ws-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Yang, Gang CTR USARMY (US)" <>
Subject How to determine the cause of security validation failure?
Date Mon, 27 Apr 2015 16:36:18 GMT

I'm using WSS4j 1.6.18 for our SOAP based Web Services. We use WS-addressing, Timestamp and
SAML 2.0 Holder-of-key. We sign the SOAP body as well as Timestamp and WS-addressing headers.
When validating the secured SOAP message on the receiving side,  WSSecurityEngine.processSecurityHeader()
simply throws a general WSSecurityException and I don't have the  WSSecurityEngineResult's
to analyze. My question is how can I determine exactly what went wrong? I would like to know
if the SAML token is invalid, or the timestamp is out of range, or one of the signed part
was tempered?



View raw message