axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jchappelle <jchappe...@4redi.com>
Subject The security token could not be authenticated or authorized
Date Sat, 24 Jan 2009 04:52:42 GMT

I am having a problem with my java client talking to a .NET web service. I've
bee working on this for two weeks so I'm hoping for any response.

I have a .NET client that was provided to me and it works fine. I was
emailed a security token from the organization providing the service with no
instructions on what that is for or how to use it. Here is the output of the
.NET client followed by my java client output:

<?xml version="1.0" encoding="utf-8"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:xsd="http://www.w3.org/2001/XMLSchema"
	xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing"

xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"

xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
	<soap:Header>
		<wsa:Action>
			http://cdr.ffiec.gov/public/services/TestUserAccess
		</wsa:Action>
		<wsa:MessageID>
			uuid:5149a310-2cad-4cb6-b991-2d77ab80c578
		</wsa:MessageID>
		<wsa:ReplyTo>
			<wsa:Address>
				http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous
			</wsa:Address>
		</wsa:ReplyTo>
		<wsa:To>
			https://cdr.ffiec.gov/public/pws/webservices/retrievalservice.asmx
		</wsa:To>
		<wsse:Security soap:mustUnderstand="1">
			<wsu:Timestamp
				wsu:Id="Timestamp-2ffdff2a-03df-403c-a9bc-5e5fe19448ae">
				<wsu:Created>2009-01-16T19:12:49Z</wsu:Created>
				<wsu:Expires>2009-01-16T19:17:49Z</wsu:Expires>
			</wsu:Timestamp>
			<wsse:UsernameToken
			
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
				wsu:Id="SecurityToken-4009939f-0fa7-4d03-bda4-bf2035e3b562">
				<wsse:Username>username</wsse:Username>
				<wsse:Password
				
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">
					8jFVXIDZvSw8+YWW58gabBE9+1c=
				</wsse:Password>
				<wsse:Nonce>O8twiauocM1xHeFCwTPFQg==</wsse:Nonce>
				<wsu:Created>2009-01-16T19:12:49Z</wsu:Created>
			</wsse:UsernameToken>
		</wsse:Security>
	</soap:Header>
	<soap:Body>
		<TestUserAccess xmlns="http://cdr.ffiec.gov/public/services" />
	</soap:Body>
</soap:Envelope>

<?xml version='1.0' encoding='utf-8'?>
<soapenv:Envelope
	xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
	<soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
		<wsse:Security
		
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
			soapenv:mustUnderstand="1">
			<wsse:UsernameToken
			
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
				wsu:Id="UsernameToken-29194312">
				<wsse:Username>username</wsse:Username>
				<wsse:Password
				
Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordDigest">
					/td4td6ueFVGxXf5V/xk3Lix7NA=
				</wsse:Password>
				<wsse:Nonce>Gws4hhqV1nu1fGCxT5ImXg==</wsse:Nonce>
				<wsu:Created>2009-01-23T16:12:57.296Z</wsu:Created>
			</wsse:UsernameToken>
		</wsse:Security>
		<wsa:To>
			https://cdr.ffiec.gov/public/pws/webservices/retrievalservice.asmx
		</wsa:To>
		<wsa:ReplyTo>
			<wsa:Address>
				http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous
			</wsa:Address>
		</wsa:ReplyTo>
		<wsa:MessageID>
			urn:uuid:DC39179C3DE50AA4D11232727177131
		</wsa:MessageID>
		<wsa:Action>
			http://cdr.ffiec.gov/public/services/TestUserAccess
		</wsa:Action>
	</soapenv:Header>
	<soapenv:Body>
		<ns1:TestUserAccess
			xmlns:ns1="http://cdr.ffiec.gov/public/services" />
	</soapenv:Body>
</soapenv:Envelope>


My java client using a generated stub from the wsdl:

public class RetrievalServiceDemo
{

	public static void main(String[] args) throws Exception
	{
		System.setProperty("javax.net.ssl.trustStore","c:/Program
Files/Java/security/keystore.jks"); 
		System.setProperty("javax.net.ssl.trustStorePassword", "password");
		System.setProperty("javax.net.ssl.keyStore","c:/Program
Files/Java/security/keystore.jks"); 
		System.setProperty("javax.net.ssl.keyStorePassword", "password");
		ConfigurationContext ctx =
ConfigurationContextFactory.createConfigurationContextFromFileSystem("C:/redi/2009.1/soap/config");
		RetrievalServiceStub stub = new
RetrievalServiceStub(ctx,"https://cdr.ffiec.gov/public/pws/webservices/retrievalservice.asmx");
		Options options = stub._getServiceClient().getOptions();
		options.setProperty(RampartMessageData.KEY_RAMPART_POLICY,
loadPolicy("C:/redi/2009.1/soap/config/policy.xml"));
		RetrievalServiceStub.TestUserAccess req = new
RetrievalServiceStub.TestUserAccess();
		RetrievalServiceStub.TestUserAccessResponse res =
stub.TestUserAccess(req);
		System.out.println(res.getTestUserAccessResult());
	}

	private static Policy loadPolicy(String xmlPath) throws Exception
	{
		StAXOMBuilder builder = new StAXOMBuilder(xmlPath);
		return PolicyEngine.getPolicy(builder.getDocumentElement());
	}

}

I have attached my config files. Please help I'm going crazy.

Thanks,

Josh
http://www.nabble.com/file/p21637269/axis2.xml axis2.xml 
http://www.nabble.com/file/p21637269/policy.xml policy.xml 


-- 
View this message in context: http://www.nabble.com/The-security-token-could-not-be-authenticated-or-authorized-tp21637269p21637269.html
Sent from the Axis - User mailing list archive at Nabble.com.


Mime
View raw message