Skip to main content

ws-client.xml

1 reply [Last post]
kkmayer
Offline
Joined: 2011-09-06
Points: 0

I generated the artifacts for a web service using wsimort and wrote a client to test it. This works fine until I add the X509Token policy to test the client. I am getting a WSS1816: Error occurred while resolving KeyIdentifier, XWSSecurityException: No Matching public key

The request from the client is working:
INFO: WSP5018: Loaded WSIT configuration from file: file:/home/kmayer/git/GoogleProv/target/classes/META-INF/wsit-client.xml.
Completed webservice call
---[HTTP request - https://wsdev.colorado.edu:443/GoogleProv/PostOptIn]---
Content-type: text/xml;charset=utf-8
Soapaction: "http://ws.googleprov.se.oit.colorado.edu/PostOptIn/optUserInRequest"

The response returns the Invalid security error:
---[HTTP response - https://wsdev.colorado.edu:443/GoogleProv/PostOptIn - 500]---
Transfer-encoding: chunked
null: HTTP/1.1 500 Internal Server Error
Content-type: text/xml;charset=utf-8
Connection: close
Server: Apache
Date: Fri, 16 Nov 2012 18:07:57 GMT
<?xml version='1.0' encoding='UTF-8'?>wsse:InvalidSecurityWSS1816: Error occurred while resolving KeyIdentifierWSS1816: Error occurred while resolving KeyIdentifier

I have placed the wsit-client.xml, serviceName.xml in the META-INF directory. they are attached. I think the PKI is the problem. The public key was extracted from the client keystore and placed on the server.

The attached files are appended deliberately with the .txt label so they can be uploaded.

thanks for looking at this.

AttachmentSize
PostOptInService_clean.txt7.28 KB
wsit-client.txt375 bytes

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
kkmayer
Offline
Joined: 2011-09-06
Points: 0

The answer was to make certain the certs are exported and imported on the client and server. See http://www.jroller.com/gmazza/entry/creating_certificates_with_openssl.
also...,
For tomcat, to pick up the updated keystore, it is necessary to restart:
https://www.globalsign.com/support/install/install_tomcat.php