cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From pop-sa <ehab.abdelwhab.atal...@gmail.com>
Subject consuming secured .net asmx web service
Date Tue, 08 Oct 2013 12:05:16 GMT
Hey all,
                I’ve a problem to communicate from a java client with a
secured .Net ASMX service “signature and encryption using user name token”
.NET example is in the follow link
               
http://www.codeproject.com/Articles/12189/Custom-WSE-3-0-Policy-Assertions-for-Signing-and-E

the return is like this

Caused by: org.apache.cxf.binding.soap.SoapFault: The signature or
decryption was invalid ---> WSE523: The CipherData contents are invalid.
                at
org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.unmarshalFault(Soap11FaultInInterceptor.java:84)
                at
org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:51)
                at
org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:40)
                at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
                at
org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:113)
                at
org.apache.cxf.jaxws.handler.soap.SOAPHandlerInterceptor.handleMessage(SOAPHandlerInterceptor.java:140)
                at
org.apache.cxf.jaxws.handler.soap.SOAPHandlerInterceptor.handleMessage(SOAPHandlerInterceptor.java:71)
                at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
                at
org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:800)
                at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1592)
                at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1490)
                at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1309)
                at
org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
                at
org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:622)
                at
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
                at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
                at
org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530)
                at
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463)
                at
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:366)
                at
org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:319)
                at
org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
                at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:133)
                ... 3 more
Java Result: 1

The java message Handler that sends request to the web service is like this

  private void handleOUTBOUNDMessage(SOAPMessageContext messageContext) {
        try {
            System.out.println("Handle Message handleOUTBOUNDMessage...");
            SOAPPart soapPart =
messageContext.getMessage().getSOAPPart();//.addMimeHeader(null, null);
            SOAPEnvelope soapEnvelope =
messageContext.getMessage().getSOAPPart().getEnvelope();

            soapEnvelope.addNamespaceDeclaration("wsse",
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd");
            soapEnvelope.addNamespaceDeclaration("wsu",
"http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd");
            soapEnvelope.addNamespaceDeclaration("wsa",
"http://schemas.xmlsoap.org/ws/2004/08/addressing");

            WSAddressingFeature ws = new WSAddressingFeature();
            ws.setUsingAddressingAdvisory(true);
            ws.setAddressingRequired(true);

            WSSecHeader secHeader = new WSSecHeader();
            Document doc =
messageContext.getMessage().getSOAPHeader().getOwnerDocument();
            secHeader.insertSecurityHeader(doc);





            WSSecUsernameToken builder = new WSSecUsernameToken();
            String password = convertBase64("admin");
            builder.setUserInfo("admin", "admin");
builder.addCreated();
            builder.addNonce();

            builder.prepare(doc);
            builder.build(doc, secHeader);


            WSSecurityUtil.setNamespace(builder.getUsernameTokenElement(),
                    WSConstants.WSU_NS,
                    WSConstants.WSU_PREFIX);

            String outputString =
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc);

            WSSecSignature sign = new WSSecSignature();
            sign.setCustomTokenValueType(WSConstants.USERNAMETOKEN_NS +
"#UsernameToken");
            sign.setCustomTokenId(builder.getId());
            sign.setSecretKey(builder.getSecretKey());
            sign.setKeyIdentifierType(WSConstants.CUSTOM_SYMM_SIGNING);
            sign.setSignatureAlgorithm(WSConstants.HMAC_SHA1);

            WSAddressingFeature wsws = new WSAddressingFeature();

            WSEncryptionPart wsen = new WSEncryptionPart(builder.getId());

            sign.prepare(doc, null, secHeader);
            Document signedDoc = sign.build(doc, null, secHeader);

            WSSecTimestamp secTimestamp = new WSSecTimestamp();


            secTimestamp.prepare(doc);
            secTimestamp.build(doc, secHeader);


            Reference ref = new Reference(doc);

            ref.setURI("#" + builder.getId());

           
ref.setValueType("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#UsernameToken");

            SecurityTokenReference secRef = new SecurityTokenReference(doc);

            secRef.setReference(ref);

            WSSecurityUtil.setNamespace(secRef.getElement(),
WSConstants.WSSE_NS, WSConstants.WSSE_PREFIX);

            WSSecEncrypt secEncrypt = new WSSecEncrypt();

           
secEncrypt.setKeyIdentifierType(WSConstants.EMBED_SECURITY_TOKEN_REF);

            secEncrypt.setSecurityTokenReference(secRef);

            byte[] b = new byte[256];

            ByteBuffer by = ByteBuffer.wrap(builder.getSecretKey());
            by.put(builder.getSecretKey());
            secEncrypt.setKey(by.array());

            byte[] keyBytes = new byte[16];
            byte[] parameterKeyBytes = password.getBytes("utf-8");
            System.arraycopy(parameterKeyBytes, 0, keyBytes, 0,
Math.min(parameterKeyBytes.length, keyBytes.length));

            SecretKeySpec secretKeySpec = new SecretKeySpec(keyBytes,
"AES");

            secEncrypt.setSymmetricKey(secretKeySpec);

            secEncrypt.setKey(keyBytes);

            secEncrypt.setKeyEnc(new String(keyBytes));
            secEncrypt.setKeyEncAlgo(WSConstants.AES_256);
            secEncrypt.setSymmetricEncAlgorithm(WSConstants.AES_256);

//            secEncrypt.setCustomEKTokenId(builder.getId());

            secEncrypt.setDocument(doc);

            secEncrypt.build(doc, null, secHeader);

            /**
             * to remove password tag*
             */
            boolean passwordRemoved = false;
            NodeList nodeList =
builder.getUsernameTokenElement().getChildNodes();
            Node node = null;
            for (int i = 0; i < nodeList.getLength(); i++) {
                node =
builder.getUsernameTokenElement().getChildNodes().item(i);
                if (node.getLocalName().equalsIgnoreCase("Password")) {
                    builder.getUsernameTokenElement().removeChild(node);
                    passwordRemoved = true;
                }
            }
            if (!passwordRemoved) {
                throw new Exception("Error removing UsernameToken
password");
            }

            WSSecurityUtil.prependChildElement(
                    secHeader.getSecurityHeader(),
builder.getUsernameTokenElement());

            outputString =
                   
org.apache.ws.security.util.XMLUtils.PrettyDocumentToString(doc);
            System.out.println("handleOUTBOUNDMessage outputstring: " +
outputString);


        } catch (Exception ex) {
            ex.printStackTrace();
        }

    }




--
View this message in context: http://cxf.547215.n5.nabble.com/consuming-secured-net-asmx-web-service-tp5734806.html
Sent from the cxf-dev mailing list archive at Nabble.com.

Mime
View raw message