Hi. I've slowly been making headway getting a WSE 3.0 .NET client
talking to a wss4j service. I can turn on security and I can
authenticate with a UsernameToken, but now I'm having a lot of difficult
getting signing with certificates to work.
Using a combination of openssl and keytool I've created and signed my
certificates and I know by looking at a TCP trace the client is using
the server's certificate to sign its requests, but... whenever I do this
the server gives a response saying that the security header is missing.
I'm doing my best to make sense of the documentation and here's what I
have so far:
I have a crypto.properties file named "server_crypto.properties" with
the following contents:
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=storepass
org.apache.ws.security.crypto.merlin.file=U:/sslstuff2/keystore
and my server-config.wsdd has the following lines:
<parameter name="passwordCallbackClass" value="test.PWCallback"/>
<parameter name="action" value="Signature Timestamp"/>
<parameter name="signaturePropFile" value="server_crypto.properties"/>
I have a few questions:
1. The obvious one: How do I make this work?
2. Is there any way to have axis and/or wss4j log what it's doing so I
can get a better idea of what's going wrong besides the SOAP response?
3. Where should the crypto.properties file go?
Thanks for your help,
-Joshua
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
