Re: AW: WSS4J standalone

Wayne Richards Tue, 18 Oct 2005 20:22:19 -0700

Thanks for the reply. I tried putting a soap header on
the xml document. The problem is that when I did this
i could use the signing build to signe the document
this worked like a champ. I then used the x509Security
to create a BST and got back a null pointer error.
The project can use soap messages instead of plain xml
documents without an issue. I just cannot get the
security token to be inserted.
It seems that the document is not being accepted by
the createBinarySecurityToken method as a document.
Any help would be appreciated.
Wayne


The enevelope
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
    <SOAP-ENV:Body>
        <sayHello
xmlns="http://www.nationaldatanetwork.org/helloworld";>
            <value xmlns="">
Hello world!   </value>
        </sayHello>
    </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

The signed envelope
<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope xmlns=""
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>

 <SOAP-ENV:Header xmlns=""
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>

  <wsse:Security SOAP-ENV:mustUnderstand="true"
SOAP-ENV:role="NDNGateway" xmlns=""
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
   <ds:Signature xmlns=""
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>

    <ds:SignedInfo xmlns=""
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>

     <ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";
xmlns=""
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>

     <ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1";
xmlns=""
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>

     <ds:Reference URI="#id-27136417" xmlns=""
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>

      <ds:Transforms xmlns=""
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>

       <ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";
xmlns=""
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>

      </ds:Transforms>

      <ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1";
xmlns=""
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/>

      <ds:DigestValue xmlns=""
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
SfU6hZ6oitaJYcmOUeVVDLjqJqc=      </ds:DigestValue>

     </ds:Reference>

    </ds:SignedInfo>

    <ds:SignatureValue xmlns=""
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>

qAe2RQnOCf+VzeoBQcHdBmZaO2sGYLpd2DqRcySxGRJj/vnhm5piY38aCKrP8B0Yd+nxHjhvd6uF
KIuo4pvmV23qPvOQEF/zYgZSpks7FPCKKbMr05b6zGfnob3XAQfH/FZON2qLdimNIvUmIfXslUpD
eqfPYQtwrre+gcA61eI=
    </ds:SignatureValue>

    <ds:KeyInfo Id="KeyId-7446303" xmlns=""
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>

     <wsse:SecurityTokenReference
wsu:Id="STRId-25670279" xmlns=""
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
      <ds:X509IssuerSerial xmlns=""
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>

       <ds:X509IssuerName xmlns=""
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
CN=IssueABSCA,DC=corp,DC=abs,DC=gov,DC=au      
</ds:X509IssuerName>


       <ds:X509SerialNumber xmlns=""
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
135127345292313318391872       </ds:X509SerialNumber>

      </ds:X509IssuerSerial>
     </wsse:SecurityTokenReference>

    </ds:KeyInfo>

   </ds:Signature>
  </wsse:Security>
 </SOAP-ENV:Header>
    <SOAP-ENV:Body wsu:Id="id-27136417" xmlns=""
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
        <sayHello
xmlns="http://www.nationaldatanetwork.org/helloworld";
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
            <value xmlns=""
xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";>
Hello world!   </value>
        </sayHello>
    </SOAP-ENV:Body>
</SOAP-ENV:Envelope>


The code
                Properties props = getPropsForCrypto();
                Crypto crypto =
CryptoFactory.getInstance(WSCrypto.class.getName(),
                                props);
                //Set-up the WSSConfig 
                WSSConfig wsscon = WSSConfig.getNewInstance();
                wsscon.setTargetIdQualified(true);
                wsscon.setWsseNS(WSConstants.WSU_NS_OASIS_1_0);
                wsscon.setBSTValuesPrefixed(true);
                wsscon.setTimestampLocation(1);
                wsscon.setWsuNS(WSConstants.WSU_NS_OASIS_1_0);

                WSSignEnvelope signer = new WSSignEnvelope(wsscon,
"NDNGateway", true);
                int keyid = signer.getKeyIdentifierType();
                signer.setActor("Gateway");
                signer.setMustUnderstand(true);
                signer.setUseSingleCertificate(false);
                signer.setKeyIdentifierType(keyid);
        
signer.setUserInfo(props.getProperty(WSCrypto.PRIVATE_KEY_ALIAS),
props
                                .getProperty(WSCrypto.PRIVATE_KEY_PWD));
                Document signedDoc = null;
                try {
                        signedDoc = signer.build(tempDoc, crypto);
                } catch (WSSecurityException e) {
                        // TODO Auto-generated catch block
                        e.printStackTrace();
                }
                System.out.println(seperator);
                System.out.println("   ");
                System.out.println("Signed SOAP Envelope");
                System.out.println("   ");
                XMLUtils.PrettyDocumentToWriter(signedDoc, new
PrintWriter(System.out));
                Timestamp tS = new Timestamp(wsscon, tempDoc,
10000);
                Element tSElement = tS.getElement();
                String result0 =
BinarySecurity.getBase64EncodingValue(wsscon);
                Element BST =
WSSecurityUtil.createBinarySecurityToken(signedDoc,"ID",
wsscon);
                X509Security neSec = new X509Security(wsscon,
signedDoc);
                try {
                        neSec.setX509Certificate(certificateChain[0]);
                } catch (WSSecurityException e) {
                        // TODO Auto-generated catch block
                        e.printStackTrace();
                }



                
____________________________________________________ 
Do you Yahoo!? 
Listen to over 20 online radio stations and watch the latest music videos on 
Yahoo! Music.
http://au.launch.yahoo.com

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: AW: WSS4J standalone

Reply via email to