This week's book giveaway is in the OCAJP 8 forum. We're giving away four copies of OCA Java SE 8 Programmer I Study Guide and have Edward Finegan & Robert Liguori on-line! See this thread for details.
I have a web service using AXIS2 with WS-Security provided by RAMPART. I'm using OAS as application server and HTTPS for the transport protocol.
The client application has a RAMPART policy that sings and encrypts data before sending the request to the server. The server has the corresponding services.xml configuration (with keystores and certificates).
Every single time I try to consume the web service using the client, I always get a : The signature or decryption was invalid in the server log.
To clear things, this is the output of the console in my server log:
The previous part prints the information I've sent from mi client and is all right. But just after that, AXIS2 prints the following exception:
I don't know why does this happens if the first part of the log shows in clear text the right information. Any help would be appreciated.
I have run into the same issue - same technologies involved (Axis2, Rampart, and OAS). Were you apple to resolve this issue?
Joined: Sep 07, 2012
T Rane wrote:I have run into the same issue - same technologies involved (Axis2, Rampart, and OAS). Were you apple to resolve this issue?
Hello T Rane,
Unfortunately I couldn't solve that. In my case it seems that the MTOM makes the RAMPART module to create a wrong encryption of the body message. In my case, due that we use HTTPS for the communication, we decided that since HTTPS encrypts all the messages by default, then we only need the message to be signed. I've made that change and now we only use de: SignOnly capability of the WSSecurity.
Hope this helps you too, and if you find a way to solve de decryption problem I'll be greatly grateful. Tell me if you need further information.