-
1. Re: Problems with jbossws-native 3.1.2GA in jbossAS5.1: WS-Security signature and SoapUI 3.6.1
fedejofa Nov 30, 2010 8:31 AM (in response to fedejofa)Im not sure if is correct or incorrect, maybe is that i have not understand well the keystore truststore thing...
Checking the sourcecode, adding "loggin debug lines", and compiling it, i have seen that the problem is that using as
tokenReference:
x509IssuerSerial
or
keyIdentifier
it goes process it in
org.jboss.ws.extensions.security.SecurityStore
and there it looks inside keystore, not truststore, for the certificates to check the signature.
Maybe is a problem that come with the encryption thing. (im only using signature)
(post about it: http://community.jboss.org/index.html?module=bb&op=viewtopic&t=94406)
I am no expert in this so i am welcome to any explanation.
Looking forward for any feedback.
Salutes all jboss stuff and other guys that collaborate doing this great project.
-----
Anyway..Till i can 't use soapui in a simple way using X509IssuerSerial cause it ommits spaces in the issuername, this worked before, i haven't look in early source code ..why it worked..but..i add it here...
Im not saying this is fault of JBossWS.
Looking the standard, although is not explained, the examples used are with space included.
---
Example:
CN=Entidad Cert. TEST de Sistema de Transporte Metropolitano,OU=STM,O=IMM,C=UY
CN=Entidad Cert. TEST de Sistema de Transporte Metropolitano, OU=STM, O=IMM, C=UY