axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Gabriel Millaire <gabriel.milla...@boku.com>
Subject Axis2+Rampart: Policy Layout "LaxTimestampLast" not working
Date Thu, 23 Feb 2012 02:09:45 GMT
Hi,

I have successfully implemented WS-Security using Rampart (1.6.0) in Axis2 (1.6.0). I wish
to have the Timestamp added last to the SOAP header. However, even when I specify the "LaxTimestampLast"
policy layout in the ws-policy configuration, the Timestamp is still added first in the header.

Any idea why that is?

Here is the ws-policy config I have:

      <wsp:Policy wsu:Id="SigOnly" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
          <wsp:ExactlyOne>
            <wsp:All>
              <sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
                <wsp:Policy>
                  <sp:InitiatorToken>
                    <wsp:Policy>
                      <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
                        <wsp:Policy>
                          <sp:WssX509V3Token10/>
                        </wsp:Policy>
                      </sp:X509Token>
                    </wsp:Policy>
                  </sp:InitiatorToken>
                  <sp:RecipientToken>
                    <wsp:Policy>
                      <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
                        <wsp:Policy>
                          <sp:WssX509V3Token10/>
                        </wsp:Policy>
                      </sp:X509Token>
                    </wsp:Policy>
                  </sp:RecipientToken>
                  <sp:AlgorithmSuite>
                    <wsp:Policy>
                      <sp:TripleDesRsa15/>
                    </wsp:Policy>
                  </sp:AlgorithmSuite>
                  <sp:Layout>
                    <wsp:Policy>
                      <sp:LaxTimestampLast/>
                    </wsp:Policy>
                  </sp:Layout>
                  <sp:IncludeTimestamp/>
                  <sp:OnlySignEntireHeadersAndBody/>
                </wsp:Policy>
              </sp:AsymmetricBinding>
            </wsp:All>
          </wsp:ExactlyOne>
        </wsp:Policy>



Here is an example of SOAP request that is sent using that policy:


<?xml version='1.0' encoding='utf-8'?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
  <soapenv:Header>
    <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
soapenv:mustUnderstand="1">
      <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Timestamp-1">
        <wsu:Created>2012-02-23T01:31:28.310Z</wsu:Created>
        <wsu:Expires>2012-02-23T01:36:28.310Z</wsu:Expires>
      </wsu:Timestamp>
      <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
wsu:Id="CertId-27ACCE267D47AE995B13299606884381">BINARY_TOKEN_REMOVED</wsse:BinarySecurityToken>
      <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-2">
        <ds:SignedInfo>
          <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"
/>
          <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
          <ds:Reference URI="#Timestamp-1">
            <ds:Transforms>
              <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
            </ds:Transforms>
            <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
            <ds:DigestValue>DIGEST_VALUE_REMOVED</ds:DigestValue>
          </ds:Reference>
        </ds:SignedInfo>
        <ds:SignatureValue>
          SIGNATURE_VALUE_REMOVED
        </ds:SignatureValue>
        <ds:KeyInfo Id="KeyId-27ACCE267D47AE995B13299606884462">
          <wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="STRId-27ACCE267D47AE995B13299606884483">
            <wsse:Reference URI="#CertId-27ACCE267D47AE995B13299606884381" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
/>
          </wsse:SecurityTokenReference>
        </ds:KeyInfo>
      </ds:Signature>
    </wsse:Security>
  </soapenv:Header>
  <soapenv:Body>
    SOAP_BODY_REMOVED
  </soapenv:Body>
</soapenv:Envelope>



And, finally, here is the (quite long) debug log of the process:


DEBUG [org.apache.xml.security.Init]  Canonicalizer.register(http://www.w3.org/TR/2001/REC-xml-c14n-20010315,
org.apache.xml.security.c14n.implementations.Canonicalizer20010315OmitComments)
DEBUG [org.apache.xml.security.Init]  Canonicalizer.register(http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments,
org.apache.xml.security.c14n.implementations.Canonicalizer20010315WithComments)
DEBUG [org.apache.xml.security.Init]  Canonicalizer.register(http://www.w3.org/2001/10/xml-exc-c14n#,
org.apache.xml.security.c14n.implementations.Canonicalizer20010315ExclOmitComments)
DEBUG [org.apache.xml.security.Init]  Canonicalizer.register(http://www.w3.org/2001/10/xml-exc-c14n#WithComments,
org.apache.xml.security.c14n.implementations.Canonicalizer20010315ExclWithComments)
DEBUG [org.apache.xml.security.Init]  Canonicalizer.register(http://www.w3.org/2006/12/xml-c14n11,
org.apache.xml.security.c14n.implementations.Canonicalizer11_OmitComments)
DEBUG [org.apache.xml.security.Init]  Canonicalizer.register(http://www.w3.org/2006/12/xml-c14n11#WithComments,
org.apache.xml.security.c14n.implementations.Canonicalizer11_WithComments)
DEBUG [org.apache.xml.security.Init]  Transform.register(http://www.w3.org/2000/09/xmldsig#base64,
org.apache.xml.security.transforms.implementations.TransformBase64Decode)
DEBUG [org.apache.xml.security.Init]  Transform.register(http://www.w3.org/TR/2001/REC-xml-c14n-20010315,
org.apache.xml.security.transforms.implementations.TransformC14N)
DEBUG [org.apache.xml.security.Init]  Transform.register(http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments,
org.apache.xml.security.transforms.implementations.TransformC14NWithComments)
DEBUG [org.apache.xml.security.Init]  Transform.register(http://www.w3.org/2006/12/xml-c14n11,
org.apache.xml.security.transforms.implementations.TransformC14N11)
DEBUG [org.apache.xml.security.Init]  Transform.register(http://www.w3.org/2006/12/xml-c14n11#WithComments,
org.apache.xml.security.transforms.implementations.TransformC14N11_WithComments)
DEBUG [org.apache.xml.security.Init]  Transform.register(http://www.w3.org/2001/10/xml-exc-c14n#,
org.apache.xml.security.transforms.implementations.TransformC14NExclusive)
DEBUG [org.apache.xml.security.Init]  Transform.register(http://www.w3.org/2001/10/xml-exc-c14n#WithComments,
org.apache.xml.security.transforms.implementations.TransformC14NExclusiveWithComments)
DEBUG [org.apache.xml.security.Init]  Transform.register(http://www.w3.org/TR/1999/REC-xpath-19991116,
org.apache.xml.security.transforms.implementations.TransformXPath)
DEBUG [org.apache.xml.security.Init]  Transform.register(http://www.w3.org/2000/09/xmldsig#enveloped-signature,
org.apache.xml.security.transforms.implementations.TransformEnvelopedSignature)
DEBUG [org.apache.xml.security.Init]  Transform.register(http://www.w3.org/TR/1999/REC-xslt-19991116,
org.apache.xml.security.transforms.implementations.TransformXSLT)
DEBUG [org.apache.xml.security.Init]  Transform.register(http://www.w3.org/2002/04/xmldsig-filter2,
org.apache.xml.security.transforms.implementations.TransformXPath2Filter)
DEBUG [org.apache.xml.security.Init]  Transform.register(http://www.w3.org/2002/06/xmldsig-filter2,
org.apache.xml.security.transforms.implementations.TransformXPath2Filter)
DEBUG [org.apache.xml.security.algorithms.SignatureAlgorithm]  Init() called
DEBUG [org.apache.xml.security.Init]  SignatureAlgorithm.register(http://www.w3.org/2000/09/xmldsig#dsa-sha1,
org.apache.xml.security.algorithms.implementations.SignatureDSA)
DEBUG [org.apache.xml.security.algorithms.SignatureAlgorithm]  Try to register http://www.w3.org/2000/09/xmldsig#dsa-sha1
org.apache.xml.security.algorithms.implementations.SignatureDSA
DEBUG [org.apache.xml.security.Init]  SignatureAlgorithm.register(http://www.w3.org/2000/09/xmldsig#rsa-sha1,
org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA1)
DEBUG [org.apache.xml.security.algorithms.SignatureAlgorithm]  Try to register http://www.w3.org/2000/09/xmldsig#rsa-sha1
org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA1
DEBUG [org.apache.xml.security.Init]  SignatureAlgorithm.register(http://www.w3.org/2000/09/xmldsig#hmac-sha1,
org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA1)
DEBUG [org.apache.xml.security.algorithms.SignatureAlgorithm]  Try to register http://www.w3.org/2000/09/xmldsig#hmac-sha1
org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA1
DEBUG [org.apache.xml.security.Init]  SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#rsa-md5,
org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSAMD5)
DEBUG [org.apache.xml.security.algorithms.SignatureAlgorithm]  Try to register http://www.w3.org/2001/04/xmldsig-more#rsa-md5
org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSAMD5
DEBUG [org.apache.xml.security.Init]  SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160,
org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSARIPEMD160)
DEBUG [org.apache.xml.security.algorithms.SignatureAlgorithm]  Try to register http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160
org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSARIPEMD160
DEBUG [org.apache.xml.security.Init]  SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#rsa-sha256,
org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA256)
DEBUG [org.apache.xml.security.algorithms.SignatureAlgorithm]  Try to register http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA256
DEBUG [org.apache.xml.security.Init]  SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#rsa-sha384,
org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA384)
DEBUG [org.apache.xml.security.algorithms.SignatureAlgorithm]  Try to register http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA384
DEBUG [org.apache.xml.security.Init]  SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#rsa-sha512,
org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA512)
DEBUG [org.apache.xml.security.algorithms.SignatureAlgorithm]  Try to register http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA512
DEBUG [org.apache.xml.security.Init]  SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1,
org.apache.xml.security.algorithms.implementations.SignatureECDSA$SignatureECDSASHA1)
DEBUG [org.apache.xml.security.algorithms.SignatureAlgorithm]  Try to register http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1
org.apache.xml.security.algorithms.implementations.SignatureECDSA$SignatureECDSASHA1
DEBUG [org.apache.xml.security.Init]  SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#hmac-md5,
org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacMD5)
DEBUG [org.apache.xml.security.algorithms.SignatureAlgorithm]  Try to register http://www.w3.org/2001/04/xmldsig-more#hmac-md5
org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacMD5
DEBUG [org.apache.xml.security.Init]  SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160,
org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacRIPEMD160)
DEBUG [org.apache.xml.security.algorithms.SignatureAlgorithm]  Try to register http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160
org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacRIPEMD160
DEBUG [org.apache.xml.security.Init]  SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#hmac-sha256,
org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA256)
DEBUG [org.apache.xml.security.algorithms.SignatureAlgorithm]  Try to register http://www.w3.org/2001/04/xmldsig-more#hmac-sha256
org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA256
DEBUG [org.apache.xml.security.Init]  SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#hmac-sha384,
org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA384)
DEBUG [org.apache.xml.security.algorithms.SignatureAlgorithm]  Try to register http://www.w3.org/2001/04/xmldsig-more#hmac-sha384
org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA384
DEBUG [org.apache.xml.security.Init]  SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#hmac-sha512,
org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA512)
DEBUG [org.apache.xml.security.algorithms.SignatureAlgorithm]  Try to register http://www.w3.org/2001/04/xmldsig-more#hmac-sha512
org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA512
DEBUG [org.apache.xml.security.Init]  Register Resolver: org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP:
A simple resolver for requests to HTTP space
DEBUG [org.apache.xml.security.Init]  Register Resolver: org.apache.xml.security.utils.resolver.implementations.ResolverLocalFilesystem:
A simple resolver for requests to the local file system
DEBUG [org.apache.xml.security.Init]  Register Resolver: org.apache.xml.security.utils.resolver.implementations.ResolverFragment:
A simple resolver for requests of same-document URIs
DEBUG [org.apache.xml.security.Init]  Register Resolver: org.apache.xml.security.utils.resolver.implementations.ResolverXPointer:
A simple resolver for requests of XPointer fragents
DEBUG [org.apache.xml.security.Init]  Register Resolver: org.apache.xml.security.keys.keyresolver.implementations.RSAKeyValueResolver:
Can extract RSA public keys
DEBUG [org.apache.xml.security.Init]  Register Resolver: org.apache.xml.security.keys.keyresolver.implementations.DSAKeyValueResolver:
Can extract DSA public keys
DEBUG [org.apache.xml.security.Init]  Register Resolver: org.apache.xml.security.keys.keyresolver.implementations.X509CertificateResolver:
Can extract public keys from X509 certificates
DEBUG [org.apache.xml.security.Init]  Register Resolver: org.apache.xml.security.keys.keyresolver.implementations.X509SKIResolver:
Uses an X509v3 SubjectKeyIdentifier extension to retrieve a certificate from the storages
DEBUG [org.apache.xml.security.Init]  Register Resolver: org.apache.xml.security.keys.keyresolver.implementations.RetrievalMethodResolver:
Resolves keys and certificates using ResourceResolvers
DEBUG [org.apache.xml.security.Init]  Register Resolver: org.apache.xml.security.keys.keyresolver.implementations.X509SubjectNameResolver:
Uses an X509 SubjectName to retrieve a certificate from the storages
DEBUG [org.apache.xml.security.Init]  Register Resolver: org.apache.xml.security.keys.keyresolver.implementations.X509IssuerSerialResolver:
Uses an X509 IssuerName and IssuerSerial to retrieve a certificate from the storages
DEBUG [org.apache.xml.security.Init]  Now I try to bind prefixes:
DEBUG [org.apache.xml.security.Init]  Now I try to bind ds to http://www.w3.org/2000/09/xmldsig#
DEBUG [org.apache.xml.security.Init]  Now I try to bind xenc to http://www.w3.org/2001/04/xmlenc#
DEBUG [org.apache.xml.security.Init]  Now I try to bind experimental to http://www.xmlsecurity.org/experimental#
DEBUG [org.apache.xml.security.Init]  Now I try to bind dsig-xpath-old to http://www.w3.org/2002/04/xmldsig-filter2
DEBUG [org.apache.xml.security.Init]  Now I try to bind dsig-xpath to http://www.w3.org/2002/06/xmldsig-filter2
DEBUG [org.apache.xml.security.Init]  Now I try to bind ec to http://www.w3.org/2001/10/xml-exc-c14n#
DEBUG [org.apache.xml.security.Init]  Now I try to bind xx to http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter
DEBUG [org.apache.xml.security.Init]  XX_init                             89 ms
DEBUG [org.apache.xml.security.Init]    XX_prng                           0 ms
DEBUG [org.apache.xml.security.Init]    XX_parsing                        18 ms
DEBUG [org.apache.xml.security.Init]    XX_configure_i18n                 3 ms
DEBUG [org.apache.xml.security.Init]    XX_configure_reg_c14n             15 ms
DEBUG [org.apache.xml.security.Init]    XX_configure_reg_jcemapper        3 ms
DEBUG [org.apache.xml.security.Init]    XX_configure_reg_keyInfo          7 ms
DEBUG [org.apache.xml.security.Init]    XX_configure_reg_keyResolver      14 ms
DEBUG [org.apache.xml.security.Init]    XX_configure_reg_prefixes         1 ms
DEBUG [org.apache.xml.security.Init]    XX_configure_reg_resourceresolver 6 ms
DEBUG [org.apache.xml.security.Init]    XX_configure_reg_sigalgos         12 ms
DEBUG [org.apache.xml.security.Init]    XX_configure_reg_transforms       8 ms
DEBUG [org.apache.ws.security.WSSConfig]  The provider BC was added at position: 2
DEBUG [org.apache.ws.security.util.Loader]  org.apache.security.juice.provider.JuiCEProviderOpenSSL
java.lang.ClassNotFoundException: org.apache.security.juice.provider.JuiCEProviderOpenSSL
        at java.net.URLClassLoader$1.run(URLClassLoader.java:202)
        at java.security.AccessController.doPrivileged(Native Method)
        at java.net.URLClassLoader.findClass(URLClassLoader.java:190)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:306)
        at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301)
        at java.lang.ClassLoader.loadClass(ClassLoader.java:247)
        at org.apache.ws.security.util.Loader.loadClass(Loader.java:185)
        at org.apache.ws.security.WSSConfig.loadProvider(WSSConfig.java:605)
        at org.apache.ws.security.WSSConfig.addJceProvider(WSSConfig.java:662)
        at org.apache.ws.security.WSSConfig.staticInit(WSSConfig.java:306)
        at org.apache.ws.security.WSSConfig.<init>(WSSConfig.java:324)
        at org.apache.ws.security.WSSConfig.getNewInstance(WSSConfig.java:333)
        at org.apache.ws.security.WSSConfig.getDefaultWSConfig(WSSConfig.java:342)
        at org.apache.rampart.RampartMessageData.<init>(RampartMessageData.java:337)
        at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:61)
        at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:65)
        at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
        at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
        at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:262)
        at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:427)
        at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:406)
        at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
        at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
...
DEBUG [org.apache.ws.security.WSSConfig]  The provider JuiCE could not be added: org.apache.security.juice.provider.JuiCEProviderOpenSSL
DEBUG [org.apache.rampart.builder.AsymmetricBindingBuilder]  AsymmetricBindingBuilder build
invoked
DEBUG [org.apache.rampart.builder.BindingBuilder]  Adding timestamp
DEBUG [org.apache.ws.security.message.WSSecTimestamp]  Begin add timestamp...
DEBUG [org.apache.rampart.builder.BindingBuilder]  Timestamp id: Timestamp-1
DEBUG [org.apache.rampart.builder.BindingBuilder]  Adding timestamp: DONE
DEBUG [org.apache.rampart.builder.BindingBuilder]  Token inclusion: 5
DEBUG [org.apache.rampart.builder.BindingBuilder]  User : xxxx
DEBUG [org.apache.rampart.util.RampartUtil]  loading class : xxxx.PWCBHandler
DEBUG [org.apache.rampart.builder.BindingBuilder]  Password : xxxx
DEBUG [org.apache.rampart.util.RampartUtil]  Loading Signature crypto
DEBUG [org.apache.rampart.util.RampartUtil]  Using provider: org.apache.ws.security.components.crypto.Merlin
DEBUG [org.apache.rampart.util.RampartUtil]  Cache Miss : Crypto Object was not found in cache.
DEBUG [org.apache.ws.security.components.crypto.CryptoFactory]  Using Crypto Engine [org.apache.ws.security.components.crypto.Merlin]
DEBUG [org.apache.ws.security.util.Loader]  Trying to find [xxxx.jks] using sun.misc.Launcher$AppClassLoader@138d107f
class loader.
DEBUG [org.apache.ws.security.util.Loader]  Trying to find [xxxx.jks] using sun.misc.Launcher$AppClassLoader@138d107f
class loader.
DEBUG [org.apache.ws.security.util.Loader]  Trying to find [xxxx.jks] using ClassLoader.getSystemResource().
DEBUG [org.apache.ws.security.components.crypto.AbstractCrypto]  CA certs have been loaded
DEBUG [org.apache.rampart.util.RampartUtil]  Crypto object is inserted into the Cache.
DEBUG [org.apache.xml.security.utils.ElementProxy]  setElement("ds:SignatureMethod", "null")
DEBUG [org.apache.ws.security.util.Base64]  xxxx
...
DEBUG [org.apache.ws.security.util.Base64]  xxxx
DEBUG [org.apache.xml.security.transforms.Transforms]  Transforms.addTransform(http://www.w3.org/2001/10/xml-exc-c14n#)
DEBUG [org.apache.xml.security.transforms.Transform]  Create URI "http://www.w3.org/2001/10/xml-exc-c14n#"
class "class org.apache.xml.security.transforms.implementations.TransformC14NExclusive"
DEBUG [org.apache.xml.security.transforms.Transform]  The NodeList is null
DEBUG [org.apache.xml.security.transforms.Transforms]  Transforms.addTransform(http://www.w3.org/2001/10/xml-exc-c14n#)
DEBUG [org.apache.xml.security.algorithms.JCEMapper]  Request for URI http://www.w3.org/2000/09/xmldsig#sha1
DEBUG [org.apache.xml.security.algorithms.SignatureAlgorithm]  Create URI "http://www.w3.org/2000/09/xmldsig#rsa-sha1"
class "class org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA1"
DEBUG [org.apache.xml.security.algorithms.JCEMapper]  Request for URI http://www.w3.org/2000/09/xmldsig#rsa-sha1
DEBUG [org.apache.xml.security.algorithms.implementations.SignatureBaseRSA]  Created SignatureRSA
using SHA1withRSA
DEBUG [org.apache.xml.security.utils.resolver.ResourceResolver]  I was asked to create a ResourceResolver
and got 1
DEBUG [org.apache.xml.security.utils.resolver.ResourceResolver]   extra resolvers to my existing
4 system-wide resolvers
DEBUG [org.apache.xml.security.utils.resolver.ResourceResolver]  check resolvability by class
org.apache.ws.security.message.EnvelopeIdResolver
DEBUG [org.apache.ws.security.message.EnvelopeIdResolver]  enter engineResolve, look for:
#Timestamp-1
DEBUG [org.apache.ws.security.message.EnvelopeIdResolver]  exit engineResolve, result: XMLSignatureInput/Element/<wsu:Timestamp
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Timestamp-1"><wsu:Created>2012-02-23T01:31:28.310Z</wsu:Created><wsu:Expires>2012-02-23T01:36:28.310Z</wsu:Expires></wsu:Timestamp>
exclude null comments:false/null
DEBUG [org.apache.xml.security.utils.ElementProxy]  setElement("ds:Transform", "null")
DEBUG [org.apache.xml.security.utils.DigesterOutputStream]  Pre-digested input:
DEBUG [org.apache.xml.security.utils.DigesterOutputStream]  <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Timestamp-1"><wsu:Created>2012-02-23T01:31:28.310Z</wsu:Created><wsu:Expires>2012-02-23T01:36:28.310Z</wsu:Expires></wsu:Timestamp>
DEBUG [org.apache.xml.security.utils.SignerOutputStream]  Canonicalized SignedInfo:
DEBUG [org.apache.xml.security.utils.SignerOutputStream]  <ds:SignedInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
<ds:Reference URI="#Timestamp-1">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>DIGEST_VALUE_REMOVED</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
DEBUG [org.apache.rampart.TIME]  Signature took :299
DEBUG [org.apache.rampart.TIME]  Signature took :300, Encryption took :0
DEBUG [org.apache.rampart.builder.AsymmetricBindingBuilder]  AsymmetricBindingBuilder build
invoked : DONE
DEBUG [org.apache.rampart.MESSAGE]  *********************** RampartSender sent out

INSERT HERE PREVIOUS SOAP REQUEST

Mime
View raw message