Until about one hour ago, I was facing the exact same problem while
testing a self-made Netbeans/GlassFish/Metro webservice using soapUI.
I broke down the WS to be nothing more than a demo based on the Calculator sample from Netbeans. But still I was presented a WSS1717 exception, whenever the WS was called from soapUI.
The article at
String Digest Verification Failure in Java WS-Security client was pointing me in a direction of a workaround in the canonicalization section, where 0x0D/0x0A line terminations are discussed.
So if I change the "PrettyPrinted" soapUI request from
to a request with a one-line Body
everything works fine.
Please note, that making the Body a one-liner inside soapUI does not always work, because the xml sent over the line might still contain line termination characters inside the Body element. So do a cut'n'paste the Body element into your favorite code editor and make it a one-liner there, then paste it back into soapUI. This worked for me.
I am absolutely not a WSS guru, so I will not argue about whether it is soapUI or Metro that fails. So I am hoping for someone else to figure this out, and encourage him or her to place a bug report in the right place.
Best regards
Ernst Mikkelsen