Hi, WSS4J does not support multiple certificate references in a SOAP request for one action (signature or encryption) although you may have different certificate references for signature and encryption.
Regards, Werner angélique (JIRA) wrote: > [ > https://issues.apache.org/jira/browse/WSS-81?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel#action_12506569 > ] > > angélique edited comment on WSS-81 at 6/20/07 8:29 AM: > ------------------------------------------------------- > > Hello again, > > The directReference woks fine to add the BinarySecurityToken to the SOAP > request but now the following part is missing: > > <ns2:X509Data> > <ns2:X509IssuerSerial> > <ns2:X509IssuerName> > CN=XXXXXXX,OU=FOR TESTING ONLY,O=MyOrganization,L=MyTown,ST=MyState,C=US > </ns2:X509IssuerName> > <ns2:X509SerialNumber> > 0000000000000000000000000000000000000 > </ns2:X509SerialNumber> > </ns2:X509IssuerSerial> > </ns2:X509Data> > > This part of the header was created with the propertie: > > <parameter name="encryptionKeyIdentifier" value="IssuerSerial" /> > > How can I have both the BinarySecurityToken element AND the X509Data element > in the same time ? > My aim is still to make work fine a Web logic server with my Axis/wss4j > client. > > Regards, > > Angel > > > was: > Hello again, > > The directReference woks fine to add the BinarySecurityToken to the SOAP > request but now the following part is missing: > > <ns2:X509Data> > <ns2:X509IssuerSerial> > <ns2:X509IssuerName> > CN=XXXXXXX,OU=FOR TESTING ONLY,O=MyOrganization,L=MyTown,ST=MyState,C=US > </ns2:X509IssuerName> > <ns2:X509SerialNumber> > 0000000000000000000000000000000000000 > </ns2:X509SerialNumber> > </ns2:X509IssuerSerial> > </ns2:X509Data> > > This part of the header was created with the propertie: > > <parameter name="encryptionKeyIdentifier" value="IssuerSerial" /> > > How can I have both the BinarySecurityToken element AND the X509Data element > in the same time ? > My aim is still to make work fine a Web logic serveur with my Axis/wss4j > client. > > Regards, > > Angel > >> Compatibility between WSS4J and WebLogic 9 for Encryption >> --------------------------------------------------------- >> >> Key: WSS-81 >> URL: https://issues.apache.org/jira/browse/WSS-81 >> Project: WSS4J >> Issue Type: Bug >> Environment: Web service serveur: Web Logic 9 >> Web service client : axis+wss4j+bouncy castle on linux >> Reporter: angélique >> Assignee: Werner Dittmann >> Priority: Blocker >> >> Hello, >> There is a problem of compatibility between Web Logic 9 and WSS4J. >> One one hand, when a weblogic server is configured to do encryption only, >> the SOAP message generated contain a xml node like this: >> <wsse:BinarySecurityToken wsu:Id="bst_JFDmu9E2O5K4Opex" >> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; >> >> ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"; >> >> EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";> >> XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX >> </wsse:BinarySecurityToken> >> On the other hand, it's only possible with WSS4J to add the token for >> signature. When using encryption alone, configuring the client to send a >> SOAP message with this BinarySecurityToken is not possible. >> Wath can I do to make a SOAP request whith an Encrypted body AND a >> BinarySecurityToken in the <head> part ? >> Regards, >> Angélique > --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
