Menu
▾
▴
Re: [ebxmlms-general] Digital signature
|
From: Patrick Y. <kc...@ce...> - 2003-11-17 16:07:52
|
Christophe, But this seems only showing the traffic from outgoing message. What has = TCPMon captured in the incoming message? And can you please send to us = the msh.log file? Regards, -Patrick ----- Original Message -----=20 From: Larchier Christophe=20 To: ebx...@li...=20 Sent: Monday, November 17, 2003 11:04 PM Subject: RE: [ebxmlms-general] Digital signature Patrick, Finaly, I succeed to use TCPMon in listener mode. Here is the http message : OST / HTTP/1.1 Content-Type: multipart/related; type=3D"text/xml"; = boundary=3D"----=3D_Part_29_17303670.1069076816312"; charset=3D"utf-8"; = start=3D"<soappart>" SOAPAction: ebXML Content-Length: 4463 User-Agent: Java/1.4.1_03 Host: localhost Accept: text/html, image/gif, image/jpeg, *; q=3D.2, */*; q=3D.2 Connection: keep-alive ------=3D_Part_29_17303670.1069076816312 Content-Type: text/xml Content-Transfer-Encoding: binary Content-Id: <soappart> <?xml version=3D"1.0" encoding=3D"UTF-8"?> <soap-env:Envelope = xmlns:soap-env=3D"http://schemas.xmlsoap.org/soap/envelope/" = xmlns:xsi=3D"http://www.w3.org/2001/XMLSchema-instance" = xmlns:xlink=3D"http://www.w3.org/1999/xlink" = xsi:schemaLocation=3D"http://schemas.xmlsoap.org/soap/envelope/ = http://www.oasis-open.org/committees/ebxml-msg/schema/envelope.xsd"><soap= -env:Header = xsi:schemaLocation=3D"http://www.oasis-open.org/committees/ebxml-msg/sche= ma/msg-header-2_0.xsd = http://www.oasis-open.org/committees/ebxml-msg/schema/msg-header-2_0.xsd"= ><eb:MessageHeader = xmlns:eb=3D"http://www.oasis-open.org/committees/ebxml-msg/schema/msg-hea= der-2_0.xsd" eb:version=3D"2.0" = soap-env:mustUnderstand=3D"1"><eb:From><eb:PartyId>http://localhost:8080/= msh</eb:PartyId></eb:From><eb:To><eb:PartyId>http://localhost:8282</eb:Pa= rtyId></eb:To><eb:CPAId>CPA_2002</eb:CPAId><eb:ConversationId>Item_No_128= </eb:ConversationId><eb:Service>http://www.cecid.hku.hk/ebxml/service</eb= :Service><eb:Action>Order</eb:Action><eb:MessageData><eb:MessageId>200311= 17-134652218-CPA_2002.http://www.cecid.hku.hk/ebxml/service.Order.6@172.1= 6.161.154</eb:MessageId><eb:Timestamp>2003-11-17T13:46:52Z</eb:Timestamp>= </eb:MessageData></eb:MessageHeader><ds:Signature = xmlns:ds=3D"http://www.w3.org/2000/09/xmldsig#"> <ds:SignedInfo> <ds:CanonicalizationMethod = Algorithm=3D"http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></ds:Canoni= calizationMethod> <ds:SignatureMethod = Algorithm=3D"http://www.w3.org/2000/09/xmldsig#dsa-sha1"></ds:SignatureMe= thod> <ds:Reference URI=3D""> <ds:Transforms> <ds:Transform = Algorithm=3D"http://www.w3.org/2000/09/xmldsig#enveloped-signature"></ds:= Transform> <ds:Transform = Algorithm=3D"http://www.w3.org/TR/1999/REC-xpath-19991116"> = <ds:XPath>not(ancestor-or-self::node()[@soap-env:actor=3D"urn:oasis:names= :tc:ebxml-msg:actor:nextMSH"] | = ancestor-or-self::node()[@soap-env:actor=3D"http://schemas.xmlsoap.org/so= ap/actor/next"])</ds:XPath> </ds:Transform> <ds:Transform = Algorithm=3D"http://www.w3.org/TR/2001/REC-xml-c14n-20010315"></ds:Transf= orm> </ds:Transforms> <ds:DigestMethod = Algorithm=3D"http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod> <ds:DigestValue>FnX6dxx6xVfzEUKWeplzmlf6sms=3D</ds:DigestValue> </ds:Reference> <ds:Reference URI=3D"cid:Payload-0"> <ds:DigestMethod = Algorithm=3D"http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod> <ds:DigestValue>rXe6R+MQUXLN+9rnsG9JA30sElE=3D</ds:DigestValue> </ds:Reference> </ds:SignedInfo> = <ds:SignatureValue>kg9+FDNhq4qADjPOd7v1YXGo0vZrv7lPASvW71c3UvagAyaHV3V4Zg= =3D=3D</ds:SignatureValue> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate> = MIIDJTCCAuICBD+x8fAwCwYHKoZIzjgEAwUAMHgxCzAJBgNVBAYTAkZSMRUwEwYDVQQIEwxIY= XV0 = ZS1TYXZvaWUxGDAWBgNVBAcTD0FubmVjeSBsZSBWaWV1eDETMBEGA1UEChMKU29wcmFHcm91c= DEO = MAwGA1UECxMFQXh3YXkxEzARBgNVBAMTCkNocmlzdG9waGUwHhcNMDMxMTEyMDg0MDE2WhcNM= DQw = MjEwMDg0MDE2WjB4MQswCQYDVQQGEwJGUjEVMBMGA1UECBMMSGF1dGUtU2F2b2llMRgwFgYDV= QQH = Ew9Bbm5lY3kgbGUgVmlldXgxEzARBgNVBAoTClNvcHJhR3JvdXAxDjAMBgNVBAsTBUF4d2F5M= RMw = EQYDVQQDEwpDaHJpc3RvcGhlMIIBtzCCASwGByqGSM44BAEwggEfAoGBAP1/U4EddRIpUt9Kn= C7s = 5Of2EbdSPO9EAMMeP4C2USZpRV1AIlH7WT2NWPq/xfW6MPbLm1Vs14E7gB00b/JmYLdrmVClp= J+f = 6AR7ECLCT7up1/63xhv4O1fnxqimFQ8E+4P208UewwI1VBNaFpEy9nXzrith1yrv8iIDGZ3RS= AHH = AhUAl2BQjxUjC8yykrmCouuEC/BYHPUCgYEA9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMC= z0H = gmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C= /oh = NWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKLZl6Ae1UlZAFMO/7PSSoDgYQAAoGACgp0fZI2/= fLj = FAswnTiG4y3optT510AKXXqiqOX46zbT1VTsLmpPXUjR68SW6J0GllTLlPwGNVC6Fxylu9Md7= /z2 = LZ6krAHQEsS39jnQqY1G+mSTHl6B+gkxpLPjm3kW/49k/4kjFSbcypnmdzruqs/tn5rV4CQgV= Z8/ = ZeE+qj0wCwYHKoZIzjgEAwUAAzAAMC0CFQCByj7heG8HJjn+OUfYaPOAVhR7RQIUVNJVbo+W4= NwP RPGXWo56VMCUe4g=3D </ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </ds:Signature></soap-env:Header><soap-env:Body = xsi:schemaLocation=3D"http://www.oasis-open.org/committees/ebxml-msg/sche= ma/msg-header-2_0.xsd = http://www.oasis-open.org/committees/ebxml-msg/schema/msg-header-2_0.xsd"= ><eb:Manifest = xmlns:eb=3D"http://www.oasis-open.org/committees/ebxml-msg/schema/msg-hea= der-2_0.xsd" eb:version=3D"2.0"><eb:Reference eb:id=3D"Payload-0" = xlink:type=3D"simple" = xlink:href=3D"cid:Payload-0"/></eb:Manifest></soap-env:Body></soap-env:En= velope> ------=3D_Part_29_17303670.1069076816312 Content-Type: application/octet-stream Content-Transfer-Encoding: binary Content-Id: <Payload-0> <po/> ------=3D_Part_29_17303670.1069076816312-- For me, it seems to be good. Do you see something anormal? Christophe -----Message d'origine----- De : ebx...@li... = [mailto:ebx...@li...]De la part de = Patrick Yee Envoy=E9 : samedi 15 novembre 2003 15:19 =C0 : ebx...@li... Objet : Re: [ebxmlms-general] Digital signature Christophe, So you have send out the message twice using Monitor, once without = using digital signature, once with digital signature, right? Are you = using exactly the same parameters in Monitor, with only the digital = signature check box in the latter case? If the answer is yes, we have still no clue about what's happening = in your case. To further investigate, you can try to grab a very useful = tool called TCPMon from Apache AXIS project. This tool should be = installed between your Monitor and the MSH server, and it can help you = to capture all the HTTP level traffic between Monitor and MSH server, = and then forward the captured traffic out as a proxy.=20 It will be useful to capture the text/plain message to see the = cause. Regards, -Patrick ----- Original Message -----=20 From: Larchier Christophe=20 To: ebx...@li...=20 Sent: Friday, November 14, 2003 3:31 PM Subject: RE: [ebxmlms-general] Digital signature It's a loopback test. Note that the loopback test without digital signature works fine. Christophe -----Message d'origine----- De : ebx...@li... = [mailto:ebx...@li...]De la part de = Patrick Yee Envoy=E9 : jeudi 13 novembre 2003 11:32 =C0 : ebx...@li... Objet : Re: [ebxmlms-general] Digital signature Larchier, Where did you send the message to? It seems that the target end = sent back a message that is not comprehensible by Hermes. Regards, -Patrick Larchier Christophe wrote: Hi all,=20 With the MSH monitor, when I send a message with digital = signature, I get the following message in the Tomcat console :=20 javax.xml.soap.SOAPException: Invalid Content-Type:text/plain=20 at = com.sun.xml.messaging.saaj.soap.MessageImpl.verify(MessageImpl.java:159) = at = com.sun.xml.messaging.saaj.soap.MessageImpl.<init>(MessageImpl.java:91)=20 at = com.sun.xml.messaging.saaj.soap.MessageFactoryImpl.createMessage(MessageF= actoryImpl.java:32)=20 at = com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.post(HttpSOAPCon= nection.java:333)=20 at = com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection$PriviledgedPost.= run(HttpSOAPConnection.java:142)=20 at java.security.AccessController.doPrivileged(Native = Method)=20 at = com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.call(HttpSOAPCon= nection.java:115)=20 at = hk.hku.cecid.phoenix.message.transport.HttpServlet.send(Unknown Source)=20 at = hk.hku.cecid.phoenix.message.handler.HttpSender.run(Unknown Source)=20 javax.xml.soap.SOAPException: Unable to internalize message=20 at = com.sun.xml.messaging.saaj.soap.MessageImpl.<init>(MessageImpl.java:135) = at = com.sun.xml.messaging.saaj.soap.MessageFactoryImpl.createMessage(MessageF= actoryImpl.java:32)=20 at = com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.post(HttpSOAPCon= nection.java:333)=20 at = com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection$PriviledgedPost.= run(HttpSOAPConnection.java:142)=20 at java.security.AccessController.doPrivileged(Native = Method)=20 at = com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.call(HttpSOAPCon= nection.java:115)=20 at = hk.hku.cecid.phoenix.message.transport.HttpServlet.send(Unknown Source)=20 at = hk.hku.cecid.phoenix.message.handler.HttpSender.run(Unknown Source)=20 Caused by: javax.xml.soap.SOAPException: Invalid = Content-Type:text/plain=20 at = com.sun.xml.messaging.saaj.soap.MessageImpl.verify(MessageImpl.java:159) = at = com.sun.xml.messaging.saaj.soap.MessageImpl.<init>(MessageImpl.java:91)=20 ... 7 more=20 java.security.PrivilegedActionException: = javax.xml.soap.SOAPException: Unable to internalize message=20 at java.security.AccessController.doPrivileged(Native = Method)=20 at = com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.call(HttpSOAPCon= nection.java:115)=20 at = hk.hku.cecid.phoenix.message.transport.HttpServlet.send(Unknown Source)=20 at = hk.hku.cecid.phoenix.message.handler.HttpSender.run(Unknown Source)=20 Caused by: javax.xml.soap.SOAPException: Unable to internalize = message=20 at = com.sun.xml.messaging.saaj.soap.MessageImpl.<init>(MessageImpl.java:135) = at = com.sun.xml.messaging.saaj.soap.MessageFactoryImpl.createMessage(MessageF= actoryImpl.java:32)=20 at = com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection.post(HttpSOAPCon= nection.java:333)=20 at = com.sun.xml.messaging.saaj.client.p2p.HttpSOAPConnection$PriviledgedPost.= run(HttpSOAPConnection.java:142)=20 ... 4 more=20 After few minutes, I receive an error message : "Delivery = failure".=20 Thanks for your help.=20 ______________________________________=20 Christophe Larchier=20 Axway.=20 a Sopra Group company.=20 3, rue de Pr=E9 Faucon=20 PAE - Les Glaisins - BP238=20 F-74942 Annecy-le-Vieux Cedex=20 ( +33 (0)4 50 33 31 55=20 ______________________________________=20 ------------------------------------------------------- This = SF.Net email sponsored by: ApacheCon 2003, 16-19 November in Las Vegas. = Learn firsthand the latest developments in Apache, PHP, Perl, XML, Java, = MySQL, WebDAV, and more! http://www.apachecon.com/ = _______________________________________________ ebxmlms-general mailing = list ebx...@li... = https://lists.sourceforge.net/lists/listinfo/ebxmlms-general |
