cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: .Net and CXF Incompatibility
Date Fri, 10 Nov 2017 09:50:55 GMT
Apache WSS4J has special support to use BouncyCastle to parse the
IssuerName, if BouncyCastle is available. See the comment here:

https://github.com/apache/wss4j/blob/b8d4f1b29e98c53edeb0ffdf1dc4a90382e9fd9e/ws-security-common/src/main/java/org/apache/wss4j/common/crypto/Merlin.java#L943

So if BouncyCastle is added to your classpath it should hopefully work.

Colm.

On Thu, Nov 9, 2017 at 5:23 PM, <markfuini@yahoo.com.invalid> wrote:

> Hi,
>
>
>
> I am integrating WCF client with CXF web service using JAX-WS.
>
>
>
> A certificate with issuer that includes an email option "E=email@email.com
> <mailto:E=email@email.com> " is sent from the client to the server with
> the
> issue name as part of the security header in the message.
>
>
>
> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
>
>   <o:SecurityTokenReference>
>
>    <X509Data>
>
>     <X509IssuerSerial>
>
>          <X509IssuerName>E=email@email.com <mailto:E=email@email.com>
> ..
> </X509IssuerName>
>
>
>
> But X500Princpal.Java  currently does not accept E as a valid type so the
> request fails throwing an exception in X500Principal.java
>
>
>
> java.io.IOException: Invalid keyword "E"
>
>
>
> ..NET WCF does not replace the issuer name in the header with an RDN -
> 1.2.840.113549.1.9.1 if it did that it should work.
>
>
>
> But I am looking for a work around here.  Has anyone ran into this issue?
>
>
>
> Mark
>
>


-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message