Skip to main content

.Net 2.0 WSE 3.0 client -> Metro 1.3 server --- problem w/ UsernameToken

2 replies [Last post]
jchamberlain
Offline
Joined: 2006-08-02

I have a service hosted in Metro 1.3 that is protected using UsernameToken. For metro clients this is working fine. I am not trying to verify that .Net 2.0 w/ WSE 3.0 is compatible with the same service. Initially I had some problem with the way the wsdl is generated causing me to write a servlet to re-write the wsdl for .Net clients so they can generate stubs. After getting the calls to work unsecured, I moved on and started on getting it to work with security enabled using "Username with Symmetric Key" setting.

When I configure the .Net policy to send the usernametoken it appears to authenticate correctly, but always fails on the following error:

Nov 4, 2008 2:51:49 PM com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl getPrivateKey
SEVERE: WSS0222: Unable to locate matching private key for [B@540d33de using Callback Handler.
Nov 4, 2008 2:51:49 PM com.sun.xml.ws.security.opt.impl.incoming.KeySelectorImpl resolveKeyIdentifier
SEVERE: WSS1377: An Execption occured while trying to resolve KeyInfo
com.sun.xml.wss.XWSSecurityException: No Matching private key for Wi4kCppUdQeS1EKz3sPM3siI7+o= thumb print identifier found

Anyone have ideas on what is wrong?

Is there anyway to configure metro to just accept a usernametoken without the symmetric key? The transport will be secured and there will be no itermediaries for these requests so I would be interested in how to turn that off if I can't resolve the problem.

I attached the policy portion of wsit config for the server and the wse3 policy used by the client.

Thanks for the help in advance,

James

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
jdg6688
Offline
Joined: 2005-11-02

>
> Is there anyway to configure metro to just accept a
> usernametoken without the symmetric key? The
> transport will be secured
Yes, using the Message Authentication with SSL with Netbeans.

jdg6688
Offline
Joined: 2005-11-02

This happens when the cert you used to encrypt the message on the client
side is not the one in the server keystore.