Using servicemix 3.2, JDK1.6, RHEL3, I am trying to invoke an external web service that runs on Geronimo using Spring Web Services 1.1 based on WS-Security code from WSIT (FCS 1.0)
When I send a message from the bus to MyProviderService, it invokes the external web service and I can see that the message payload looks OK, the certificate serial nr and issuer are OK, and the XML signing elements are present. BUT on the destination side, the messages are rejected with 'XML signature validation failure'. Tracing the code, I can see that the certificate is found in the destination keystore - the failure seems to be with the signature result itself. When send a signed message from Synapse instead, to the same destination service, it works! Seems there's still a problem with XML signing even after 3.1.1. What web service toolkit was servicemix's signing tested against? As a workaround, if I can't use the http component, can I get CXF to do outbound WS-Security? Or maybe I can do it via CXF support in Camel? (No documentation at all for that, though) As a last resort I can generate my own stub using some WS toolkit that works, and deploy it as a component, but I don't really want to do that every time. My config is below. Thanks for any ideas! <?xml version="1.0" encoding="UTF-8"?> <beans xmlns:http="http://servicemix.apache.org/http/1.0"; xmlns:sr="http://domain/apps/ourapp/"; xmlns:soap="http://servicemix.apache.org/soap/1.0";> <http:endpoint service="sr:MyProviderService" endpoint="myProvider" role="provider" soap="true" soapVersion="1.1" locationURI="http://machine:port/theservice"; wsdlResource="classpath:provider.wsdl"> <http:policies> <soap:ws-security sendAction="Signature" username="xyz"> <soap:crypto> <bean class="org.apache.servicemix.soap.handlers.security.StandaloneCrypto"> <property name="keyStoreUrl" value="classpath:store.jks" /> <property name="keyStorePassword" value="***" /> <property name="keyPassword" value="***"/> </bean> </soap:crypto> </soap:ws-security> </http:policies> </http:endpoint> </beans> -- View this message in context: http://www.nabble.com/WS-Security-with-http-component---outgoing-XML-signature-problem-tf4805953s12049.html#a13749162 Sent from the ServiceMix - User mailing list archive at Nabble.com.
