6 Replies Latest reply on Nov 27, 2008 9:56 PM by Yong Zhang

    WS-security interoperability

    Fredy Estepa Newbie

      Hello.

      I have a secure web service on JBoss

      Server side
      jboss-wsse-server.xml

      <?xml version="1.0" encoding="UTF-8"?>
      <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="http://www.jboss.com/ws-security/config
      http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
       <key-store-file>WEB-INF/keystore.jks</key-store-file>
       <key-store-password>adminadmin</key-store-password>
       <trust-store-file>WEB-INF/cacerts.jks</trust-store-file>
       <trust-store-password>adminadmin</trust-store-password>
       <config>
       <sign type="x509v3" alias="xws-security-server" tokenReference="keyIdentifier"/>
       <requires>
       <signature/>
       </requires>
       </config>
      </jboss-ws-security>
      


      Web Service code
      package step;
      
      import javax.jws.WebMethod;
      import javax.jws.WebParam;
      import javax.jws.WebService;
      import javax.jws.soap.SOAPBinding;
      import org.jboss.annotation.security.SecurityDomain;
      import org.jboss.ws.annotation.EndpointConfig;
      
      @WebService
      (name="NewWebService",
      targetNamespace = "http://step",
      serviceName = "NewWebServiceService")
      @SOAPBinding(style = SOAPBinding.Style.RPC)
      @EndpointConfig(configName = "Standard WSSecurity Endpoint")
      
      public class NewWebService {
      
      /**
       * Web service operation
       */
       @WebMethod(operationName = "holaMundo")
       public String holaMundo(@WebParam(name = "param")
       String param) {
       String res="RECIBIDO:"+param+" ENTREGADO: HOLA MUNDO ";
       return res;
       }
      
      }
      


      Consuming this service with a java client works fine, but with .Net client I am getting the error message:
      ERROR [WSSecurityDispatcher] Internal error occured handling inbound message:
      org.jboss.ws.extensions.security.exception.SecurityTokenUnavailableException: Could not resolve toke
      n id: SecurityToken-0ea77ee8-31eb-469e-b7b1-67159331a23f
       at org.jboss.ws.extensions.security.KeyResolver.resolveDirectReference(KeyResolver.java:106)
      
       at org.jboss.ws.extensions.security.KeyResolver.resolve(KeyResolver.java:84)
       at org.jboss.ws.extensions.security.KeyResolver.resolveCertificate(KeyResolver.java:131)
       at org.jboss.ws.extensions.security.KeyResolver.resolvePublicKey(KeyResolver.java:141)
       at org.jboss.ws.extensions.security.KeyResolver.resolvePublicKey(KeyResolver.java:161)
       at org.jboss.ws.extensions.security.element.Signature.<init>(Signature.java:56)
       at org.jboss.ws.extensions.security.element.SecurityHeader.<init>(SecurityHeader.java:87)
       at org.jboss.ws.extensions.security.SecurityDecoder.decode(SecurityDecoder.java:175)
       at org.jboss.ws.extensions.security.WSSecurityDispatcher.decodeMessage(WSSecurityDispatcher.
      java:219)
       at org.jboss.ws.extensions.security.jaxws.WSSecurityHandler.handleInboundSecurity(WSSecurity
      Handler.java:83)
       at org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer.handleInbound(WSSecurityHa
      ndlerServer.java:41)
       at org.jboss.ws.core.jaxws.handler.GenericHandler.handleMessage(GenericHandler.java:55)
       at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.j
      ava:295)
       at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.j
      ava:140)
       at org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS.callRequestHandlerChain(HandlerDeleg
      ateJAXWS.java:97)
       at org.jboss.ws.core.server.ServiceEndpointInvoker.callRequestHandlerChain(ServiceEndpointIn
      voker.java:127)
       at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:171)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:466)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:284)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:201)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:134
      )
       at org.jboss.wsf.stack.jbws.EndpointServlet.service(EndpointServlet.java:84)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j
      ava:290)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      
       at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j
      ava:235)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      
       at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
       at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
       at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.ja
      va:179)
       at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
       at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
       at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:
      157)
       at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
       at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
       at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
       at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.ja
      va:583)
       at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
       at java.lang.Thread.run(Thread.java:619)
      12:20:07,044 ERROR [HandlerChainExecutor] Exception during handler processing
      org.jboss.ws.core.CommonSOAPFaultException: Could not resolve token id: SecurityToken-0ea77ee8-31eb-
      469e-b7b1-67159331a23f
       at org.jboss.ws.extensions.security.WSSecurityDispatcher.convertToFault(WSSecurityDispatcher
      .java:100)
       at org.jboss.ws.extensions.security.WSSecurityDispatcher.decodeMessage(WSSecurityDispatcher.
      java:237)
       at org.jboss.ws.extensions.security.jaxws.WSSecurityHandler.handleInboundSecurity(WSSecurity
      Handler.java:83)
       at org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer.handleInbound(WSSecurityHa
      ndlerServer.java:41)
       at org.jboss.ws.core.jaxws.handler.GenericHandler.handleMessage(GenericHandler.java:55)
       at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.j
      ava:295)
       at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.j
      ava:140)
       at org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS.callRequestHandlerChain(HandlerDeleg
      ateJAXWS.java:97)
       at org.jboss.ws.core.server.ServiceEndpointInvoker.callRequestHandlerChain(ServiceEndpointIn
      voker.java:127)
       at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:171)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:466)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:284)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:201)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:134
      )
       at org.jboss.wsf.stack.jbws.EndpointServlet.service(EndpointServlet.java:84)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j
      ava:290)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      
       at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j
      ava:235)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      
       at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
       at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
       at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.ja
      va:179)
       at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
       at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
       at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:
      157)
       at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
       at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
       at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
       at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.ja
      va:583)
       at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
       at java.lang.Thread.run(Thread.java:619)
      12:20:07,201 ERROR [SOAPFaultHelperJAXWS] SOAP request exception
      javax.xml.ws.WebServiceException: org.jboss.ws.core.CommonSOAPFaultException: Could not resolve toke
      n id: SecurityToken-0ea77ee8-31eb-469e-b7b1-67159331a23f
       at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.processHandlerFailure(HandlerChainEx
      ecutor.java:276)
       at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.j
      ava:155)
       at org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS.callRequestHandlerChain(HandlerDeleg
      ateJAXWS.java:97)
       at org.jboss.ws.core.server.ServiceEndpointInvoker.callRequestHandlerChain(ServiceEndpointIn
      voker.java:127)
       at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:171)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:466)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:284)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:201)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:134
      )
       at org.jboss.wsf.stack.jbws.EndpointServlet.service(EndpointServlet.java:84)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j
      ava:290)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      
       at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j
      ava:235)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
      
       at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
       at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
       at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.ja
      va:179)
       at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
       at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
       at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:
      157)
       at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
       at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
       at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
       at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.ja
      va:583)
       at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
       at java.lang.Thread.run(Thread.java:619)
      Caused by: org.jboss.ws.core.CommonSOAPFaultException: Could not resolve token id: SecurityToken-0ea
      77ee8-31eb-469e-b7b1-67159331a23f
       at org.jboss.ws.extensions.security.WSSecurityDispatcher.convertToFault(WSSecurityDispatcher
      .java:100)
       at org.jboss.ws.extensions.security.WSSecurityDispatcher.decodeMessage(WSSecurityDispatcher.
      java:237)
       at org.jboss.ws.extensions.security.jaxws.WSSecurityHandler.handleInboundSecurity(WSSecurity
      Handler.java:83)
       at org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer.handleInbound(WSSecurityHa
      ndlerServer.java:41)
       at org.jboss.ws.core.jaxws.handler.GenericHandler.handleMessage(GenericHandler.java:55)
       at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.j
      ava:295)
       at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.j
      ava:140)
       ... 27 more
      



      In client side
      wse3policyCache.config
      <policies xmlns="http://schemas.microsoft.com/wse/2005/06/policy">
       <extensions>
       <extension name="mutualCertificate11Security" type="Microsoft.Web.Services3.Design.MutualCertificate11Assertion, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
       <extension name="x509" type="Microsoft.Web.Services3.Design.X509TokenProvider, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
       <extension name="requireActionHeader" type="Microsoft.Web.Services3.Design.RequireActionHeaderAssertion, Microsoft.Web.Services3, Version=3.0.0.0, Culture=neutral, PublicKeyToken=31bf3856ad364e35" />
       </extensions>
       <policy name="ClientPolicyJBoss">
       <mutualCertificate11Security establishSecurityContext="true" renewExpiredSecurityContext="true" requireSignatureConfirmation="false" messageProtectionOrder="SignBeforeEncrypt" requireDerivedKeys="false" ttlInSeconds="300">
       <clientToken>
       <x509 storeLocation="LocalMachine" storeName="My" findValue="CN=xwssecurityclient, OU=SUN, O=Internet Widgits Pty Ltd, S=Some-State, C=AU" findType="FindBySubjectDistinguishedName" />
       </clientToken>
       <serviceToken>
       <x509 storeLocation="LocalMachine" storeName="AddressBook" findValue="CN=xwssecurityserver, OU=SUN, O=Internet Widgits Pty Ltd, S=Some-State, C=AU" findType="FindBySubjectDistinguishedName" />
       </serviceToken>
       <protection>
       <request signatureOptions="IncludeAddressing, IncludeTimestamp, IncludeSoapBody" encryptBody="false" />
       <response signatureOptions="IncludeNone" encryptBody="false" />
       <fault signatureOptions="IncludeAddressing, IncludeTimestamp, IncludeSoapBody" encryptBody="false" />
       </protection>
       </mutualCertificate11Security>
       <requireActionHeader />
       </policy>
      </policies>
      


      I am using jbossws-3.0.1-native-2.0.4.GA, WSE 3.0 and .Net 2005
      I have certificates properly instaled on local machine and current user.

      Does anyone knows what is going on?

      Thanks for help

        • 1. Re: WS-security interoperability
          Fredy Estepa Newbie

          On response in wse3policyCache.config I try too using but it doesn't works

          <response signatureOptions="IncludeAddressing, IncludeTimestamp, IncludeSoapBody" encryptBody="false" />
          


          • 2. Re: WS-security interoperability
            Alessio Soldano Master

             


            ERROR [WSSecurityDispatcher] Internal error occured handling inbound message:
            org.jboss.ws.extensions.security.exception.SecurityTokenUnavailableException: Could not resolve toke
            
            n id: SecurityToken-0ea77ee8-31eb-469e-b7b1-67159331a23f
             at org.jboss.ws.extensions.security.KeyResolver.resolveDirectReference(KeyResolver.java:106)
            
            
             at org.jboss.ws.extensions.security.KeyResolver.resolve(KeyResolver.java:84)
             at org.jboss.ws.extensions.security.KeyResolver.resolveCertificate(KeyResolver.java:131)
            


            The key resolver is failing while looking for a directly referenced security token. Does the received message actually contain that token? I suggest you to check the incoming message, perhaps post it here.

            • 3. Re: WS-security interoperability
              Fredy Estepa Newbie

              From JBoss Log

              This is the Incoming Request Message

              <soap:Envelope xmlns:soap='http://schemas.xmlsoap.org/soap/envelope/' xmlns:wsa='http://schemas.xmlsoap.org/ws/2004/08/addressing' xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'>
               <soap:Header>
               <wsa:Action wsu:Id='Id-1de072a3-c3cb-4856-b140-f14c42fa2533'>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT</wsa:Action>
               <wsa:MessageID wsu:Id='Id-c91d712e-c882-44ca-a556-ce041a61d350'>urn:uuid:a32ac60e-87c0-4a7e-a79e-1d19b2bb330c</wsa:MessageID>
               <wsa:ReplyTo wsu:Id='Id-99bc5a84-542b-4f17-9d4d-b7b68060723d'>
               <wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:Address>
               </wsa:ReplyTo>
               <wsa:To wsu:Id='Id-f3ac12e3-09a8-4088-9a84-a891450c5f1c'>http://127.0.0.1:8080/TestSerWebService/NewWebService</wsa:To>
               <wsse:Security soap:mustUnderstand='1'>
               <wsu:Timestamp wsu:Id='Timestamp-bc67e185-3eed-4b60-8d24-a67764f20e81'>
               <wsu:Created>2008-05-21T14:16:10Z</wsu:Created>
               <wsu:Expires>2008-05-21T14:21:10Z</wsu:Expires>
               </wsu:Timestamp>
               <wsse:BinarySecurityToken EncodingType='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary' ValueType='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3' wsu:Id='SecurityToken-7b122596-ffc1-4ea5-bde1-d66026edd874'>MIIDDzCCAnigAwIBAgIBAzANBgkqhkiG9w0BAQQFADBOMQswCQYDVQQGEwJBVTETMBEGA1UECBMKU29tZS1TdGF0ZTEMMAoGA1UEChMDU1VOMQwwCgYDVQQLEwNKV1MxDjAMBgNVBAMTBVNVTkNBMB4XDTA3MDMxMjEwMjQ0MFoXDTE3MDMwOTEwMjQ0MFowbzELMAkGA1UEBhMCQVUxEzARBgNVBAgTClNvbWUtU3RhdGUxITAfBgNVBAoTGEludGVybmV0IFdpZGdpdHMgUHR5IEx0ZDEMMAoGA1UECxMDU1VOMRowGAYDVQQDExF4d3NzZWN1cml0eWNsaWVudDCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAvYxVZKIzVdGMSBkW4bYnV80MV/RgQKV1bf/DoMTX8laMO45P6rlEarxQiOYrgzuYp+snzz2XM0S6o3JGQtXQuzDwcwPkH55bHFwHgtOMzxG4SQ653a5Dzh04nsmJvxvbncNH/XNaWfHaC0JHBEfNCMwRebYocxYM92pq/G5OGyECAwEAAaOB2zCB2DAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZpY2F0ZTAdBgNVHQ4EFgQU/mItfvuFdS7A0GCysE71TFRxP2cwfgYDVR0jBHcwdYAUZ7plxs6VyOOOTSFyojDV0/YYjJWhUqRQME4xCzAJBgNVBAYTAkFVMRMwEQYDVQQIEwpTb21lLVN0YXRlMQwwCgYDVQQKEwNTVU4xDDAKBgNVBAsTA0pXUzEOMAwGA1UEAxMFU1VOQ0GCCQDbHkJaq6KijjANBgkqhkiG9w0BAQQFAAOBgQBEnRdcQeMyCYqOHw2jbPOPUlvu07bZe7sI3ly/Qz+4mkrFctqMSupghQtLv9dZcqDOUFLCGMse7+l5MG00VawzsoVe242iXzJB111ePzhhppIPOHXXtflj/JD2U4Qz75C/dfdd5AAZbqGSFtZh7pyE8Ot1vOq7R48/bHuvTsEVUQ==</wsse:BinarySecurityToken>
               <xenc:EncryptedKey Id='SecurityToken-9a2e14a4-a417-407c-8afa-65253d7cc190' xmlns:xenc='http://www.w3.org/2001/04/xmlenc#'>
               <xenc:EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p'>
               <ds:DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1' xmlns:ds='http://www.w3.org/2000/09/xmldsig#'/>
               </xenc:EncryptionMethod>
               <KeyInfo xmlns='http://www.w3.org/2000/09/xmldsig#'>
               <wsse:SecurityTokenReference>
               <wsse:KeyIdentifier EncodingType='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary' ValueType='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier'>dVE29ysyFW/iD1la3ddePzM6IWo=</wsse:KeyIdentifier>
               </wsse:SecurityTokenReference>
               </KeyInfo>
               <xenc:CipherData>
               <xenc:CipherValue>XroW1XRTUVlqIX4MTDHTcKhgnLBePV4dt+H5Y0Ly9G6G8bME6oxDgcapiG52+CCEMCpJbPz2+bAPl3qhVopdA4raeTdTqFkJkryfPt4AHI3IpCxKTtS3LNW++GTNYPE7ZbtjGlUs49PrYQkpuVjftj0h5SiuYuARlXoNP0KotZA=</xenc:CipherValue>
               </xenc:CipherData>
               <xenc:ReferenceList>
               <xenc:DataReference URI='#Enc-e4656f61-73f8-4258-a62e-7076dbbd5687'/>
               </xenc:ReferenceList>
               </xenc:EncryptedKey>
               <Signature Id='Sig-0fa0f605-7d29-447c-8412-d767a13f78b1' xmlns='http://www.w3.org/2000/09/xmldsig#'>
               <SignedInfo>
               <ds:CanonicalizationMethod Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#' xmlns:ds='http://www.w3.org/2000/09/xmldsig#'/>
               <SignatureMethod Algorithm='http://www.w3.org/2000/09/xmldsig#hmac-sha1'/>
               <Reference URI='#Id-1de072a3-c3cb-4856-b140-f14c42fa2533'>
               <Transforms>
               <Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'/>
               </Transforms>
               <DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1'/>
               <DigestValue>JjpTjh8RxVneIlIGzppKJbA4h+A=</DigestValue>
               </Reference>
               <Reference URI='#Id-c91d712e-c882-44ca-a556-ce041a61d350'>
               <Transforms>
               <Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'/>
               </Transforms>
               <DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1'/>
               <DigestValue>jx2MXJZAZGX6GEo8o/7qD8Kuv4g=</DigestValue>
               </Reference>
               <Reference URI='#Id-99bc5a84-542b-4f17-9d4d-b7b68060723d'>
               <Transforms>
               <Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'/>
               </Transforms>
               <DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1'/>
               <DigestValue>iOwYOHXYpg2hbODf2uFlSLNKq48=</DigestValue>
               </Reference>
               <Reference URI='#Id-f3ac12e3-09a8-4088-9a84-a891450c5f1c'>
               <Transforms>
               <Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'/>
               </Transforms>
               <DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1'/>
               <DigestValue>rxA5r5wdn0qv0Cyip4FGEa1gpsY=</DigestValue>
               </Reference>
               <Reference URI='#Timestamp-bc67e185-3eed-4b60-8d24-a67764f20e81'>
               <Transforms>
               <Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'/>
               </Transforms>
               <DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1'/>
               <DigestValue>2SrmR4EOaY2N4MxIQWF04AieLgo=</DigestValue>
               </Reference>
               <Reference URI='#Id-de0e8d4a-c91f-4819-89a2-8f98c3eac24a'>
               <Transforms>
               <Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'/>
               </Transforms>
               <DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1'/>
               <DigestValue>OgUNqWh8rlxlPLQs/UmKZKYdn7I=</DigestValue>
               </Reference>
               </SignedInfo>
               <SignatureValue>f+780nexIdlXSbtbqu2o74VAQ+c=</SignatureValue>
               <KeyInfo>
               <wsse:SecurityTokenReference>
               <wsse:Reference URI='#SecurityToken-9a2e14a4-a417-407c-8afa-65253d7cc190' ValueType='http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey'/>
               </wsse:SecurityTokenReference>
               </KeyInfo>
               </Signature>
               <Signature xmlns='http://www.w3.org/2000/09/xmldsig#'>
               <SignedInfo>
               <ds:CanonicalizationMethod Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#' xmlns:ds='http://www.w3.org/2000/09/xmldsig#'/>
               <SignatureMethod Algorithm='http://www.w3.org/2000/09/xmldsig#rsa-sha1'/>
               <Reference URI='#Sig-0fa0f605-7d29-447c-8412-d767a13f78b1'>
               <Transforms>
               <Transform Algorithm='http://www.w3.org/2001/10/xml-exc-c14n#'/>
               </Transforms>
               <DigestMethod Algorithm='http://www.w3.org/2000/09/xmldsig#sha1'/>
               <DigestValue>4I0v3zZ1z3aPjOTrMO+LxQbBs+I=</DigestValue>
               </Reference>
               </SignedInfo>
               <SignatureValue>mU7ojPESP1pKeWbMtH1VhlLrFiqi6YxALA6hJfyrxaWnyd+OQqQ9qgm3fz8hx/MQcQ9sXZBQUC426eMSYtZ+oqjZSmVvHzNO9OTCu/N081mMH9gVpjEPPihJv99/KsjWfgx3jp827QnZhd4kUrCO/9MGNdS2p2Oh2HsTwFvWKmM=</SignatureValue>
               <KeyInfo>
               <wsse:SecurityTokenReference>
               <wsse:Reference URI='#SecurityToken-7b122596-ffc1-4ea5-bde1-d66026edd874' ValueType='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3'/>
               </wsse:SecurityTokenReference>
               </KeyInfo>
               </Signature>
               </wsse:Security>
               </soap:Header>
               <soap:Body wsu:Id='Id-de0e8d4a-c91f-4819-89a2-8f98c3eac24a'>
               <xenc:EncryptedData Id='Enc-e4656f61-73f8-4258-a62e-7076dbbd5687' Type='http://www.w3.org/2001/04/xmlenc#Content' xmlns:xenc='http://www.w3.org/2001/04/xmlenc#'>
               <xenc:EncryptionMethod Algorithm='http://www.w3.org/2001/04/xmlenc#aes256-cbc' xmlns:xenc='http://www.w3.org/2001/04/xmlenc#'/>
               <xenc:CipherData xmlns:xenc='http://www.w3.org/2001/04/xmlenc#'>
               <xenc:CipherValue xmlns:xenc='http://www.w3.org/2001/04/xmlenc#'>Vx2BQF5vvev7r3oR7ErIJW1jcDtTDVULgJr/yMH1k3/4NImr/bpJ/rb7/NArpGUD1ihy7LUJNQ6POxW6J4wrpCUKGBKLx6vmzmjT1DRpKV8EEe3d9asiCKTYtsZ07fGj1EENGzWDFLzCnv09h56avODNHVOdFRXufGIOO6FTtD1QSZqcivUK6tMFloPQyR/dLmL8IkdrlqgAGgSdcMHi6olCXMyfiswxDjUTU6kbuoFLnZjGDBjcQTPbSO+RRCerKRMdwy2aS4CHNOiUcF8RmllAFuWdKG4wLud0E+nzZWDfIWKF6hgc5Qbh/xAKiOjsC9mrGG4r6sZizPU1H+XsTwD3K4vKIqEmB8+NBM7khZTfcEMUUyrzHA4p51Uc+/93g4TbAuGL9AyBYtIJbU+9KMb/30itFb8VJAAAuqzJWJeKefDmUlTZEeWgwYYaY8GFa6r5UNhm9rQxV9Ta5WKH2ZmwvxkS0+C9mDmkORfYwE/sKsGFxTi1HL6DJh4sdgNLG98vb+nC5IE5DvblVBg1wouzQI/Fwv2h9cQsoZ4LfRmyDwNUo5shCqk0G/SrT2AKHERDK/Ghx8J1yjOxacquLmGcmlcA/lyTpcneNKC7MLI3ZAYTAWZPl+4+g/z+yDbil3HUlmiSru2rLv5d4Ky/Pll0CeWBGw3OKEWF7QIA11+3p7YOwGoHcQ6KPHEvkiiqQkc96dPqPgbZAjzQdU7aPL5r0TQLKVHFlbztGwaVikKNTpaoyfvfylt1tbzDxC1etrPohcSCUOVhGNeYpXxGOX1YGK33cOImdfdaYleAAoo=</xenc:CipherValue>
               </xenc:CipherData>
               </xenc:EncryptedData>
               </soap:Body>
              </soap:Envelope>
              


              • 4. Re: WS-security interoperability
                Fredy Estepa Newbie

                I think I fix it from client side (.NET)
                Thanks to http://erlend.oftedal.no/blog/?blogid=12

                But now i have a big question?

                Does JBossWS support WS-SecureConversation?

                Thanks

                • 5. Re: WS-security interoperability
                  Alessio Soldano Master

                  No, JBossWS currently does not support WS-Secure Conversation. Please take a look at the following link in future to track what is being supported:
                  http://jbws.dyndns.org/mediawiki/index.php?title=JBossWSSupportedStackComparison
                  http://jbws.dyndns.org/mediawiki/index.php?title=JBossWSGenerellStackComparison

                  • 6. Re: WS-security interoperability
                    Yong Zhang Newbie

                    Does JBoss have an schedule on when to provide WS-Secure Conversation and WS-Trust support? Thanks.