[Wss4r-users] Calls to wse
Rob Anderson
rob.anderson at london.com
Tue Apr 17 08:02:29 EDT 2007
Does anyone have any experience of using WSS4R to talk to a WSE
service (ie .Net)?
The xml folder in the top level of the wss4r distribution contains an
example xml called wse-signed.xml. This shows the timestamp element
appearing before the binary signature token.
The README file refers to a corresponding TestNET.rb client which
presumably would generate this call, but the client is missing from
the /examples/clients folder
Using the standard signature code example like this:
def sign(driver)
sign_cert = OpenSSL::X509::Certificate.new(File.read("../
certificates/xxx.crt"))
pkey = OpenSSL::PKey::RSA.new(File.read("../certificates/
privkey.pem"))
x509 = X509SecurityToken.new(sign_cert, pkey)
signature = Signature.new(x509)
driver.security().add_security_token(signature)
end
produces an xml call where the timestamp appears AFTER the binary
signature token, which is rejected as invalid by a WSE service
running on Websphere 5.
I am at my wit's end trying to fix this so any help from anyone would
be very welcome
-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://rubyforge.org/pipermail/wss4r-users/attachments/20070417/d462c758/attachment.html
More information about the Wss4r-users
mailing list