SAML Assertion must be signed

See more:

webservice

Hi,

I have genearted a Soap message using Webservice, WSE 3.0 and Vs2005.

I have created Security policy and Custom SAML policy. Using Private and Public keys, Security Policy generating Security Token. And manually I have been inserting SAML token inside this security token before processing request. My problem is my custom SAML token seems to be not getting signed as I'm appending this to security token before ready to process request and getting SOAP faulut "SAML Assertion must be signed" How to overcome from this issue.


My Client call using proxy:

Dim oAOPCCCERequest As New AOPCRequestWS.CCERequestServiceWse
 policy.Assertions.Add(New CustomSecurityAssertion)
 policy.Assertions.Add(New MyCustomPolicyAssertion)
 oAOPCCCERequest.SetPolicy(policy)
 oResponse = oAOPCCCERequest.RequestCourtCaseEvent(oRequestCourtCaseEvent)

policy.Assertions.Add(New CustomSecurityAssertion) genearting Security token
policy.Assertions.Add(New MyCustomPolicyAssertion) genearting SAML token and appending inside Security token

Here is my complete request:

<soap:envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">

xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:wsa="http://schemas.xmlsoap.org/ws/2004/08/addressing" xmlns:wsse="http://docs.oasis-

open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-

wssecurity-utility-1.0.xsd">
        <soap:Header>
          <wsa:Action wsu:Id="Id-03b1a511-525e-402c-823f-

fd889402ca3e">http://10.1.30.73/ISOATS/sample.asmx/RequestCourtCaseEvent</wsa:Action>
          <wsa:MessageID wsu:Id="Id-2ddd1703-a9f8-45dd-9f52-514e850847aa">urn:uuid:813eca61-bb12-404a-8fdf-038fcba37d9e</wsa:MessageID>
          <wsa:ReplyTo wsu:Id="Id-c1befbf8-4918-4aa3-8ccd-8c2007dc1338">
            <wsa:Address>http://schemas.xmlsoap.org/ws/2004/08/addressing/role/anonymous</wsa:Address>
          </wsa:ReplyTo>
          <wsa:To wsu:Id="Id-2438f9a8-d319-472d-b752-64dc71597cdd">https://ws.test.jnet.state.pa.us/AOPC/CCERequest</wsa:To>
          <wsse:Security soap:mustUnderstand="1">
            <wsu:Timestamp wsu:Id="Timestamp-6ec3834c-6345-4442-8904-de270786bf7a">
              <wsu:Created>2011-06-15T21:50:25Z</wsu:Created>
              <wsu:Expires>2011-06-15T21:55:25Z</wsu:Expires>
            </wsu:Timestamp>
            <wsse:BinarySecurityToken ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" 

EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" xmlns:wsu="http://docs.oasis-

open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xWGc+cFQ</wsse:BinarySecurityToken>
            <Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
              <SignedInfo>
                <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" xmlns:ds="http://www.w3.org/2000/09/xmldsig#" 

/>
                <SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" />
                <Reference URI="#Id-03b1a511-525e-402c-823f-fd889402ca3e">
                  <Transforms>
                    <Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />
                  </Transforms>
                  <DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />
                  <DigestValue>Zam3/BIgrbJ4tGYgEi7HtXq7NGo=</DigestValue>
                </Reference>
               
                
              </SignedInfo>
              <SignatureValue>hlYA2bCZV9atra1L5gbQ==</SignatureValue>
              <KeyInfo>
                <wsse:SecurityTokenReference>
                  <wsse:Reference URI="#SecurityToken-0c7eed12b49" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-

token-profile-1.0#X509v3" />
                </wsse:SecurityTokenReference>
              </KeyInfo>
            </Signature>

            <saml:Assertion Version="2.0" IssueInstant="2011-06-15T17:50:25.1541068-04:00" ID="bb630560-f065-4f37-a158-4a9c585e6c7f" 

xmlns="urn:oasis:names:tc:SAML:2.0:assertion">
              <Subject>
                <NameID Format="urn:oasis:names:tc:SAML:2.0:nameid-format:unspecified">kalagara.testuser</NameID>
                <SubjectConfirmation Method="urn:oasis:names:tc:SAML:2.0:bearer" />
              </Subject>
              <AuthnStatement AuthnInstant="2011-06-15T17:50:25.1541068-04:00">
                <AuthnContext>
                  <AuthnContextClassRef>urn:oasis:names:tc:SAML:2.0:ac:classes:unspecified</AuthnContextClassRef>
                </AuthnContext>
              </AuthnStatement>
              <AttributeStatement>
                <Attribute Name="organization">
                  <AttributeValue>SOAB</AttributeValue>
                </Attribute>
              </AttributeStatement>
            </Assertion>
          </wsse:Security>
        </soap:Header>
        <soap:Body wsu:Id="Id-54ec955b-2e52-45d2-a94e-9db8295b24d5">
          <RequestCourtCaseEvent xmlns="http://jnet.state.pa.us/message/aopc/CCERequestReply/1">
            <RequestMetadata xmlns="http://www.jnet.state.pa.us/niem/jnet/metadata/1">
              <UserDefinedTrackingID>6-15-2011-17:50:20::711</UserDefinedTrackingID>
              <ReplyToAddressURI>http://xxx/ISOATS/CCEReplyService.asmx</ReplyToAddressURI>
            </RequestMetadata>            
          </RequestCourtCaseEvent>
        </soap:Body>
      </soap:Envelope></soap:envelope>

Thanks,
Srinivas Kalagara