The action mismatch is occurring because the prescribed order of
"actions" does not match the order (and number) of actions that were
actually encountered. I would need to know about how you are using
WSS4J (e.g, Axis, CXF, etc) to know what you have specified as the
prescribed ordering in your server/message receiver.
If I add this line to ignore value 32 also:
if (act == WSConstants.SC) {
continue;
}
// ADDED BY ME
if (act == 32){
continue;
}
everyting still works fine.
What you've done is to tell WSS4J to "ignore" the check over whether
a timestamp is present (WSConstants.TS == 0x20 == 32). I suspect
the .NET client has sent you a timestamp in the header, which you've
not configured in your server to expect. You should instead
configure your server to expect a timestamp, or configure your .NET
client to not send one.
FWIW, I have found this action check in the WSHandler to be
unreliable, at least in cases where you received messages from
multiple sources. E.g., the ordering of elements in the header
differs if the message is sent from .NET clients, as opposed to WSS4J-
enabled clients This makes it pretty hard to define a server that is
interoperable with lots of different secure clients, if they use
different SOAP toolkits. I think the intention is right -- I think
it's supposed to allow you to check that a message was signed before
it was encrypted. But I'm not sure if the algorithm is quite right,
so we may need to revisit it.
-Fred
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
