Hi Maciej, WSS4J can be used to do all three steps you have mentioned. If you can explain the incompatibilities of WSS4J that you found with WSE 3.0, we can try to help you.
Thanks, Ruchith On Jan 17, 2008 6:58 PM, Maciej Kwiecien <[EMAIL PROTECTED]> wrote: > > Hello, > > > Sorry for double posting - I've managed to get over that issue: > > org.apache.ws.security.WSSecurityException: An unsupported signature or > encryption algorithm was used (unsupported key transport encryption > algorithm: No such algorithm: http://www.w3.org/2001/04/xmlenc#rsa-1_5) > (I have not had Bouncy Castle lib on classpath) > > I am still wondering what should I do to be compliant with WSE 3.0 > > Regards, > Maciej > > > > On Jan 17, 2008 10:52 AM, Maciej Kwiecien <[EMAIL PROTECTED]> wrote: > > Hello, > > > > First of all, I thank you for your answer. I am new to WS-Security and I'd > like to ask you some questions (I guess not so difficult for you) > > > > Servicemix rather doesn't support WSE 3.0 but I'd like to add my own bean > which extends message with > > information required by WSE 3.0 before message is sent to .NET web service > that is secured with WSE 3.0. > > > > Could you please give me some guidelines what should I add to message to > be compliant with WSE 3.0 > > I know that it is configuration specific matter - but what are general > steps? > > I found article (but it is out-of-date) : > http://www.devx.com/Java/Article/28816/0/page/4 > > > > There are 3 steps mentioned: > > - adding user token > > - signing message > > - encrypting message > > > > > > Are those steps sufficient to be compliant with WSE 3.0? > > > > I look into WSS4J source code and now I hope I can in proper way: > > -add user token > > -sign message with certificate. > > However,I've got problem with encrypting message - how can I encrypt > message using RSA key? > > I get exception > > > > org.apache.ws.security.WSSecurityException: An unsupported signature or > encryption algorithm was used (unsupported key transport encryption > algorithm: No such algorithm: http://www.w3.org/2001/04/xmlenc#rsa-1_5) > > > > > > I look forward to hearing from you. > > > > Regards, > > Maciej > > > > > > > > > > On Jan 17, 2008 9:18 AM, Ruchith Fernando < [EMAIL PROTECTED]> > wrote: > > > > > I'm not sure about WSE 3.0 and ServiceMix interoperability .... but we > > > recently tested Apache Rampart (which is based on WSS4J library) with > > > WCF and we interop on all WS-Security 1.0,1.1 and > > > WS-SecureConversation scenarios (of WCF plugfest), this includes > > > UsernameToken as well. > > > > > > Thanks, > > > Ruchith > > > > > > > > > > > > > > > On Jan 10, 2008 9:45 PM, Maciej Kwiecien <[EMAIL PROTECTED]> > wrote: > > > > > > > > > > > > Hello All, > > > > > > > > I'd like to check if wss4j library can be useful in following > usecase: > > > > > > > > I've got SOAP message (request) that I need to send to web service > that > > > > requires WSE 3.0 authentication. > > > > > > > > > > > > > > > > Can WSS4J library help me to perform all required transformation to > pass WSE > > > > 3.0 authentication? > > > > > > > > In other words, what should be done in my java client to talk to web > service > > > > secured by WSE 3.0 ? > > > > > > > > > > > > > > > > > > > > What is more, I use ServiceMix. ( I've found a lot of pages dedicated > to > > > > resolving this issue in Axis). > > > > > > > > > > > > > > > > Any help will be appreciated, > > > > > > > > Maciej > > > > > > > > > > > > -- > > > http://blog.ruchith.org > > > http://wso2.org > > > > > > > > > -- http://blog.ruchith.org http://wso2.org --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
