views:

53

answers:

1

I have problem with querying webservice which uses WS-Security. I use code creadted by axis2 with rampard module which implements WS-Security. I think I make good query and I got response, but that response have something my client do not understand. Exception look like:

 INFO [main] (?:?) - Verification successful for URI "#element-113-1282904809584-289878786"
 INFO [main] (?:?) - Verification successful for URI "#timestamp"
ERROR [main] (AxisEngine.java:209) - WSHandler: Check Signature confirmation: stored SV vector not empty
org.apache.axis2.AxisFault: WSHandler: Check Signature confirmation: stored SV vector not empty
    at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:92)
    at org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72)
    at org.apache.axis2.engine.Phase.invoke(Phase.java:318)
    at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:251)
    at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:160)
    ...

My rampard configuration in axis2.xml:

<parameter name="InflowSecurity">
  <action>
    <items>Signature Encrypt</items>
    <passwordCallbackClass>pl.firstdata.www.wdx.business.card.PWCallback</passwordCallbackClass>
    <signaturePropFile>client.properties</signaturePropFile>
    <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
    <signatureParts>{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body&lt;/signatureParts&gt;
    <encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
    <encryptionUser>wdx_test</encryptionUser>
  </action>
</parameter> 

Is there something I can do on client side to not to get such exception?

A: 

I changed axis2.xml configuration file, and added:

<parameter name="InflowSecurity">
  <action>
    ... 
    <enableSignatureConfirmation>false</enableSignatureConfirmation>
  </action>
</parameter>

Now my client do not expect signature confirmation in server response.

Michał Niklas