I don'tthink that you can create the same request with the
standard WSDoAllSender
parameters. Looking at the key identifier it seems that
amazon uses its own way to
get the key used to create the signature. This is a
proprietory extension. The standard
allows it but then it is no longer interoperable with
implementationsthat support
the OASIS WSS standard only.
Regards,
Werner
Ruchith:
Von: Wishing Carebear [mailto:[EMAIL PROTECTED]
Gesendet: Montag, 13. November 2006 12:06
An: Ruchith Fernando
Cc: [email protected]
Betreff: Re: error while receiving he amzon webservice to createQueue
Thanks for your response. My client machine was running 7 minutes faster. Once when I corrected that it worked fine.
Also as I have asked in my first post, instead of using the amazon custom handler is it possible to constuct the same soap request using WSDoAllSender and setting the appropriate properties. I have attached the request message in my first post.
Thanks again for your help.
Regards,
cbear
On 11/11/06, Ruchith Fernando <[EMAIL PROTECTED] > wrote:Hi cbear,
Seems like timestamp on the response msg you received is expired. Can
you please check whether you have set the time of your client machine
accurately?
Thanks,
Ruchith
On 11/12/06, Wishing Carebear <[EMAIL PROTECTED] > wrote:
> Hello
> I'm trying to use axis 1.4 with wss4j to access the Amazon webservice using
> the following wsdl
>
> http://queue.amazonaws.com/doc/2006-04-01/QueueService.wsdl
> ?
>
> Amazon provided a sample program that is build with wss4j and axis.
>
> 1. The amazon has implemented a handler called
> com.amazonaws.queue.client.SignRequestHandlerHMAC that
> extends WSDoAllSender.
>
> I want to know if it is possible to use just the client.wsdd configuration
> to configure the security parameter and not use the custom Handler from
> Amazon.
>
> In other words right now I did the following to send the message
>
> <requestFlow>
> <handler
> type="java:com.amazonaws.queue.client.SignRequestHandlerHMAC ">
>
> </handler>
> </requestFlow>
>
> The request message looks like below and I would like to use the wss4j
> handler WSDoAllSender to configure to get the same request message
>
> <soapenv:Envelope
> xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
> xmlns:soapenv=" http://schemas.xmlsoap.org/soap/envelope/ "
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd "
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd "
> xmlns:xsd=" http://www.w3.org/2001/XMLSchema"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance ">
> <soapenv:Header>
> <wsse:Security soapenv:mustUnderstand="1">
> <ds:Signature>
> <ds:SignedInfo>
> <ds:CanonicalizationMethod
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n# "/>
> <ds:SignatureMethod
> Algorithm=" http://www.w3.org/2000/09/xmldsig#hmac-sha1"/>
> <ds:Reference URI="#body">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
>
> <ds:DigestValue>u/JdwrWNm9QWWTtvrW/1EYfwia4=</ds:DigestValue>
> </ds:Reference>
> <ds:Reference URI="#timestamp">
> <ds:Transforms>
> <ds:Transform Algorithm="
> http://www.w3.org/2001/10/xml-exc-c14n#"/>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm=" http://www.w3.org/2000/09/xmldsig#sha1 "/>
>
> <ds:DigestValue>446rNmkNy+xJez4uQrZmiDHOAdQ=</ds:DigestValue>
> </ds:Reference>
> </ds:SignedInfo>
> <ds:SignatureValue
> URI="#body">IaakybWmCjX3rvgfY5jmCvnuvCA=</ds:SignatureValue>
> <ds:KeyInfo>
> <wsse:SecurityTokenReference>
> <wsse:Reference URI="#keyId"/>
> </wsse:SecurityTokenReference>
> </ds:KeyInfo>
> </ds:Signature>
> <wsse:UsernameToken>
>
> <wsse:Username>15KRV9ADDAYGV408YTR2</wsse:Username>
> </wsse:UsernameToken>
> <wsse:SecurityTokenReference>
> <wsse:KeyIdentifier
> ValueType="http://webservices.amazon.com/schema/keyId"
> wsu:Id="keyId">15KRV9ADDAYGV408YTR2</wsse:KeyIdentifier>
> </wsse:SecurityTokenReference>
> <wsu:Timestamp wsu:Id="timestamp">
> <wsu:Created>2006-11-12T01:19:48.871Z</wsu:Created>
> <wsu:Expires>2006-11-12T01:20: 48.871Z</wsu:Expires>
> </wsu:Timestamp>
> </wsse:Security>
> </soapenv:Header>
> <soapenv:Body wsu:Id="body">
> <CreateQueue xmlns="
> http://queue.amazonaws.com/doc/2006-04-01/">
> <QueueName xsi:type="xsd:NCName">yyQ</QueueName>
> <DefaultVisibilityTimeout
> xsi:type="xsd:integer">0</DefaultVisibilityTimeout>
> </CreateQueue>
> </soapenv:Body></soapenv:Envelope>
>
> 2. the response message from the request looks like below:
> <?xml version="1.0"?>
> <soapenv:Envelope xmlns:soapenv="
> http://schemas.xmlsoap.org/soap/envelope/">
> <soapenv:Header>
> <wsse:Security xmlns:wsse="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
> <wsu:Timestamp xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
> <wsu:Created>2006-11-11T17:13:09.844-08:00</wsu:Created>
> <wsu:Expires>2006-11-11T17:28: 09.844-08:00</wsu:Expires>
> </wsu:Timestamp>
> </wsse:Security>
> </soapenv:Header>
> <soapenv:Body>
> <CreateQueueResponse xmlns="
> http://queue.amazonaws.com/doc/2006-04-01/">
>
> <QueueUrl>http://queue.amazonaws.com/AF8VR425QKJ84/yyQ </QueueUrl>
> <ResponseStatus>
> <StatusCode>Success</StatusCode>
>
> <RequestId>b3e9f533-e3ae-4be6-853a-84b21691f02e</RequestId>
> </ResponseStatus>
> </CreateQueueResponse>
> </soapenv:Body>
> </soapenv:Envelope>
>
> I configured the client request flow as below:
> <responseFlow>
> <handler
> type="java:org.apache.ws.axis.security.WSDoAllReceiver">
> <parameter name="action" value="Timestamp"/>
>
> I get the following exception
>
> faultString: WSDoAllReceiver: The timestamp could not be validated
>
> Could some one give me some pointers on this.
>
> Thanks
> cbear
>
--
www.ruchith.org
