Details
-
Bug
-
Status: Resolved
-
Blocker
-
Resolution: Not A Problem
-
None
-
None
-
Axis2-1.5..1 is installed as web app under Tomcat 5.5.28 and uses Rampart 1.4.
Running on Windows XP
Description
I run a web service under axis2 on tomcat and an axis2 java client .
The scenario is as follows: The server (server6) is known by the client. The client is not known by the server. Therefore I use a symmetric binding here.
In a 1st step I only want to sign the message, later I also want to encrypt the message.
The call of the web service is working perfectly. When processing the response from the web service the client gets the following runtime error.
I assume I do something wrong in the configuration of the symmetric binding scenario.
Thanks in advance,
Herwig
---------------------------------
org.apache.axis2.AxisFault: WSDoAllReceiver: security processing failed
at org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:214)
at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:86)
at org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72)
at org.apache.axis2.engine.Phase.invoke(Phase.java:318)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:251)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:160)
at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:364)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:417)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
at com.kohlpharma.ws7x4.WS7X4NewAccountStub.getLetterOfAgreement(WS7X4NewAccountStub.java:203)
at client.TestClient.getLetterOfAgreement(TestClient.java:171)
at client.TestClient.main(TestClient.java:93)
Caused by: org.apache.ws.security.WSSecurityException: General security error (WSSecurityEngine: No password callback supplied)
at org.apache.ws.security.processor.DerivedKeyTokenProcessor.getSecret(DerivedKeyTokenProcessor.java:220)
at org.apache.ws.security.processor.DerivedKeyTokenProcessor.extractSecret(DerivedKeyTokenProcessor.java:161)
at org.apache.ws.security.processor.DerivedKeyTokenProcessor.handleToken(DerivedKeyTokenProcessor.java:74)
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:326)
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:243)
at org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:211)
... 12 more
Service Configuration
=================
ramp:user and ramp:userCertAlias are set to server alias (server6)
service.xml
----------------
<?xml version="1.0" encoding="UTF-8"?>
<service name="WS7X4NewAccount" scope="application">
<Description>
Web Service 7x4 - New Account
</Description>
<messageReceivers>
<messageReceiver
mep="http://www.w3.org/ns/wsdl/in-out"
class="com.kohlpharma.ws7x4gen.WS7X4NewAccountMessageReceiverInOut"/>
</messageReceivers>
<parameter name="ServiceClass" locked="false">
com.kohlpharma.ws7x4.WS7X4NewAccount
</parameter>
<parameter name="useOriginalwsdl">true</parameter>
<parameter name="modifyUserWSDLPortAddress">true</parameter>
<parameter name="allowedMethods" value="getLetterOfAgreement" />
<operation name="getLetterOfAgreement" mep="http://www.w3.org/ns/wsdl/in-out" namespace="http://ws7x4.kohlpharma.com/">
<actionMapping>urn:getLetterOfAgreement</actionMapping>
<outputActionMapping>http://ws7x4.kohlpharma.com/WS7X4NewAccount/getLetterOfAgreementResponse</outputActionMapping>
<faultActionMapping faultName="WebServiceException">http://ws7x4.kohlpharma.com/WS7X4NewAccount/getLetterOfAgreement/Fault/WebServiceException</faultActionMapping>
</operation>
<service targetNamespace="http://ws7x4.kohlpharma.com">
</service>
<module ref="rampart" />
<module ref="addressing" />
<wsp:Policy Name="http://edv156-wskome.medical-intern.com/policies/P1"
wsu:Id="SymmetricBindingPolicy"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:SymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:ProtectionToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:RequireDerivedKeys/>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:ProtectionToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:TripleDesRsa15/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
<!-- Timestamp -->
<sp:IncludeTimestamp wsp:Optional="false" />
<!-- Sign -->
<sp:OnlySignEntireHeadersAndBody/>
</wsp:Policy>
</sp:SymmetricBinding>
<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<sp:Body/>
</sp:SignedParts>
<!--
<sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<sp:Body/>
</sp:EncryptedParts>
-->
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
</wsp:Policy>
</sp:Wss10>
<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
<ramp:user>server6</ramp:user>
<ramp:userCertAlias>server6</ramp:userCertAlias>
<ramp:passwordCallbackClass>com.kohlpharma.common.PWCBServerHandler</ramp:passwordCallbackClass>
<ramp:signatureCrypto>
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.file">keystore.jks</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">changeit</ramp:property>
</ramp:crypto>
</ramp:signatureCrypto>
<ramp:encryptionCrypto>
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.file">keystore.jks</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">changeit</ramp:property>
</ramp:crypto>
<ramp:decryptionCrypto>
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.file">keystore.jks</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.alias">server6</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">changeit</ramp:property>
</ramp:crypto>
</ramp:decryptionCrypto>
</ramp:encryptionCrypto>
</ramp:RampartConfig>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
</service>
Client Configuration
=================
callback classes are defined in client.axis2.xml, policy.xml and set additionally in the code. I've tried everything 
client.axis2.xml
---------------------
<axisconfig name="AxisJava2.0">
<module ref="rampart" />
<parameter name="OutflowSecurity">
<action>
<items>Timestamp Signature</items>
<!-- Username Token -->
<passwordCallbackClass>client.PWCBClientHandler</passwordCallbackClass>
<!-- Signature - Keystore read-->
<signaturePropFile>client/conf/keystore.properties</signaturePropFile>
<signatureKeyIdentifier>DirectReference</signatureKeyIdentifier>
<signatureKeyTransportAlgorithm>http://www.w3.org/2000/09/xmlenc#rsa-sha1</signatureKeyTransportAlgorithm>
<signatureParts>{}{}Body</signatureParts>
<!-- Encryption - Truststore lesen -->
<encryptionKeyTransportAlgorithm>http://www.w3.org/2001/04/xmlenc#rsa-1_5</encryptionKeyTransportAlgorithm>
<!-- Disable Signature Confirmation -->
<enableSignatureConfirmation>false</enableSignatureConfirmation>
</action>
</parameter>
<parameter name="InflowSecurity">
<action>
<items>Timestamp Signature</items>
<!-- Timestamp Token -->
<timestampStrict>false</timestampStrict>
<!-- UserName Token -->
<passwordCallbackClass>client.PWCBClientHandler</passwordCallbackClass>
<!-- Signature - Truststore lesen -->
<signaturePropFile>client/conf/keystore.properties</signaturePropFile>
<!-- Encryption - Keystore lesen -->
<decryptionPropFile>client/conf/keystore.properties</decryptionPropFile>
<!-- Disable Signature Confirmation -->
<enableSignatureConfirmation>false</enableSignatureConfirmation>
</action>
</parameter>
clients policy.xml
-----------------------
ramp:encryptionUser is set to server alias (server6)
<wsp:Policy Name="http://edv156-wskome.medical-intern.com/policies/P1"
wsu:Id="SymmetricBindingPolicy"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
<wsp:ExactlyOne>
<wsp:All>
<sp:SymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:ProtectionToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">
<wsp:Policy>
<sp:RequireDerivedKeys/>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:ProtectionToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:TripleDesRsa15/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
<!-- Timestamp -->
<sp:IncludeTimestamp wsp:Optional="false" />
<!-- Sign -->
<sp:OnlySignEntireHeadersAndBody/>
</wsp:Policy>
</sp:SymmetricBinding>
<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<sp:Body/>
</sp:SignedParts>
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
</wsp:Policy>
</sp:Wss10>
<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
<ramp:encryptionUser>server6</ramp:encryptionUser>
<ramp:passwordCallbackClass>client.PWCBClientHandler</ramp:passwordCallbackClass>
<ramp:signatureCrypto>
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.file">client_keystore.jks</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">clientclient</ramp:property>
</ramp:crypto>
</ramp:signatureCrypto>
<ramp:encryptionCrypto>
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.file">client_keystore.jks</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">clientclient</ramp:property>
</ramp:crypto>
<ramp:decryptionCrypto>
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.file">client_keystore.jks</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.alias">server6</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">clientclient</ramp:property>
</ramp:crypto>
</ramp:decryptionCrypto>
</ramp:encryptionCrypto>
</ramp:RampartConfig>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
Coding client
-------------------
As the callback class was not found simply using the policy.xml file, I have tried to set the rampart configuration manuelly here
...
ServiceClient client = stub._getServiceClient();
client.engageModule("addressing");
client.engageModule("rampart");
// get option object
Options options = client.getOptions();
// EndpointReference targetEprRef = new EndpointReference(targetEpr);
// set username / password
options.setUserName("testapojava1");
options.setProperty("user", "testapojava1");
// set rampart config
RampartConfig rc = new RampartConfig();
Properties merlinProp = new Properties();
merlinProp.put("org.apache.ws.security.crypto.merlin.file", "client_keystore.jks");
merlinProp.put("org.apache.ws.security.crypto.merlin.keystore.type", "jks");
merlinProp.put("org.apache.ws.security.crypto.merlin.keystore.password", "clientclient");
CryptoConfig cryptoConfig = new CryptoConfig();
cryptoConfig.setProvider("org.apache.ws.security.components.crypto.Merlin");
cryptoConfig.setProp(merlinProp);
rc.setEncrCryptoConfig(cryptoConfig);
rc.setSigCryptoConfig(cryptoConfig);
rc.setDecCryptoConfig(cryptoConfig);
rc.setUser("testapojava1"); // necessary
rc.setEncryptionUser("server6");
rc.setPwCbClass("client.PWCBClientHandler");
// set policy
Policy policy = loadPolicy("C:/usr/workspace/WSTestClient_NewAccount/build/client/conf/policy.xml");
policy.addAssertion(rc);
options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, policy);
...
Request send by client
--------------------------------
POST /axis2/services/WS7X4NewAccount HTTP/1.1
Content-Type: text/xml; charset=UTF-8
SOAPAction: "urn:getLetterOfAgreement"
User-Agent: Axis2
Host: 127.0.0.1:8081
Transfer-Encoding: chunked
800
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
<wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-4">
<wsu:Created>2010-05-28T08:25:04.322Z</wsu:Created>
<wsu:Expires>2010-05-28T08:30:04.322Z</wsu:Expires>
</wsu:Timestamp>
<wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="CertId-E6FAF9654A5312632512750351039631">MIIEBjCCAu6gAwIBAgIJAJAykBkpRUN4MA0GCSqGSIb3DQEBBQUAMIGJMQswCQYDVQQGEwJERTEPMA0GA1UEBxMGTWVyemlnMRMwEQYDVQQKEwprb2hscGhhcm1hMRcwFQYDVQQLEw5rb2hscGhhcm1hIEVEVjEVMBMGA1UEAxMMVGVzdEFwb0phdmExMSQwIgYJKoZIhvcNAQkBFhVoZGF2aWRAa29obHBoYXJtYS5jb20wHhcNMTAwMzExMTQxNDE0WhcNMjAwMzA4MTQxNDE0WjCBiTELMAkGA1UEBhMCREUxDzANBgNVBAcTBk1lcnppZzETMBEGA1UEChMKa29obHBoYXJtYTEXMBUGA1UECxMOa29obHBoYXJtYSBFRFYxFTATBgNVBAMTDFRlc3RBcG9KYXZhMTEkMCIGCSqGSIb3DQEJARYVaGRhdmlkQGtvaGxwaGFybWEuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyjYi6q6jJ3InLY9dkuzxw5hU5bh7yoNhmtxmrDqpkG8wkn5fPSV+5Zn/cGfLJLrQssPNK1pgjq4Uh56oa78/Ifs9hgdtNxbF6ypUfqMS/sRkZBqNUUcZKfApfY+tuCJD/G+2j3Y0lGU39R2dg3/wh9kWbbRuBaP87Xq5uJThRkMUAmruDXltHLcacFIjJT5QJsn3WpYyRzyKzeyrLJbJoMYZ3Io01KgmQVEHdWAHY1M6dUt4TpQAm2PcOCHb62ZCmZHKzZXislb69FCkqVGV5tSPJb+JKSHl+Q7wtUpW25JVAZElqZIyhBHUDb7Z3C2QRGvkHhezq2Kik7Mbgks4cQIDAQABo28wbTAJBgNVHRMEAjAAMAsGA1UdDwQEAwIE8DA0BgNVHSUELTArBggrBgEFBQcDAgYIKwYBBQUHAwgGCisGAQQBgjcKAwMGCWCGSAGG+EIEATAdBgNVHQ4EFgQUfhb9hJQXiiDwSOc/dYqA8O9ZbGgwDQYJKoZIhvcNAQEFBQADggEBAFvYWTlviZ0SeKAXINMpBB800mq2YqTaxeIrx0sEdAHhE3XnTQWucP+aSNernTPYfPMMtM9naPqniCzx8xyMq9M4wbQVUiiQrCFz+d0tQ25nLrMJbXo8HLFfSJKNgpgcgwGfgi7gXTvA4PfbCxKZegXSzw1wm412uC5Jt8b5AXgK3Cdv5u7fRd6ERB/Rw2iWvF4sP1hR4t4+cL/6hGWQlpmrZrzKG07mnwbqBoNlXnZTIUfF18Il9SvYAv0gnKD8MdVpcWDMBRZxBvALkm4buUjQ13FzAe2f5fGVxHyuVpfaF5EYYa3aIsu+t5vfMyf/R3/v6YOkAbjVyWK0V9K7pFsVlo=</wsse:BinarySecurityToken>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-2">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
<ds:Reference URI="#id-3">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>UB0Rrb4Io4e+rgGYBuaM8Pba5xk=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>ReDl748A91jo2Bd469f4NUjx7HDIJOS4DgnzlVTa4Tcvuzr04H+XkAaBwutjPwzAa8TmZVUcBSIgT+3tbwBSxnKUPAk6fUe+HA4H0RZBLvrkqIgOUFkghzMGjsv4xIK69H64bJsoVhaTTrw1HWv2AeVMWkMNhHqzI467wTcqoejEu3v/PpCVIQ/1wBtsz77XwW6Gp2T7YQRVBzbyTbVJPfpkLy2fvl1HGgEa++ClXIWasCnW+xWaJodAVnpufWr/cLwhu3O523pa3QE/mXiYY8ja4iBJN4BdvnLSnxxvw8vCnJ8KItrtKKya5yhO4u+MjDHTI4aVcdk5IFFKBfDNkw==</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-E6FAF9654A5312632512750351039632">
<wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-E6FAF9654A5312632512750351039633">
<wsse:Reference URI="#CertId-E6FAF9654A5312632512750351039631" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"></wsse:Reference>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
<wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-1">
<wsu:Created>2010-05-28T08:25:03.948Z</wsu:Created>
<wsu:Expires>2010-05-28T08:30:03.948Z800</wsu:Expires>
</wsu:Timestamp>
<xenc:EncryptedKey Id="EncKeyId-E6FAF9654A5312632512750351044795">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5"></xenc:EncryptionMethod>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference>
<wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier">nPB7TM1rFUDwQgAoIrs/e8cYGx8=</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>spTfVbRN0t62NqVDKmO0i0nUhSOeSE+kIcorYnL+dsT7aDpdHZGMLZ+xG6C54AE21Rzzojvn1KMwn5K7BzTZ1/uHBpgqEcBv7tNgkYg2VGW0MbIs3K3GRdvmYSMD6cqJWvfTp9ZPFkA/sSSOC47b85Hmfhhajp9QFM9n+LPC72s=</xenc:CipherValue>
</xenc:CipherData>
</xenc:EncryptedKey>
<wsc:DerivedKeyToken xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="derivedKeyId-5">
<wsse:SecurityTokenReference>
<wsse:Reference URI="#EncKeyId-E6FAF9654A5312632512750351044795" ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey"></wsse:Reference>
</wsse:SecurityTokenReference>
<wsc:Offset>0</wsc:Offset>
<wsc:Length>24</wsc:Length>
<wsc:Nonce>N793yAlM668s1AQm6gvg3w==</wsc:Nonce>
</wsc:DerivedKeyToken>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-6">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1"></ds:SignatureMethod>
<ds:Reference URI="#id-3">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>UB0Rrb4Io4e+rgGYBuaM8Pba5xk=</ds:DigestValue>
</ds:Reference>
<ds:Re54aference URI="#Timestamp-4">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>gK2kN707ebfkex+bBeNeFgSOZ/Y=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>HuaF/3PQEJ/gJHPJ6fPf2S9mdHs=</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-E6FAF9654A5312632512750351045106">
<wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-E6FAF9654A5312632512750351045107">
<wsse:Reference URI="#derivedKeyId-5"></wsse:Reference>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
<wsa:To>http://edv156-wskome.medical-intern.com:8081/axis2/services/WS7X4NewAccount</wsa:To>
<wsa:MessageID>urn:uuid:32CBE5CDB1DA839B471275035103729</wsa:MessageID>
<wsa:Action>urn:getLetterOfAgreement</wsa:Action>
</soapenv:Header>
<soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-3">
<ns1:getLetterOfAgreement xmlns:ns1="http://ws7x4.kohlpharma.com/">
<ns1:LetterOfAgreementRequest>
<ns1:customer>
<ns1:custId>100584</ns1:custId>
</ns1:customer>
</ns1:LetterOfAgreementRequest>
</ns1:getLetterOfAgreement>
</soapenv:Body>
</soapenv:Envelope>
Response send by server
------------------------------------
HTTP/1.1 200 OK
Server: Apache-Coyote/1.1
Content-Type: text/xml;charset=UTF-8
Transfer-Encoding: chunked
Date: Fri, 28 May 2010 08:25:05 GMT
dac
<?xml version='1.0' encoding='UTF-8'?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing">
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1">
<wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-4">
<wsu:Created>2010-05-28T08:25:05.072Z</wsu:Created>
<wsu:Expires>2010-05-28T08:30:05.072Z</wsu:Expires>
</wsu:Timestamp>
<wsc:DerivedKeyToken xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="derivedKeyId-5">
<wsse:SecurityTokenReference>
<wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1">3jHnkINI9gbCrYe5aQKh7zqowiY=</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
<wsc:Offset>0</wsc:Offset>
<wsc:Length>24</wsc:Length>
<wsc:Nonce>TBv+wL9NbtLHJDhhYt+Mkw==</wsc:Nonce>
</wsc:DerivedKeyToken>
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-6">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#hmac-sha1" />
<ds:Reference URI="#Id-8713829">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>jZ4ztbeK2KSnWBCkO2U6j6wcHwU=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#Timestamp-4">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
<ds:DigestValue>ZvSm746bKP59fxDIB+Gtz0SrPeM=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>HlKwOeUX6IJm4MDwcrStfBnlSho=</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-F37B34F8F458473FF412750351050723">
<wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-F37B34F8F458473FF412750351050724">
<wsse:Reference URI="#derivedKeyId-5" />
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
<wsa:Action>http://ws7x4.kohlpharma.com/WS7X4NewAccount/getLetterOfAgreementResponse</wsa:Action>
<wsa:RelatesTo>urn:uuid:32CBE5CDB1DA839B471275035103729</wsa:RelatesTo>
</soapenv:Header>
<soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-8713829">
<ns1:getLetterOfAgreementResponse xmlns:ns1="http://ws7x4.kohlpharma.com/">
<ns1:return>
<ns1:data>
<ns1:generalInformation>
<ns1:text>Dies ist der Informationstext der 7x4 Pharma.</ns1:text>
</ns1:generalInformation>
<ns1:agreement>
<ns1:text>Dies ist die Einverst�ndniserkl�rung der 7x4 Pharma.===20100528102504791===</ns1:text>
<ns1:timeStamp>20100528102504822</ns1:timeStamp>
</ns1:agreement>
</ns1:data>
<ns1:status>
<ns1:msgSet>
<ns1:count>1</ns1:count>
<ns1:msg>
<ns1:msgCode>0</ns1:msgCode>
<ns1:msgText>Okay</ns1:msgText>
<ns1:msgType>S</ns1:msgType>
<ns1:no>1</ns1:no>
</ns1:msg>
</ns1:msgSet>
<ns1:statusType>S</ns1:statusType>
</ns1:status>
</ns1:return>
</ns1:getLetterOfAgreementResponse>
</soapenv:Body>
</soapenv:Envelope>