ws-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Sam Amarteifio" <...@perspectivetechnologies.com>
Subject Re: WS-Security digital signature validation
Date Thu, 10 Mar 2016 09:58:54 GMT
Colm,

Thanks for looking at this, just thought I will give you an update based on the input from you last email.

As I pointed out in a previous email, because we are currently using Axis 1.4, we are constrained by the version of WSS4J we could upgrade to.

We did however upgrade as per your suggestion below to the latest version possible for our current set-up, which was to use WSS4J version 1.5.12. 

Unfortunately, the debug logging details was similar to the previous version we were using (i.e. did not give us any more detail as to why this was failing).    


Regards,
Sam
 
-----Original Message-----
From: "Colm O hEigeartaigh" <coheigea@apache.org>
Sent: Tuesday, 1 March, 2016 16:48
To: "Sam Amarteifio" <sam@perspectivetechnologies.com>
Cc: users@ws.apache.org
Subject: Re: WS-Security digital signature validation

I'm afraid I don't see anything obvious there. With more recent versions of
WSS4J, it tells you where the signature validation error occurred, so it's
easier to track down what the problem is. You could try updating to a more
recent version of WSS4J 1.5.x to see if it tells you more?

Colm.

On Tue, Mar 1, 2016 at 3:56 PM, Sam Amarteifio <
sam@perspectivetechnologies.com> wrote:

>
>
> Colm,
>
>
>
> Thanks for taking the time to respond to my earlier query.
>
>
>
> We are aware the WSS4J 1.5.x is deprecated, we were hoping to address this
> issue with our current version then embark on a project to move to
> WSS4J1.6.x or 2.x.x.
>
>
>
> However, I did take your advice and turned on DEBUG logging for the
> following:
>
>
>
> log4j.logger.org.apache.wss4j.message.WSSignEnvelope=DEBUG
> log4j.logger.org.apache.wss4j.WSSecurityEngine=DEBUG
> log4j.logger.org.apache.wss4j.common.crypto.Merlin=DEBUG
> log4j.logger.org.apache.xml.security.signature.XMLSignature=DEBUG
>
>
>
> I then run through a message where the signature validation succeeds (See
> Signature Validation Log - A below) and then a message where the signature
> validation fails (See Signature Validation Log - B below).
>
>
>
> I have looked through both logs and can’t really work out why ‘Signature
> Validation Log – B’ is failing apart the fact that it logs the failure.
> I was hoping you might be able to point us in the right direction after
> having a look at the logs.
>
>
>
> Regards,
> Sam
>
>
>
> *Signature Validation Log – A*
>
> 59819104 [http-8443-1] DEBUG org.apache.ws.security.WSSecurityEngine  -
> enter processSecurityHeader()
>
> 59819107 [http-8443-1] DEBUG org.apache.ws.security.WSSecurityEngine  -
> Processing WS-Security header for '' actor.
>
> 59819153 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Canonicalizer.register(http://www.w3.org/TR/2001/REC-xml-c14n-20010315,
> org.apache.xml.security.c14n.implementations.Canonicalizer20010315OmitComments)
>
> 59819159 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Canonicalizer.register(
> http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments,
> org.apache.xml.security.c14n.implementations.Canonicalizer20010315WithComments)
>
> 59819160 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Canonicalizer.register(http://www.w3.org/2001/10/xml-exc-c14n#,
> org.apache.xml.security.c14n.implementations.Canonicalizer20010315ExclOmitComments)
>
> 59819160 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Canonicalizer.register(http://www.w3.org/2001/10/xml-exc-c14n#WithComments,
> org.apache.xml.security.c14n.implementations.Canonicalizer20010315ExclWithComments)
>
> 59819162 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Canonicalizer.register(http://www.w3.org/2006/12/xml-c14n11,
> org.apache.xml.security.c14n.implementations.Canonicalizer11_OmitComments)
>
> 59819163 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Canonicalizer.register(http://www.w3.org/2006/12/xml-c14n11#WithComments,
> org.apache.xml.security.c14n.implementations.Canonicalizer11_WithComments)
>
> 59819166 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(http://www.w3.org/2000/09/xmldsig#base64,
> org.apache.xml.security.transforms.implementations.TransformBase64Decode)
>
> 59819167 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(http://www.w3.org/TR/2001/REC-xml-c14n-20010315,
> org.apache.xml.security.transforms.implementations.TransformC14N)
>
> 59819167 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(
> http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments,
> org.apache.xml.security.transforms.implementations.TransformC14NWithComments)
>
> 59819167 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(http://www.w3.org/2006/12/xml-c14n11,
> org.apache.xml.security.transforms.implementations.TransformC14N11)
>
> 59819168 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(http://www.w3.org/2006/12/xml-c14n11#WithComments,
> org.apache.xml.security.transforms.implementations.TransformC14N11_WithComments)
>
> 59819168 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(http://www.w3.org/2001/10/xml-exc-c14n#,
> org.apache.xml.security.transforms.implementations.TransformC14NExclusive)
>
> 59819168 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(http://www.w3.org/2001/10/xml-exc-c14n#WithComments,
> org.apache.xml.security.transforms.implementations.TransformC14NExclusiveWithComments)
>
> 59819169 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(http://www.w3.org/TR/1999/REC-xpath-19991116,
> org.apache.xml.security.transforms.implementations.TransformXPath)
>
> 59819170 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(http://www.w3.org/2000/09/xmldsig#enveloped-signature,
> org.apache.xml.security.transforms.implementations.TransformEnvelopedSignature)
>
> 59819171 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(http://www.w3.org/TR/1999/REC-xslt-19991116,
> org.apache.xml.security.transforms.implementations.TransformXSLT)
>
> 59819171 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(http://www.w3.org/2002/04/xmldsig-filter2,
> org.apache.xml.security.transforms.implementations.TransformXPath2Filter)
>
> 59819171 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(http://www.w3.org/2002/06/xmldsig-filter2,
> org.apache.xml.security.transforms.implementations.TransformXPath2Filter)
>
> 59819174 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Init() called
>
> 59819176 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(http://www.w3.org/2000/09/xmldsig#dsa-sha1,
> org.apache.xml.security.algorithms.implementations.SignatureDSA)
>
> 59819176 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2000/09/xmldsig#dsa-sha1
> org.apache.xml.security.algorithms.implementations.SignatureDSA
>
> 59819177 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(http://www.w3.org/2000/09/xmldsig#rsa-sha1,
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA1)
>
> 59819177 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2000/09/xmldsig#rsa-sha1
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA1
>
> 59819179 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(http://www.w3.org/2000/09/xmldsig#hmac-sha1,
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA1)
>
> 59819179 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2000/09/xmldsig#hmac-sha1
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA1
>
> 59819179 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#rsa-md5,
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSAMD5)
>
> 59819179 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2001/04/xmldsig-more#rsa-md5
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSAMD5
>
> 59819179 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(
> http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160,
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSARIPEMD160)
>
> 59819179 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSARIPEMD160
>
> 59819180 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(
> http://www.w3.org/2001/04/xmldsig-more#rsa-sha256,
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA256)
>
> 59819180 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA256
>
> 59819180 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(
> http://www.w3.org/2001/04/xmldsig-more#rsa-sha384,
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA384)
>
> 59819180 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA384
>
> 59819180 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(
> http://www.w3.org/2001/04/xmldsig-more#rsa-sha512,
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA512)
>
> 59819181 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA512
>
> 59819182 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(
> http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1,
> org.apache.xml.security.algorithms.implementations.SignatureECDSA$SignatureECDSASHA1)
>
> 59819182 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1
> org.apache.xml.security.algorithms.implementations.SignatureECDSA$SignatureECDSASHA1
>
> 59819182 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(
> http://www.w3.org/2001/04/xmldsig-more#hmac-md5,
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacMD5)
>
> 59819182 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2001/04/xmldsig-more#hmac-md5
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacMD5
>
> 59819182 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(
> http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160,
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacRIPEMD160)
>
> 59819182 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacRIPEMD160
>
> 59819183 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(
> http://www.w3.org/2001/04/xmldsig-more#hmac-sha256,
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA256)
>
> 59819183 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2001/04/xmldsig-more#hmac-sha256
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA256
>
> 59819183 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(
> http://www.w3.org/2001/04/xmldsig-more#hmac-sha384,
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA384)
>
> 59819183 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2001/04/xmldsig-more#hmac-sha384
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA384
>
> 59819183 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(
> http://www.w3.org/2001/04/xmldsig-more#hmac-sha512,
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA512)
>
> 59819183 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2001/04/xmldsig-more#hmac-sha512
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA512
>
> 59819190 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register
> Resolver:
> org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP:
> A simple resolver for requests to HTTP space
>
> 59819191 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register
> Resolver:
> org.apache.xml.security.utils.resolver.implementations.ResolverLocalFilesystem:
> A simple resolver for requests to the local file system
>
> 59819191 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register
> Resolver:
> org.apache.xml.security.utils.resolver.implementations.ResolverFragment: A
> simple resolver for requests of same-document URIs
>
> 59819192 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register
> Resolver:
> org.apache.xml.security.utils.resolver.implementations.ResolverXPointer: A
> simple resolver for requests of XPointer fragents
>
> 59819194 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register
> Resolver:
> org.apache.xml.security.keys.keyresolver.implementations.RSAKeyValueResolver:
> Can extract RSA public keys
>
> 59819195 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register
> Resolver:
> org.apache.xml.security.keys.keyresolver.implementations.DSAKeyValueResolver:
> Can extract DSA public keys
>
> 59819195 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register
> Resolver:
> org.apache.xml.security.keys.keyresolver.implementations.X509CertificateResolver:
> Can extract public keys from X509 certificates
>
> 59819196 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register
> Resolver:
> org.apache.xml.security.keys.keyresolver.implementations.X509SKIResolver:
> Uses an X509v3 SubjectKeyIdentifier extension to retrieve a certificate
> from the storages
>
> 59819196 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register
> Resolver:
> org.apache.xml.security.keys.keyresolver.implementations.RetrievalMethodResolver:
> Resolves keys and certificates using ResourceResolvers
>
> 59819197 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register
> Resolver:
> org.apache.xml.security.keys.keyresolver.implementations.X509SubjectNameResolver:
> Uses an X509 SubjectName to retrieve a certificate from the storages
>
> 59819198 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register
> Resolver:
> org.apache.xml.security.keys.keyresolver.implementations.X509IssuerSerialResolver:
> Uses an X509 IssuerName and IssuerSerial to retrieve a certificate from the
> storages
>
> 59819198 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to
> bind prefixes:
>
> 59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to
> bind ds to http://www.w3.org/2000/09/xmldsig#
>
> 59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to
> bind xenc to http://www.w3.org/2001/04/xmlenc#
>
> 59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to
> bind experimental to http://www.xmlsecurity.org/experimental#
>
> 59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to
> bind dsig-xpath-old to http://www.w3.org/2002/04/xmldsig-filter2
>
> 59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to
> bind dsig-xpath to http://www.w3.org/2002/06/xmldsig-filter2
>
> 59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to
> bind ec to http://www.w3.org/2001/10/xml-exc-c14n#
>
> 59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to
> bind xx to
> http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter
>
> 59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> XX_init                             70 ms
>
> 59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -
>  XX_prng                           0 ms
>
> 59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> XX_parsing                        14 ms
>
> 59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> XX_configure_i18n                 2 ms
>
> 59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> XX_configure_reg_c14n             17 ms
>
> 59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> XX_configure_reg_jcemapper        4 ms
>
> 59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -
>  XX_configure_reg_keyInfo          3 ms
>
> 59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> XX_configure_reg_keyResolver      5 ms
>
> 59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> XX_configure_reg_prefixes         1 ms
>
> 59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> XX_configure_reg_resourceresolver 4 ms
>
> 59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> XX_configure_reg_sigalgos         11 ms
>
> 59819199 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> XX_configure_reg_transforms       8 ms
>
> 59819225 [http-8443-1] DEBUG org.apache.ws.security.WSSConfig  - The
> provider BC was added at position: 2
>
> 59819226 [http-8443-1] DEBUG org.apache.ws.security.util.Loader  -
> org.apache.security.juice.provider.JuiCEProviderOpenSSL
>
> java.lang.ClassNotFoundException:
> org.apache.security.juice.provider.JuiCEProviderOpenSSL
>
>                 at
> org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1680)
>
>                 at
> org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1526)
>
>                 at
> org.apache.ws.security.util.Loader.loadClass(Loader.java:185)
>
>                 at
> org.apache.ws.security.WSSConfig.loadProvider(WSSConfig.java:605)
>
>                 at
> org.apache.ws.security.WSSConfig.addJceProvider(WSSConfig.java:662)
>
>                 at
> org.apache.ws.security.WSSConfig.staticInit(WSSConfig.java:306)
>
>                 at
> org.apache.ws.security.WSSConfig.<init>(WSSConfig.java:324)
>
>                 at
> org.apache.ws.security.WSSConfig.getNewInstance(WSSConfig.java:333)
>
>                 at
> org.apache.ws.security.WSSConfig.getDefaultWSConfig(WSSConfig.java:342)
>
>                 at
> org.apache.ws.security.WSSecurityEngine.getWssConfig(WSSecurityEngine.java:157)
>
>                 at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:320)
>
>                 at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:245)
>
>                 at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:198)
>
>                 at
> com.perspective.onMessage.core.Utils.WSSecurityModule.processMessage(WSSecurityModule.java:226)
>
>                 at
> com.perspective.onMessage.core.messaging.SrvRequestMessageLogHandler.invoke(SrvRequestMessageLogHandler.java:214)
>
>                 at
> org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
>
>                 at
> org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
>
>                 at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
>
>                 at
> org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
>
>                 at
> org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
>
>                 at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
>
>                 at
> org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:454)
>
>                 at
> org.apache.axis.server.AxisServer.invoke(AxisServer.java:281)
>
>                 at
> org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:699)
>
>                 at
> javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
>
>                 at
> org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:327)
>
>                 at
> javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
>
>                 at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
>
>                 at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>
>                 at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
>
>                 at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
>
>                 at
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:470)
>
>                 at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
>
>                 at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
>
>                 at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
>
>                 at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
>
>                 at
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:861)
>
>                 at
> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:606)
>
>                 at
> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
>
>                 at java.lang.Thread.run(Thread.java:662)
>
> 59819227 [http-8443-1] DEBUG org.apache.ws.security.WSSConfig  - The
> provider JuiCE could not be added:
> org.apache.security.juice.provider.JuiCEProviderOpenSSL
>
> 59819228 [http-8443-1] DEBUG
> org.apache.ws.security.processor.SignatureProcessor  - Found signature
> element
>
> 59819228 [http-8443-1] DEBUG
> org.apache.ws.security.processor.SignatureProcessor  - Verify XML Signature
>
> 59819230 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  -
> setElement("ds:Signature", "null")
>
> 59819233 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  -
> setElement("ds:SignedInfo", "null")
>
> 59819233 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  -
> setElement("ds:SignatureMethod", "null")
>
> 59819233 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  -
> setElement("ds:KeyInfo", "null")
>
> 59819237 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  -
> setElement("ds:X509IssuerSerial", "")
>
> 59819238 [http-8443-1] DEBUG
> org.apache.xml.security.keys.content.x509.XMLX509IssuerSerial  -
> X509SerialNumber text: 1444382451
>
> 59819245 [http-8443-1] INFO
> org.apache.ws.security.message.token.SecurityTokenReference  -
> X509IssuerSerial alias: tomcat-sv
>
> 59819246 [http-8443-1] DEBUG
> org.apache.xml.security.signature.XMLSignature  - SignatureMethodURI =
> http://www.w3.org/2000/09/xmldsig#rsa-sha1
>
> 59819246 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Create URI "
> http://www.w3.org/2000/09/xmldsig#rsa-sha1" class "class
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA1"
>
> 59819246 [http-8443-1] DEBUG org.apache.xml.security.algorithms.JCEMapper
> - Request for URI http://www.w3.org/2000/09/xmldsig#rsa-sha1
>
> 59819246 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA  -
> Created SignatureRSA using SHA1withRSA
>
> 59819261 [http-8443-1] DEBUG
> org.apache.xml.security.signature.XMLSignature  - jceSigAlgorithm    =
> SHA1withRSA
>
> 59819261 [http-8443-1] DEBUG
> org.apache.xml.security.signature.XMLSignature  - jceSigProvider     = BC
>
> 59819261 [http-8443-1] DEBUG
> org.apache.xml.security.signature.XMLSignature  - PublicKey = Sun RSA
> public key, 1024 bits
>
>   modulus:
> 93610425150689383187201231124099789927987329382418136869121800093428304612151708202031700417081425402958876437802098226652838894600449242632685787409432429554105152649905032574840908271409839981907623327461685416578720622552749877795736234403019908673813687072762834183958546842472520215196850762325388296303
>
>   public exponent: 65537
>
> 59819268 [http-8443-1] DEBUG
> org.apache.xml.security.utils.SignerOutputStream  - Canonicalized
> SignedInfo:
>
> 59819268 [http-8443-1] DEBUG
> org.apache.xml.security.utils.SignerOutputStream  - <ds:SignedInfo
> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
>
>
>
> <ds:CanonicalizationMethod Algorithm="
> http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
>
> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1
> "></ds:SignatureMethod>
>
> <ds:Reference URI="#id-1640824304">
>
> <ds:Transforms>
>
> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#
> "></ds:Transform>
>
> </ds:Transforms>
>
> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1
> "></ds:DigestMethod>
>
> <ds:DigestValue>Alh9rNHcaF+nzOfiFRwKC5dnOLI=</ds:DigestValue>
>
> </ds:Reference>
>
> </ds:SignedInfo>
>
> 59819274 [http-8443-1] DEBUG org.apache.xml.security.signature.Manifest  -
> verify 1 References
>
> 59819274 [http-8443-1] DEBUG org.apache.xml.security.signature.Manifest  -
> I am not requested to follow nested Manifests
>
> 59819276 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  -
> setElement("ds:Reference", "null")
>
> 59819276 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  -
> setElement("ds:Transforms", "null")
>
> 59819277 [http-8443-1] DEBUG org.apache.xml.security.algorithms.JCEMapper
> - Request for URI http://www.w3.org/2000/09/xmldsig#sha1
>
> 59819278 [http-8443-1] DEBUG
> org.apache.xml.security.utils.resolver.ResourceResolver  - I was asked to
> create a ResourceResolver and got 1
>
> 59819278 [http-8443-1] DEBUG
> org.apache.xml.security.utils.resolver.ResourceResolver  -  extra resolvers
> to my existing 4 system-wide resolvers
>
> 59819278 [http-8443-1] DEBUG
> org.apache.xml.security.utils.resolver.ResourceResolver  - check
> resolvability by class org.apache.ws.security.message.EnvelopeIdResolver
>
> 59819278 [http-8443-1] DEBUG
> org.apache.ws.security.message.EnvelopeIdResolver  - enter engineResolve,
> look for: #id-1640824304
>
> 59819283 [http-8443-1] DEBUG
> org.apache.ws.security.message.EnvelopeIdResolver  - exit engineResolve,
> result: XMLSignatureInput/Element/[soapenv:Body: null] exclude null
> comments:false/null
>
> 59819283 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  -
> setElement("ds:Transform", "null")
>
> 59819284 [http-8443-1] DEBUG
> org.apache.xml.security.utils.DigesterOutputStream  - Pre-digested input:
>
> 59819285 [http-8443-1] DEBUG
> org.apache.xml.security.utils.DigesterOutputStream  - <soapenv:Body
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="id-1640824304"><ns1:PostRq xmlns:ns1="
> http://www.ACORD.org/Standards/AcordMsgSvc/1.4.0
> "><ns1:Sender><ns1:PartyId>urn:duns:912345678</ns1:PartyId><ns1:PartyRoleCd>Reinsurer</ns1:PartyRoleCd></ns1:Sender><ns1:Receiver><ns1:PartyId>urn:duns:123456789</ns1:PartyId><ns1:PartyRoleCd>Broker</ns1:PartyRoleCd></ns1:Receiver><ns1:Application><ns1:ApplicationCd>AML</ns1:ApplicationCd><ns1:SchemaVersion>
> http://www.acord.org/schema/data/draft/ReusableDataComponents/1
> </ns1:SchemaVersion></ns1:Application><ns1:TimeStamp>2016-02-26T09:28:05Z</ns1:TimeStamp><ns1:MsgItem><ns1:MsgId>3d3dcd60-dc6b-11e5-8d07-de2796627f3b</ns1:MsgId><ns1:MsgTypeCd>RiskBoundReportProcess</ns1:MsgTypeCd></ns1:MsgItem><ns1:SecurityProfileCd>Basic</ns1:SecurityProfileCd><ns1:WorkFolder><ns1:MsgFile><ns1:FileId>cid:7F1C53A91C91DAC48E088DB79E1014A2</ns1:FileId><ns1:FileFormatCd>text/xml</ns1:FileFormatCd></ns1:MsgFile></ns1:WorkFolder></ns1:PostRq></soapenv:Body>
>
> 59819285 [http-8443-1] DEBUG org.apache.xml.security.signature.Reference
> - Verification successful for URI "#id-1640824304"
>
> 59819285 [http-8443-1] DEBUG org.apache.xml.security.signature.Manifest  -
> The Reference has Type
>
> 59819285 [http-8443-1] DEBUG org.apache.ws.security.TIME  - Verify: total=
> 57, prepare-cert= 18, verify= 39
>
> 59819285 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  -
> setElement("ds:Transform", "null")
>
> 59819287 [http-8443-1] DEBUG org.apache.ws.security.TIME  - processHeader:
> total 180, prepare 1, handle 179
>
>
>
>
>
>
>
>
>
> *Signature Validation Log – B*
>
> 75811797 [http-8443-1] DEBUG org.apache.ws.security.WSSecurityEngine  -
> enter processSecurityHeader()
>
> 75811802 [http-8443-1] DEBUG org.apache.ws.security.WSSecurityEngine  -
> Processing WS-Security header for '' actor.
>
> 75811858 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Canonicalizer.register(http://www.w3.org/TR/2001/REC-xml-c14n-20010315,
> org.apache.xml.security.c14n.implementations.Canonicalizer20010315OmitComments)
>
> 75811859 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Canonicalizer.register(
> http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments,
> org.apache.xml.security.c14n.implementations.Canonicalizer20010315WithComments)
>
> 75811860 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Canonicalizer.register(http://www.w3.org/2001/10/xml-exc-c14n#,
> org.apache.xml.security.c14n.implementations.Canonicalizer20010315ExclOmitComments)
>
> 75811860 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Canonicalizer.register(http://www.w3.org/2001/10/xml-exc-c14n#WithComments,
> org.apache.xml.security.c14n.implementations.Canonicalizer20010315ExclWithComments)
>
> 75811862 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Canonicalizer.register(http://www.w3.org/2006/12/xml-c14n11,
> org.apache.xml.security.c14n.implementations.Canonicalizer11_OmitComments)
>
> 75811862 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Canonicalizer.register(http://www.w3.org/2006/12/xml-c14n11#WithComments,
> org.apache.xml.security.c14n.implementations.Canonicalizer11_WithComments)
>
> 75811865 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(http://www.w3.org/2000/09/xmldsig#base64,
> org.apache.xml.security.transforms.implementations.TransformBase64Decode)
>
> 75811866 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(http://www.w3.org/TR/2001/REC-xml-c14n-20010315,
> org.apache.xml.security.transforms.implementations.TransformC14N)
>
> 75811867 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(
> http://www.w3.org/TR/2001/REC-xml-c14n-20010315#WithComments,
> org.apache.xml.security.transforms.implementations.TransformC14NWithComments)
>
> 75811868 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(http://www.w3.org/2006/12/xml-c14n11,
> org.apache.xml.security.transforms.implementations.TransformC14N11)
>
> 75811868 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(http://www.w3.org/2006/12/xml-c14n11#WithComments,
> org.apache.xml.security.transforms.implementations.TransformC14N11_WithComments)
>
> 75811868 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(http://www.w3.org/2001/10/xml-exc-c14n#,
> org.apache.xml.security.transforms.implementations.TransformC14NExclusive)
>
> 75811869 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(http://www.w3.org/2001/10/xml-exc-c14n#WithComments,
> org.apache.xml.security.transforms.implementations.TransformC14NExclusiveWithComments)
>
> 75811870 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(http://www.w3.org/TR/1999/REC-xpath-19991116,
> org.apache.xml.security.transforms.implementations.TransformXPath)
>
> 75811870 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(http://www.w3.org/2000/09/xmldsig#enveloped-signature,
> org.apache.xml.security.transforms.implementations.TransformEnvelopedSignature)
>
> 75811871 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(http://www.w3.org/TR/1999/REC-xslt-19991116,
> org.apache.xml.security.transforms.implementations.TransformXSLT)
>
> 75811872 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(http://www.w3.org/2002/04/xmldsig-filter2,
> org.apache.xml.security.transforms.implementations.TransformXPath2Filter)
>
> 75811872 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> Transform.register(http://www.w3.org/2002/06/xmldsig-filter2,
> org.apache.xml.security.transforms.implementations.TransformXPath2Filter)
>
> 75811875 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Init() called
>
> 75811877 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(http://www.w3.org/2000/09/xmldsig#dsa-sha1,
> org.apache.xml.security.algorithms.implementations.SignatureDSA)
>
> 75811877 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2000/09/xmldsig#dsa-sha1
> org.apache.xml.security.algorithms.implementations.SignatureDSA
>
> 75811878 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(http://www.w3.org/2000/09/xmldsig#rsa-sha1,
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA1)
>
> 75811878 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2000/09/xmldsig#rsa-sha1
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA1
>
> 75811879 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(http://www.w3.org/2000/09/xmldsig#hmac-sha1,
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA1)
>
> 75811880 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2000/09/xmldsig#hmac-sha1
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA1
>
> 75811880 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(http://www.w3.org/2001/04/xmldsig-more#rsa-md5,
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSAMD5)
>
> 75811880 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2001/04/xmldsig-more#rsa-md5
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSAMD5
>
> 75811880 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(
> http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160,
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSARIPEMD160)
>
> 75811880 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2001/04/xmldsig-more#rsa-ripemd160
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSARIPEMD160
>
> 75811881 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(
> http://www.w3.org/2001/04/xmldsig-more#rsa-sha256,
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA256)
>
> 75811881 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2001/04/xmldsig-more#rsa-sha256
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA256
>
> 75811881 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(
> http://www.w3.org/2001/04/xmldsig-more#rsa-sha384,
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA384)
>
> 75811881 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2001/04/xmldsig-more#rsa-sha384
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA384
>
> 75811882 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(
> http://www.w3.org/2001/04/xmldsig-more#rsa-sha512,
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA512)
>
> 75811882 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2001/04/xmldsig-more#rsa-sha512
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA512
>
> 75811883 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(
> http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1,
> org.apache.xml.security.algorithms.implementations.SignatureECDSA$SignatureECDSASHA1)
>
> 75811883 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2001/04/xmldsig-more#ecdsa-sha1
> org.apache.xml.security.algorithms.implementations.SignatureECDSA$SignatureECDSASHA1
>
> 75811883 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(
> http://www.w3.org/2001/04/xmldsig-more#hmac-md5,
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacMD5)
>
> 75811883 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2001/04/xmldsig-more#hmac-md5
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacMD5
>
> 75811884 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(
> http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160,
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacRIPEMD160)
>
> 75811884 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2001/04/xmldsig-more#hmac-ripemd160
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacRIPEMD160
>
> 75811884 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(
> http://www.w3.org/2001/04/xmldsig-more#hmac-sha256,
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA256)
>
> 75811884 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2001/04/xmldsig-more#hmac-sha256
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA256
>
> 75811885 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(
> http://www.w3.org/2001/04/xmldsig-more#hmac-sha384,
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA384)
>
> 75811885 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2001/04/xmldsig-more#hmac-sha384
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA384
>
> 75811885 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> SignatureAlgorithm.register(
> http://www.w3.org/2001/04/xmldsig-more#hmac-sha512,
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA512)
>
> 75811885 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Try to register
> http://www.w3.org/2001/04/xmldsig-more#hmac-sha512
> org.apache.xml.security.algorithms.implementations.IntegrityHmac$IntegrityHmacSHA512
>
> 75811893 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register
> Resolver:
> org.apache.xml.security.utils.resolver.implementations.ResolverDirectHTTP:
> A simple resolver for requests to HTTP space
>
> 75811895 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register
> Resolver:
> org.apache.xml.security.utils.resolver.implementations.ResolverLocalFilesystem:
> A simple resolver for requests to the local file system
>
> 75811895 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register
> Resolver:
> org.apache.xml.security.utils.resolver.implementations.ResolverFragment: A
> simple resolver for requests of same-document URIs
>
> 75811896 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register
> Resolver:
> org.apache.xml.security.utils.resolver.implementations.ResolverXPointer: A
> simple resolver for requests of XPointer fragents
>
> 75811898 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register
> Resolver:
> org.apache.xml.security.keys.keyresolver.implementations.RSAKeyValueResolver:
> Can extract RSA public keys
>
> 75811899 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register
> Resolver:
> org.apache.xml.security.keys.keyresolver.implementations.DSAKeyValueResolver:
> Can extract DSA public keys
>
> 75811900 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register
> Resolver:
> org.apache.xml.security.keys.keyresolver.implementations.X509CertificateResolver:
> Can extract public keys from X509 certificates
>
> 75811900 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register
> Resolver:
> org.apache.xml.security.keys.keyresolver.implementations.X509SKIResolver:
> Uses an X509v3 SubjectKeyIdentifier extension to retrieve a certificate
> from the storages
>
> 75811901 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register
> Resolver:
> org.apache.xml.security.keys.keyresolver.implementations.RetrievalMethodResolver:
> Resolves keys and certificates using ResourceResolvers
>
> 75811902 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register
> Resolver:
> org.apache.xml.security.keys.keyresolver.implementations.X509SubjectNameResolver:
> Uses an X509 SubjectName to retrieve a certificate from the storages
>
> 75811903 [http-8443-1] DEBUG org.apache.xml.security.Init  - Register
> Resolver:
> org.apache.xml.security.keys.keyresolver.implementations.X509IssuerSerialResolver:
> Uses an X509 IssuerName and IssuerSerial to retrieve a certificate from the
> storages
>
> 75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to
> bind prefixes:
>
> 75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to
> bind ds to http://www.w3.org/2000/09/xmldsig#
>
> 75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to
> bind xenc to http://www.w3.org/2001/04/xmlenc#
>
> 75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to
> bind experimental to http://www.xmlsecurity.org/experimental#
>
> 75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to
> bind dsig-xpath-old to http://www.w3.org/2002/04/xmldsig-filter2
>
> 75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to
> bind dsig-xpath to http://www.w3.org/2002/06/xmldsig-filter2
>
> 75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to
> bind ec to http://www.w3.org/2001/10/xml-exc-c14n#
>
> 75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  - Now I try to
> bind xx to
> http://www.nue.et-inf.uni-siegen.de/~geuer-pollmann/#xpathFilter
>
> 75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> XX_init                             73 ms
>
> 75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -
>  XX_prng                           0 ms
>
> 75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> XX_parsing                        11 ms
>
> 75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> XX_configure_i18n                 3 ms
>
> 75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> XX_configure_reg_c14n             12 ms
>
> 75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> XX_configure_reg_jcemapper        4 ms
>
> 75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -
>  XX_configure_reg_keyInfo          8 ms
>
> 75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> XX_configure_reg_keyResolver      7 ms
>
> 75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> XX_configure_reg_prefixes         0 ms
>
> 75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> XX_configure_reg_resourceresolver 5 ms
>
> 75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> XX_configure_reg_sigalgos         13 ms
>
> 75811904 [http-8443-1] DEBUG org.apache.xml.security.Init  -
> XX_configure_reg_transforms       10 ms
>
> 75811934 [http-8443-1] DEBUG org.apache.ws.security.WSSConfig  - The
> provider BC was added at position: 2
>
> 75811936 [http-8443-1] DEBUG org.apache.ws.security.util.Loader  -
> org.apache.security.juice.provider.JuiCEProviderOpenSSL
>
> java.lang.ClassNotFoundException:
> org.apache.security.juice.provider.JuiCEProviderOpenSSL
>
>                 at
> org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1680)
>
>                 at
> org.apache.catalina.loader.WebappClassLoader.loadClass(WebappClassLoader.java:1526)
>
>                 at
> org.apache.ws.security.util.Loader.loadClass(Loader.java:185)
>
>                 at
> org.apache.ws.security.WSSConfig.loadProvider(WSSConfig.java:605)
>
>                 at
> org.apache.ws.security.WSSConfig.addJceProvider(WSSConfig.java:662)
>
>                 at
> org.apache.ws.security.WSSConfig.staticInit(WSSConfig.java:306)
>
>                 at
> org.apache.ws.security.WSSConfig.<init>(WSSConfig.java:324)
>
>                 at
> org.apache.ws.security.WSSConfig.getNewInstance(WSSConfig.java:333)
>
>                 at
> org.apache.ws.security.WSSConfig.getDefaultWSConfig(WSSConfig.java:342)
>
>                 at
> org.apache.ws.security.WSSecurityEngine.getWssConfig(WSSecurityEngine.java:157)
>
>                 at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:320)
>
>                 at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:245)
>
>                 at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:198)
>
>                 at
> com.perspective.onMessage.core.Utils.WSSecurityModule.processMessage(WSSecurityModule.java:226)
>
>                 at
> com.perspective.onMessage.core.messaging.SrvRequestMessageLogHandler.invoke(SrvRequestMessageLogHandler.java:214)
>
>                 at
> org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
>
>                 at
> org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
>
>                 at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
>
>                 at
> org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
>
>                 at
> org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
>
>                 at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
>
>                 at
> org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:454)
>
>                 at
> org.apache.axis.server.AxisServer.invoke(AxisServer.java:281)
>
>                 at
> org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:699)
>
>                 at
> javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
>
>                 at
> org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java:327)
>
>                 at
> javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
>
>                 at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
>
>                 at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
>
>                 at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
>
>                 at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
>
>                 at
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:470)
>
>                 at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
>
>                 at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
>
>                 at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
>
>                 at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
>
>                 at
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:861)
>
>                 at
> org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:606)
>
>                 at
> org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:489)
>
>                 at java.lang.Thread.run(Thread.java:662)
>
> 75811937 [http-8443-1] DEBUG org.apache.ws.security.WSSConfig  - The
> provider JuiCE could not be added:
> org.apache.security.juice.provider.JuiCEProviderOpenSSL
>
> 75811938 [http-8443-1] DEBUG
> org.apache.ws.security.processor.SignatureProcessor  - Found signature
> element
>
> 75811938 [http-8443-1] DEBUG
> org.apache.ws.security.processor.SignatureProcessor  - Verify XML Signature
>
> 75811940 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  -
> setElement("ns2:Signature", "null")
>
> 75811943 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  -
> setElement("ns2:SignedInfo", "null")
>
> 75811943 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  -
> setElement("ns2:SignatureMethod", "null")
>
> 75811943 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  -
> setElement("ns2:KeyInfo", "null")
>
> 75811947 [http-8443-1] DEBUG org.apache.xml.security.utils.ElementProxy  -
> setElement("ns2:X509IssuerSerial", "")
>
> 75811949 [http-8443-1] DEBUG
> org.apache.xml.security.keys.content.x509.XMLX509IssuerSerial  -
> X509SerialNumber text: 604358
>
> 75811958 [http-8443-1] INFO
> org.apache.ws.security.message.token.SecurityTokenReference  -
> X509IssuerSerial alias: lloyds-exch
>
> 75811959 [http-8443-1] DEBUG
> org.apache.xml.security.signature.XMLSignature  - SignatureMethodURI =
> http://www.w3.org/2000/09/xmldsig#rsa-sha1
>
> 75811959 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.SignatureAlgorithm  - Create URI "
> http://www.w3.org/2000/09/xmldsig#rsa-sha1" class "class
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA$SignatureRSASHA1"
>
> 75811959 [http-8443-1] DEBUG org.apache.xml.security.algorithms.JCEMapper
> - Request for URI http://www.w3.org/2000/09/xmldsig#rsa-sha1
>
> 75811959 [http-8443-1] DEBUG
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA  -
> Created SignatureRSA using SHA1withRSA
>
> 75811976 [http-8443-1] DEBUG
> org.apache.xml.security.signature.XMLSignature  - jceSigAlgorithm    =
> SHA1withRSA
>
> 75811976 [http-8443-1] DEBUG
> org.apache.xml.security.signature.XMLSignature  - jceSigProvider     = BC
>
> 75811977 [http-8443-1] DEBUG
> org.apache.xml.security.signature.XMLSignature  - PublicKey = Sun RSA
> public key, 2048 bits
>
>   modulus:
> 26430731384825362242696808077633199711202753670797332780727536659131960813652566992350509167921393013813366003748544038538461902188890311123165826467140044341011862766176978150742269203625151938990165544929787829837938988000820998332488145317091742337954792664993194742301362562495035781177387750692860723060672603654968039388568042893668467974917933369415902977464977413736394694476283767728239077206845772427531671068443654802074780748359829021441038851112407179903997173832621234910670461653199651463640776709030791759891654422491840524696846497795438748682591298012408472585017460957223048794672235177868443588973
>
>   public exponent: 65537
>
> 75811984 [http-8443-1] DEBUG
> org.apache.xml.security.utils.SignerOutputStream  - Canonicalized
> SignedInfo:
>
> 75811984 [http-8443-1] DEBUG
> org.apache.xml.security.utils.SignerOutputStream  - <ns2:SignedInfo
> xmlns:ns2="http://www.w3.org/2000/09/xmldsig#"><ns2:CanonicalizationMethod
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ns2:CanonicalizationMethod><ns2:SignatureMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ns2:SignatureMethod><ns2:Reference
> URI="#Id-005f3bba-d023-1004-8580-6239465f8fb3"><ns2:Transforms><ns2:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ns2:Transform></ns2:Transforms><ns2:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1
> "></ns2:DigestMethod><ns2:DigestValue>+wCLGGkbQHYmNneaAf+/+k2QXdM=</ns2:DigestValue></ns2:Reference></ns2:SignedInfo>
>
> 75811990 [http-8443-1] WARN
> org.apache.xml.security.signature.XMLSignature  - Signature verification
> failed.
>
> 75811994 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811994 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811994 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811994 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811994 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811994 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811994 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811994 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811994 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811994 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811994 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811995 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811996 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811997 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPush (32)
>
> 75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811998 [http-8443-1] DEBUG org.apache.axis.utils.NSStack  - NSPop (32)
>
> 75811998 [http-8443-1] DEBUG org.apache.axis.i18n.ProjectResourceBundle  -
> org.apache.axis.i18n.resource::handleGetObject(empty00)
>
>
>
>
>
>
>
> -----Original Message-----
> From: "Colm O hEigeartaigh" <coheigea@apache.org>
> Sent: Thursday, 25 February, 2016 14:05
> To: users@ws.apache.org
> Subject: Re: WS-Security digital signature validation
>
> It's impossible to say what the problem is without access to the signature
> validation logs. Turn on DEBUG logging and it should tell you what the
> problem is. All of WSS4J 1.5.x is deprecated and no longer supported by the
> way.
>
> Colm.
>
> On Thu, Feb 25, 2016 at 12:12 PM, Sam Amarteifio <
> sam@perspectivetechnologies.com> wrote:
>
>> We are currently using the WSS4J (version 1.5.3) with Axis 1.4 for our
>> WS-Security digital signature validation.
>>
>>
>>
>> We use the WSSecurityEngine.ProcessSecurityHeader method to validate the
>> signature in the security header.
>>
>>
>>
>> The issue we are experiencing here is that the signature validation is
>> successful for one form of security header (Header A. see below) and fails
>> for another form of security header (Header B. see below). You will notice
>> a difference in the construct of the ‘<wsse:Security’> and ‘<ds:Signature>’
>> elements in respect of their namespace definitions.
>>
>>
>>
>> Please could someone enlighten us if we are doing something wrong or do
>> we need to upgrade to a particular version of the WSS4J WS-Security
>> library, please note we are bound at the moment to Axis 1.4.
>>
>>
>>
>> Regards,
>> Sam
>>
>>
>>
>>
>>
>> Header A.
>>
>>
>>
>> <soapenv:Envelope xmlns:soapenv="
>> http://schemas.xmlsoap.org/soap/envelope/" xmlns:soapenc="
>> http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="
>> http://www.w3.org/2001/XMLSchema" xmlns:xsi="
>> http://www.w3.org/2001/XMLSchema-instance">
>>
>>                 <SOAP-ENV:Header xmlns:SOAP-ENV="
>> http://schemas.xmlsoap.org/soap/envelope/">
>>
>>                                 <wsse:Security
>> SOAP-ENV:mustUnderstand="1" xmlns:wsse="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
>> ">
>>
>>                                                 <ds:Signature xmlns:ds="
>> http://www.w3.org/2000/09/xmldsig#">
>>
>>
>> <ds:SignedInfo>
>>
>>
>> <ds:CanonicalizationMethod Algorithm="
>> http://www.w3.org/2001/10/xml-exc-c14n#"/>
>>
>>
>> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1
>> "/>
>>
>>
>> <ds:Reference URI="#id-38">
>>
>>
>> <ds:Transforms>
>>
>>
>> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
>>
>>
>> </ds:Transforms>
>>
>>
>> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
>>
>>
>> <ds:DigestValue>vIxJAh8EITqs1uZPiC1yrt4H2DU=</ds:DigestValue>
>>
>>
>> </ds:Reference>
>>
>>
>> </ds:SignedInfo>
>>
>>
>> <ds:SignatureValue>zcaDiNn0om913HKIryt1+S4EPWXHIKH8bsQTdGDKlUepfv5yMJTLPA9PNecyAAMDF3GuT096lR5WjB2IJQClOoCobbabofvjr7GbfHV8XQLRPiykGKd8+IuiKEKHqyxClUi5strXIOw5ppFnEHkfib2h2YJQzjSptmke7PsAixgh5mDkDranYHNUE3+zdRFeLyC0ZFCeyMD45+tkdnr6koV1di5Z+dJggo4EbWIUv20OUdPblZaw6B82uMondZ/iK/Em8qniMz3FPf583vySkBlb+kLecDPrB/DidYtyDnuFicxsD2pdJ9KsPApXr5dpsnoBITiw8ZubVFbE3uZl1g==</ds:SignatureValue>
>>
>>
>> <ds:KeyInfo>
>>
>>
>> <wsse:SecurityTokenReference
>> wsu:Id="Id-18fe8f24-d993-1004-81fe-8f8827f68a2b" xmlns:wsu="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>> ">
>>
>>
>> <ds:X509Data>
>>
>>
>> <ds:X509IssuerSerial>
>>
>>
>> <ds:X509IssuerName>CN=GeoTrust DV SSL CA,OU=Domain Validated SSL,O=GeoTrust
>> Inc.,C=US</ds:X509IssuerName>
>>
>>
>>                 <ds:X509SerialNumber>604358</ds:X509SerialNumber>
>>
>>
>> </ds:X509IssuerSerial>
>>
>>
>> </ds:X509Data>
>>
>>
>> </wsse:SecurityTokenReference>
>>
>>
>> </ds:KeyInfo>
>>
>>                                                 </ds:Signature>
>>
>>                                 </wsse:Security>
>>
>>                 </SOAP-ENV:Header>
>>
>>                 <soapenv:Body wsu:Id="id-38" xmlns:wsu="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>> ">
>>
>>                                 ......
>>
>>                 </soapenv:Body>
>>
>> </soapenv:Envelope>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> Header B.
>>
>>
>>
>> <soapenv:Envelope xmlns:soapenv="
>> http://schemas.xmlsoap.org/soap/envelope/" xmlns:soapenc="
>> http://schemas.xmlsoap.org/soap/encoding/" xmlns:xsd="
>> http://www.w3.org/2001/XMLSchema" xmlns:xsi="
>> http://www.w3.org/2001/XMLSchema-instance">
>>
>>                 <SOAP-ENV:Header xmlns:SOAP-ENV="
>> http://schemas.xmlsoap.org/soap/envelope/" xmlns:ds="
>> http://www.w3.org/2000/09/xmldsig#" xmlns:wsa="
>> http://www.w3.org/2005/08/addressing"
>>
>>                                  xmlns:wsse="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
>> xmlns:wsu="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>> "
>>
>>                                  xmlns:xenc="
>> http://www.w3.org/2001/04/xmlenc#">
>>
>>                                 <wsse:Security
>> SOAP-ENV:mustUnderstand="1">
>>
>>                                                 <ds:Signature>
>>
>>
>> <ds:SignedInfo>
>>
>>
>>                 <ds:CanonicalizationMethod Algorithm="
>> http://www.w3.org/2001/10/xml-exc-c14n#"/>
>>
>>
>> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1
>> "/>
>>
>>
>> <ds:Reference URI="#MainBody">
>>
>>
>> <ds:Transforms>
>>
>>
>> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
>>
>>
>> </ds:Transforms>
>>
>>
>> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
>>
>>
>>
>> <ds:DigestValue>20WF+Eg2mHpaHbvKWVasYdNoFsw=</ds:DigestValue>
>>
>>
>> </ds:Reference>
>>
>>
>> </ds:SignedInfo>
>>
>>
>> <ds:SignatureValue>J4ItDIaW2ak6R1UwdQEHMpQHpdjZVVqsx5mxTUjVoFwRNBPpbIua54mdaIZnJJpl06AdZ1i04Kl4yx4xkvd+IzDEWvAISu0CeCQDgmB+R2BfcHwtVtqBi04lGNyIdPZJVv2y9Y5VUywgtWvOLuwydXKVpy9uA5j47LDfEuI0YbrK6+I8d6bfD+aO0I6q7+yHU6iZOUchv920r3eVMGjNfihMag80qRBPzScIWnH3kWp2iOCCJi8Q/O5nTwUI8DwW7EJXvMPVPouDzzbxYekQuOEG+GdumXKcfmeOqCDd9cqflbyUbTOpB5fFVu2qmqVOsVStNzGNn15vH8SHuibXvA==</ds:SignatureValue>
>>
>>
>> <ds:KeyInfo>
>>
>>
>> <wsse:SecurityTokenReference
>> wsu:Id="Id-fb589ba8-d9bb-1004-8f49-10246a7582f9">
>>
>>
>> <ds:X509Data>
>>
>>
>> <ds:X509IssuerSerial>
>>
>>
>> <ds:X509IssuerName>CN=VeriSign Class 3 Secure Server CA - G3,OU=Terms of
>> use at https://www.verisign.com/rpa (c)10,OU=VeriSign Trust
>> Network,O=VeriSign\, Inc.,C=US</ds:X509IssuerName>
>>
>>
>>
>> <ds:X509SerialNumber>62129071348004622724048880787045315607</ds:X509SerialNumber>
>>
>>
>> </ds:X509IssuerSerial>
>>
>>
>> </ds:X509Data>
>>
>>
>> </wsse:SecurityTokenReference>
>>
>>
>> </ds:KeyInfo>
>>
>>                                                 </ds:Signature>
>>
>>                                 </wsse:Security>
>>
>>                 </SOAP-ENV:Header>
>>
>>                 <soapenv:Body Id="MainBody" xmlns:wsu="
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
>> ">
>>
>>                 ........
>>
>>                 </soapenv:Body>
>>
>> </soapenv:Envelope>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com



Mime
View raw message