WS-security breaks signature in SOAP-message
https://stackoverflow.com/questions/12213492
-
29-06-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
I need to sign soap messages with one specific cryptoprovider. So I wrote a sub-class of SoapExtension that adds digital signature in stage SoapMessageStage.AfterSerialize and verifies it in stage SoapMessageStage.BeforeDeserialize. Server-side works fine, but there is a problem on client-side: after adding signature some new ws-security elements are always added and signature becomes incorrect. Changing priority has no effect. There are:
Inside soap:Envelope
xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/03/addressing" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
Inside soap:Header
<wsa:Action>ServerTest/TestMultiply</wsa:Action><wsa:MessageID>uuid:6ea73f70-8164-4e5a-8f8c-17853eadfba2</wsa:MessageID><wsa:ReplyTo><wsa:Address>http://schemas.xmlsoap.org/ws/2004/03/addressing/role/anonymous</wsa:Address></wsa:ReplyTo><wsa:To>http://mylocalhost:31791/WebServiceEstate.asmx</wsa:To><wsse:Security><wsu:Timestamp wsu:Id="Timestamp-50be5708-32ab-4014-81d4-7b0b82ff6262"><wsu:Created>2012-08-31T09:49:51Z</wsu:Created><wsu:Expires>2012-08-31T09:54:51Z</wsu:Expires></wsu:Timestamp></wsse:Security>
How can I apply singnature after adding this ws-securiry data?
Solution
Problem solved after migrating from WSE 2.0 to WSE 3.0
Licensed under: CC-BY-SA with attribution
Not affiliated with StackOverflow
