Java Mailing List Archive

http://www.java2.5341.com/

Home » axis-user.ws »

Is it normal that my cypher in <SignatureValue> has blanks instead of
returns

Hans-Bernhard Friedrich

2010-02-15


Author LoginPost Reply
Hello,

This is related to my previous mail "Receive WSSecurityException (The signature verification failed)".
But I think this should be discussed seperatly.

When I examine my  requests with wireshark my <SignatuerValue> looks has no return and ist just one string with blanks
every 78 characters.

When I compare that with a sample request our client send to us, this  <SignatuerValue> looks like that:

<ds:SignatureValue xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
bYGahEmUUGB5U8KKDdyMT82Me/q275kqbfGZeglLrSoSBgdFXY5Sl++sOZFbeBzMnTV5nC9uPe0q
atojV2DeqZyw1LCm5SFlzewnCkXKZ/x5OM/p8c2kaHvIE3uAwJZ4kBOTo/yACOXprMUQnZb1VYVC
khNqqZ6x7sKwUWguRE8dzNUl7dp9h+r1MDLlprYFjgV+dgIng9qFym/0ABhGGYu3DZHdmuztgqc+
YzTdvIRBF4Z9OqG4Gt+982XdNyvtscoagn0PJd7hQD4gcLMqIk0PpSbLACCBeDH6ZmW1aozovPSR
wRlnkXFKNAIKd7XD5+WtFRGBrcUoxnMGFanc9A==
</ds:SignatureValue>

A block with 4 returns at the end of every line

- I use rampart 1.3 and Axis2 1.4.1

Configuration:

Properties prop1 = getProps();
serviceclient.getOptions.options.setProperty("cyrpto_props", prop1);
...
    private Properties getProps() {
                Properties prop1 =  new Properties();
                prop1.setProperty("org.apache.ws.security.crypto.provider", "org.apache.ws.security.components.crypto.Merlin");
                prop1.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", "jks");
                prop1.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", "L7uZJX1JUZ9l@+W2");
                prop1.setProperty("org.apache.ws.security.crypto.merlin.file", "fcms.keystore");
                return prop1;
          }

and



...options.setProperty(WSSHandlerConstants.OUTFLOW_SECURITY, getOutflowConfiguration());
...
private  Parameter getOutflowConfiguration() {
        OutflowConfiguration ofc = new OutflowConfiguration();
        ofc.setActionItems("Timestamp Signature");
        ofc.setSignatureParts("{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp");
        ofc.setUser("fcms-aci");
        ofc.setPasswordCallbackClass("de.aci.handler.PWCBHandler");
        ofc.setSignaturePropRefId("cyrpto_props");              
        ofc.setSignatureKeyIdentifier(WSSHandlerConstants.X509_KEY_IDENTIFIER);
        return ofc.getProperty();
    }


Could this different lead to org.apache.ws.security.WSSecurityException (The signature verification failed)
because the server can't read my signed informaton?
And if so, is it possible to changed the format somehow?

Thank you so much for your hints!!

Greetings
Hans
©2008 java2.5341.com - Jax Systems, LLC, U.S.A.