axis-c-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Jamie Lyon" ...@it-innovation.soton.ac.uk>
Subject RE: Error: "Key Reference Info is mismatch with policy"?
Date Wed, 08 Aug 2007 08:48:07 GMT
Excellent, that's fixed that problem.

You will have to excuse my simple questions; I've not used ws-policy
before.

Is it possible to specify that the client has to include a timestamp in
the sent message, but may or may not receive one back?

Having <sp:IncludeTimestamp/> returns "[info] [rampart][shp] Timestamp
is not in the message", and modifying it to <sp:IncludeTimestamp
wsp:Optional="true"/> still comes up with the same error.

I've looked in the ws-policy specifications, but as of yet, haven't
really found any detailed information on how to include timestamps in
one direction, but not the other, so any help would be greatly
appreciated.

Thanks,
Jamie

> -----Original Message-----
> From: Manjula Peiris [mailto:manjula@wso2.com]
> Sent: 08 August 2007 11:22
> To: Apache AXIS C Developers List
> Subject: Re: Error: "Key Reference Info is mismatch with policy"?
> 
> Hi Jamie,
> 
> Please check the value of <sp:IncludeToken> attribute in the
> <sp:InitiatorToken> element. If it is ,
>
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always
To
> Recipient then the certificate used to signed the message is sent only
by
> the client to server. The Client should not see it  attached as a
> <BinarySecurityToken> in the recieved message. If you want this
> <BinarySecurityToken> element to be in the recieved message of the
client
> please change the <sp:IncludeToken>  attribute to
>
http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always
.
> 
> If this does not work please send the policy file you are using.
> 
> Thanks
> -Manjula.
> 
> 
> On Tue, 2007-08-07 at 16:26 +0100, Jamie Lyon wrote:
> > Hi,
> >
> >
> >
> > I'm writing a client to an existing service in Axis2/C. Can anyone
> > shed any light as to what could cause the above error message "Key
> > Reference Info is mismatch with policy"? It appears to me as though
> > it's saying that the namespace or something in the received message
is
> > not matching what is in the policy.xml. You can see the context of
the
> > message in the snippet of the debug log below.
> >
> >
> >
> > The situation seems odd however, since as you can see from the sent
log,
> the message sent by the client is perfectly fine. The namespaces,
tokens
> etc... all seem to match that which is received back from the server.
> >
> > I have attached the sent and received messages, and below is a
snippet
> of the debug log:
> > [Tue Aug  7 16:13:02 2007] [info]  [rampart][shp] Process security
> header
> > [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node
> Security for EncryptedKey
> > [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node
> BinarySecurityToken for EncryptedKey
> > [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node
> Signature for EncryptedKey
> > [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node
> SignedInfo for EncryptedKey
> > [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node
> CanonicalizationMethod for EncryptedKey
> > [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node
> SignatureMethod for EncryptedKey
> > [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node
> Reference for EncryptedKey
> > [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node
> Transforms for EncryptedKey
> > [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node
> Transform for EncryptedKey
> > [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node
> DigestMethod for EncryptedKey
> > [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node
> DigestValue for EncryptedKey
> > [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node
> SignatureValue for EncryptedKey
> > [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node
> KeyInfo for EncryptedKey
> > [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node
> SecurityTokenReference for EncryptedKey
> > [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node
> Reference for EncryptedKey
> > [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node
> Security for Signature
> > [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node
> BinarySecurityToken for Signature
> > [Tue Aug  7 16:13:02 2007] [info]  [rampart][axiom] Checking node
> Signature for Signature
> > [Tue Aug  7 16:13:02 2007] [info]  [rampart][shp] Processing
Signature
> element.
> > [Tue Aug  7 16:13:02 2007] [info]  [Rampart][shp]Key Reference Info
is
> mismatch with policy
> > [Tue Aug  7 16:13:02 2007] [info]  [rampart][rampart_in_handler]
> Security Header processing failed.
> > [Tue Aug  7 16:13:02 2007] [debug] engine.c(292) Axis2 engine
receive
> completed!
> > [Tue Aug  7 16:13:02 2007] [error]
autogen/axis2_DataService.cpp(1236)
> returnNode is NULL: Error code: 2 :: NULL paramater was passed when a
non
> NULL parameter was expected
> >
> >
> >
> > Thanks,
> >
> > Jamie
> >
> >
> >
---------------------------------------------------------------------
> > To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
> > For additional commands, e-mail: axis-c-dev-help@ws.apache.org
> 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-c-dev-help@ws.apache.org


---------------------------------------------------------------------
To unsubscribe, e-mail: axis-c-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-c-dev-help@ws.apache.org


Mime
View raw message