Re: [jira] Created: (WSS-231) There is an issue with the position of the element in the header when using WSS4J calling .NET Web Services with WS-Security.

Thu, 06 May 2010 22:33:14 -0700 

IIRC you can influence the position of the timestamp in the "action" parameter
of the deployment file (at least this was tru for Axis 1 :-)  )

<parameter name="action" value="UsernameTokenSignature Encrypt Timestamp"/>

You may check the order of actions here. WSS4J creates the parts of the
security header in the order give in the action parameter (above is just an
example).

Regards,
Werner

Am 06.05.2010 22:12, schrieb Chris Weitner (JIRA):
> There is an issue with the position of the <Timestamp> element in the 
> <Security> header when using  WSS4J calling .NET Web Services with 
> WS-Security.  
> -------------------------------------------------------------------------------------------------------------------------------------------------------
> 
>                  Key: WSS-231
>                  URL: https://issues.apache.org/jira/browse/WSS-231
>              Project: WSS4J
>           Issue Type: Bug
>           Components: WSS4J Core
>     Affects Versions: 1.5.8
>          Environment: Windows, Solaris
>             Reporter: Chris Weitner
>             Assignee: Ruchith Udayanga Fernando
> 
> 
> There is an issue with the position of the <Timestamp> element in the 
> <Security> header when using  WSS4J calling .NET Web Services with 
> WS-Security.  When using the "Timestamp Signature" action over https, we are 
> receiving the following error: "Signing without primary signature requires 
> timestamp".   When I modified org.apache.ws.security.message.WSSecSignature 
> to position <Timestamp> as the first element in <Security> it worked fine (by 
> default <Timestamp> is the last element and after the <Signature>).  Can this 
> be fixed or can you make Timestamp positioned first as a configuration option?
> 
> <soapenv:Header>
>   <wsse:Security>
>  
>     <wsu:Timestamp>
>       <wsu:Created>2010-05-06T16:46:31.594Z</wsu:Created>
>       <wsu:Expires>2010-05-06T16:51:31.594Z</wsu:Expires>
>     </wsu:Timestamp>
>  
>     <wsse:BinarySecurityToken</wsse:BinarySecurityToken>
>  
>     <ds:Signature>
>        ....
>     </ds:Signature>
>   </wsse:Security>
> </soapenv:Header>
> 
> 
> 


---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]

Reply via email to