axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Konstantinos Pateras" <kpate...@googlemail.com>
Subject Re: Cannot encrypt SOAP body
Date Mon, 19 Mar 2007 18:19:03 GMT
Hi Ruchith,

I just use an Axis2.xml file to configure the client and a Service.xml
file to configure the server. I did some tests with only action
Encrypt and they failed with the Generic error X509Data invalid length
of data to encrypt or something like that. So I suppose that no
encryption was taking place due to an error and the error message
wasn't displayed. Any clue on this error?

On 3/19/07, Ruchith Fernando <ruchith.fernando@gmail.com> wrote:
> Hi,
>
> Did you use the axis2.xml file of the service to configure the service?
>
> This can happen is if you have a different configuration in the
> service.xml file which does only signature. In this case the
> configuration of the axis2.xml will be overridden (unless you use the
> locked="true" attribute of the parameters).
>
> Thanks,
> Ruchith
>
> p.s. Please use rampart-dev@ws.apache.org for rampart related posts.
>
> On 3/19/07, Konstantinos Pateras <kpateras@googlemail.com> wrote:
> > Hi, I am relatively new in web services and security and I am facing a
> > problem. I have set up Axis2 1.1.1 and Rampart 1.1 and configure it (I
> > followed the configuration instructions for Rampart 1.0 that are still
> > supported). I use the actions Timestamp Sign Encrypt to sign the body
> > and then encrypt it. The messages are generated fine and I get the
> > response from the server but I only see from SOAP monitor the
> > signature of the body. The actual data are still there unencrypted and
> > the response is also in plain text.
> >
> > Client configuration:
> >
> >    <parameter name = "OutflowSecurity">
> >        <action>
> >            <items>Timestamp Encrypt Signature</items>
> >            <user>client</user>
> >            <passwordCallbackClass>thesis.PWCBHandler</passwordCallbackClass>
> >            <signaturePropFile>client.properties</signaturePropFile>
> >            <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
> >            <encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
> >            <encryptionUser>srv_cert</encryptionUser>
> >        </action>
> >    </parameter>
> >    <parameter name = "InflowSecurity">
> >        <action>
> >            <items>Timestamp Encrypt Signature</items>
> >            <passwordCallbackClass>thesis.PWCBHandler</passwordCallbackClass>
> >            <signaturePropFile>client.properties</signaturePropFile>
> >        </action>
> >    </parameter>
> >
> >
> > Server configuration:
> >
> >    <parameter name = "InflowSecurity">
> >        <action>
> >            <items>Timestamp Encrypt Signature</items>
> >            <passwordCallbackClass>thesis.PWCBHandler</passwordCallbackClass>
> >            <signaturePropFile>service.properties</signaturePropFile>
> >        </action>
> >    </parameter>
> >    <parameter name = "OutflowSecurity">
> >        <action>
> >            <items>Timestamp Encrypt Signature</items>
> >            <user>authsrv</user>
> >            <passwordCallbackClass>thesis.PWCBHandler</passwordCallbackClass>
> >            <signaturePropFile>service.properties</signaturePropFile>
> >            <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
> >            <encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
> >            <encryptionUser>useReqSigCert</encryptionUser>
> >        </action>
> >    </parameter>
> >
> > Please help!
> > Thanks in advance
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> > For additional commands, e-mail: axis-user-help@ws.apache.org
> >
> >
>
>
> --
> www.ruchith.org
> www.wso2.org
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org


Mime
View raw message