0 Replies Latest reply on Mar 6, 2014 7:02 PM by Scott Ladd

    Multiple <xenc:EncryptedKey> from server during msg enc/signing

    Scott Ladd Newbie

      For some reason our service is returning multiple (2) EncryptionKey tags within the soap response where one of the DataReference URIs associates with the encrypted/signed data in the Soap body, but the second does not. This results in the client throwing a "referenced data not found." error. I'm using a fairly generic WS Security Policy in my WSDL, but perhaps fresh eyes can see what I'm missing.

       

      <wsp:Policy wsu:Id="SOAP_Fault_Policy"/>

      <wsp:Policy wsu:Id="SOAP_Input_Policy">
        <sp:SignedParts>
         <sp:Body />
         <sp:Header Namespace="http://www.w3.org/2005/08/addressing" />
         <sp:Header Namespace="http://schemas.xmlsoap.org/ws/2004/08/addressing" />
         <sp:Header Name="fmw-context" Namespace="http://xmlns.oracle.com/fmw/context/1.0" />
        </sp:SignedParts>
        <sp:EncryptedParts>
         <sp:Body />
         <sp:Header Name="fmw-context" Namespace="http://xmlns.oracle.com/fmw/context/1.0" />
        </sp:EncryptedParts>
      </wsp:Policy>

      <wsp:Policy wsu:Id="SOAP_Output_Policy">
        <sp:SignedParts>
         <sp:Body />
        </sp:SignedParts>
        <sp:EncryptedParts>
         <sp:Body />
        </sp:EncryptedParts>
      </wsp:Policy>

      <wsp:Policy wsu:Id="Msg_Protection_Policy">
        <sp:AsymmetricBinding>
         <wsp:Policy>

          <sp:InitiatorToken>
           <wsp:Policy>
            <sp:X509Token
             sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
             <wsp:Policy>
              <sp:WssX509V3Token10 />
             </wsp:Policy>
            </sp:X509Token>
           </wsp:Policy>
          </sp:InitiatorToken>

          <sp:RecipientToken>
           <wsp:Policy>
            <sp:X509Token
             sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
             <wsp:Policy>
              <sp:WssX509V3Token10 />
             </wsp:Policy>
            </sp:X509Token>
           </wsp:Policy>
          </sp:RecipientToken>

          <sp:AlgorithmSuite>
           <wsp:Policy>
            <sp:Basic128 />
           </wsp:Policy>
          </sp:AlgorithmSuite>

          <sp:Layout>
           <wsp:Policy>
            <sp:Lax />
           </wsp:Policy>
          </sp:Layout>

          <sp:IncludeTimestamp />
          <sp:OnlySignEntireHeadersAndBody />
         </wsp:Policy>
        </sp:AsymmetricBinding>

        <sp:Wss10>
         <wsp:Policy />
        </sp:Wss10>
      </wsp:Policy>