ws-fx-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Dittmann, Werner" <werner.dittm...@siemens.com>
Subject AW: WSDoAllReceiver Question
Date Fri, 22 Jul 2005 06:23:14 GMT
Shawn,

because you mention the WSDoAllReceiver I assume you 
are talking from a server's perpective.

What is encrypted and/or signed depends on the setting
of the client and how the client creates the request. 

Thus to answer the question and give you some help
we would need how the request is created, in which
order, what are the parameters the control the
signature / encryption.

Regards,
Werner

> -----Urspr√ľngliche Nachricht-----
> Von: Shawn McKinney [mailto:smmtech@sbcglobal.net] 
> Gesendet: Donnerstag, 21. Juli 2005 20:41
> An: fx-dev@ws.apache.org
> Betreff: WSDoAllReceiver Question
> 
> 
> 
> Greetings,
> 
> We're running Soap transactions through Axis w/ WSS4J
> WSDoAllReceiver handler enabled.  With action defined
> as below:
> 
> <parameter name="action" 
> value="UsernameTokenSignature UsernameToken Encrypt"/>
> 
> I've had success running very simple message-style
> transactions through with user creds passed via
> username token.  Furthermore the username token is
> signed and encrypted. (obviously)
> 
> My problem comes when I vary the Soap payload, passing
> an IFX-style instead of simple xml.  In this case, the
> signature validation fails on the receiving end.
>   
> However, when I vary the payload back to a simple
> "hello-world" style of message, the  signature
> validation succeeds.  ( same client, same service )
> 
> My question - Is the action as defined above,
> digitally signing the username token only, or the
> entire Soap payload?
> 
> If it is validating the username token only, why would
> the signature fail when I pass bigger, more complex
> xml documents through?
> 
> With the IFX Soap payload senario, when I change
> action to:
> <parameter name="action" value="UsernameToken
> Encrypt"/>
> 
> Then transaction runs successfully.  So it seems that
> this problem is limited in scope to the digital sig
> processing. 
> 
> Thanks,
> 
> Shawn
> 

Mime
View raw message