WS-Security czyli bezpieczeństwo Web Services na bazie protokołu SOAP

WS-Security czyli bezpieczeństwo Web Services na bazie protokołu SOAP

W artykule https://javaleader.pl/2020/01/09/porownanie-stylu-rest-i-protokolu-soap/ opisałem różnice jakie występują między stylem REST i SOAP. Zdecydowanie pod względem bezpieczeństwa wygrywa w tym starciu SOAP. W artykule tym opiszę natomiast standard WS-Security który zapewnia mechanizmy ochronne wymiany wiadomości SOAP, takie jak integralność, poufność i uwierzytelnienie. Standard ten został opracowany i po raz pierwszy opublikowany przez firmy takie jak: Microsoft, IBM i Verisign. W zakresie szyfrowania fragmentów dokumentów XML WS-Security opiera się na XML Encryption (w skrócie XMLENC – od 10 grudnia 2002 jest rekomendacją W3C) oraz XML Digital Signature (w skrócie XMLDS – od 12 lutego 2002 jest rekomendacją W3C). Ten artykuł to rozszerzenie następujących projektów o implementację standardu WS-Security:

Projekty te opisane są w odpowiednio w artykułach:

Zaczniemy od pierwszego projektu – javaleader-calc-osgi – zabezpieczenie usługi:

Plik pom.xml dodajemy zależność:

<dependency>
    <groupId>org.apache.wss4j</groupId>
    <artifactId>wss4j-ws-security-common</artifactId>
    <version>2.1.8</version>
</dependency>

wygenerowanie pliku *.jks (z ang. Java Key Store):

keytool -genkeypair -alias javaleader.pl -keyalg RSA -keysize 2048 -sigalg SHA256withRSA -validity 365 -keystore javaleader.jks

wygenerowany plik zamieszczamy w katalogu:

META-INF/wsdl/labs/javaleader.jks

Klasa PasswordCallback:

public class PasswordCallback implements CallbackHandler {
    public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
        for (int i = 0; i < callbacks.length; i++) {
            WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
 
            int usage = pc.getUsage();
 
            if (usage == WSPasswordCallback.USERNAME_TOKEN) {
 
                if (pc.getIdentifier().equals("myuser"))
                    pc.setPassword("mypassword");
 
            } else {
                if ((usage != WSPasswordCallback.SIGNATURE)
                        && (usage != WSPasswordCallback.DECRYPT))
                    continue;
                System.out.println("pc.getIdentifier() " + pc.getIdentifier());
                pc.setPassword("passwordserverjks");
            }
        }
    }
}

Plik META-INF/spring/server_sign.properties:

org.apache.ws.security.crypto.merlin.keystore.type     = jks
org.apache.ws.security.crypto.merlin.keystore.password = passwordserverjks
org.apache.ws.security.crypto.merlin.file              = META-INF/labs/javaleader.jks
org.apache.ws.security.crypto.merlin.keystore.alias    = javaleader.pl

Plik META-INF/MANIFEST.MF:

Bundle-SymbolicName: osgi-example
Bundle-Version:   1.0.0.SNAPSHOT
Import-Package:   pl.javaleader;version="1.0.0.SNAPSHOT",org.osgi.framework,org.apache.cxf.ws.security.wss4j,javax.security.auth.callback,org.apache.cxf,org.apache.wss4j.common.ext
Export-Package:   pl.javaleader;version="1.0.0.SNAPSHOT"
Bundle-Activator: pl.javaleader.Activator

Plik META-INF/spring/beans.xml:

<jaxws:endpoint
        id = "calcService"
        implementor = "pl.javaleader.ws.CalculatorImpl"
        address = "/calcService">
    <jaxws:inInterceptors>
        <ref bean="requestInterceptor" />
    </jaxws:inInterceptors>
 
</jaxws:endpoint>
 
<bean id="requestInterceptor" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
    <constructor-arg>
        <map>
            <entry key="action" value="Timestamp Signature Encrypt"/>
            <entry key="signaturePropFile"     value = "META-INF/spring/server_sign.properties" />
            <entry key="decryptionPropFile"    value = "META-INF/spring/server_sign.properties" />
            <entry key="passwordCallbackClass" value = "pl.javaleader.security.PasswordCallback" />
        </map>
    </constructor-arg>
</bean>

Podczas próby wywołania usługi zostanie wywołany kod zdefiniowany w interceptorze. Projekt należy zainstalować z użyciem szyny ESBApache Service Mix następującym oto poleceniem:

install mvn:pl.javaleader/javaleader-calc-osgi/1.0.0-SNAPSHOT

Projekt drugi – cxf-wsdl-to-java:

Plik pom.xml dodajemy zależność:

<dependency>
    <groupId>org.apache.cxf</groupId>
    <artifactId>cxf-rt-ws-security</artifactId>
    <version>2.4.1</version>
</dependency>

Klasa PasswordCallback:

public class PasswordCallback implements CallbackHandler {
    public void handle(Callback[] callbacks) throws IOException,UnsupportedCallbackException {
        for (int i = 0; i < callbacks.length; i++) {
            WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
 
            int usage = pc.getUsage();
 
            if (usage == WSPasswordCallback.USERNAME_TOKEN) {
 
                if (pc.getIdentifier().equals("myuser"))
                    pc.setPassword("mypassword");
 
            } else {
                if ((usage != WSPasswordCallback.SIGNATURE)
                        && (usage != WSPasswordCallback.DECRYPT))
                    continue;
                 System.out.println("pc.getIdentifier() " + pc.getIdentifier());
 
                pc.setPassword("passwordserverjks");
            }
        }
    }
}

Plik META-INF/wsdl/labs/client_sign.properties:

org.apache.ws.security.crypto.merlin.keystore.type     = jks
org.apache.ws.security.crypto.merlin.keystore.password = passwordserverjks
org.apache.ws.security.crypto.merlin.file              = META-INF/wsdl/labs/javaleader.jks
org.apache.ws.security.crypto.merlin.keystore.alias    = javaleader.pl

Wygenerowany plik *.jks zamieszczamy w katalogu META-INF/wsdl/labs/javaleader.jks

Plik client-beans.xml:

<?xml version="1.0" encoding="UTF-8"?>
<beans xmlns="http://www.springframework.org/schema/beans"
       xmlns:jaxws="http://cxf.apache.org/jaxws"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="
http://www.springframework.org/schema/beans http://www.springframework.org/schema/beans/spring-beans.xsd
http://cxf.apache.org/jaxws http://cxf.apache.org/schemas/jaxws.xsd">
 
    <jaxws:client id="calcClient"
                  serviceClass="pl.javaleader.ws.Calculator"
                  address="http://localhost:8181/cxf/calcService" >
 
    <jaxws:outInterceptors>
        <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
        <constructor-arg>
 
                <map>
                    <entry key="action" value="Timestamp Signature Encrypt"/>
                    <entry key="user" value="javaleader.pl" />
                    <entry key="signaturePropFile" value = "META-INF/wsdl/labs/client_sign.properties" />
                    <entry key="encryptionPropFile" value = "META-INF/wsdl/labs/client_sign.properties" />
                    <entry key="encryptionUser" value="javaleader.pl" />
                    <entry key="signatureKeyIdentifier" value="DirectReference"/>
                    <entry key="passwordCallbackClass" value="pl.javaleader.security.PasswordCallback"/>
                    <entry key="signatureParts" value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>
                    <entry key="encryptionParts" value="{Element}{http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>
                    <entry key="encryptionKeyTransportAlgorithm" value="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
                    <entry key="encryptionSymAlgorithm" value="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
                    <entry key="signatureAlgorithm" value="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
                </map>
 
        </constructor-arg>
        </bean>
    </jaxws:outInterceptors>
 
    </jaxws:client>
</beans>

Przy próbie wysłania zapytania zostanie wykonany kod zaimplementowany w interceptorze.

Klasa startująca – Demo:

public class Demo {
 
    public static void main(String args[]) {
 
        System.setProperty("com.sun.xml.ws.transport.http.client.HttpTransportPipe.dump", "true");
        System.setProperty("com.sun.xml.internal.ws.transport.http.client.HttpTransportPipe.dump", "true");
        System.setProperty("com.sun.xml.ws.transport.http.HttpAdapter.dump", "true");
        System.setProperty("com.sun.xml.internal.ws.transport.http.HttpAdapter.dump", "true");
 
        ApplicationContext context = new ClassPathXmlApplicationContext("/client-beans.xml");
 
        Calculator soap = (Calculator) context.getBean("calcClient");
 
        System.out.println(soap.addidtion(2,3));
    }
}

Aby podejrzeć zapytanie SOAP należy ustawić powyżej pokazane zmienne systemowe. Uruchamiamy aplikację – w wyniku zauważyć możemy, że zapytanie które wychodzi od klienta jest prawidłowo zaszyfrowane:

<?xml version="1.0"?>
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
  <soap:Header>
    <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" soap:mustUnderstand="1">
      <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="EK-5B2A99F93DF5C2F46B15836197405184">
        <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
        <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
          <wsse:SecurityTokenReference>
            <ds:X509Data>
              <ds:X509IssuerSerial>
                <ds:X509IssuerName>CN=JavaLeader.pl,OU=javaleader,O=javaleader,L=pl,ST=pl,C=pl</ds:X509IssuerName>
                <ds:X509SerialNumber>379273991</ds:X509SerialNumber>
              </ds:X509IssuerSerial>
            </ds:X509Data>
          </wsse:SecurityTokenReference>
        </ds:KeyInfo>
        <xenc:CipherData>
          <xenc:CipherValue>JTMdGpsA328yBkdzLNkJXQOvAnoxrIfelOM0QOdqPScOq4Yf2qa1kExK+P6sqTRM89Cj2G3WE/WMYeIy4r4c4OExJJCuF2AvZjKFoz9qLnGajpwy8RbRhVba+GPiC3j0Kn263x40n5mm8R5YpokDYBVy2c8AU9t1Q2ofL0S4TVexykalz5Mb0n6P1/XRjTauohMlLTFzgv+x7LXIgwF+pEKesNTgxONi6aJC/bez0t5iXPJp7QcPk8vGo7NXPCLh/Y29aatzOV+93JJa5vDiTqZhi4WJLy3OXsWCMNPJjjIzGNH5v8cLsGDZL8YZS7pMfdfYsZlihKkq22ed6CFhug==</xenc:CipherValue>
        </xenc:CipherData>
        <xenc:ReferenceList>
          <xenc:DataReference URI="#ED-4"/>
          <xenc:DataReference URI="#ED-5"/>
        </xenc:ReferenceList>
      </xenc:EncryptedKey>
      <wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="X509-5B2A99F93DF5C2F46B15836197389961">MIIDcTCCAlmgAwIBAgIEFptDBzANBgkqhkiG9w0BAQsFADBpMQswCQYDVQQGEwJwbDELMAkGA1UECBMCcGwxCzAJBgNVBAcTAnBsMRMwEQYDVQQKEwpqYXZhbGVhZGVyMRMwEQYDVQQLEwpqYXZhbGVhZGVyMRYwFAYDVQQDEw1KYXZhTGVhZGVyLnBsMB4XDTIwMDMwNzE0MjIzM1oXDTIxMDMwNzE0MjIzM1owaTELMAkGA1UEBhMCcGwxCzAJBgNVBAgTAnBsMQswCQYDVQQHEwJwbDETMBEGA1UEChMKamF2YWxlYWRlcjETMBEGA1UECxMKamF2YWxlYWRlcjEWMBQGA1UEAxMNSmF2YUxlYWRlci5wbDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKKlvCB8VIMkIkZkupGBO5q0UdGS2PkG1yuDSfKo/utWiqck6Gbkgr/ARt9iGzdHH32R0fToHN+ozUrylz87eTqSbKEmWJxEa6EtAdTX9odhsaq5kgA4eMTlljmCFz5uI2iwm7VozDbgwXTR1yeVc1B0C79GH7qWmbod2oFYFHM2RQvYXCRF2YsmgAaM9Sq75s9C4lrPJKyom5xZWwtgjUtLTvi6Cj1nYmVE0ne9XEsyEwpo3gAPupjhfNBf6Wwj4Xe6ZLHZPxgYi8igJvMvbOwwuJrp/Ggzx3yprY29C6NY07GBvHm9MivSliE+e1KHKVvfY5OYOsXiim/aj13vSR0CAwEAAaMhMB8wHQYDVR0OBBYEFFprvR+pbA7lG/3bYesiECPZ4KByMA0GCSqGSIb3DQEBCwUAA4IBAQBDKV7tiWZxLimDspD0WDHiGrsqKVO3iKgmIOLO3S62K5t+DEqCLO8pz3V6afkSw3ATMcxfJwF9/N8q3kVxnKZlXCcE4vgplZs9T6xA2DUAEHREzCcexick8pGXdtkngdgXXFTqyqBoxl1vCKBru1DlVu0wh7UHbXOwhzSU8TWyo7JA0/kh43IJ+Em0mnwglLes9C+2Hl4rZv9IHkUL7tW4pI8JB0JbPC/euKadP5Jt3rBitQoEoVL1NBigVVDGsH84ywaFN/tqrvDemkukCS4vJI1F5kI1a84VNrL4/I5MveWwcZhlnRlqb/1mn61AAWAAfOTh8OTOQyDD0pTkUdDy</wsse:BinarySecurityToken>
      <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="ED-4" Type="http://www.w3.org/2001/04/xmlenc#Element">
        <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
        <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
          <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd" wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey">
            <wsse:Reference URI="#EK-5B2A99F93DF5C2F46B15836197405184"/>
          </wsse:SecurityTokenReference>
        </ds:KeyInfo>
        <xenc:CipherData>
          <xenc:CipherValue>54XrxAQLrL9exzTNq/S/fj2lDe5Chvr+YPq5zwXG4yDWe+0QMnSNPeDPu4LWbyc7q1hPRloV7x0F
DzmyrR407Dt5A6UKAuVeORdMIAROm596rDqRw6sWk0w7kqWtsDaVO4W99OE41cBKcnOFwFbwL0JH
lj62MCaMiJFG+RWm5yd4OXpPbDaswZeXpPuBlHrbFB/EZ5R+iphflq8QRXwfwCZXkZ/Ue2kzGyjW
EZCTXW2RDpc/Bpf2dqDh0HMgn1OT+tm9cbAr9N2YrpUssieN17qrLcJ437sLLBndXgEO5nyumNFw
ng5LiJ2dd0Jhim+9YYzltM4OiZGsUW1e7B5sIvQgdAW+OqEqinmDsLDn4GIX8YBeCYUjdl/pTSLE
Z4H7zOGYuH9DRuXC7gQtwvUMTYNdnoB9OVhd8/36elkZ1BSeRzSgr1GpkMImG2vKr6ze5NHUJ2f9
ZLTZHntc9R49JqpAkelzsPvEH89A55bXW3/sBtiM1yCxdzwHM+hFvVcgM1rq+RaUJJ/mnR56FgSC
MrVB5FRqfLnLXllsTH1cvCIt6eSLz0BOw7vVUJAtesz7Sb2f/EUYR9rBA+XESkr2U/qJK/aslwnQ
ps/d1rqpImnyX1HWNuMng6XcV0NMJaWiIyit5UCmN8Ti18EQQN8f7wy5GiWLDOoHt4w80J/KPwTO
F3BmCWCBL6cOoOOy5lmQ4lH4WyJAsl5uVPkw5Jo03xuIFG2QC7ZnwklqYomDCqjCR8sHvySB72tM
eGjg+wu7a7KLRokseAaFwcIUvZfSU8zkcQ4KWvYZWlZMTioqiQwtCkyzvniEWZi+REouSUkfweYb
S/BGScooffoX5LaaL0BBdrp1pf9pskQI6cQRGdCM5neq4kjQdc+6bq43lhhMcPfmle3vM5Gj0SH1
o8qHpCGAauCONs0ywK5TCO82sgfeO47zAxbuVW0ZWrB9QKAtooynkaQKMZKJ8dWjDkVuRRO+hVif
h0xwJwS2YaElV/jcPhlJ1HKImKBmpHbFAH0Awx3kDA2rDu/ZUaACrZcAENfxJXoeq2oOV1wWiFXe
ZKWx76Oq8N6cx9orwKvlHZiLVgQBJP0YunBG+8vlQLB11wn5Nk3d6E2CXATO2bJUGxt7dJ2SDXoe
wCDbMSyF98C5+8TtuWoubRp/cTI3JLfa9/pJFcd5ZpaDPctBOC1owutMibrV7s3/wpd7A8Bu0qKx
6aoSPakG7kLv7XqXpgDRSmJ1Plpew6o9B7rDkWoXn1vuB/IPkiY4q+n0HdSaWfjbqogNZtng00Fl
kdCwOwyQH7ns8iLzUZBHWaMkJeyHm8OnT8HXkG7HIDxfZQ80dBjFM66Bnzg4NW3kj9ApDcjOidxB
QkTzk8gewDp0+cEKsKTe/KScYI9M8/hwUz/uLfPsQesKOS/AMF3g7219qoG6EEiwW4p/oxFs6pPe
qDraKQgJyosRcde8UKSED97N57b5IKTwgSW8lSOkBwBVOhSCj39g+AVdPZljvnr2BRhBcy7QAYzv
GWw8PksWy21d2E3wNxgKc/TWGkr4ccWP3URfuD7wNDj8NKKGW568Ti+myDw8HfvOuK+O3CP+wRSV
MLH9iukNUwCsuswNdQLwxxm363Jm4S8gsO34dzuG47VfzH7g8+TXkglfE64UnqUWQB3RDLwXN9Kb
3s2CHTlc73+Ui8KtLJ7GJpSowkHdE9DRlK8bY5KKc0vPqhXpn9WhMmO/p2hGle15nu9QemuDuHFE
rKqu5lRsKEEaC5S3aU8HjQVS3guyuhVrVvjp4gMXgPUQf9CTQW1Vh5nlx8WpR9wDzG6pwuR1c/d/
uNfk+B2VGxxYcoLi/enrrLUKJHi/+ieAussUuPuj0M9CUa2FgqG6wqCkjOhSkaAxkCXCiy3L072f
8cqe1z/BmRO9cckFEQQ71tdPT7zOT8G7KxLKkvycx3feiYV4DjFLanBFcuz/+TdfP5Phg5JvKsfc
vvscOsm1UBxNa5nzvjTjaS5LNLBcWJTyrty9wxhHVziBBcWS/FY1h5I9hVZR1RQNDkgRtIUGE0r/
p4kHaNh9qJ3VwUJxkRqMVO823aHNybvRCrvi0bKdgH1jXWY/I9G5lbcg4m2LqTQ/sI547e+51l2a
TZQRuYrwMvHZi7r/0WV4yyWgswZhOCAT0iwoeCH31IteUIYbDALcnDiM0mbHZFIL22yUSYoIbY8E
z+IV93gl0jfDH2jkIxSyeXYyDNqCjOP6Sq4/oW4ATh6cetHGNoefh6nvL9V+z0I/QgleQ00JdsCd
mQZ8IIwUfpTljZiN2Mmp+ENXw5NQh36iXqX22Bp2EUFm7a+yQ6qom4o3JLHY6ixuareNz71XBLgK
/VDgo2BXrW6zu7m+tI1qF6XFsprQTLaCg613KuJ9sd1bnz5Tqx5tkm/lKxTtixWcAtd9oIU2Chde
v9/C1aADc4HunmDSOJLIjORpVx6w31EzcKfwBJj1Fz8Ysmk+l1RgN/gasyXX1TWASUGTCpRfnazf
kKVVa2btqbZXB5PDBto4XWDzszzro8h/fbmUxD4P+NCI5zyvBZpFSUrrdSo7mwEDohIf5L05tVos
BxTDD9D1E6wCCG9nSrsSA6nJqusI02aAbpENyLwkXn0hDmzV8iKXhnPq16q1Pyt/XqsdSxxTHRTe
MDMj2nHipAM6gimtAm1S/mwrkRtf/SMlMLdZABmYmzUcD8yNshgDbpPGFzy0gE0mveq53LiWKvAH
XduXblPQ17v5wdjyDkW+73T8O2D7JEvK1S+yQYHVUHm+qhami3J0xjBrOU+6ZWXVClyXIzRNfa/1
ks4K7QG4+kBrUQZ6JtYc5ISnFye8LcTt5/LFgme7gx7OFhRWh2hCQBjGKad1feX+NNIedoafp2cc
mpc0XxTgSLyXQooBqzeViWo0xr8Gm+vP9X6ku+LtE/WNBnSe5P/60FJ8qIrk66OW7VEFujtEykuQ
rCrPAXwyho4LnfkGlNZAm9cnJu7R4TrxlFcp2CLZwPvOBNlm5dz1sxs=</xenc:CipherValue>
        </xenc:CipherData>
      </xenc:EncryptedData>
      <wsu:Timestamp wsu:Id="TS-1">
        <wsu:Created>2020-03-07T22:22:18.964Z</wsu:Created>
        <wsu:Expires>2020-03-07T22:27:18.964Z</wsu:Expires>
      </wsu:Timestamp>
    </wsse:Security>
  </soap:Header>
  <soap:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-2">
    <xenc:EncryptedData xmlns:xenc="http://www.w3.org/2001/04/xmlenc#" Id="ED-5" Type="http://www.w3.org/2001/04/xmlenc#Content">
      <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
      <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
        <wsse:SecurityTokenReference xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd" wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey">
          <wsse:Reference URI="#EK-5B2A99F93DF5C2F46B15836197405184"/>
        </wsse:SecurityTokenReference>
      </ds:KeyInfo>
      <xenc:CipherData>
        <xenc:CipherValue>pjCZtkMlxL3aF+xrVB2xFlzq1fy5z7S1kybYRpFYUpG/NNtYBwC8+iQRJJIPrEEVQC8OjYaVaEgA
7MJZNrrsaSqkGSYGXHb53ZYekeSSdHjYUDj7EU3xXuesCtgOrcyBVVp8nHSjHyBiHtN+y6xXS/GA
Sr4Nxmk5ktr8Wf5J7tfxZ/8HMY/RsnkF/4O8p0ZnYp2Y3V6ilk8JV/RTpeIceTpZN/TC3QoL5wc2
Cl237rV9DppgnNxUOA==</xenc:CipherValue>
      </xenc:CipherData>
    </xenc:EncryptedData>
  </soap:Body>
</soap:Envelope>

Powyższy komunikat jest również poprawnie odszyfrowany przez zdefiniowaną w projekcie javaleader-calc-osgi usługę.

Zobacz kod na GitHubie i zapisz się na bezpłatny newsletter!

.

Leave a comment

Your email address will not be published.


*