ws-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Yang, Gang CTR USARMY (US)" <gang.yang....@mail.mil>
Subject How to determine the cause of security validation failure?
Date Mon, 27 Apr 2015 16:36:18 GMT
Hi,



I'm using WSS4j 1.6.18 for our SOAP based Web Services. We use WS-addressing, Timestamp and
SAML 2.0 Holder-of-key. We sign the SOAP body as well as Timestamp and WS-addressing headers.
When validating the secured SOAP message on the receiving side,  WSSecurityEngine.processSecurityHeader()
simply throws a general WSSecurityException and I don't have the  WSSecurityEngineResult's
to analyze. My question is how can I determine exactly what went wrong? I would like to know
if the SAML token is invalid, or the timestamp is out of range, or one of the signed part
was tempered?



Thanks,

Gang

Mime
View raw message