[wsf-c-dev] [jira] Resolved: (WSFC-187) signing sample fails with
Guththila enabled.
Uthaiyashankar (JIRA)
jira at wso2.org
Sun Jun 8 06:49:35 PDT 2008
[ https://wso2.org/jira/browse/WSFC-187?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel ]
Uthaiyashankar resolved WSFC-187.
---------------------------------
Assignee: Uthaiyashankar
Fix Version/s: 1.3.0
Resolution: Fixed
this issue is resolved.
> signing sample fails with Guththila enabled.
> ---------------------------------------------
>
> Key: WSFC-187
> URL: https://wso2.org/jira/browse/WSFC-187
> Project: WSO2 WSF/C
> Issue Type: Bug
> Components: Apache Axis2/C
> Affects Versions: Current (nightly)
> Environment: Windows XP
> Guththila
> Reporter: Dushshantha Chandradasa
> Assignee: Uthaiyashankar
> Fix For: 1.3.0
>
>
> When signed massage is sent, the service returns a fault saying "Cannot load the key to verify the message ."
> Following is the message request message:
> POST /axis2/services/sign_echo HTTP/1.1
> User-Agent: Axis2/C
> Content-Length: 4312
> Content-Type: application/soap+xml;charset=UTF-8
> Host: 127.0.0.1:9090
> <soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope">
> <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
> <wsa:To xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="SigID-dcd05936-8558-420f">http://localhost:9090/axis2/services/sign_echo</wsa:To>
> <wsa:Action wsu:Id="SigID-b56da2e5-2548-43bc">http://example.com/ws/2004/09/policy/Test/EchoRequest</wsa:Action>
> <wsa:MessageID wsu:Id="SigID-49767d81-383d-4a30">05c1d9ef-445b-4219-aedf-5a2b1e12ea26</wsa:MessageID>
> <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
> <wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" wsu:Id="CertID-75eb656f-c8db-4689" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3">MIIDDDCCAfSgAwIBAgIQM6YEf7FVYx/tZyEXgVComTANBgkqhkiG9w0BAQUFADAwMQ4wDAYDVQQKDAVPQVNJUzEeMBwGA1UEAwwVT0FTSVMgSW50ZXJvcCBUZXN0IENBMB4XDTA1MDMxOTAwMDAwMFoXDTE4MDMxOTIzNTk1OVowQjEOMAwGA1UECgwFT0FTSVMxIDAeBgNVBAsMF09BU0lTIEludGVyb3AgVGVzdCBDZXJ0MQ4wDAYDVQQDDAVBbGljZTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAoqi99By1VYo0aHrkKCNT4DkIgPL/SgahbeKdGhrbu3K2XG7arfD9tqIBIKMfrX4Gp90NJa85AV1yiNsEyvq+mUnMpNcKnLXLOjkTmMCqDYbbkehJlXPnaWLzve+mW0pJdPxtf3rbD4PS/cBQIvtpjmrDAU8VsZKT8DN5Kyz+EZsCAwEAAaOBkzCBkDAJBgNVHRMEAjAAMDMGA1UdHwQsMCowKKImhiRodHRwOi8vaW50ZXJvcC5iYnRlc3QubmV0L2NybC9jYS5jcmwwDgYDVR0PAQH/BAQDAgSwMB0GA1UdDgQWBBQK4l0TUHZ1QV3V2QtlLNDm+PoxiDAfBgNVHSMEGDAWgBTAnSj8wes1oR3WqqqgHBpNwkkPDzANBgkqhkiG9w0BAQUFAAOCAQEABTqpOpvW+6yrLXyUlP2xJbEkohXHI5OWwKWleOb9hlkhWntUalfcFOJAgUyH30TTpHldzx1+vK2LPzhoUFKYHE1IyQvokBN2JjFO64BQukCKnZhldLRPxGhfkTdxQgdf5rCK/wh3xVsZCNTfuMNmlAM6lOAg8QduDah3WFZpEA0s2nwQaCNQTNMjJC8tav1CBr6+E5FAmwPXP7pJxn9Fw9OXRyqbRA4v2y7YpbGkG2GI9UvOHw6SGvf4FRSthMMO35YbpikGsLix3vAsXWWi4rwfVOYzQK0OFPNi9RMCUdSH06m9uLWckiCxjos0FQODZE9l4ATGy9s9hNVwryOJTw==</wsse:BinarySecurityToken>
> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="SigID-85854640-2f76-4eef">
> <ds:SignedInfo>
> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
> <ds:Reference URI="#SigID-dcd05936-8558-420f">
> <ds:Transforms>
> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
> <ds:DigestValue>UDpi4pY2sJB++RLtXwuSjF5l69E=</ds:DigestValue>
> </ds:Reference>
> <ds:Reference URI="#SigID-b56da2e5-2548-43bc">
> <ds:Transforms>
> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
> <ds:DigestValue>WEMa6NenkCs1kacEK8kJGGzQTCQ=</ds:DigestValue>
> </ds:Reference>
> <ds:Reference URI="#SigID-49767d81-383d-4a30">
> <ds:Transforms>
> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
> <ds:DigestValue>uZzgcWFt6ACKcyOIq+O96kiDBkg=</ds:DigestValue>
> </ds:Reference>
> <ds:Reference URI="#SigID-aa8e7c74-85da-4517">
> <ds:Transforms>
> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
> <ds:DigestValue>H/v9/IvpW5AA0CxW7c9dU0+c9No=</ds:DigestValue>
> </ds:Reference>
> </ds:SignedInfo>
> <ds:SignatureValue>BJGeHEa2nIm8e5izyVTJMwdmEnHjQF20CN0rJ6bPJvEEwyrKGagTo1m9rG3oRAv25tnPQFcz1xHgpcAX2M0okL8ZHk9zdNC5YS7Ifxm+RH9vd6QBiyHy1U9U4EMFG3wCpSd7gfGM8tISER6VAWix+WIp8aYqoN28EoqKx0XR7uI=</ds:SignatureValue>
> <ds:KeyInfo>
> <wsse:SecurityTokenReference>
> <wsse:Reference URI="#CertID-75eb656f-c8db-4689" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"></wsse:Reference>
> </wsse:SecurityTokenReference>
> </ds:KeyInfo>
> </ds:Signature>
> </wsse:Security>
> </soapenv:Header>
> <soapenv:Body wsu:Id="SigID-aa8e7c74-85da-4517">
> <ns1:echoIn xmlns:ns1="http://ws.apache.org/rampart/c/samples">
> <text>Hello</text>
> </ns1:echoIn>
> </soapenv:Body></soapenv:Envelope>
> Following is the axis2.log entry:
> [Wed Dec 05 10:09:40 2007] [info] [rampart][shp] Processing security header in Strict layout
> [Wed Dec 05 10:09:40 2007] [info] [rampart][shp] Processing security header element BinarySecurityToken
> [Wed Dec 05 10:09:40 2007] [info] [rampart][shp] Processing security header element Signature
> [Wed Dec 05 10:09:40 2007] [error] ..\..\src\omxmlsec\error.c(94) OXS ERROR [..\..\src\util\rampart_token_processor.c:85 in rampart_token_process_direct_ref] element failed , Error retrieving element with ID=CertID-8fcbf68b-e1e5-469f
> [Wed Dec 05 10:09:40 2007] [error] ..\..\src\util\rampart_sec_header_processor.c(1069) [Rampart][shp] Cannot load the key to verify the message
> [Wed Dec 05 10:09:40 2007] [debug] ..\..\src\util\rampart_sec_processed_result.c(42) [rampart][spr] Set SPR_Sig_Verified in Security Processed Results of message context
> [Wed Dec 05 10:09:40 2007] [error] ..\..\src\util\rampart_sec_header_processor.c(1412) [rampart][shp] Signature processing failed
> [Wed Dec 05 10:09:40 2007] [error] ..\..\src\handlers\rampart_in_handler.c(144) [rampart][rampart_in_handler] Security Header processing failed.
> [Wed Dec 05 10:09:40 2007] [debug] ..\..\src\core\engine\engine.c(648) Start:axis2_engine_invoke_phases
> [Wed Dec 05 10:09:40 2007] [debug] ..\..\src\core\engine\engine.c(648) Start:axis2_engine_invoke_phases
> [Wed Dec 05 10:09:40 2007] [debug] ..\..\src\core\engine\engine.c(660) Invoking phase RMPhase
> [Wed Dec 05 10:09:40 2007] [debug] ..\..\src\core\engine\engine.c(660) Invoking phase SavanPhase
> [Wed Dec 05 10:09:40 2007] [debug] ..\..\src\core\engine\engine.c(660) Invoking phase userphase1
> [Wed Dec 05 10:09:40 2007] [debug] ..\..\src\core\engine\engine.c(660) Invoking phase MessageOut
> [Wed Dec 05 10:09:40 2007] [debug] ..\..\src\core\engine\engine.c(670) End:axis2_engine_invoke_phases
> Steps to reproduce::
> 1. build axis2c with guththila enabled
> 2. build ramprt
> 3. run scenario 4 ( signature)
--
This message is automatically generated by JIRA.
-
If you think it was sent incorrectly contact one of the administrators: https://wso2.org/jira/secure/Administrators.jspa
-
For more information on JIRA, see: http://www.atlassian.com/software/jira
More information about the Wsf-c-dev
mailing list