Comments (7)
The initial values of the dropdown boxes in the plugin UI should be the default values as per WSS. Please advise if this is not the case.
It is not necessary to specify default as this is not a recognized value as in SoapUI.
from jmeter-wssecurity.
Hi @CuriousQA
Is this still an issue or can this be closed?
from jmeter-wssecurity.
Apologies for the delayed response. I tried the initial values but it still doesn't get through the result.
from jmeter-wssecurity.
I just had a quick look through the WSS spec and can't find any default values defined there.
However, SoapUI's defaults translate to wss4j default values, e.g. for signature:
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
That doesn't really help resolve your issue I suppose, so let's compare what SoapUI (assuming that works) and this plugin generate.
Perhaps you could provide samples of the wss headers?
from jmeter-wssecurity.
<ds:Signature Id="SIG-398" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
ds:SignedInfo
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="soap" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#TS-396">
ds:Transforms
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="wsse soap" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
ds:DigestValuezBVHWCL5dI3dbECjh5jjCDM5VYg=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-397">
ds:Transforms
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
ds:DigestValuepoIW7Y/IpOcjz7a1kIGlhTQjjs0=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
ds:SignatureValueYAKsBk6THUwMFXrtRr0Q3Hzrfj7qzhIdUZ8WeZW3D0suO46e6twCCPAcfGrvB0Lm58kJspeXeizmduq3LDn9F48lkvRqL1eO3tV1SS01n/4rU8H70WMnm3zyblycjNfV4NkGwpTQznJHSoFDQ8KnMcfAdK3MQsvBZz5FhyIRilQ=</ds:SignatureValue>
<ds:KeyInfo Id="KI-4B2C50BEB05E6BFD261536604573240318">
<wsse:SecurityTokenReference wsu:Id="STR-4B2C50BEB05E6BFD261536604573240319">
ds:X509Data
ds:X509IssuerSerial
ds:X509IssuerNameCN=service</ds:X509IssuerName>
ds:X509SerialNumber1380226828</ds:X509SerialNumber>
</ds:X509IssuerSerial>
</ds:X509Data>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
-_Encryption part
<xenc:EncryptedData Id="ED-4" Type="http://www.w3.org/2001/04/xmlenc#Content" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
<wsse:Reference URI="#EK-9588191B63F746F59615366045725234"/>
I have tried with the above combinations, but didnot work. Appreciate your assistance in this.
from jmeter-wssecurity.
@CuriousQA
First of all, the xml tags are not coming through in normal text, so you may want to enclose xml in three backticks ```
You didn't mention whether your xml is from a (working) SoapUI request or a (failing) Jmeter request.
Can you please clarify and provide both, for comparison.
If you could also provide JMeter log output (start JMeter with command line options -Lorg.apache.wss4j=DEBUG -Lnz.co.breakpoint=DEBUG
from jmeter-wssecurity.
This issue has been automatically closed because there has been no response to our request for more information from the original author. With only the information that is currently in the issue, we don't have enough information to take action. Please reach out if you have or find the answers we need so that we can investigate further.
from jmeter-wssecurity.
Related Issues (20)
- For signature part, enable to sign based on ID HOT 2
- Add the saml token inside the wssec header HOT 3
- Timestamp pre-processor not getting signed HOT 9
- SOAP Message Decrypter: Failed HOT 2
- BinarySecurityToken is not getting signed
- Decrypter with multiple keys
- Scripts fail with NPE after version upgrade due to missing attachments element
- Missing support for "http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p" Key Encryption Algorithm HOT 1
- Add Support for Key Encryption Algorithm = http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p HOT 2
- try to sign with jks file (with private key inside HOT 2
- WSM-00081: The X.509 certificate is not signed. HOT 5
- Configure signature key and timestamp in jmeter HOT 4
- SOAP Message Username Token adding nonce / created even if it's false HOT 1
- Final request not signed HOT 1
- DerivedKeyToken Implementation HOT 6
- SOAP Message Signer as a post processor HOT 7
- Can we call this security jar files using maven. HOT 1
- Webservice security version HOT 6
- saml2:Assertion HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jmeter-wssecurity.