Barry, does this response triggers the NPE as you reported? I don't see a UsernameToken in this message.
Regards, Werner > -----Ursprüngliche Nachricht----- > Von: Barry McGann [mailto:[EMAIL PROTECTED] > Gesendet: Montag, 13. März 2006 18:38 > An: Dittmann, Werner > Cc: [email protected] > Betreff: Re: AW: UsernameToken issue > > Hi, > > The call is being made over https so I cannot use tcpmon but > I can call > the web service without using the wsdd file because I > manually build the > request and this is what I get as the response: > > <?xml version="1.0" encoding="utf-8"?> > <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"; > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; > xmlns:xsd="http://www.w3.org/2001/XMLSchema"; > xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"; > xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-20040 1-wss-wssecurity-secext-1.0.xsd" > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401 > -wss-wssecurity-utility-1.0.xsd"> > <soap:Header> > <wsa:Action > wsu:Id="Id-21fd0749-6ea4-4202-bfcd-b30421743850">http://www.sh ow.scot.nhs.uk/isd/ECS/SearchResponse</wsa:Action> > <wsa:MessageID > wsu:Id="Id-c3c28513-7f90-41a0-bbe0-340642d9a6cb">uuid:f1814348 -04b0-445f-b0cd-a0f66ace75c0</wsa:MessageID> > <wsa:RelatesTo > wsu:Id="Id-1db9ae71-1f27-43da-9261-7c4c0448609a">uuid:476a39a1 -3dcb-47d3-8aeb-b44c9752c116</wsa:RelatesTo> > <wsa:To > wsu:Id="Id-66893a9a-b348-4bb1-88c5-bc7c145f8223">http://schema s.xmlsoap.org/ws/2004/03/addressing/role/anonymous</wsa:To> > <wsse:Security soap:mustUnderstand="1"> > <wsu:Timestamp > wsu:Id="Timestamp-d406a2ef-f4f9-466a-8379-95e005d79e70"> > <wsu:Created>2006-03-13T17:35:32Z</wsu:Created> > <wsu:Expires>2006-03-13T17:40:32Z</wsu:Expires> > </wsu:Timestamp> > <wsse:BinarySecurityToken > ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401 > -wss-x509-token-profile-1.0#X509v3" > EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200 401-wss-soap-message-security-1.0#Base64Binary" > wsu:Id="SecurityToken-c0d859ef-f74c-462d-9cac-471e437ff143">MI IBszCCAV2gAwIBAgIQpoIcliQUa65MsOd0gqyiHzANBgkqhkiG9w0BAQQFADAWMRQ> wEgYDVQQDEwtSb290IEFnZW5jeTAeFw0wNjAyMTcxMjM4MTJaFw0zOTEyMzEyM > zU5NTlaMA4xDDAKBgNVBAMTA0VDUzCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYk > CgYEA5sayxyR5tccKy7jY5T7LJk2wDFPY6iE3+eh9ong3vRx8gn6ZHkuESsix+ > 4EUHQAJhEbFE+VWkMw4Hc7//8ZtOvxORVYuRJAkdUNqIdT12qQxT0s45GsAOK3 > XT4oJWAnwacbRPX5zhZSr4654PIYnkhBlV8WWKtMtPa7Od/bbYFECAwEAAaNLM > EkwRwYDVR0BBEAwPoAQEuQJLQYdHU8AjWEh3BZkY6EYMBYxFDASBgNVBAMTC1J > vb3QgQWdlbmN5ghAGN2wAqgBkihHPuNSqXDX0MA0GCSqGSIb3DQEBBAUAA0EAH > ynkAJSCfMYS0cTHIiZjV91Z2kVMZHEztX1Pdh+I/a3zMALpIIOGMMM204VTowH > jQsXX4PCMwGTsTMFdSeDp1g==</wsse:BinarySecurityToken> > <xenc:EncryptedKey > xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";> > <xenc:EncryptionMethod > Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/> > <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";> > <wsse:SecurityTokenReference> > <wsse:KeyIdentifier > ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401 > -wss-x509-token-profile-1.0#X509SubjectKeyIdentifier" > EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200 401-wss-soap-message-security-1.0#Base64Binary">> bd8816b2gdUY7RzjVl7aJFe0KH8=</wsse:KeyIdentifier> > </wsse:SecurityTokenReference> > </KeyInfo> > <xenc:CipherData> > > <xenc:CipherValue>W5bQLa6W9BmPNbJeGuWIMx8y492OJzwOdNfN09tSfYfE VXnyXQ0WCyKCdUCGmZOs95JgZfq8Lu4Uf1I0/QyeSl0> +wJe3qiWqFI6kbh6TnkhS8wJ4VBSGo4EojDCYKCbEXRtpDJDt8qVNyG4AHIq2A > 0W5oBGUvN0zLohk+tC7G10=</xenc:CipherValue> > </xenc:CipherData> > <xenc:ReferenceList> > <xenc:DataReference > URI="#EncryptedContent-a2ffa426-e9bb-4c64-8ddb-13d6511f00be"/> > </xenc:ReferenceList> > </xenc:EncryptedKey> > <Signature xmlns="http://www.w3.org/2000/09/xmldsig#";> > <SignedInfo> > <CanonicalizationMethod > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"/> > <SignatureMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> > <Reference > URI="#Id-21fd0749-6ea4-4202-bfcd-b30421743850"> > <Transforms> > <Transform > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> > </Transforms> > <DigestMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> > > <DigestValue>oNlhRScjETWgVbSQVpJsRFZwXXY=</DigestValue> > </Reference> > <Reference > URI="#Id-c3c28513-7f90-41a0-bbe0-340642d9a6cb"> > <Transforms> > <Transform > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> > </Transforms> > <DigestMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> > > <DigestValue>zIQe5mG6f0x1RDM/tJD0qTIVmto=</DigestValue> > </Reference> > <Reference > URI="#Id-1db9ae71-1f27-43da-9261-7c4c0448609a"> > <Transforms> > <Transform > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> > </Transforms> > <DigestMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> > > <DigestValue>udt0KTivv0W6jdVRY65Os30gBvI=</DigestValue> > </Reference> > <Reference > URI="#Id-66893a9a-b348-4bb1-88c5-bc7c145f8223"> > <Transforms> > <Transform > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> > </Transforms> > <DigestMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> > > <DigestValue>KhDzpyG7a3rwQCigUHmfiIR+2wE=</DigestValue> > </Reference> > <Reference > URI="#Timestamp-d406a2ef-f4f9-466a-8379-95e005d79e70"> > <Transforms> > <Transform > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> > </Transforms> > <DigestMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> > > <DigestValue>LL6D0OQKNkcIARIo94ci9CJsFNg=</DigestValue> > </Reference> > <Reference > URI="#Id-a0e4971a-b6a7-4578-863e-e131a8d7dc16"> > <Transforms> > <Transform > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> > </Transforms> > <DigestMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> > > <DigestValue>hiJNfb/rt2Nx5z+ngPyHfCq9bpc=</DigestValue> > </Reference> > </SignedInfo> > > <SignatureValue>pgVeW5LNVlDgQlInWGCwlpEtt7NkgqbnZ8JI9AqQSVZais 3GDlGpu4ClvYJp0G5DNu4ZV1AEl4Qz3GTt556Fijlk2Qj6Vw3ZMQUyaLc9U7UwhMA> w3Ifs8YE6LNUBOyJaF/pQrT5lX1mC1aaNVI9WpvLKLhv9NuTnLp05CUcoWaM=< > /SignatureValue> > <KeyInfo> > <wsse:SecurityTokenReference> > <wsse:Reference > URI="#SecurityToken-c0d859ef-f74c-462d-9cac-471e437ff143" > ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401 > -wss-x509-token-profile-1.0#X509v3"/> > </wsse:SecurityTokenReference> > </KeyInfo> > </Signature> > </wsse:Security> > </soap:Header> > <soap:Body wsu:Id="Id-a0e4971a-b6a7-4578-863e-e131a8d7dc16"> > <xenc:EncryptedData > Id="EncryptedContent-a2ffa426-e9bb-4c64-8ddb-13d6511f00be" > Type="http://www.w3.org/2001/04/xmlenc#Content"; > xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";> > <xenc:EncryptionMethod > Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/> > <xenc:CipherData> > > <xenc:CipherValue>kEBEI0fZGSXKPJdv3snTg2/rCaGO0Rz7LOJ3nfHRMXbG EyX52byMIwOdMaYySlcr86jeaYckub45EJFa6DFNNbOCj2dvFJyiH9Izl4aW7ch1w> AgJ2VSJNpK/6tgA88eP3sQsMz+OoBMGhq8xwv/pMU491oR1JdWDNEMl6LllzFf > 6GI15HElV5JVzZbyadcdl89TMVVwPKeC0TPAOT4LMpNs2cKhn7+EM1Ml/Jp4/e R4QBALOTs2zpz5jyzXxB267O2SycOoLD5E7> +/z/4k3aUUuPzvVtGKiU2eYiZ1FToCaG5zsq2xxbgsDRJiSGTs317LfwDgISzE > 8HwICcZHfcxzHrRwT5Ri882JKaT7DIoBP5c4u3GunR2osVic4yaPlA0iedN1qD > Q6XzPwQMEfemYOFwkt3c1nTvMBqthR5a/l1KhDo4bvly33fEcsKa1xmfkARfUn > JBHgnKXaHCe7M4Cyok9/qlghGVhbbc+LVflDg7Xdgv+Oshm4Wv02vgMAa/S4Ae > x/AR3wkjCLnDYjcMBRdddUL9qdhY1tfEJH9MQg+f/cyNg+RfsIjtdHVppuTvBN > 4+7kYeB7hRl47TC5w5OiSqjIwKxwzl09VLAFRytSvZgLFYTCURncU5CL7jkbnP > 7D1NIEz4ddyz+0Nuh79gxbxUSPU/qjZKW6BVYqSDNfqEEVx6Mfa8ig9WDGuFHM cHqUOmqU8aOGjLToRAKEzGhKAaRa1ir07ESNGfURFrXKLddK72/4Im9iMXouB0sIY> wr/z1L1cR7eaGvzzIZHTSsxrbTRlGURhoHRK7Xi+sYOUvaADJHhkPKFSfmJyrg > bN4NjHJJ2jHED4nFmqa++8Yp7VaOruMxjWnwsIGCutCQ2wuOC1lnYDox6/ungT W3Yno6a3I0VWQCQ9DyMLL53m1MUSYdXlbU3Xz7Qp/T39cQC5pnPGFDdVJ1SWtDrm+> ix+q</xenc:CipherValue> > </xenc:CipherData> > </xenc:EncryptedData> > </soap:Body> > </soap:Envelope> > > > Thanks > > > > Dittmann, Werner wrote: > > Barry, > > > > if there is no UsernameToken in the message then the receiver > > does not handle it. Because the receiver triggers on a UsernameToken > > there is one in the response message. Can you record the response, > > e.g. via TCPMON and send it. > > > > Regards, > > Werner > > > > > >> -----Ursprüngliche Nachricht----- > >> Von: Barry McGann [mailto:[EMAIL PROTECTED] > >> Gesendet: Montag, 13. März 2006 17:23 > >> An: [email protected] > >> Betreff: re: UsernameToken issue > >> > >> Hi, > >> > >> I am having a problem with the response that I get back from > >> a .NET web > >> service. I can successfully call the service adding a > UsernameToken, > >> Encrypting the body and signing the message but the response > >> I get back > >> fails with : > >> > >> - Using Crypto Engine > >> [org.apache.ws.security.components.crypto.Merlin] > >> - Verification successful for URI "#id-886220" > >> > >> > {http://xml.apache.org/axis/}stackTrace:java.lang.NullPointerException > >> > >> at > >> org.apache.ws.security.message.token.UsernameToken.<init> > >> > > ;(UsernameToken.java:110) > > > >> at org.apache.ws.security.WSSecurityEngine.handleUsernameToken > >> at > >> org.apache.ws.security.WSSecurityEngine.handleUsernameToken(WS > >> SecurityEngine.java:832) > >> at > >> org.apache.ws.security.WSSecurityEngine.processSecurityHeader( > >> WSSecurityEngine.java:379) > >> at > >> org.apache.ws.security.WSSecurityEngine.processSecurityHeader( > >> WSSecurityEngine.java:259) > >> at > >> org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllRece > >> iver.java:183) > >> ........... > >> > >> Here is the wsdd file I am using: > >> > >> <deployment xmlns="http://xml.apache.org/axis/wsdd/"; > >> xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> > >> <transport name="http" > >> pivot="java:org.apache.axis.transport.http.HTTPSender"/> > >> <globalConfiguration > > >> <requestFlow > > >> <handler name="EcsResponseHandler" > >> type="java:ict.ecs.EcsResponseHandler" > > >> </handler> > >> <handler > type="java:org.apache.ws.axis.security.WSDoAllReceiver"> > >> <parameter name="passwordCallbackClass" > >> value="ict.ecs.PWCallback"/> > >> <parameter name="action" value="Encrypt Timestamp > Signature"/> > >> <parameter name="decryptionPropFile" > value="key.properties" /> > >> <parameter name="signaturePropFile" > value="key.properties" /> > >> <parameter name="encryptionKeyIdentifier" > >> value="DirectReference" /> > >> <parameter name="signatureKeyIdentifier" > >> value="DirectReference" /> > >> </handler> > >> </requestFlow > > >> </globalConfiguration > > >> </deployment> > >> > >> > >> I build the outgoing message manually. > >> I can see that the digital signature is verified successfully > >> but how do > >> I setup the wsdd file to ignore the fact that no > >> UsernameToken is being > >> passed back in the response? > >> > >> Any help is appreciated. > >> > >> Thanks > >> > >> > >> > >> > --------------------------------------------------------------------- > >> To unsubscribe, e-mail: [EMAIL PROTECTED] > >> For additional commands, e-mail: [EMAIL PROTECTED] > >> > >> > >> > > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
