Forum Discussion

dkozlows's avatar
dkozlows
Occasional Contributor
6 years ago

An invalid security token was provided (Bad ValueType X509v3)

Hi,

 

I created a simple mock that encrypts the response. I have also created a client whose task is to decrypt this data, but each time he receives an WSS error:

 

  • Mon Sep 02 09:59:40 CEST 2019:ERROR:org.apache.ws.security.WSSecurityException: An invalid security token was provided (Bad ValueType "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3")
  • org.apache.ws.security.WSSecurityException: An invalid security token was provided (Bad ValueType "http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3")
  • at org.apache.ws.security.str.BSPEnforcer.checkBinarySecurityBSPCompliance(BSPEnforcer.java:70)
  • at org.apache.ws.security.str.EncryptedKeySTRParser.parseSecurityTokenReference(EncryptedKeySTRParser.java:117)
  • at org.apache.ws.security.processor.EncryptedKeyProcessor.getCertificatesFromEncryptedKey(EncryptedKeyProcessor.java:309)
  • at org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:126)
  • at org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:65)
  • at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:402)
  • at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:309)
  • at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:254)
  • at com.eviware.soapui.impl.wsdl.support.wss.IncomingWss.processIncoming(IncomingWss.java:113)
  • at com.eviware.soapui.impl.wsdl.submit.transports.http.support.attachments.WsdlSinglePartHttpResponse.processIncomingWss(WsdlSinglePartHttpResponse.java:47)
  • at com.eviware.soapui.impl.wsdl.submit.transports.http.support.attachments.WsdlSinglePartHttpResponse.(WsdlSinglePartHttpResponse.java:39)
  • at com.eviware.soapui.impl.wsdl.submit.filters.HttpPackagingResponseFilter.wsdlRequest(HttpPackagingResponseFilter.java:70)
  • at com.eviware.soapui.impl.wsdl.submit.filters.HttpPackagingResponseFilter.afterAbstractHttpResponse(HttpPackagingResponseFilter.java:49)
  • at com.eviware.soapui.impl.wsdl.submit.filters.AbstractRequestFilter.afterRequest(AbstractRequestFilter.java:64)
  • at com.eviware.soapui.impl.wsdl.submit.transports.http.HttpClientRequestTransport.sendRequest(HttpClientRequestTransport.java:276)
  • at com.eviware.soapui.impl.wsdl.WsdlSubmit.run(WsdlSubmit.java:119)
  • at java.util.concurrent.Executors$RunnableAdapter.call(Unknown Source)
  • at java.util.concurrent.FutureTask.run(Unknown Source)
  • at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
  • at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
  • at java.lang.Thread.run(Unknown Source)

I assume that if soapui has encrypted data, he should also be able to decrypt it :)
Can anyone help?

 

  • Hi dkozlows,

     

    Were you able to find the root cause of this issue?

    I am facing the same on my side.

    Any idea how to fix it?

     

    Thanks so much