AnsweredAssumed Answered

WS-Security Order of Processing the Headers

Question asked by sudarsunperumal on Oct 30, 2018
Latest reply on Oct 31, 2018 by sudarsunperumal

In the "Virtual HTTPS Listener" Step Filters, I've added the Data Protocol Filter which processes the request for Signature Verification and Timestamp receipt. When i make a request from SoapUI, this works as expected.

 

In the scenario where the order of Signature and Timestamp is interchanged, the VSM throws and exception as follows

 

WSDoAllReceiver: security processing failed (actions mismatch) : Message results contains [Signature, Timestamp], but you have configured [Timestamp, Signature]

 

I need the "Virtual HTTPS Listener" to verify the WS-Headers irrespective of th order in which the Timestamp and Signature are sent in the request.

 

Any help is highly appreciated. Thank in advance.

Outcomes