Description
The algorithm factory "org.apache.ws.security.conversation.dkalgo.AlgoFactory" only recognises the algorithm:
http://schemas.xmlsoap.org/ws/2005/02/sc/dk/p_sha1
It should also recognise the p_sha1 algorithm from the more recent version of WS-SecureConversation:
http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/dk/p_sha1
Derived keys will work with the more recent version as long as the algorithm is omitted.
Here's an example of a token that won't work due to the new algorithm:
<wssc:DerivedKeyToken
wssc:Algorithm="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512/dk/p_sha1"
wsu:Id="DerivedKey-Enc-4-2aab8c8e7dcbb5783588ab810c3d8b77" xmlns:wssc="http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512">
<wsse:SecurityTokenReference>
<wsse:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKeySHA1">Y55P46dTEkU3kk4LKsY16NXwRJ0=</wsse:KeyIdentifier>
</wsse:SecurityTokenReference>
<wssc:Generation>0</wssc:Generation>
<wssc:Length>16</wssc:Length>
<wssc:Label>DerivedKey</wssc:Label>
<wssc:Nonce>A5c4yKeiuHrOeVq3kcMpMA==</wssc:Nonce>
</wssc:DerivedKeyToken>
The associated error is:
Caused by: java.lang.RuntimeException: Undefined 'No such algorithm' resource property
at org.apache.ws.security.conversation.ConversationException.getMessage(ConversationException.java:94)
at org.apache.ws.security.conversation.ConversationException.<init>(ConversationException.java:47)
at org.apache.ws.security.conversation.ConversationException.<init>(ConversationException.java:70)
at org.apache.ws.security.conversation.dkalgo.AlgoFactory.getInstance(AlgoFactory.java:42)
at org.apache.ws.security.processor.DerivedKeyTokenProcessor.deriveKey(DerivedKeyTokenProcessor.java:101)
... 35 more
Caused by: java.util.MissingResourceException: Can't find resource for bundle java.util.PropertyResourceBundle, key No such algorithm
at java.util.ResourceBundle.getObject(ResourceBundle.java:374)
at java.util.ResourceBundle.getString(ResourceBundle.java:334)
at org.apache.ws.security.conversation.ConversationException.getMessage(ConversationException.java:92)
... 39 more