http://blog.redstream.nl/2009/01/20/testing-oracle-wsms-web-service-signing-and-verifying-with-soapui/ Pragmatic Integrators Wed, 11 Aug 2010 06:58:15 +0000 hourly 1 http://blog.redstream.nl/2009/01/20/testing-oracle-wsms-web-service-signing-and-verifying-with-soapui/comment-page-1/#comment-388 Review Oracle WSM: Securing Your Web Services | Redstream Blog Mon, 09 Nov 2009 21:40:33 +0000 http://www.pascalalma.net/?p=395#comment-388 [...] The description of testing the setup in chapter 6 is not correct. The test as described sends an unsigned request and checks if the response is signed. But in the configuration of the web service in this chapter the incoming request must be signed, so the test will always fail. The quick workaround is of course to disable the checking of incoming request. But a nicer solution would be to send in a signed request. To do this I used SoapUI as described here. [...] [...] The description of testing the setup in chapter 6 is not correct. The test as described sends an unsigned request and checks if the response is signed. But in the configuration of the web service in this chapter the incoming request must be signed, so the test will always fail. The quick workaround is of course to disable the checking of incoming request. But a nicer solution would be to send in a signed request. To do this I used SoapUI as described here. [...]

]]>