Re: Interop WSE 3.0 and WSS4J - Referenced security token could not be retrieved

José Ferreiro Sun, 25 Mar 2007 23:51:15 -0800

Hello Freddy,

In order to interoperate with .net.


YOu should also use timestamp because .net add it by default

    <parameter name="action" value="Signature Encrypt" />

then this line in wsdd should include timestamp

    <parameter name="action" value="Timestamp Signature Encrypt" />

what i cannot say is where timestamp is it placed...

it could be also
<parameter name="action" value="Signature Timestamp Encrypt" />

or
<parameter name="action" value="Signature Encrypt Timestamp" />

well i see that from the wsdd file you don't give an responseflow.

bcse I know the .net client needs the timestamp from the Java is you send a
responseFlow to the client.

Please let me know if you make it working!
Thank you so much.



On 3/26/07, Freddy Weishaeupl <[EMAIL PROTECTED]> wrote:


Hi Jose,

sure here it comes:

server-config.wsdd:
...
<service name="simple_webservice" provider="java:RPC" style="document"
        use="literal">
        <requestFlow>
                <handler
                        type="java:
org.apache.ws.axis.security.WSDoAllReceiver">
                        <parameter name="passwordCallbackClass"
                                value="
com.bmw.security.wss4j.callback.PWCallback" />
                        <parameter name="action" value="Signature Encrypt"
/>
                        <parameter name="signaturePropFile"
                                value="crypto.properties" />

                        <parameter name="decryptionUser" value="alice" />
                        <parameter name="encryptionUser" value="alice" />
                        <parameter name="user" value="bob" />
                        <parameter name="encryptionKeyIdentifier"
                                value="X509KeyIdentifier" />
                        <parameter name="decryptionKeyIdentifier"
                                value="X509KeyIdentifier" />
                        <parameter name="signatureKeyIdentifier"
                                value="X509KeyIdentifier" />
                        <parameter name="encryptionSymAlgorithm"
                                value="
http://www.w3.org/2001/04/xmlenc#aes128-cbc"; />
                </handler>
        </requestFlow>
        <parameter name="className"
                value="com.bmw.wss.test.webservice.SimpleWebservice" />
        <parameter name="allowedMethods" value="*" />
        <parameter name="scope" value="application" />
</service>
...

My crypto.properties looks as follows:


org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=password
org.apache.ws.security.crypto.merlin.keystore.alias=alice
org.apache.ws.security.crypto.merlin.file=interop2.jks

Hope this helps :)



>From: "José Ferreiro" <[EMAIL PROTECTED]>
>To: "Ruchith Fernando" <[EMAIL PROTECTED]>,
>[email protected], [EMAIL PROTECTED]
>Subject: Re: Interop WSE 3.0 and WSS4J - Referenced security token could
>not be retrieved
>Date: Sun, 25 Mar 2007 20:25:38 +0200
>
>Hello,
>
>I am trying also but having some difficulties with The keygeneration for
>the
>.net side.
>
>I used keytool to generate the keys.
>Then I converted the keys from keytool in pfx format.
>I succeeded to install those keys in windows keystore.
>
>Fernando may you tell me how are generated the key for Alice and Bob to
pfx
>format?
>In which format are stored the key in the javakey store, JKS format?
>
>
>Freeddy,
>May you show me your wssd deployment in the  java server side?
>
>Thank you in advance to you both.
>
>
>
>On 3/25/07, Ruchith Fernando <[EMAIL PROTECTED]> wrote:
>>
>>Hi,
>>
>>Can you please post the message that the java service gets from the .NET
>>client?
>>
>>Thanks,
>>Ruchith
>>
>>On 3/23/07, Freddy Weishaeupl <[EMAIL PROTECTED]> wrote:
>> > Hi,
>> >
>> > currently I'm trying to use a .NET Client to access a Java
webservice.
>>At
>> > the .NET side I use the Microsoft WSE 3.0 implementation to sign and
>>encrypt
>> > the SOAP Body of the SOAP request message. At server-side WSS4J is
used
>>for
>> > checking the signature and decrypting the SOAP Message.
>> >
>> > I'm using the interop certificates (Alice&Bob) of the WSS4J
>>1.5.1package.
>> >
>> > Unfortunately at server-side I always get the following error
message:
>> >

>>-----------------------------------------------------------------------------------------------------------------
>> > ...
>> > [23.03.2007 14:53:37] [DEBUG]
>> > [org.apache.xml.security.algorithms.SignatureAlgorithm.<init>] Create
>>URI
>> > "http://www.w3.org/2000/09/xmldsig#hmac-sha1"; class "class
>> >
>>
org.apache.xml.security.algorithms.implementations.IntegrityHmac$Integrity
>> > HmacSHA1"
>> > [23.03.2007 14:53:37] [DEBUG]
>> > [org.apache.xml.security.algorithms.JCEMapper.translateURItoJCEID]
>>Request
>> > for URI http://www.w3.org/2000/09/xmldsig#hmac-sha1
>> > [23.03.2007 14:53:37] [DEBUG]
>> > [org.apache.xml.security.algorithms.implementations.IntegrityHmac
>>.<init>]
>> > Created IntegrityHmacSHA1 using HmacSHA1
>> > [23.03.2007 14:53:37] [DEBUG]
>> > [org.apache.xml.security.utils.ElementProxy.<init>]
>>setElement("KeyInfo",
>> > "null")
>> > [23.03.2007 14:53:37] [DEBUG]
>> > [
>>
org.apache.ws.security.message.token.SecurityTokenReference.getTokenElement
>>]
>> > Token reference uri:
>>#SecurityToken-d81c5ccf-8197-433f-937b-495421e6a832
>> > org.apache.ws.security.WSSecurityException: Referenced security token
>>could
>> > not be retrieved. (Reference
>> > "#SecurityToken-d81c5ccf-8197-433f-937b-495421e6a832")
>> >         at
>> >
>>
org.apache.ws.security.message.token.SecurityTokenReference.getTokenElement
>>(SecurityTokenReference.java:179)
>> >         at
>> >
org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(
>>SignatureProcessor.java:186)
>> > ...
>> >

>>-----------------------------------------------------------------------------------------------------------------------------------------
>> >
>> >
>> > Any ideas what's the problem here? Has anyone already tested WSE3.0in
>> > combination with WSS4J?
>> >
>> > Thanks.
>> >
>> > Best Regards
>> > Freddy
>> >
>> > _________________________________________________________________
>> > Express yourself instantly with MSN Messenger! Download today it's
>>FREE!
>> > http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/
>> >
>> >
>> > ---------------------------------------------------------------------
>> > To unsubscribe, e-mail: [EMAIL PROTECTED]
>> > For additional commands, e-mail: [EMAIL PROTECTED]
>> >
>> >
>>
>>
>>--
>>www.ruchith.org
>>www.wso2.org
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: [EMAIL PROTECTED]
>>For additional commands, e-mail: [EMAIL PROTECTED]
>>
>>
>
>
>--
>José Ferreiro
>EPFL Communication Systems engineer
>ing.sys.com.dipl.EPFL

_________________________________________________________________
Express yourself instantly with MSN Messenger! Download today it's FREE!
http://messenger.msn.click-url.com/go/onm00200471ave/direct/01/


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



--
José Ferreiro
EPFL Communication Systems engineer
ing.sys.com.dipl.EPFL

Re: Interop WSE 3.0 and WSS4J - Referenced security token could not be retrieved

Reply via email to