[jira] Commented: (WSS-81) Compatibility between WSS4J and WebLogic 9 for Encryption

Wed, 20 Jun 2007 08:29:57 -0700 

    [ 
https://issues.apache.org/jira/browse/WSS-81?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12506569
 ] 

angélique commented on WSS-81:
------------------------------

Hello again,

The directReference woks fine to add the BinarySecurityToken to the SOAP 
request but now the following part is missing:

<ns2:X509Data>
<ns2:X509IssuerSerial>
<ns2:X509IssuerName>
CN=XXXXXXX,OU=FOR TESTING ONLY,O=MyOrganization,L=MyTown,ST=MyState,C=US
</ns2:X509IssuerName>
<ns2:X509SerialNumber>
0000000000000000000000000000000000000
</ns2:X509SerialNumber>
</ns2:X509IssuerSerial>
</ns2:X509Data>

This part of the header was created with the propertie:

<parameter name="encryptionKeyIdentifier" value="IssuerSerial" />

How can I have both the BinarySecurityToken element  AND the X509Data element 
in the same time ?
My aim is still to make work fine a Web logic serveur with my Axis/wss4j client.

      Regards,

             Angel

> Compatibility between WSS4J and WebLogic 9 for Encryption
> ---------------------------------------------------------
>
>                 Key: WSS-81
>                 URL: https://issues.apache.org/jira/browse/WSS-81
>             Project: WSS4J
>          Issue Type: Bug
>         Environment: Web service serveur: Web Logic 9
> Web service client : axis+wss4j+bouncy castle on linux
>            Reporter: angélique
>            Assignee: Werner Dittmann
>            Priority: Blocker
>
> Hello,
> There is a problem of compatibility between Web Logic 9 and WSS4J.
> One one hand, when a weblogic server is configured to do encryption only, the 
> SOAP message generated contain a xml node like this:
> <wsse:BinarySecurityToken wsu:Id="bst_JFDmu9E2O5K4Opex" 
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
>  
> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
>  
> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";>
> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
> </wsse:BinarySecurityToken>
> On the other hand, it's only possible with WSS4J to add the token for 
> signature. When using encryption alone, configuring the client to send a SOAP 
> message with this BinarySecurityToken is not possible.
> Wath can I do to make a SOAP request whith an Encrypted body AND a 
> BinarySecurityToken in the <head> part ?
> Regards,
>        Angélique

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Reply via email to