You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
metro api does not seems to work while signing the soap body and send the request to the web service(published over metro).
client using metro api working fine when signing the soap body and it verifies the signature perfectly. But when client is using wss4j api(axis 1.1 api) or soap ui, it failed and display error that signature verification faild even works perfect with the same configuration when using metro api.
It seems that this is a compatibility issue with wss4j api(used by axis 1.1 and soap ui).
metro api does not seems to work while signing the soap body and send the request to the web service(published over metro).
client using metro api working fine when signing the soap body and it verifies the signature perfectly. But when client is using wss4j api(axis 1.1 api) or soap ui, it failed and display error that signature verification faild even works perfect with the same configuration when using metro api.
It seems that this is a compatibility issue with wss4j api(used by axis 1.1 and soap ui).
stack trace:
AxisFault
2013-01-28 20:53:29 faultCode:
{http://schemas.xmlsoap.org/soap/envelope/}
Server
2013-01-28 20:53:29 faultSubcode:
2013-01-28 20:53:29 faultString: com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.impl.WssSoapFaultException: Signature verification failed
2013-01-28 20:53:29 faultActor:
2013-01-28 20:53:29 faultNode:
2013-01-28 20:53:29 faultDetail:
2013-01-28 20:53:29
{http://xml.apache.org/axis/}
stackTrace: AxisFault
2013-01-28 20:53:29 faultCode:
{http://schemas.xmlsoap.org/soap/envelope/}
Server
2013-01-28 20:53:29 faultSubcode:
2013-01-28 20:53:29 faultString: com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.impl.WssSoapFaultException: Signature verification failed
2013-01-28 20:53:29 faultActor:
2013-01-28 20:53:29 faultNode:
2013-01-28 20:53:29 faultDetail:
2013-01-28 20:53:29
2013-01-28 20:53:29 com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.impl.WssSoapFaultException: Signature verification failed
2013-01-28 20:53:29 at org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFaultBuilder.java:260)
2013-01-28 20:53:29 at org.apache.axis.message.SOAPFaultBuilder.endElement(SOAPFaultBuilder.java:169)
2013-01-28 20:53:29 at org.apache.axis.encoding.DeserializationContextImpl.endElement(DeserializationContextImpl.java:1015)
2013-01-28 20:53:29 at org.apache.xerces.parsers.AbstractSAXParser.endElement(Unknown Source)
2013-01-28 20:53:29 at org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanEndElement(Unknown Source)
2013-01-28 20:53:29 at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(Unknown Source)
2013-01-28 20:53:29 at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source)
2013-01-28 20:53:29 at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
2013-01-28 20:53:29 at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
2013-01-28 20:53:29 at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
2013-01-28 20:53:29 at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source)
2013-01-28 20:53:29 at org.apache.xerces.jaxp.SAXParserImpl$JAXPSAXParser.parse(Unknown Source)
2013-01-28 20:53:29 at javax.xml.parsers.SAXParser.parse(Unknown Source)
2013-01-28 20:53:29 at org.apache.axis.encoding.DeserializationContextImpl.parse(DeserializationContextImpl.java:242)
2013-01-28 20:53:29 at org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:538)
2013-01-28 20:53:29 at org.apache.axis.Message.getSOAPEnvelope(Message.java:376)
2013-01-28 20:53:29 at org.apache.axis.client.Call.invokeEngine(Call.java:2583)
2013-01-28 20:53:29 at org.apache.axis.client.Call.invoke(Call.java:2553)
2013-01-28 20:53:29 at org.apache.axis.client.Call.invoke(Call.java:1753)
2013-01-28 20:53:29 at com.adeptia.indigo.services.webservice.WsUtils.makeMessageCall(WsUtils.java:781)
2013-01-28 20:53:29 at com.adeptia.indigo.services.webservice.WsMessageCall.webServiceCall(WsMessageCall.java:1912)
2013-01-28 20:53:29 at com.adeptia.indigo.services.webservice.WsMessageCall.access$1(WsMessageCall.java:1757)
2013-01-28 20:53:29 at com.adeptia.indigo.services.webservice.WsMessageCall$2.run(WsMessageCall.java:1702)
2013-01-28 20:53:29 at java.lang.Thread.run(Unknown Source)
2013-01-28 20:53:29
2013-01-28 20:53:29
2013-01-28 20:53:29 com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.impl.WssSoapFaultException: Signature verification failed
2013-01-28 20:53:29 at org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFaultBuilder.java:260)
2013-01-28 20:53:29 at org.apache.axis.message.SOAPFaultBuilder.endElement(SOAPFaultBuilder.java:169)
2013-01-28 20:53:29 at org.apache.axis.encoding.DeserializationContextImpl.endElement(DeserializationContextImpl.java:1015)
2013-01-28 20:53:29 at org.apache.xerces.parsers.AbstractSAXParser.endElement(Unknown Source)
2013-01-28 20:53:29 at org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanEndElement(Unknown Source)
2013-01-28 20:53:29 at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(Unknown Source)
2013-01-28 20:53:29 at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source)
2013-01-28 20:53:29 at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
2013-01-28 20:53:29 at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
2013-01-28 20:53:29 at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
2013-01-28 20:53:29,775 ERROR [Flow Thread(101063087220135938660887100101)] flow com.adeptia.indigo.jelly.ActivityTag.runSync(ActivityTag.java:489) - testte|test|WsMessageCall|Failed|administrators|192168001253135900036090700008|101063087220135938660878000100|192168001253135900022968500003||admin|Error in execution for activity WsMessageCall:test:192168001253135900022968500003[com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.impl.WssSoapFaultException: Signature verification failed ]|localhost|
2013-01-28 20:53:29 at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source)
2013-01-28 20:53:29 AxisFault
2013-01-28 20:53:29 at org.apache.xerces.jaxp.SAXParserImpl$JAXPSAXParser.parse(Unknown Source)
2013-01-28 20:53:29 faultCode:
{http://schemas.xmlsoap.org/soap/envelope/}
Server
2013-01-28 20:53:29 at javax.xml.parsers.SAXParser.parse(Unknown Source)
2013-01-28 20:53:29 faultSubcode:
2013-01-28 20:53:29 at org.apache.axis.encoding.DeserializationContextImpl.parse(DeserializationContextImpl.java:242)
2013-01-28 20:53:29 faultString: com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.impl.WssSoapFaultException: Signature verification failed
2013-01-28 20:53:29 at org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:538)
2013-01-28 20:53:29 faultActor:
2013-01-28 20:53:29 at org.apache.axis.Message.getSOAPEnvelope(Message.java:376)
2013-01-28 20:53:29 faultNode:
2013-01-28 20:53:29 at org.apache.axis.client.Call.invokeEngine(Call.java:2583)
2013-01-28 20:53:29 faultDetail:
2013-01-28 20:53:29 at org.apache.axis.client.Call.invoke(Call.java:2553)
2013-01-28 20:53:29
{http://xml.apache.org/axis/}
stackTrace: AxisFault
2013-01-28 20:53:29 at org.apache.axis.client.Call.invoke(Call.java:1753)
2013-01-28 20:53:29 faultCode:
{http://schemas.xmlsoap.org/soap/envelope/}
Server
2013-01-28 20:53:29 at com.adeptia.indigo.services.webservice.WsUtils.makeMessageCall(WsUtils.java:781)
2013-01-28 20:53:29 faultSubcode:
2013-01-28 20:53:29 at com.adeptia.indigo.services.webservice.WsMessageCall.webServiceCall(WsMessageCall.java:1912)
2013-01-28 20:53:29 faultString: com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.impl.WssSoapFaultException: Signature verification failed
2013-01-28 20:53:29 at com.adeptia.indigo.services.webservice.WsMessageCall.access$1(WsMessageCall.java:1757)
2013-01-28 20:53:29 faultActor:
2013-01-28 20:53:29 faultNode:
2013-01-28 20:53:29 at com.adeptia.indigo.services.webservice.WsMessageCall$2.run(WsMessageCall.java:1702)
2013-01-28 20:53:29 faultDetail:
2013-01-28 20:53:29 at java.lang.Thread.run(Unknown Source)
2013-01-28 20:53:29 com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.impl.WssSoapFaultException: Signature verification failed
2013-01-28 20:53:29 at org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFaultBuilder.java:260)
2013-01-28 20:53:29 at org.apache.axis.message.SOAPFaultBuilder.endElement(SOAPFaultBuilder.java:169)
2013-01-28 20:53:29 at org.apache.axis.encoding.DeserializationContextImpl.endElement(DeserializationContextImpl.java:1015)
2013-01-28 20:53:29 at org.apache.xerces.parsers.AbstractSAXParser.endElement(Unknown Source)
2013-01-28 20:53:29 at org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanEndElement(Unknown Source)
2013-01-28 20:53:29 at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(Unknown Source)
2013-01-28 20:53:29 at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source)
2013-01-28 20:53:29 at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
2013-01-28 20:53:29 at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
2013-01-28 20:53:29 at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
2013-01-28 20:53:29 at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source)
2013-01-28 20:53:29 at org.apache.xerces.jaxp.SAXParserImpl$JAXPSAXParser.parse(Unknown Source)
2013-01-28 20:53:29 at javax.xml.parsers.SAXParser.parse(Unknown Source)
2013-01-28 20:53:29 at org.apache.axis.encoding.DeserializationContextImpl.parse(DeserializationContextImpl.java:242)
2013-01-28 20:53:29 at org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:538)
2013-01-28 20:53:29 at org.apache.axis.Message.getSOAPEnvelope(Message.java:376)
2013-01-28 20:53:29 at org.apache.axis.client.Call.invokeEngine(Call.java:2583)
2013-01-28 20:53:29 at org.apache.axis.client.Call.invoke(Call.java:2553)
2013-01-28 20:53:29 at org.apache.axis.client.Call.invoke(Call.java:1753)
2013-01-28 20:53:29 at com.adeptia.indigo.services.webservice.WsUtils.makeMessageCall(WsUtils.java:781)
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
?soap:Header
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-21">
ds:SignedInfo
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#id-22">
ds:Transforms
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
ds:DigestValueoyxBJzxeBDE7rIpukje/SMSGi1M=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
ds:SignatureValue
QQi/C3DrIqvuj2q5PdJ+tnZ0q9dg21AawlLq0N/tO4WiwKOc7P2RHFUc7HY2GIA07ZN+ZPIsiRdH
BK1DWGMY3um3AN1xRHqr1d/HBSq7iIdhlhOxPP5DYv4pRo1sGov3cDOY3n362R1jOLJSm2r3nMlO
IN4F7ZDsFdkr/kkFyA4=
</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-6436563946A2BA15B3135934748180438">
<wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-6436563946A2BA15B3135934748180439">
ds:X509Data
ds:X509IssuerSerial
ds:X509IssuerNameC=pkcsnew,ST=pkcsnew,L=pkcsnew,O=pkcsnew,OU=pkcsnew,CN=pkcsnew</ds:X509IssuerName>
ds:X509SerialNumber1</ds:X509SerialNumber>
</ds:X509IssuerSerial>
</ds:X509Data>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
</soap:Header>
<soap:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-22">
?
?
?
<SOAP-ENV:Envelope xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/">
Don't forget me this weekend! ==== Received Message End ====SOAP-ENV:Header
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" SOAP-ENV:mustUnderstand="1">
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="XWSSGID-1359347423626-800223482">
ds:SignedInfo
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#XWSSGID-1359347423638-1043174066">
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
ds:DigestValueRKScYXOHzhTQci8QTalIUGcQgd8=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
ds:SignatureValueglRCiqm1F/FjeAx9IXzALl4Xkrda7IcWfwl87H2WIjRDi1tBMJdF17pNNobrDYzKCqnhXOgJOpBs
qW9zK+L1wnoKmWWn/Tf1PmdTq5G7jlZvsmx4qtiW9lRMa2Orz7fPClugXJQtejovlQfD96zDqlvE
HzPFMK+a1X9x+pPSduY=</ds:SignatureValue>
ds:KeyInfo
<wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="XWSSGID-1359347423637198325665">
ds:X509Data
ds:X509IssuerSerial
ds:X509IssuerNameC=pkcsnew, ST=pkcsnew, L=pkcsnew, O=pkcsnew, OU=pkcsnew, CN=pkcsnew</ds:X509IssuerName>
ds:X509SerialNumber1</ds:X509SerialNumber>
</ds:X509IssuerSerial>
</ds:X509Data>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
</SOAP-ENV:Header>
<SOAP-ENV:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="XWSSGID-1359347423638-1043174066">
Tove
Jani
Reminder
Please let me know if i am doing something wrong or it is an issue. This is very critical for out product so please replay ASAP.
Thanks
Vipin Kumar
Environment
jre 6 and windows 7 64 bit
Affected Versions
[2.1]
Source: javaee/metro-wsit#1665
Author: glassfishrobot
The text was updated successfully, but these errors were encountered: