axis-c-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Manjula Peiris <manj...@wso2.com>
Subject Re: Error: "Key Reference Info is mismatch with policy"?
Date Wed, 08 Aug 2007 10:22:12 GMT
Hi Jamie,

Please check the value of <sp:IncludeToken> attribute in the
<sp:InitiatorToken> element. If it is ,
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient then the
certificate used to signed the message is sent only by the client to server. The Client should
not see it  attached as a <BinarySecurityToken> in the recieved message. If you want
this <BinarySecurityToken> element to be in the recieved message of the client please
change the <sp:IncludeToken>  attribute to http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always.

If this does not work please send the policy file you are using.

Thanks
-Manjula.


On Tue, 2007-08-07 at 16:26 +0100, Jamie Lyon wrote:
> Hi,
> 
>  
> 
> I’m writing a client to an existing service in Axis2/C. Can anyone
> shed any light as to what could cause the above error message "Key
> Reference Info is mismatch with policy"? It appears to me as though
> it’s saying that the namespace or something in the received message is
> not matching what is in the policy.xml. You can see the context of the
> message in the snippet of the debug log below.
> 
>  
> 
> The situation seems odd however, since as you can see from the sent log, the message
sent by the client is perfectly fine. The namespaces, tokens etc… all seem to match that
which is received back from the server.
>  
> I have attached the sent and received messages, and below is a snippet of the debug log:
> [Tue Aug  7 16:13:02 2007] [info]  [rampart][shp] Process security header
> [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node Security for EncryptedKey
> [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node BinarySecurityToken
for EncryptedKey
> [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node Signature for EncryptedKey
> [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node SignedInfo for EncryptedKey
> [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node CanonicalizationMethod
for EncryptedKey
> [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node SignatureMethod for
EncryptedKey
> [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node Reference for EncryptedKey
> [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node Transforms for EncryptedKey
> [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node Transform for EncryptedKey
> [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node DigestMethod for EncryptedKey
> [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node DigestValue for EncryptedKey
> [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node SignatureValue for
EncryptedKey
> [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node KeyInfo for EncryptedKey
> [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node SecurityTokenReference
for EncryptedKey
> [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node Reference for EncryptedKey
> [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node Security for Signature
> [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node BinarySecurityToken
for Signature
> [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node Signature for Signature
> [Tue Aug  7 16:13:02 2007] [info]  [rampart][shp] Processing Signature element.
> [Tue Aug  7 16:13:02 2007] [info]  [Rampart][shp]Key Reference Info is mismatch with
policy
> [Tue Aug  7 16:13:02 2007] [info]  [rampart][rampart_in_handler] Security Header processing
failed.
> [Tue Aug  7 16:13:02 2007] [debug] engine.c(292) Axis2 engine receive completed!
> [Tue Aug  7 16:13:02 2007] [error] autogen/axis2_DataService.cpp(1236) returnNode is
NULL: Error code: 2 :: NULL paramater was passed when a non NULL parameter was expected
> 
>  
> 
> Thanks,
> 
> Jamie
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-dev-help@ws.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-dev-help@ws.apache.org


Mime
View raw message