Questions tagged [wss4j]

The Apache WSS4J™ is a Java implementation of the primary security standards for Web Services, namely the OASIS Web Services Security (WS-Security) specifications from the OASIS Web Services Security TC.

232 questions

vote

3 answers

The signature or decryption was invalid

I need to hit a webservice using Java over https. I have been provided with keys and certificates in a jks store. I have also been provided with sample soap message below which works on soap UI

soap ws-security wss4j

asked Feb 06 '19 at 19:19

Rodgers Andati

vote

1 answer

Emulating a soapUI signed request with nodejs

Turns out that I have tested a webservice via soapUI configuring a keystore with a pem certificate I got. When I apply the outgoing WSSE signature I get a wsse:Security element like this: …

java node.js soapui wss4j wsse

asked Jan 24 '19 at 22:51

RicardoE

1,665
6
24
42

vote

2 answers

WSO2 ESB - Rampart Password Callback class - WSPasswordCallback cannot be cast

I want to to invoke a secured backend service in WSO2 ESB 5.0.0 with rampart configuration and Password Callback class package com.yenlo.wso2.services; import org.apache.ws.security.WSPasswordCallback; import…

wso2 ws-security wss4j wso2-esb

asked Dec 25 '18 at 20:22

siavash fd

vote

0 answers

WSS4J Encoding type in NONCE missing (Loadrunner Java)

I have a java script for a webservice where the encoding type in nonce is missing. Where is the mistake in the script? WSSecHeader secHeader = new WSSecHeader(); secHeader.insertSecurityHeader(doc); // create the username token builder…

java encoding wss4j nonce

asked Sep 25 '18 at 11:59

Marc

vote

1 answer

using wss4jsecurityinterceptor for spring security- Configuring securement for signature and encryption with two keys

I am trying to add interceptors for securing spring-ws by reading this tutorial at https://memorynotfound.com/spring-ws-certificate-authentication-wss4j/ I need to use two seperate public-private keys (one for signing,second for encryption) in a…

spring-ws wss4j

asked Aug 17 '18 at 06:49

jdev0741

vote

1 answer

CXF WS-Security with keystore from HSM

I am using the sample project "ws_security_sign_enc" from CXF, which is a client/server project with a simple SOAP service. It only sends greetings (message is encrypted and signed). For the encryption and signing, the CXF interal security…

java cxf keystore hsm wss4j

asked Aug 14 '18 at 14:53

Benjamin Steiner

vote

0 answers

WSS4J Invalid Digital Signature

We are generating an XML SOAP message but the receiving gateway (EMIS) responds with a message to say the the signature is invalid: INVALID_REQUEST Invalid digital signature If we run verification against the soap payload, as so: …

cryptography digital-signature xml-signature wss4j

asked Jul 26 '18 at 17:15

garryj

vote

0 answers

Using 2 different AnnotationActionEndpointMapping

I´m using Spring WS 2.2.0 with WS-Security (wss4j) and WS-Addressing. I want to publish two web services, one with username-password authentication and soap body encryption/decryption (request and response) and the other just with username-password…

spring-ws wss4j

asked Jul 02 '18 at 17:38

leaqui

vote

0 answers

Java SOAP Digital Signature WSS4J

I am working on the assignment where I need to consume the Web Service by signing it digitally. I have generated Web Service client using JAX-WS. For signing the soap request I have implemented the SOAP Handler which will sign the envelope using…

java soap webserver digital-signature wss4j

asked May 12 '18 at 08:00

Arun

vote

0 answers

BinarySecurityToken modified with XML escape characters using Apache WSS4J / CXF

I'm using the action based approach to ws-security, as the WSDL I am interfacing to does not contain a security policy. Code for the interceptor and security is below. I'm getting an error back from the server indicating my binary security token…

cxf wss4j

asked May 03 '18 at 16:14

Evan

2,441
23
36

vote

0 answers

Why would my keystore get a different password digest from what it is expecting?

I'm using WSS4J to sign a soap message. When the WSSecSignature is being built I get the following error: java.security.UnrecoverableKeyException: Cannot recover key The error specifically happens…

java security keystore wss4j

asked Mar 01 '18 at 14:53

Seb

vote

0 answers

LinkageError Running With Weblogic

I am introducing the support of WS-Security with Spring using Apache CXF. Application runs on Weblogic 10.3.6. Our build.gradle file :- compile("org.springframework:spring-web:4.2.6.RELEASE") …

java weblogic ws-security wss4j

asked Feb 03 '18 at 15:55

Pete Long

vote

0 answers

Mule ESB with CXF WSS4JOutInterceptor does not create a proper SOAPFault if fails

I'm using WSS4j CXF Out Interceptor in MULE to sign the SOAP response but if there is an error in this interceptor the SOAPFault is not generated properly. In fact the result is a blank body with status 200. Problem: If the out interceptor used to…

soap mule cxf interceptor wss4j

asked Jan 30 '18 at 18:55

Manuel Garcia de Vinuesa

vote

1 answer

Java XML DOM - how to use Element.getAttributeNS

I have XML node: .... What values should I pass to…

java xml xmldom wss4j xmlsec

asked Dec 28 '17 at 05:12

Dustin Sun

5,292
9
49
87

vote

2 answers

WSS4J SOAP Signature validation without truststore

I need to validate a signed SOAP message, extract the certificate and authenticate the certificate against a LDAP directory, which makes a trust store unnecessary. I have being using the WSS4J for a while now, but always with a local trust store.…

soap wss4j wsse

asked Nov 21 '17 at 17:59

Andre Silva

Prev 1 2 3

…

15 16 Next