Hi,
The call is being made over https so I cannot use tcpmon but I can call
the web service without using the wsdd file because I manually build the
request and this is what I get as the response:
<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
xmlns:xsd="http://www.w3.org/2001/XMLSchema";
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing";
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>
<soap:Header>
<wsa:Action
wsu:Id="Id-21fd0749-6ea4-4202-bfcd-b30421743850">http://www.show.scot.nhs.uk/isd/ECS/SearchResponse</wsa:Action>
<wsa:MessageID
wsu:Id="Id-c3c28513-7f90-41a0-bbe0-340642d9a6cb">uuid:f1814348-04b0-445f-b0cd-a0f66ace75c0</wsa:MessageID>
<wsa:RelatesTo
wsu:Id="Id-1db9ae71-1f27-43da-9261-7c4c0448609a">uuid:476a39a1-3dcb-47d3-8aeb-b44c9752c116</wsa:RelatesTo>
<wsa:To
wsu:Id="Id-66893a9a-b348-4bb1-88c5-bc7c145f8223">http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous</wsa:To>
<wsse:Security soap:mustUnderstand="1">
<wsu:Timestamp
wsu:Id="Timestamp-d406a2ef-f4f9-466a-8379-95e005d79e70">
<wsu:Created>2006-03-13T17:35:32Z</wsu:Created>
<wsu:Expires>2006-03-13T17:40:32Z</wsu:Expires>
</wsu:Timestamp>
<wsse:BinarySecurityToken
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
wsu:Id="SecurityToken-c0d859ef-f74c-462d-9cac-471e437ff143">MIIBszCCAV2gAwIBAgIQpoIcliQUa65MsOd0gqyiHzANBgkqhkiG9w0BAQQFADAWMRQwEgYDVQQDEwtSb290IEFnZW5jeTAeFw0wNjAyMTcxMjM4MTJaFw0zOTEyMzEyMzU5NTlaMA4xDDAKBgNVBAMTA0VDUzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEA5sayxyR5tccKy7jY5T7LJk2wDFPY6iE3+eh9ong3vRx8gn6ZHkuESsix+4EUHQAJhEbFE+VWkMw4Hc7//8ZtOvxORVYuRJAkdUNqIdT12qQxT0s45GsAOK3XT4oJWAnwacbRPX5zhZSr4654PIYnkhBlV8WWKtMtPa7Od/bbYFECAwEAAaNLMEkwRwYDVR0BBEAwPoAQEuQJLQYdHU8AjWEh3BZkY6EYMBYxFDASBgNVBAMTC1Jvb3QgQWdlbmN5ghAGN2wAqgBkihHPuNSqXDX0MA0GCSqGSIb3DQEBBAUAA0EAHynkAJSCfMYS0cTHIiZjV91Z2kVMZHEztX1Pdh+I/a3zMALpIIOGMMM204VTowHjQsXX4PCMwGTsTMFdSeDp1g==</wsse:BinarySecurityToken>
<xenc:EncryptedKey
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";>
<xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
<KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";>
<wsse:SecurityTokenReference>
<wsse:KeyIdentifier
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier";
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";>bd8816b2gdUY7RzjVl7aJFe0KH8=</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>W5bQLa6W9BmPNbJeGuWIMx8y492OJzwOdNfN09tSfYfEVXnyXQ0WCyKCdUCGmZOs95JgZfq8Lu4Uf1I0/QyeSl0+wJe3qiWqFI6kbh6TnkhS8wJ4VBSGo4EojDCYKCbEXRtpDJDt8qVNyG4AHIq2A0W5oBGUvN0zLohk+tC7G10=</xenc:CipherValue>
</xenc:CipherData>
<xenc:ReferenceList>
<xenc:DataReference
URI="#EncryptedContent-a2ffa426-e9bb-4c64-8ddb-13d6511f00be"/>
</xenc:ReferenceList>
</xenc:EncryptedKey>
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#";>
<SignedInfo>
<CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/>
<SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<Reference
URI="#Id-21fd0749-6ea4-4202-bfcd-b30421743850">
<Transforms>
<Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>oNlhRScjETWgVbSQVpJsRFZwXXY=</DigestValue>
</Reference>
<Reference
URI="#Id-c3c28513-7f90-41a0-bbe0-340642d9a6cb">
<Transforms>
<Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>zIQe5mG6f0x1RDM/tJD0qTIVmto=</DigestValue>
</Reference>
<Reference
URI="#Id-1db9ae71-1f27-43da-9261-7c4c0448609a">
<Transforms>
<Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>udt0KTivv0W6jdVRY65Os30gBvI=</DigestValue>
</Reference>
<Reference
URI="#Id-66893a9a-b348-4bb1-88c5-bc7c145f8223">
<Transforms>
<Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>KhDzpyG7a3rwQCigUHmfiIR+2wE=</DigestValue>
</Reference>
<Reference
URI="#Timestamp-d406a2ef-f4f9-466a-8379-95e005d79e70">
<Transforms>
<Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>LL6D0OQKNkcIARIo94ci9CJsFNg=</DigestValue>
</Reference>
<Reference
URI="#Id-a0e4971a-b6a7-4578-863e-e131a8d7dc16">
<Transforms>
<Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</Transforms>
<DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<DigestValue>hiJNfb/rt2Nx5z+ngPyHfCq9bpc=</DigestValue>
</Reference>
</SignedInfo>
<SignatureValue>pgVeW5LNVlDgQlInWGCwlpEtt7NkgqbnZ8JI9AqQSVZais3GDlGpu4ClvYJp0G5DNu4ZV1AEl4Qz3GTt556Fijlk2Qj6Vw3ZMQUyaLc9U7UwhMAw3Ifs8YE6LNUBOyJaF/pQrT5lX1mC1aaNVI9WpvLKLhv9NuTnLp05CUcoWaM=</SignatureValue>
<KeyInfo>
<wsse:SecurityTokenReference>
<wsse:Reference
URI="#SecurityToken-c0d859ef-f74c-462d-9cac-471e437ff143"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</KeyInfo>
</Signature>
</wsse:Security>
</soap:Header>
<soap:Body wsu:Id="Id-a0e4971a-b6a7-4578-863e-e131a8d7dc16">
<xenc:EncryptedData
Id="EncryptedContent-a2ffa426-e9bb-4c64-8ddb-13d6511f00be"
Type="http://www.w3.org/2001/04/xmlenc#Content";
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";>
<xenc:EncryptionMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
<xenc:CipherData>
<xenc:CipherValue>kEBEI0fZGSXKPJdv3snTg2/rCaGO0Rz7LOJ3nfHRMXbGEyX52byMIwOdMaYySlcr86jeaYckub45EJFa6DFNNbOCj2dvFJyiH9Izl4aW7ch1wAgJ2VSJNpK/6tgA88eP3sQsMz+OoBMGhq8xwv/pMU491oR1JdWDNEMl6LllzFf6GI15HElV5JVzZbyadcdl89TMVVwPKeC0TPAOT4LMpNs2cKhn7+EM1Ml/Jp4/eR4QBALOTs2zpz5jyzXxB267O2SycOoLD5E7+/z/4k3aUUuPzvVtGKiU2eYiZ1FToCaG5zsq2xxbgsDRJiSGTs317LfwDgISzE8HwICcZHfcxzHrRwT5Ri882JKaT7DIoBP5c4u3GunR2osVic4yaPlA0iedN1qDQ6XzPwQMEfemYOFwkt3c1nTvMBqthR5a/l1KhDo4bvly33fEcsKa1xmfkARfUnJBHgnKXaHCe7M4Cyok9/qlghGVhbbc+LVflDg7Xdgv+Oshm4Wv02vgMAa/S4Aex/AR3wkjCLnDYjcMBRdddUL9qdhY1tfEJH9MQg+f/cyNg+RfsIjtdHVppuTvBN4+7kYeB7hRl47TC5w5OiSqjIwKxwzl09VLAFRytSvZgLFYTCURncU5CL7jkbnP7D1NIEz4ddyz+0Nuh79gxbxUSPU/qjZKW6BVYqSDNfqEEVx6Mfa8ig9WDGuFHMcHqUOmqU8aOGjLToRAKEzGhKAaRa1ir07ESNGfURFrXKLddK72/4Im9iMXouB0sIYwr/z1L1cR7eaGvzzIZHTSsxrbTRlGURhoHRK7Xi+sYOUvaADJHhkPKFSfmJyrgbN4NjHJJ2jHED4nFmqa++8Yp7VaOruMxjWnwsIGCutCQ2wuOC1lnYDox6/ungTW3Yno6a3I0VWQCQ9DyMLL53m1MUSYdXlbU3Xz7Qp/T39cQC5pnPGFDdVJ1SWtDrm+ix+q</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedData>
</soap:Body>
</soap:Envelope>
Thanks
Dittmann, Werner wrote:
Barry,
if there is no UsernameToken in the message then the receiver
does not handle it. Because the receiver triggers on a UsernameToken
there is one in the response message. Can you record the response,
e.g. via TCPMON and send it.
Regards,
Werner
-----Ursprüngliche Nachricht-----
Von: Barry McGann [mailto:[EMAIL PROTECTED]
Gesendet: Montag, 13. März 2006 17:23
An: [email protected]
Betreff: re: UsernameToken issue
Hi,
I am having a problem with the response that I get back from
a .NET web
service. I can successfully call the service adding a UsernameToken,
Encrypting the body and signing the message but the response
I get back
fails with :
- Using Crypto Engine
[org.apache.ws.security.components.crypto.Merlin]
- Verification successful for URI "#id-886220"
{http://xml.apache.org/axis/}stackTrace:java.lang.NullPointerException
at
org.apache.ws.security.message.token.UsernameToken.<init>
;(UsernameToken.java:110)
at org.apache.ws.security.WSSecurityEngine.handleUsernameToken
at
org.apache.ws.security.WSSecurityEngine.handleUsernameToken(WS
SecurityEngine.java:832)
at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(
WSSecurityEngine.java:379)
at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(
WSSecurityEngine.java:259)
at
org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllRece
iver.java:183)
...........
Here is the wsdd file I am using:
<deployment xmlns="http://xml.apache.org/axis/wsdd/";
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";>
<transport name="http"
pivot="java:org.apache.axis.transport.http.HTTPSender"/>
<globalConfiguration >
<requestFlow >
<handler name="EcsResponseHandler"
type="java:ict.ecs.EcsResponseHandler" >
</handler>
<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="passwordCallbackClass"
value="ict.ecs.PWCallback"/>
<parameter name="action" value="Encrypt Timestamp Signature"/>
<parameter name="decryptionPropFile" value="key.properties" />
<parameter name="signaturePropFile" value="key.properties" />
<parameter name="encryptionKeyIdentifier"
value="DirectReference" />
<parameter name="signatureKeyIdentifier"
value="DirectReference" />
</handler>
</requestFlow >
</globalConfiguration >
</deployment>
I build the outgoing message manually.
I can see that the digital signature is verified successfully
but how do
I setup the wsdd file to ignore the fact that no
UsernameToken is being
passed back in the response?
Any help is appreciated.
Thanks
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
