Sorry - small typo:
IMO this is _not_ a wrong Signature or similar. ...
Werner
Werner Dittmann wrote:
> Laurent,
>
> IMO this is a wrong SIgnature or similar. The .Net client
> uses the WS-Address specfication to set up its request. Also
> the .Net server expects a request with WS-Address elements.
>
> There is a WS-Address implementation for Apache. Maybe you
> can use this. Also some people on this list use it to
> work with .Net servers / .Net clients.
>
> Regards,
> Werner
>
> Laurent COLLET wrote:
>
>>Hi,
>>
>>I work on testing interoperability between Java and .net WebServices. At
>>present, my main problem is to sign request.
>>
>>My client can send a signed request to the server, but the server
>>response with a soap error:
>>:
>>(snippet of the result on the client side)
>>Erreur: WSE402: The message does not conform to the policy it was mapped to.
>>AxisFault
>> faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Client
>> faultSubcode:
>> faultString: WSE402: The message does not conform to the policy it was
>>mapped to.
>> faultActor: http://server04/ServiceSecurise/Service1.asmx
>> faultNode:
>> faultDetail:
>> {http://xml.apache.org/axis/}stackTrace:WSE402: The message does not
>>conform to the policy it was mapped to.
>> at
>>org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFaultBuilder.java:221)
>> at
>>org.apache.axis.message.SOAPFaultBuilder.endElement(SOAPFaultBuilder.java:128)
>> at
>>org.apache.axis.encoding.DeserializationContext.endElement(DeserializationContext.java:1087)
>> at org.apache.xerces.parsers.AbstractSAXParser.endElement(Unknown
>>Source)
>> at
>>org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanEndElement(Unknown
>>Source)
>> at
>>org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(Unknown
>>Source)
>> at
>>org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown
>>Source)
>> at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
>> at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
>> at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
>> at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source)
>> at org.apache.xerces.jaxp.SAXParserImpl$JAXPSAXParser.parse(Unknown
>>Source)
>> at javax.xml.parsers.SAXParser.parse(SAXParser.java:375)
>> at
>>org.apache.axis.encoding.DeserializationContext.parse(DeserializationContext.java:227)
>> at org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:696)
>> at org.apache.axis.Message.getSOAPEnvelope(Message.java:424)
>> at
>>org.apache.axis.message.addressing.handler.AddressingHandler.processClientResponse(AddressingHandler.java:300)
>> at
>>org.apache.axis.message.addressing.handler.AddressingHandler.invoke(AddressingHandler.java:110)
>> at
>>org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
>> at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
>> at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
>> at org.apache.axis.client.AxisClient.invoke(AxisClient.java:190)
>> at org.apache.axis.client.Call.invokeEngine(Call.java:2765)
>> at org.apache.axis.client.Call.invoke(Call.java:2748)
>> at org.apache.axis.client.Call.invoke(Call.java:2424)
>> at org.apache.axis.client.Call.invoke(Call.java:2347)
>> at org.apache.axis.client.Call.invoke(Call.java:1804)
>> at
>>wss.Service1Soap_BindingStub.helloWorld(Service1Soap_BindingStub.java:115)
>> at ws.Main.main(Main.java:102)
>>
>>I checked all the certificate and the policy on the server is correct:
>>I catch the xml message from the Java Client and from the .net Client.
>>Here is the main difference between the 2 files:
>>
>>
>>WSS4J CLIENT:
>>...
>>- <#> <ds:Signature xmlns:ds="*http://www.w3.org/2000/09/xmldsig#*";>
>><ds:SignedInfo>
>> <ds:CanonicalizationMethod
>>Algorithm="*http://www.w3.org/2001/10/xml-exc-c14n#*"; />
>> <ds:SignatureMethod
>>Algorithm="*http://www.w3.org/2000/09/xmldsig#rsa-sha1*"; />
>>- <#> <ds:Reference URI="*#id-20259687*">
>>- <#> <ds:Transforms>
>> <ds:Transform
>>Algorithm="*http://www.w3.org/2001/10/xml-exc-c14n#*"; />
>> </ds:Transforms>
>> <ds:DigestMethod
>>Algorithm="*http://www.w3.org/2000/09/xmldsig#sha1*"; />
>> <ds:DigestValue>V9LIVl8g9d9u1dvhWrcUwXHJu/8=</ds:DigestValue>
>> </ds:Reference>
>> </ds:SignedInfo>
>>
>><ds:SignatureValue>VDg9rKbO2cGkoMvmaHNxL5bnLki+A41AsiPd3PZakFtic3XLmrQ42jiwFufqkJXkZDubzPzQCyTM
>>OBI5De6Ub+mK81c6BsO6qrKiJjLP+tZuSPMjqwwFjxE06qnCoLlqhgewJ7MIaO+EvertTffiFgSl
>>xMAZNsL9XoMWGX7bSbU=</ds:SignatureValue>
>>- <#> <ds:KeyInfo Id="*KeyId-14625088*">
>>- <#> <wsse:SecurityTokenReference
>>xmlns:wsu="*http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd*";
>>wsu:Id="*STRId-22908277*">
>> <wsse:Reference URI="*#CertId-14080341*"
>>ValueType="*http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3*";
>>/>
>> </wsse:SecurityTokenReference>
>> </ds:KeyInfo>
>> </ds:Signature>
>></wsse:Security>
>>...
>>
>>
>>.NET CLIENT
>>...
>><<Signature xmlns="*http://www.w3.org/2000/09/xmldsig#*";>
>>- <#> <SignedInfo>
>> <ds:CanonicalizationMethod
>>Algorithm="*http://www.w3.org/2001/10/xml-exc-c14n#*";
>>xmlns:ds="*http://www.w3.org/2000/09/xmldsig#*"; />
>> <SignatureMethod
>>Algorithm="*http://www.w3.org/2000/09/xmldsig#rsa-sha1*"; />
>>- <#> <Reference URI="*#Id-8c11c53d-dd74-44c3-9cec-e76163be1c44*">
>>- <#> <Transforms>
>> <Transform
>>Algorithm="*http://www.w3.org/2001/10/xml-exc-c14n#*"; />
>> </Transforms>
>> <DigestMethod
>>Algorithm="*http://www.w3.org/2000/09/xmldsig#sha1*"; />
>> <DigestValue>v4Te1liHeznwsXqfYThWz4/oGY8=</DigestValue>
>> </Reference>
>>- <#> <Reference URI="*#Id-d5c91450-9be5-4c20-a11e-ad4dbfa9b6df*">
>>- <#> <Transforms>
>> <Transform
>>Algorithm="*http://www.w3.org/2001/10/xml-exc-c14n#*"; />
>> </Transforms>
>> <DigestMethod
>>Algorithm="*http://www.w3.org/2000/09/xmldsig#sha1*"; />
>> <DigestValue>t9W3z0PflXfGh/dhTekRC/32PqM=</DigestValue>
>> </Reference>
>>- <#> <Reference URI="*#Id-86fd872f-fcf8-4874-9649-c424546078f1*">
>>- <#> <Transforms>
>> <Transform
>>Algorithm="*http://www.w3.org/2001/10/xml-exc-c14n#*"; />
>> </Transforms>
>> <DigestMethod
>>Algorithm="*http://www.w3.org/2000/09/xmldsig#sha1*"; />
>> <DigestValue>bX3Xibb7JA1TAAZFLjxwwWAxJus=</DigestValue>
>> </Reference>
>>- <#> <Reference URI="*#Id-d2416533-130a-48f0-99d7-9d93acd664f9*">
>>- <#> <Transforms>
>> <Transform
>>Algorithm="*http://www.w3.org/2001/10/xml-exc-c14n#*"; />
>> </Transforms>
>> <DigestMethod
>>Algorithm="*http://www.w3.org/2000/09/xmldsig#sha1*"; />
>> <DigestValue>xApDHcXdNXowrCxORsCYZbIKiLs=</DigestValue>
>> </Reference>
>>- <#> <Reference
>>URI="*#Timestamp-7d5835ff-7a51-4fab-9cd9-a5f4edcf4496*">
>>- <#> <Transforms>
>> <Transform
>>Algorithm="*http://www.w3.org/2001/10/xml-exc-c14n#*"; />
>> </Transforms>
>> <DigestMethod
>>Algorithm="*http://www.w3.org/2000/09/xmldsig#sha1*"; />
>> <DigestValue>w22vEmgmXpdiNBkZXtZRj1Yp2Zk=</DigestValue>
>> </Reference>
>>- <#> <Reference URI="*#Id-59bb037e-d745-4d0d-90f3-9414e74d7954*">
>>- <#> <Transforms>
>> <Transform
>>Algorithm="*http://www.w3.org/2001/10/xml-exc-c14n#*"; />
>> </Transforms>
>> <DigestMethod
>>Algorithm="*http://www.w3.org/2000/09/xmldsig#sha1*"; />
>> <DigestValue>WghIsez5aKicT4HXUSDFq+YkTUA=</DigestValue>
>> </Reference>
>></SignedInfo>
>> ...
>>
>>
>>As you can see there is much more reference on the .NET CLIENT.
>>
>>My questions:
>>- Do you think that the error message come from this lack of reference?
>>- How is it possible to change the configuration of my Java Client to
>>make possible the interop?
>>
>>
>>Here is my WSDD file:
>><?xml version="1.0" encoding="UTF-8"?>
>><deployment xmlns="http://xml.apache.org/axis/wsdd/";
>>xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";>
>> <transport name="http"
>>pivot="java:org.apache.axis.transport.http.HTTPSender"/>
>> <globalConfiguration>
>> <requestFlow>
>><!-- ADDRESSING -->
>> <handler
>>type="java:org.apache.axis.message.addressing.handler.AddressingHandler"/>
>><!-- SECURITY -->
>> <handler type="java:org.apache.ws.axis.security.WSDoAllSender">
>> <parameter name="action" value="Signature" />
>> <parameter name="user"
>>value="dbfc1bde493de4894975e09e5c6247e3_435e19e1-be28-4dd4-817c-f1e0c5bbc233"
>>/>
>> <parameter name="passwordCallbackClass"
>>value="ws.PWCallback" />
>> <parameter name="signaturePropFile"
>>value="crypto.properties" />
>> <parameter name="signatureKeyIdentifier"
>>value="DirectReference" />
>> </handler>
>> <handler
>>type="java:org.apache.ws.axis.security.WSDoAllSender"><!-- OK -->
>> <parameter name="action" value="UsernameToken Timestamp" />
>> <parameter name="user" value="login" />
>> <parameter name="passwordCallbackClass"
>>value="ws.PWCallback" />
>> <parameter name="passwordType" value="PasswordText"
>>/><!-- PasswordDigest -->
>> <parameter name="addUTElements" value="Nonce Created" />
>> </handler>
>> </requestFlow>
>> <responseFlow>
>> <handler
>>type="java:org.apache.axis.message.addressing.handler.AddressingHandler"/>
>> </responseFlow>
>> </globalConfiguration>
>></deployment>
>>
>>Thanks for your help.
>>
>>Regards,
>>Laurent
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
