Wayne, usually your application does not need to call "createBinarySecurityToken" at all. This is done by the "build" method of WSSignEnvelope if this is configured that way. You may use the various "setXxx" methods so WSSignEnvelope to configure it directly, examples can be found in the test/wssec package. Using this setXxx method with appropriate parameters you can control the type of security token to use, which SIgnature algorithm to use, etc.
Regards, Werner > -----Ursprüngliche Nachricht----- > Von: Wayne Richards [mailto:[EMAIL PROTECTED] > Gesendet: Mittwoch, 19. Oktober 2005 00:24 > An: Dittmann, Werner; [email protected] > Betreff: Re: AW: WSS4J standalone > > > Thanks for the reply. I tried putting a soap header on > the xml document. The problem is that when I did this > i could use the signing build to signe the document > this worked like a champ. I then used the x509Security > to create a BST and got back a null pointer error. > The project can use soap messages instead of plain xml > documents without an issue. I just cannot get the > security token to be inserted. > It seems that the document is not being accepted by > the createBinarySecurityToken method as a document. > Any help would be appreciated. > Wayne > > The enevelope > <?xml version="1.0" encoding="UTF-8"?> > <SOAP-ENV:Envelope > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> > <SOAP-ENV:Body> > <sayHello > xmlns="http://www.nationaldatanetwork.org/helloworld";> > <value xmlns=""> > Hello world! </value> > </sayHello> > </SOAP-ENV:Body> > </SOAP-ENV:Envelope> > > The signed envelope > <?xml version="1.0" encoding="UTF-8"?> > <SOAP-ENV:Envelope xmlns="" > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> > > <SOAP-ENV:Header xmlns="" > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> > > <wsse:Security SOAP-ENV:mustUnderstand="true" > SOAP-ENV:role="NDNGateway" xmlns="" > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040 > 1-wss-wssecurity-utility-1.0.xsd" > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> > <ds:Signature xmlns="" > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040 > 1-wss-wssecurity-utility-1.0.xsd" > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> > > <ds:SignedInfo xmlns="" > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040 > 1-wss-wssecurity-utility-1.0.xsd" > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> > > <ds:CanonicalizationMethod > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; > xmlns="" > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040 > 1-wss-wssecurity-utility-1.0.xsd" > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/> > > <ds:SignatureMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"; > xmlns="" > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040 > 1-wss-wssecurity-utility-1.0.xsd" > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/> > > <ds:Reference URI="#id-27136417" xmlns="" > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040 > 1-wss-wssecurity-utility-1.0.xsd" > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> > > <ds:Transforms xmlns="" > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040 > 1-wss-wssecurity-utility-1.0.xsd" > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> > > <ds:Transform > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; > xmlns="" > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040 > 1-wss-wssecurity-utility-1.0.xsd" > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/> > > </ds:Transforms> > > <ds:DigestMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; > xmlns="" > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040 > 1-wss-wssecurity-utility-1.0.xsd" > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"/> > > <ds:DigestValue xmlns="" > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040 > 1-wss-wssecurity-utility-1.0.xsd" > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> > SfU6hZ6oitaJYcmOUeVVDLjqJqc= </ds:DigestValue> > > </ds:Reference> > > </ds:SignedInfo> > > <ds:SignatureValue xmlns="" > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040 > 1-wss-wssecurity-utility-1.0.xsd" > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> > > qAe2RQnOCf+VzeoBQcHdBmZaO2sGYLpd2DqRcySxGRJj/vnhm5piY38aCKrP8B > 0Yd+nxHjhvd6uF > KIuo4pvmV23qPvOQEF/zYgZSpks7FPCKKbMr05b6zGfnob3XAQfH/FZON2qLdi > mNIvUmIfXslUpD > eqfPYQtwrre+gcA61eI= > </ds:SignatureValue> > > <ds:KeyInfo Id="KeyId-7446303" xmlns="" > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040 > 1-wss-wssecurity-utility-1.0.xsd" > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> > > <wsse:SecurityTokenReference > wsu:Id="STRId-25670279" xmlns="" > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040 > 1-wss-wssecurity-utility-1.0.xsd" > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401 > -wss-wssecurity-utility-1.0.xsd" > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> > <ds:X509IssuerSerial xmlns="" > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040 > 1-wss-wssecurity-utility-1.0.xsd" > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401 > -wss-wssecurity-utility-1.0.xsd" > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> > > <ds:X509IssuerName xmlns="" > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040 > 1-wss-wssecurity-utility-1.0.xsd" > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401 > -wss-wssecurity-utility-1.0.xsd" > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> > CN=IssueABSCA,DC=corp,DC=abs,DC=gov,DC=au > </ds:X509IssuerName> > > > <ds:X509SerialNumber xmlns="" > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040 > 1-wss-wssecurity-utility-1.0.xsd" > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401 > -wss-wssecurity-utility-1.0.xsd" > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> > 135127345292313318391872 </ds:X509SerialNumber> > > </ds:X509IssuerSerial> > </wsse:SecurityTokenReference> > > </ds:KeyInfo> > > </ds:Signature> > </wsse:Security> > </SOAP-ENV:Header> > <SOAP-ENV:Body wsu:Id="id-27136417" xmlns="" > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401 > -wss-wssecurity-utility-1.0.xsd" > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> > <sayHello > xmlns="http://www.nationaldatanetwork.org/helloworld"; > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401 > -wss-wssecurity-utility-1.0.xsd" > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> > <value xmlns="" > xmlns:SOAP-ENV="http://www.w3.org/2003/05/soap-envelope"; > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401 > -wss-wssecurity-utility-1.0.xsd" > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> > Hello world! </value> > </sayHello> > </SOAP-ENV:Body> > </SOAP-ENV:Envelope> > > > The code > Properties props = getPropsForCrypto(); > Crypto crypto = > CryptoFactory.getInstance(WSCrypto.class.getName(), > props); > //Set-up the WSSConfig > WSSConfig wsscon = WSSConfig.getNewInstance(); > wsscon.setTargetIdQualified(true); > wsscon.setWsseNS(WSConstants.WSU_NS_OASIS_1_0); > wsscon.setBSTValuesPrefixed(true); > wsscon.setTimestampLocation(1); > wsscon.setWsuNS(WSConstants.WSU_NS_OASIS_1_0); > > WSSignEnvelope signer = new WSSignEnvelope(wsscon, > "NDNGateway", true); > int keyid = signer.getKeyIdentifierType(); > signer.setActor("Gateway"); > signer.setMustUnderstand(true); > signer.setUseSingleCertificate(false); > signer.setKeyIdentifierType(keyid); > > signer.setUserInfo(props.getProperty(WSCrypto.PRIVATE_KEY_ALIAS), > props > .getProperty(WSCrypto.PRIVATE_KEY_PWD)); > Document signedDoc = null; > try { > signedDoc = signer.build(tempDoc, crypto); > } catch (WSSecurityException e) { > // TODO Auto-generated catch block > e.printStackTrace(); > } > System.out.println(seperator); > System.out.println(" "); > System.out.println("Signed SOAP Envelope"); > System.out.println(" "); > XMLUtils.PrettyDocumentToWriter(signedDoc, new > PrintWriter(System.out)); > Timestamp tS = new Timestamp(wsscon, tempDoc, > 10000); > Element tSElement = tS.getElement(); > String result0 = > BinarySecurity.getBase64EncodingValue(wsscon); > Element BST = > WSSecurityUtil.createBinarySecurityToken(signedDoc,"ID", > wsscon); > X509Security neSec = new X509Security(wsscon, > signedDoc); > try { > neSec.setX509Certificate(certificateChain[0]); > } catch (WSSecurityException e) { > // TODO Auto-generated catch block > e.printStackTrace(); > } > > > > > ____________________________________________________ > Do you Yahoo!? > Listen to over 20 online radio stations and watch the latest > music videos on Yahoo! Music. > http://au.launch.yahoo.com > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
