java - Glassfish message security digital signature -



java - Glassfish message security digital signature -

i working on getting glassfish soap message security digital signature running , have not had luck. running glassfish server open source edition 3.1 build 43 , testing soapui 3.6.1.

the glassfish server running ssl on port 443 know keystore , x509 certificate correctly configured. soap message security configuration running xws_serverprovider default provider , xws_clientprovider default client provider. both providers setup utilize content authenticate source , have signature.key.alias set same certificate ssl.

an illustration request soapui digital signature is:

<soapenv:envelope xmlns:ser="http://testservice.com/" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"> <soapenv:header><wsse:security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsse:binarysecuritytoken encodingtype="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#base64binary" valuetype="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#x509v3" wsu:id="certid-32b7d1c168510a7a641310586176514805" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">miieudccazigawibagiqydgizkmvqi/nxbkd0m6qqtanbgkqhkig9w0baqufadbemqswcqydvqqgewjvuzevmbmga1uechmmvghhd3rllcbjbmmumr0wgwydvqqlexreb21haw4gvmfsawrhdgvkifnttdezmbcga1ueaxmqvghhd3rlierwifnttcbdqtaefw0xmta3mtiwmdawmdbafw0xnda3mteymzu5ntlamihgmsmwiqydvqqkexpxyw5hdjiuc291cmnlb25lzglyzwn0lmnvbte7mdkga1uecxmyr28gdg8gahr0chm6ly93d3cudghhd3rllmnvbs9yzxbvc2l0b3j5l2luzgv4lmh0bwwxijagbgnvbastgvroyxd0zsbtu0wxmjmgy2vydglmawnhdguxgtaxbgnvbasteervbwfpbibwywxpzgf0zwqxizahbgnvbamtgnfhbmf2mi5zb3vyy2vvbmvkaxjly3quy29tmiibijanbgkqhkig9w0baqefaaocaq8amiibcgkcaqeaqzhfxbye7by9j/ftdyocngbvivn8qv+fgtxqs5vqnoylz5tm2reiy8jegkulz2d5ncu3zs1oluhtbiiefhbcani5t19ra5kaswpvt65lembp4niicmoahi3zypvpm+t6f2encotur+xc3lz6l2a4hcgvoqt2k4jh6xenjeauqtuaffayc0qgctege+b20hnksgjzowkofqnbayzdytfrnmsushbueeov+k1h67ro1iziua5aeuop6/yrofpkixmx+266sc0ynb8qyvzmpwsmdzpx4yytqkr/ykslnsrg+7uyp9q/9kmi9jgjvefbc2ufoskzkkmzgpipvhmvjxtjuqidaqabo4ggmigdmawga1udeweb/wqcmaawogydvr0fbdmwmtavoc2gk4ypahr0cdovl3n2ci1kdi1jcmwudghhd3rllmnvbs9uagf3dgvevi5jcmwwhqydvr0lbbywfayikwybbquhawegccsgaqufbwmcmdigccsgaqufbwebbcywjdaibggrbgefbqcwayywahr0cdovl29jc3audghhd3rllmnvbtanbgkqhkig9w0baqufaaocaqeavmdh98nyrzcp/hvhdc1dufb3v6or5ynpjblskov+2jsyxrzl0eyy4owxca8n0gulebahqsop5ilvmlv9v/1torvdtdcxbapqbnqi6mx0dx7rmmqjlekbpzucvxqswwtwegix92nd+lwub7b1/utwe1yk+deerxyy0ecmrq0eamjrvihou6plbssorroojramsmjf/94k3icmcow862g81lp6o9lfxapu1ndvpjjaefzdpevcy5eihpphfw39zmw72ki2/jr0pza4jqboulsi57j4bt3o7ipptonizmctvmqjoanff6iqzwp7teml/neaiytotl2o8ib1zwy/3/leyq==</wsse:binarysecuritytoken><ds:signature id="signature-739" xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> <ds:signedinfo> <ds:canonicalizationmethod algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:signaturemethod algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:reference uri="#id-740"> <ds:transforms> <ds:transform algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/> </ds:transforms> <ds:digestmethod algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:digestvalue>f5ph4/5vd05xxjspgev6z10gpxk=</ds:digestvalue> </ds:reference> </ds:signedinfo> <ds:signaturevalue> ftufmyb2quobhe4mgwutz6c58mzhcnf6debavlqqavsdssr5s02axfei3jrtwx0+bvqjdzqqp12/ cjpd35z9788m2sp6ezqfqdzunre4oq9addts9lzqtmrl0pdno1lkg2lwtqugsogw/fjvbntat2ze 51ajcqf9rblhlmdvsj9mxkdmxruehvsqyoy75vdo3yaunsgk8q62ilsf7vgu9chu4fullfsq5xja xvnazpf0pandayi1yjq1/r+qoqdyapzdhdpdgzb9ylgbsjynobkof6fc3cucqufnst3x3hzdhq1x mid9ozssvrenq8byjlqkcjop7wuqjgokd7vara== </ds:signaturevalue> <ds:keyinfo id="keyid-32b7d1c168510a7a641310586176514806"> <wsse:securitytokenreference wsu:id="strid-32b7d1c168510a7a641310586176514807" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsse:reference uri="#certid-32b7d1c168510a7a641310586176514805" valuetype="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#x509v3"/></wsse:securitytokenreference> </ds:keyinfo> </ds:signature><wsu:timestamp wsu:id="timestamp-738" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><wsu:created>2011-07-13t19:42:56.505z</wsu:created><wsu:expires>2011-07-13t19:59:36.505z</wsu:expires></wsu:timestamp></wsse:security></soapenv:header> <soapenv:body wsu:id="id-740" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"> <ser:getimage> <arg0> <data>test data</data> </arg0> </ser:getimage> </soapenv:body> </soapenv:envelope>

on server logs next errors. nail limit in size when tried post whole log message glassfish if help please allow me know , upload somewhere.

signature verification failed

error occured in verifying signature

com.sun.xml.wss.xwssecurityexception: com.sun.xml.wss.impl.wsssoapfaultexception: signature verifica... container-auth: wss: error validating request com.sun.enterprise.security.jauth.authexception: com....

i have no thought go here debugging. help or suggestions appreciated.

java glassfish jax-ws

Comments

Post a Comment

Popular posts from this blog

iphone - Dismissing a UIAlertView -

iphone - Dismissing a UIAlertView - i set in app purchase app, , when user taps button, purchase started. basically, tap button, , depending on speed on net connection, waiting 10 seconds until new alert view comes asking if purchase product. user tap button multiple times since nil came up, , multiple purchase alert views come up. additionally, maybe seen user app bug. in end, problem. i want alert view come spinning wheel says "loading..." when users taps purchase button. problem is, how dismiss when new alert view comes asking user if want purchase product? if ([uialertview alloc] says: @"whatever apple's alert view says") { //dismiss "loading..." alert view here } i uncertainty work, input appreciated. thanks! you need have access alertview. can this. create alertview instance var in app delegate , when want show loading initialize instance var assign property , when want dismiss phone call [alertviewinstance d...
Read more

intellij idea - Update external libraries with intelij and java -

intellij idea - Update external libraries with intelij and java - simple plenty really. i'm using apache jars, i'll create changes jar's every often. these jars listed external libs in intelij (i.e classpath looking install dir of jar's). when create changes intelij doesn't seem know new implementation. have remove jar external library , re-ad it. does know have intelij picks changes automatically ? i've done clean , rebuild project had little effect. you can go preferences -> build, execution, deployment -> build tools -> maven -> importing , check box says import maven projects automatically . in mac, can command + shift + a , come in action reimport , click on reimport maven projects . intellij-idea
Read more

javascript - send data from a new window to previous window in php -

javascript - send data from a new window to previous window in php - i have image in main.php file : <img src="..\images\image.gif" class="cur" onclick="imgwin();"> when click on image below function has called : function imgwin() { imagewin=window.open("../pages/img.php","imagewin","toolbar=no,width=500,height=200,directories=no,menubar=no,scrollbars=yes"); } this function opens img.php in new window img.php file : <html> <head> <title>upload image</title> </head> <body> <form name="imgform" method="get" action="#"> address : <input type="file" name="imgurl" size="50"> description : <input type="text" name="description" size="50"> <input type="submit" value="sumbit...
Read more