cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From cxf newbie <calisto.s...@gmail.com>
Subject WebSphere 8, wss4j and cxf signature validation
Date Sat, 01 Feb 2014 10:51:49 GMT
Hi everybody,

I am using Websphere 8.0.0.7 and cxf in java project (client) and web
project (service).

Used jars are:

-	cxf-2.7.5
-	wss4j-1.6.10
-	xmlsec-1.5.4

Databinding is JiBX.

First I made service. 
To avoid well known bug "org.apache.ws.security.WSSecurityException: General
security error (Unable to load class
org.apache.ws.security.processor.SignatureProcessor)", I reworked
SignatureProcessor and WSSecSignature classes: 

    public SignatureProcessor() {
        // Try to install the Santuario Provider - fall back to the JDK
provider if this does
        // not work
//        try {
        	signatureFactory = XMLSignatureFactory.getInstance("DOM", new
XMLDSigRI());
//        } catch (NoSuchProviderException ex) {
//            signatureFactory = XMLSignatureFactory.getInstance("DOM");
//        }
//        try {
            keyInfoFactory = KeyInfoFactory.getInstance("DOM", new
XMLDSigRI());
//          } catch (NoSuchProviderException ex) {
//            keyInfoFactory = KeyInfoFactory.getInstance("DOM");
//        }
    }

Yes, I also tried recommended solution:
"WSSConfig.setAddJceProviders(false);" in "contextInitialized(final
ServletContextEvent pEvent)" but it did not work.
With this fix, when I test service in soapUI everything is OK.

Then I made client. 
My client config is:

<beans xmlns="http://www.springframework.org/schema/beans"
	xmlns:cxf="http://cxf.apache.org/core"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
	xmlns:sec="http://cxf.apache.org/configuration/security"
xmlns:http="http://cxf.apache.org/transports/http/configuration"
	xmlns:p="http://cxf.apache.org/policy"
xmlns:jaxws="http://cxf.apache.org/jaxws"
	xsi:schemaLocation="http://cxf.apache.org/core
http://cxf.apache.org/schemas/core.xsd            
		http://cxf.apache.org/configuration/security
http://cxf.apache.org/schemas/configuration/security.xsd            
		http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd           
 		http://cxf.apache.org/transports/http/configuration
http://cxf.apache.org/schemas/configuration/http-conf.xsd            
 		http://www.springframework.org/schema/beans
http://www.springframework.org/schema/beans/spring-beans.xsd">
	<cxf:bus>
		<cxf:features>
			<p:policies />
		</cxf:features>
	</cxf:bus>
	<jaxws:client name="{http://fina.hr/ebox/ws/v0.1}B2CFinaDocumentPortType"
		createdFromAPI="true">
		<jaxws:properties>
			<entry key="ws-security.callback-handler"
value="hr.ws.callbacks.UTPasswordCallback" />
			<entry key="ws-security.signature.username" value="client" />
			<entry key="ws-security.signature.properties"
value="client-crypto.properties" />
		</jaxws:properties>
		<jaxws:dataBinding>
			<bean class="org.apache.cxf.jibx.JibxDataBinding" />
		</jaxws:dataBinding>
		<jaxws:inInterceptors>
			<bean class="org.apache.cxf.interceptor.LoggingInInterceptor" />
		</jaxws:inInterceptors>
		<jaxws:outInterceptors>
			<bean class="org.apache.cxf.interceptor.LoggingOutInterceptor" />
		</jaxws:outInterceptors>
	</jaxws:client>
</beans>


Policy on server and client side is the same:

	<wsp:Policy wsu:Id="SignMessage"
	
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
		xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">

		<wsp:ExactlyOne>
			<wsp:All>
				<sp:AsymmetricBinding
					xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
					<wsp:Policy>
						<sp:InitiatorToken>
							<wsp:Policy>
								<sp:X509Token
								
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
									<wsp:Policy>
										<sp:WssX509V3Token11/>
									</wsp:Policy>
								</sp:X509Token>
							</wsp:Policy>
						</sp:InitiatorToken>
						<sp:RecipientToken>
							<wsp:Policy>
								<sp:X509Token
								
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToInitiator">
									<wsp:Policy>
										<sp:WssX509V3Token11/>
									</wsp:Policy>
								</sp:X509Token>
							</wsp:Policy>
						</sp:RecipientToken>
						<sp:AlgorithmSuite>
							<wsp:Policy>
								<sp:TripleDesRsa15  />
							</wsp:Policy>
						</sp:AlgorithmSuite>
						<sp:Layout>
							<wsp:Policy>
								<sp:Strict />
							</wsp:Policy>
						</sp:Layout>
						<sp:IncludeTimestamp />
						<sp:OnlySignEntireHeadersAndBody />
					</wsp:Policy>
				</sp:AsymmetricBinding>
				<sp:SignedParts
					xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
					<sp:Body />
					<sp:XPath xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" 
                      		
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
                       		
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
                 			/soap:Envelope/soap:Header/wsse:Security/wsu:Timestamp 
            		</sp:XPath>
				</sp:SignedParts>
				
			</wsp:All>
		</wsp:ExactlyOne>
	</wsp:Policy>


Without above mentioned change, on source line in SignatureProcessor which
says:
	
	"boolean signatureOk = xmlSignature.validate(context);"

debugger runs into "com.ibm.xml.crypto.dsig.dom.XMLSignatureImpl" else it
runs into "org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature".

After "validate(context)" method my reworked class returns null when this
code is executed: ((DOMReference)
(xmlSignature.getSignedInfo().getReferences().get(1))).getCalculatedDigestValue()
On index 0 is timestamp signature and on index 1 is body signature.

Next, when debugger comes into DOMSignatureMethod.verify() method:
 
		Provider p = (Provider)context.getProperty
			("org.jcp.xml.dsig.internal.dom.SignatureProvider");
		signature = (p == null)
			? Signature.getInstance(getJCAAlgorithm()) 
			: Signature.getInstance(getJCAAlgorithm(), p);

these are the debgger values:
	
algorithm field: SHA1withRSA
	
service field: com.ibm.crypto.provider.SHA1withRSA

returnedService field:
Provider IBMJCE Service Signature.SHA1withRSA
com.ibm.crypto.provider.SHA1withRSA
Aliases [SHA-1withRSA, SHAwithRSA, SHA-1/RSA, SHA1/RSA, SHA/RSA, RSA,
OID.1.3.14.3.2.26, 1.3.14.3.2.26, OID.1.2.840.113549.1.1.5,
1.2.840.113549.1.1.5]
provider = IBMJCE version 1.2
algorithm = SHA1withRSA

provider field: IBMJCE version 1.2

java.security.Signature (runtime implementation is
java.security.Signature$SignatureImpl) on line "return
signature.verify(sig);" in DOMSignatureMethod class returns false;
		
When I remove WebSphere Application Server v8.0 JRE and compile and run
client with Java JRE 1.6.0_33-b03 error is still present.		

And finally log:

INFO: Inbound Message
----------------------------
ID: 1
Response-Code: 200
Encoding: UTF-8
Content-Type: text/xml; charset=UTF-8
Headers: {Content-Language=[hr-HR], content-type=[text/xml; charset=UTF-8],
Date=[Sat, 01 Feb 2014 09:03:34 GMT], transfer-encoding=[chunked],
X-Powered-By=[Servlet/3.0]}
Payload: <soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"><soapenv:Header
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
soap:mustUnderstand="1"><wsse:BinarySecurityToken
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
wsu:Id="X509-E8FF036ABD555867E813912454151257">MIIByTCCATKgAwIBAgIEUuPDQTANBgkqhkiG9w0BAQUFADApMScwJQYDVQQDEx5EVE9NTEpFTk9WSUMyLmludHJhbmV0LmZpbmEuaHIwHhcNMTQwMTI1MTM1OTI5WhcNMTUwMTI1MTM1OTI5WjApMScwJQYDVQQDEx5EVE9NTEpFTk9WSUMyLmludHJhbmV0LmZpbmEuaHIwgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAIInpcJ6Up8h0IsO1b9xxqi+nNaZnUCQd41b1JCQwz+oyx2K3E0Xqx/6zoszvBcinYjiQoIG05Bag4WmGeS2qRKYoWI7C8JG1gvqSWWc6uO+h3nlLwj5K1KP3vt3SEe9uRzZBYEcKIlvITfZPj3pIXtRgPaEcXJumU1pK2eVZeGdAgMBAAEwDQYJKoZIhvcNAQEFBQADgYEAasuozBaoe2QrZJfd63auW6IOE1dEvCrGYXYs1l9EHuBaFKKB7XITJP1hkLGdS9Za/zXRQigKBiw1BFVZjqqot3L7qa16gyzlTlUqStXRZNB+e0HtwpfgrnDTA9ZI0eCL8A8KLvR7i97JALWUFLRUSn/szgDJgCo7TMH1AHg/vnA=</wsse:BinarySecurityToken><wsu:Timestamp
wsu:Id="TS-5"><wsu:Created>2014-02-01T09:03:35.125Z</wsu:Created><wsu:Expires>2014-02-01T09:08:35.125Z</wsu:Expires></wsu:Timestamp><ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
Id="SIG-6"><ds:SignedInfo><ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="soap soapenc
xsd xsi"/></ds:CanonicalizationMethod><ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/><ds:Reference
URI="#TS-5"><ds:Transforms><ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"
PrefixList=""/></ds:Transform></ds:Transforms><ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>mYk9GPohcGytkSRdVCyZ7jKOLl8=</ds:DigestValue></ds:Reference><ds:Reference
URI="#Id--877976895"><ds:Transforms><ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"><ec:InclusiveNamespaces
xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="soapenc xsd
xsi"/></ds:Transform></ds:Transforms><ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/><ds:DigestValue>U5zFVvHX3MOdxgwzHVXRNwSUcpk=</ds:DigestValue></ds:Reference></ds:SignedInfo><ds:SignatureValue>NzQQJi+4wPFMXt2ThTRMcwA/rdoVlScpVVbxEUV59hQfbsGzUs6B/xxBpLKdr4vR09YhI0MJxlg9
JBglPNIEtOwsJGMauUnsyUlzsEUr+jhrjh36Yy1kCmSvEaXvrdTOCx8wufATI11c5Doy/folKmqH
r0+K6aHTUbQEclBRgyY=</ds:SignatureValue><ds:KeyInfo
Id="KI-E8FF036ABD555867E813912454151258"><wsse:SecurityTokenReference
wsu:Id="STR-E8FF036ABD555867E813912454151259"><wsse:Reference
URI="#X509-E8FF036ABD555867E813912454151257"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/></wsse:SecurityTokenReference></ds:KeyInfo></ds:Signature></wsse:Security></soapenv:Header><soap:Body
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Id--877976895"><sad:SendAccountingDocumentAckMsg
xmlns:sad="http://fina.hr/ebox/ws/SendAccountingDocument/v0.1"><bwsc:MessageAck
xmlns:bwsc="http://fina.hr/eracun/boxwebservicecomponents"><bwsc:MessageID>2d3d0bb3-c560-4fa8-abba-9912aced32b1</bwsc:MessageID><bwsc:MessageAckID>1</bwsc:MessageAckID><bwsc:MessageType>12</bwsc:MessageType><bwsc:AckStatus>ACCEPTED</bwsc:AckStatus><bwsc:AckStatusCode>1</bwsc:AckStatusCode><bwsc:AckStatusText>Poruka
zaprimljena.</bwsc:AckStatusText></bwsc:MessageAck></sad:SendAccountingDocumentAckMsg></soap:Body></soap:Envelope>
--------------------------------------
01.02.2014. 10:03:36 org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor
handleMessage
WARNING: 
Throwable occurred: org.apache.ws.security.WSSecurityException: The
signature or decryption was invalid
	at
org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:450)
	at
org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:231)
	at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396)
	at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:277)
	at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:120)
	at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:105)
	at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
	at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:800)
	at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1592)
	at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1490)
	at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1309)
	at
org.apache.cxf.io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java:50)
	at org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:223)
	at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
	at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:622)
	at
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
	at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
	at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:366)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:319)
	at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
	at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:133)
	at $Proxy22.sendAccountingDocument(Unknown Source)
	at test.TestClient.main(TestClient.java:113)
01.02.2014. 10:03:36 org.apache.cxf.phase.PhaseInterceptorChain
doDefaultLogging
WARNING: Interceptor for
{http://fina.hr/ebox/ws/v0.1}B2CDocumentWebService#{http://fina.hr/ebox/ws/v0.1}sendAccountingDocument
has thrown exception, unwinding now
Throwable occurred: org.apache.cxf.binding.soap.SoapFault: The signature or
decryption was invalid
	at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:784)
	at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:334)
	at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:120)
	at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:105)
	at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
	at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:800)
	at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1592)
	at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1490)
	at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1309)
	at
org.apache.cxf.io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java:50)
	at org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:223)
	at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
	at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:622)
	at
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
	at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
	at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:366)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:319)
	at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
	at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:133)
	at $Proxy22.sendAccountingDocument(Unknown Source)
	at test.TestClient.main(TestClient.java:113)
Caused by: org.apache.ws.security.WSSecurityException: The signature or
decryption was invalid
	at
org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:450)
	at
org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:231)
	at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396)
	at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:277)
	... 21 more
javax.xml.ws.soap.SOAPFaultException: The signature or decryption was
invalid
	at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:155)
	at $Proxy22.sendAccountingDocument(Unknown Source)
	at test.TestClient.main(TestClient.java:113)
Caused by: org.apache.ws.security.WSSecurityException: The signature or
decryption was invalid
	at
org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:450)
	at
org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:231)
	at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396)
	at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:277)
	at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:120)
	at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:105)
	at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
	at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:800)
	at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1592)
	at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1490)
	at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1309)
	at
org.apache.cxf.io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java:50)
	at org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:223)
	at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
	at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:622)
	at
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
	at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
	at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:366)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:319)
	at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
	at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:133)
	... 2 more

	
Understandably, when policy is removed from response message there is no
error.

What I need to do to fix this problem ?	
	
Thanks to everyone !



--
View this message in context: http://cxf.547215.n5.nabble.com/WebSphere-8-wss4j-and-cxf-signature-validation-tp5739363.html
Sent from the cxf-user mailing list archive at Nabble.com.

Mime
View raw message