aspose file tools *
The moose likes Web Services and the fly likes AXIS2 + RAMPART Error at server side: The signature or decryption was invalid Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Web Services
Bookmark "AXIS2 + RAMPART Error at server side: The signature or decryption was invalid" Watch "AXIS2 + RAMPART Error at server side: The signature or decryption was invalid" New topic
Author

AXIS2 + RAMPART Error at server side: The signature or decryption was invalid

Edison Mendez
Greenhorn

Joined: Sep 07, 2012
Posts: 2
Hello everyone,

I have a web service using AXIS2 with WS-Security provided by RAMPART. I'm using OAS as application server and HTTPS for the transport protocol.

The client application has a RAMPART policy that sings and encrypts data before sending the request to the server. The server has the corresponding services.xml configuration (with keystores and certificates).

Every single time I try to consume the web service using the client, I always get a : The signature or decryption was invalid in the server log.

To clear things, this is the output of the console in my server log:



The previous part prints the information I've sent from mi client and is all right. But just after that, AXIS2 prints the following exception:



I don't know why does this happens if the first part of the log shows in clear text the right information. Any help would be appreciated.
T Rane
Greenhorn

Joined: Sep 17, 2012
Posts: 1
I have run into the same issue - same technologies involved (Axis2, Rampart, and OAS). Were you apple to resolve this issue?
Edison Mendez
Greenhorn

Joined: Sep 07, 2012
Posts: 2
T Rane wrote:I have run into the same issue - same technologies involved (Axis2, Rampart, and OAS). Were you apple to resolve this issue?


Hello T Rane,

Unfortunately I couldn't solve that. In my case it seems that the MTOM makes the RAMPART module to create a wrong encryption of the body message. In my case, due that we use HTTPS for the communication, we decided that since HTTPS encrypts all the messages by default, then we only need the message to be signed. I've made that change and now we only use de: SignOnly capability of the WSSecurity.

Hope this helps you too, and if you find a way to solve de decryption problem I'll be greatly grateful. Tell me if you need further information.
 
It is sorta covered in the JavaRanch Style Guide.
 
subject: AXIS2 + RAMPART Error at server side: The signature or decryption was invalid