There is an issue with the position of the <Timestamp> element in the
<Security> header when using WSS4J calling .NET Web Services with WS-Security.
-------------------------------------------------------------------------------------------------------------------------------------------------------
Key: WSS-231
URL: https://issues.apache.org/jira/browse/WSS-231
Project: WSS4J
Issue Type: Bug
Components: WSS4J Core
Affects Versions: 1.5.8
Environment: Windows, Solaris
Reporter: Chris Weitner
Assignee: Ruchith Udayanga Fernando
There is an issue with the position of the <Timestamp> element in the
<Security> header when using WSS4J calling .NET Web Services with WS-Security.
When using the "Timestamp Signature" action over https, we are receiving the
following error: "Signing without primary signature requires timestamp". When
I modified org.apache.ws.security.message.WSSecSignature to position
<Timestamp> as the first element in <Security> it worked fine (by default
<Timestamp> is the last element and after the <Signature>). Can this be fixed
or can you make Timestamp positioned first as a configuration option?
<soapenv:Header>
<wsse:Security>
<wsu:Timestamp>
<wsu:Created>2010-05-06T16:46:31.594Z</wsu:Created>
<wsu:Expires>2010-05-06T16:51:31.594Z</wsu:Expires>
</wsu:Timestamp>
<wsse:BinarySecurityToken</wsse:BinarySecurityToken>
<ds:Signature>
....
</ds:Signature>
</wsse:Security>
</soapenv:Header>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
