File APIs for Java Developers
Manipulate DOC, XLS, PPT, PDF and many others from your application.
http://aspose.com/file-tools
The moose likes Web Services and the fly likes AXIS2 + RAMPART Error at server side: The signature or decryption was invalid Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login


Win a copy of Java 8 in Action this week in the Java 8 forum!
JavaRanch » Java Forums » Java » Web Services
Bookmark "AXIS2 + RAMPART Error at server side: The signature or decryption was invalid" Watch "AXIS2 + RAMPART Error at server side: The signature or decryption was invalid" New topic
Author

AXIS2 + RAMPART Error at server side: The signature or decryption was invalid

Edison Mendez
Greenhorn

Joined: Sep 07, 2012
Posts: 2
Hello everyone,

I have a web service using AXIS2 with WS-Security provided by RAMPART. I'm using OAS as application server and HTTPS for the transport protocol.

The client application has a RAMPART policy that sings and encrypts data before sending the request to the server. The server has the corresponding services.xml configuration (with keystores and certificates).

Every single time I try to consume the web service using the client, I always get a : The signature or decryption was invalid in the server log.

To clear things, this is the output of the console in my server log:



The previous part prints the information I've sent from mi client and is all right. But just after that, AXIS2 prints the following exception:



I don't know why does this happens if the first part of the log shows in clear text the right information. Any help would be appreciated.
T Rane
Greenhorn

Joined: Sep 17, 2012
Posts: 1
I have run into the same issue - same technologies involved (Axis2, Rampart, and OAS). Were you apple to resolve this issue?
Edison Mendez
Greenhorn

Joined: Sep 07, 2012
Posts: 2
T Rane wrote:I have run into the same issue - same technologies involved (Axis2, Rampart, and OAS). Were you apple to resolve this issue?


Hello T Rane,

Unfortunately I couldn't solve that. In my case it seems that the MTOM makes the RAMPART module to create a wrong encryption of the body message. In my case, due that we use HTTPS for the communication, we decided that since HTTPS encrypts all the messages by default, then we only need the message to be signed. I've made that change and now we only use de: SignOnly capability of the WSSecurity.

Hope this helps you too, and if you find a way to solve de decryption problem I'll be greatly grateful. Tell me if you need further information.
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: AXIS2 + RAMPART Error at server side: The signature or decryption was invalid
 
Similar Threads
Signature error while processing message
Problem with RPCServiceClient to connect to a Rampart secured Axis2 web service
org.apache.axis2.AxisFault: Missing wsse:Security header in request
org.apache.axis2.AxisFault: The message has expired
Issue with using the Axis2 JAX-WS Client using Rampart