WS-Security-Configuration issue.

kriszc · November 13, 2009, 7:46pm

Hi All

webMethods IS (7.1.2 )is consuming a webservice which is secured.

The partner has given us certificates and partner keys. The following steps have been followed

Configure the CA certificate directory in Cerificates in the navigation panel.
Added a webservice endpoint alias with private key and certificates properties.
changed the consumer wsdl to facilitate the security requirements where we added a security handler, assigned a policy name and an endpoint alias.

I am not sure if this is the right approach, or we are missing anything , but when the webservice is called we are getting the following soap fault

com.webMethods.ws.security.SecurityException: WS Security processing failed : Error while reading the private key/certificates from the Web service endpoint.

The above error has an obvious message, but wondering what might have been wrong with my configuration.

Thanks
Krishna

gupta_r.17495 · November 13, 2009, 8:54pm

After configuring certificates.did you restart IS and see how it works?

Also make sure you did followed every step described in the WS Developer documentation:

“Adding an Endpoint Alias for a Consumer Web Service Descriptor” focus mainly (HTTPTransport,WS Security properties wrt Policy File assertion and Request (Outbound Security) section in the usage/resolution order)

In Security > Certificates, set the full path of the certificates and private key.

HTH,
RMG

kriszc · November 14, 2009, 2:05am

Thanks

We did restart the server. I read through the documentation thoroughly to see if I might have missed anything. We are still getting the same error.

We opened a SR with SoftwareAG to help us with this issue.

Thanks a lot again for your help

gupta_r.17495 · November 14, 2009, 4:53am

Sure…Pls let us know the outcome…

-RMG

kriszc · November 19, 2009, 2:52am

HI RMG

We are having different issues with configuration. We slowly narrowed down to the issue. Here are our set of issues and how we addressed them except for the last one.

First we did not have the fullpath of the certificates - Solution: We fixed the paths to the full path name
We were trying to give the host name as Integration server’s host name rather than giving the partner’s host name in the web service end point alias - Solution : We fixed this by giving the right host name and port.
We did not have the right certificate from the partner - Solution :Our partner provided the right certificate which works
Current Issue - The calls are going through now , but we are getting a soap faultcom.webMethods.ws.security.SecurityException: Request does not contain required Security header: [{XML-Signature Syntax and Processing}Signature] Our partner says that they are not receiving the soap header properly as SAML assertions are present and Signatures are not present.

I need to find out a way to put SAML assertions . I was applying a Digitital Signature policy as the policy name after assigning the ws secuity handler in the WSDL.

Not sure what I am missing here. Any ideas ?

Thanks

gupta_r.17495 · November 19, 2009, 3:35am

Looks like you made lot progress…

Plz check this article regarding SAML support comments:

[URL]http://advantage.webmethods.com/article/?id=SR-1-70632091[/URL]

I have not dealt with SAML assertions,cannot comment on this one.

HTH,
RMG