java - How to use symmetric key to encrypt and sign SOAP using WSS4J -

-

i need build web-service client application using axis 1.4 access third party system (web service producer).

in order send valid request third party system need encrypt , sign soap request before sending them.

i make use of wss4j 1.5 task follow steps in link: calling owsm protected service axis 1.4 , wss4j

what understand that:

1- encrypt soap need use third party public key , decrypt using own private key.

2- sign soap need use own private key , should verify signature using public key need share them.

i did receiving error 

  faultstring: did not understand "mustunderstand" header(s)

from third party end. after checking third party team said:

"we use “username authentication symmetric key”, not maintain client certificates @ our trust store. there single shared key used both signing , encryption. hence need signing , encryption using our certificate."

this response not make sense me. understand need use third party certificate (i.e. public key) encrypt soap request.

but how can use same public key - which certificate shared them - sign soap request ?

i believe need private key in order that.

do need private key that? clarification helpful.


Comments

Post a Comment

Popular posts from this blog

c# - Where does the .ToList() go in LINQ query result -

-
when getting data populate data grid, have pulled data, made list , mapped model, this: public list<person> getpeople() { var data = _db.person.tolist(); list<person> people = new list<person>(); foreach (var item in data) { person person = new person() { personid = item.personid, firstname = item.firstname, lastname = item.lastname }; people.add(person); } return people; } this works fine, in interest of writing less code discovered .select method , (what think is) anonymous type. have: public list<person> getpeople() { return _db.person.select(d => new person { personid = item.personid, firstname = item.firstname, lastname = item.lastname }).tolist(); } though not easy read, works fine too. there preference either way? ...
Read more

Listeners to visualise results of load test in JMeter -

-
i want run load test in non-gui mode , save results in .csv file. (i have not modified .properties files, standard information saved) i plan load file , visualise results jmeter’s listeners. which listeners suited purpose? should avoid @ cost, might cause me misinterpret information? (e.g. in view results tree response data empty have - - not saved this. however, there has in fact been response. if saw listener might think there hasn’t been one. since want avoid this, listeners have gain information needed .csv file.) i’d know both jmeter listeners plugins. if running test in non-ui mode ideally should disable listeners in script. use '-l' option store test results .jtl extension. can later open jtl file jmeter. aggregate report or summary report should summarize test results , response time , throughput. if want plot graphs see trends on test duration can use http://jmeter-plugins.org/#/ standard , lib set. i suggest following listeners: response ...
Read more

android - CollapsingToolbarLayout: position the ExpandedText programmatically -

-
i using new android support design view collapsingtoolbarlayout. have need position expandedtitle programmatically. actually way set position expandedtitle in .xml file (example here: https://goo.gl/l5h5fc ) there no public api set text position programmatically , fields private . do know if it's possible without reflection or 'hacky' tricks? i have solved problem exposing properties via reflection ( https://gist.github.com/fpezzato/8e7d45112883dbbc5ffb ), works don't use trick in production code. @google: please no more private or final stuff! :)
Read more