350 Bounty and waffles to the person who can help me!
I have been struggling with Spring Web Service encryption for days and I can't figure out how to get Spring's encryption on the message body to work. Whenever I have the server encrypt the resulting message the client doesn't seem to be decrypting it before it attempts to validate it against the Schema (XSD).
Here is the server side configuration
The server's xwss security configuration
The client's Spring configuration
What I can do is encrypt the user token and decrypt it successfully. I do that when sending data from the client to the server. The server then decrypts the user token and authenticates the user credentials, that works quite well.
The problem occurs if I try and encrypt the body of the message coming back. The issue occurs on the client side. It seems the client is trying to validate the message before it decrypts it, and hence an error occurs when validating against the schema.
[Fatal Error] :1:192: The prefix "ns0" for element "ns0:HolidayListResponse" is not bound.
11-Dec-2009 7:45:32 AM com.sun.xml.wss.impl.apachecrypto.DecryptionProcessor decryptElementWithCipher
SEVERE: WSS1203: Exception [ The prefix "ns0" for element "ns0:HolidayListResponse" is not bound. ] while trying to decrypt message
And here is the SOAP response itself.
And here is the marshalling mapping file
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE mapping PUBLIC "-//EXOLAB/Castor Mapping DTD Version 1.0//EN"
"http://castor.org/mapping.dtd">
<mapping>
<field-handler name="dateHandler" class="com.mycompany.hr.handlers.DateFieldHandler" />
<field-handler name="dateHandler2" class="com.mycompany.hr.handlers.DateFieldHandler" />
<class name="com.mycompany.hr.data.Holiday">
<map-to ns-uri="http://mycompany.com/hr/schemas" ns-prefix="ns0" xml="Holiday" />
<field name="from" type="string" handler="dateHandler">
<bind-xml name="StartDate" node="element" />
</field>
<field name="to" type="string" handler="dateHandler2">
<bind-xml name="EndDate" node="element" />
</field>
</class>
<class name="com.mycompany.hr.data.Employee">
<map-to ns-uri="http://mycompany.com/hr/schemas" ns-prefix="ns0" xml="Employee" />
<field name="number" type="java.lang.Integer">
<bind-xml name="Number" node="element" />
</field>
<field name="firstName" type="java.lang.String">
<bind-xml name="FirstName" node="element" />
</field>
<field name="lastName" type="java.lang.String">
<bind-xml name="LastName" node="element" />
</field>
</class>
<class name="com.mycompany.hr.data.HolidayRequest">
<map-to ns-uri="http://mycompany.com/hr/schemas" ns-prefix="ns0" xml="HolidayRequest" />
<field name="holiday" type="com.mycompany.hr.data.Holiday">
<bind-xml name="Holiday" node="element" />
</field>
<field name="employee" type="com.mycompany.hr.data.Employee">
<bind-xml name="Employee" node="element" />
</field>
</class>
<class name="com.mycompany.hr.data.HolidayConfirmation">
<map-to ns-uri="http://mycompany.com/hr/schemas" ns-prefix="ns0" xml="HolidayConfirmation" />
<field name="confirmationCode" type="java.lang.Integer">
<bind-xml name="ConfirmationCode" node="element" />
</field>
<field name="confirmationMessage" type="java.lang.String">
<bind-xml name="ConfirmationMessage" node="element" />
</field>
</class>
<class name="com.mycompany.hr.data.HolidayResponse">
<map-to ns-uri="http://mycompany.com/hr/schemas" ns-prefix="ns0" xml="HolidayResponse" />
<field name="confirmation" type="com.mycompany.hr.data.HolidayConfirmation">
<bind-xml name="HolidayConfirmation" node="element" />
</field>
</class>
<class name="com.mycompany.hr.data.HolidayListRequest">
<map-to ns-uri="http://mycompany.com/hr/schemas" ns-prefix="ns0" xml="HolidayListRequest" />
<field name="id" type="java.lang.Integer">
<bind-xml name="userId" node="element" />
</field>
</class>
<class name="com.mycompany.hr.data.HolidayListResponse">
<map-to ns-uri="http://mycompany.com/hr/schemas" ns-prefix="ns0" xml="HolidayListResponse" />
<field name="holidays" type="com.mycompany.hr.data.Holiday" collection="vector">
<bind-xml name="Holiday" node="element" />
</field>
</class>
</mapping>
I know it's a lot of information, but I figured I would provide everything. Is my encryption setup correct? Is it not possible encrypt the body of the message and decrypt it on the client side? At this point I am open to almost any suggestion.