axis-c-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Chen, Min" <>
Subject RE: Signature verification failure when signing the body in Rampart/C (but not in Rampart/Java)
Date Mon, 04 Jan 2010 19:30:44 GMT
Did anybody have a chance to look into this issue? I am totally stuck here, and any help would
be greatly appreciated. Thanks.


From: Chen, Min []
Sent: Friday, December 18, 2009 9:46 AM
Subject: Signature verification failure when signing the body in Rampart/C (but not in Rampart/Java)

Hi there,

                I am trying to write a C client using Axis2/C (1.6.0)  and Rampart/C (1.3.0)
to consume  a simple secured Echo web service.  This web service has a security policy applied
that requires that the content of the body be signed. The web service is written using Axis2/Java
and secured using Rampart/Java.  The C client stub is automatically generated using WSDL2C.bat,
and a policy file is applied in the test code. While running this C client, I ran into a problem
"The signature or decryption was invalid", from tcpmon, I can see that a secured SOAP message
is sent out but response has the detailed exception trace as follows:

org.apache.axis2.AxisFault: The signature or decryption was invalid org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(
    at org.apache.axis2.engine.Phase.invoke( org.apache.axis2.engine.AxisEngine.invoke(;
            at org.apache.axis2.engine.AxisEngine.receive( org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(
org.apache.axis2.transport.http.HTTPWorker.service( org.apache.axis2.transport.http.server.AxisHttpService.doService(
java.util.concurrent.ThreadPoolExecutor$Worker.runTask( java.util.concurrent.ThreadPoolExecutor$
Caused by: The signature or decryption was invalid
org.apache.rampart.RampartEngine.process( org.apache.rampart.handler.RampartReceiver.invoke(
                ... 11 more

To make sure that my service is written properly, I also wrote a Java client (using wsdl2java
to automatically generate stub from the same wsdl file) using Axis2/Java (1.5.1) and Rampart/Java
(1.4) to consume it, with a similar policy file used in C client and same security keys stored
in JKS keystore, and it works fine.  This makes me wonder if this is a known bug in Rampart/C
or Axis2/C?

Here attached related files for investigating this issue.  Any help from Axis2-C developers
or users will be greatly appreciated.

1.       policy.xml: security policy file used in C client

2.       services.xml:  web service xml file

3.       Echo.c :  C client code

4. containing all the security keys used in this exercise.  server.jks contains
keys for both client and server (alias are "client" and "server" respectively). Both keystore
and key password are "testing", and client and server PEM files are generated from server.jks
by following steps in

5.       Echo.wsdl: wsdl used to generate code for client stub.

6.       echo.log:  detailed Axis2 log from running Echo client

7.       reqsoap.xml: SOAP request sent from Echo c client


View raw message