHJu/8=</ds:DigestValue>
> </ds:Reference>
> </ds:SignedInfo>
>
> <ds:SignatureValue>VDg9rKbO2cGkoMvmaHNxL5bnLki+A41AsiPd3PZakFtic3XLmrQ42jiwFufqkJXkZDubzPzQCyTM
> OBI5De6Ub+mK81c6BsO6qrKiJjLP+tZuSPMjqwwFjxE06qnCoLlqhgewJ7MIaO+EvertTffiFgSl
> xMAZNsL9XoMWGX7bSbU=</ds:SignatureValue>
> - <#> <ds:KeyInfo Id="*KeyId-14625088*">
> - <#> <wsse:SecurityTokenReference
> xmlns:wsu="*http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd*";
> wsu:Id="*STRId-22908277*">
> <wsse:Reference URI="*#CertId-14080341*"
> ValueType="*http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3*";
> />
> </wsse:SecurityTokenReference>
> </ds:KeyInfo>
> </ds:Signature>
> </wsse:Security>
> ...
>
>
> .NET CLIENT
> ...
> <<Signature xmlns="*http://www.w3.org/2000/09/xmldsig#*";>
> - <#> <SignedInfo>
> <ds:CanonicalizationMethod
> Algorithm="*http://www.w3.org/2001/10/xml-exc-c14n#*";
> xmlns:ds="*http://www.w3.org/2000/09/xmldsig#*"; />
> <SignatureMethod
> Algorithm="*http://www.w3.org/2000/09/xmldsig#rsa-sha1*"; />
> - <#> <Reference URI="*#Id-8c11c53d-dd74-44c3-9cec-e76163be1c44*">
> - <#> <Transforms>
> <Transform
> Algorithm="*http://www.w3.org/2001/10/xml-exc-c14n#*"; />
> </Transforms>
> <DigestMethod
> Algorithm="*http://www.w3.org/2000/09/xmldsig#sha1*"; />
> <DigestValue>v4Te1liHeznwsXqfYThWz4/oGY8=</DigestValue>
> </Reference>
> - <#> <Reference URI="*#Id-d5c91450-9be5-4c20-a11e-ad4dbfa9b6df*">
> - <#> <Transforms>
> <Transform
> Algorithm="*http://www.w3.org/2001/10/xml-exc-c14n#*"; />
> </Transforms>
> <DigestMethod
> Algorithm="*http://www.w3.org/2000/09/xmldsig#sha1*"; />
> <DigestValue>t9W3z0PflXfGh/dhTekRC/32PqM=</DigestValue>
> </Reference>
> - <#> <Reference URI="*#Id-86fd872f-fcf8-4874-9649-c424546078f1*">
> - <#> <Transforms>
> <Transform
> Algorithm="*http://www.w3.org/2001/10/xml-exc-c14n#*"; />
> </Transforms>
> <DigestMethod
> Algorithm="*http://www.w3.org/2000/09/xmldsig#sha1*"; />
> <DigestValue>bX3Xibb7JA1TAAZFLjxwwWAxJus=</DigestValue>
> </Reference>
> - <#> <Reference URI="*#Id-d2416533-130a-48f0-99d7-9d93acd664f9*">
> - <#> <Transforms>
> <Transform
> Algorithm="*http://www.w3.org/2001/10/xml-exc-c14n#*"; />
> </Transforms>
> <DigestMethod
> Algorithm="*http://www.w3.org/2000/09/xmldsig#sha1*"; />
> <DigestValue>xApDHcXdNXowrCxORsCYZbIKiLs=</DigestValue>
> </Reference>
> - <#> <Reference
> URI="*#Timestamp-7d5835ff-7a51-4fab-9cd9-a5f4edcf4496*">
> - <#> <Transforms>
> <Transform
> Algorithm="*http://www.w3.org/2001/10/xml-exc-c14n#*"; />
> </Transforms>
> <DigestMethod
> Algorithm="*http://www.w3.org/2000/09/xmldsig#sha1*"; />
> <DigestValue>w22vEmgmXpdiNBkZXtZRj1Yp2Zk=</DigestValue>
> </Reference>
> - <#> <Reference URI="*#Id-59bb037e-d745-4d0d-90f3-9414e74d7954*">
> - <#> <Transforms>
> <Transform
> Algorithm="*http://www.w3.org/2001/10/xml-exc-c14n#*"; />
> </Transforms>
> <DigestMethod
> Algorithm="*http://www.w3.org/2000/09/xmldsig#sha1*"; />
> <DigestValue>WghIsez5aKicT4HXUSDFq+YkTUA=</DigestValue>
> </Reference>
> </SignedInfo>
> ...
>
>
> As you can see there is much more reference on the .NET CLIENT.
>
> My questions:
> - Do you think that the error message come from this lack of reference?
> - How is it possible to change the configuration of my Java Client to
> make possible the interop?
>
>
> Here is my WSDD file:
> <?xml version="1.0" encoding="UTF-8"?>
> <deployment xmlns="http://xml.apache.org/axis/wsdd/";
> xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";>
> <transport name="http"
> pivot="java:org.apache.axis.transport.http.HTTPSender"/>
> <globalConfiguration>
> <requestFlow>
> <!-- ADDRESSING -->
> <handler
> type="java:org.apache.axis.message.addressing.handler.AddressingHandler"/>
> <!-- SECURITY -->
> <handler type="java:org.apache.ws.axis.security.WSDoAllSender">
> <parameter name="action" value="Signature" />
> <parameter name="user"
> value="dbfc1bde493de4894975e09e5c6247e3_435e19e1-be28-4dd4-817c-f1e0c5bbc233"
> />
> <parameter name="passwordCallbackClass"
> value="ws.PWCallback" />
> <parameter name="signaturePropFile"
> value="crypto.properties" />
> <parameter name="signatureKeyIdentifier"
> value="DirectReference" />
> </handler>
> <handler
> type="java:org.apache.ws.axis.security.WSDoAllSender"><!-- OK -->
> <parameter name="action" value="UsernameToken Timestamp" />
> <parameter name="user" value="login" />
> <parameter name="passwordCallbackClass"
> value="ws.PWCallback" />
> <parameter name="passwordType" value="PasswordText"
> /><!-- PasswordDigest -->
> <parameter name="addUTElements" value="Nonce Created" />
> </handler>
> </requestFlow>
> <responseFlow>
> <handler
> type="java:org.apache.axis.message.addressing.handler.AddressingHandler"/>
> </responseFlow>
> </globalConfiguration>
> </deployment>
>
> Thanks for your help.
>
> Regards,
> Laurent
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
