axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Abid K." <abz...@gmail.com>
Subject Re: .net and axis2/rampart
Date Tue, 25 Jan 2011 17:45:37 GMT
Hi all,

A little more information. My client has said they do the following in
.net to setup the client:

-----------
proxyClient.ClientCredentials.ClientCertificate.SetCertificate(System.Security.Cryptography.X509Certificates.StoreLocation.CurrentUser,

    System.Security.Cryptography.X509Certificates.StoreName.My,

    System.Security.Cryptography.X509Certificates.X509FindType.FindBySubjectName,

    "John Doe");
-----------

Does anyone know how I can mimic this in Rampart configuration? or how
I can change the request to contain the John Doe subject name?

Thanks

On 25 January 2011 14:37, Abid K. <abzno1@gmail.com> wrote:
> Hi,
>
> It seems the client cannot find the key with the value
> 'a7e24d986ef9fdef06efd76fb33825d502279e95'. Is it possible to specify
> the key name to something else? I think the client has given it a
> proper name.
>
> Thanks
>
> On 24 January 2011 14:11, Thilina Mahesh Buddhika <thilinamb@gmail.com> wrote:
>> It looks like the certificate used by client for signing/encrypting the
>> message is not available in the key store of the service''s end.
>> Also check the key store configurations of the service's end whether they
>> are referring to the correct key store, etc.
>> Thanks,
>> Thilina
>> Thilina Mahesh Buddhika
>> http://blog.thilinamb.com
>>
>>
>> On Mon, Jan 24, 2011 at 4:46 PM, Abid K. <abzno1@gmail.com> wrote:
>>>
>>> Sorry for not replying sooner. The client receives the following error...
>>>
>>> -----------
>>> Cannot find the X.509 certificate using the following search criteria:
>>> StoreName 'My', StoreLocation 'LocalMachine', FindType
>>> 'FindByThumbprint', FindValue
>>> 'a7e24d986ef9fdef06efd76fb33825d502279e95'.. ---&amp;gt;
>>> System.InvalidOperationException: Cannot find the X.509 certificate
>>> using the following search criteria: StoreName 'My', StoreLocation
>>> 'LocalMachine', FindType 'FindByThumbprint', FindValue
>>> 'a7e24d986ef9fdef06efd76fb33825d502279e95'.
>>> -----------
>>>
>>> The value 'a7e24d986ef9fdef06efd76fb33825d502279e95' is the SHA1 value
>>> for the certificate that seems to be used for signing the message on
>>> the client side and I assume this is then being passed to the service
>>> for verification.
>>>
>>> It seems the key cannot be found on the service side, but do you think
>>> I need to change something on the client side?
>>>
>>> Thanks
>>>
>>> On 20 January 2011 04:14, Thilina Mahesh Buddhika <thilinamb@gmail.com>
>>> wrote:
>>> > Hi,
>>> >
>>> > It seems like the service has thrown an error when trying to process the
>>> > secured request. The message being logged at RampartReceiver has the
>>> > fault
>>> > message 'An error occurred when verifying security for the
>>> > message'.
>>> >
>>> > If you can check the logs at service end, it would provide the actual
>>> > reason
>>> > for the error.
>>> >
>>> > Thanks,
>>> > Thilina
>>> >
>>> > Thilina Mahesh Buddhika
>>> > http://blog.thilinamb.com
>>> >
>>> >
>>> > On Wed, Jan 19, 2011 at 10:12 PM, Abid K. <abzno1@gmail.com> wrote:
>>> >>
>>> >> Hi, I have created a client app using Axis2/Rampart and I'm having
>>> >> difficulties getting it to work with .net/WCF(I think).
>>> >>
>>> >> My axis2.xml config contains (Also tried policy with same results):
>>> >> ...
>>> >>   <parameter name="OutflowSecurity">
>>> >>      <action>
>>> >>        <items>Signature</items>
>>> >>        <user>user</user>
>>> >>        <passwordCallbackClass>PWCBHandler</passwordCallbackClass>
>>> >>        <signaturePropFile>client.properties</signaturePropFile>
>>> >>        <signatureKeyIdentifier>DirectReference</signatureKeyIdentifier>
>>> >>      </action>
>>> >>    </parameter>
>>> >> ... etc.
>>> >>
>>> >> client.properties:
>>> >>
>>> >>
>>> >> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
>>> >> org.apache.ws.security.crypto.merlin.keystore.type=pkcs12
>>> >> org.apache.ws.security.crypto.merlin.file=key.pfx
>>> >> org.apache.ws.security.crypto.merlin.keystore.password=password
>>> >>
>>> >>
>>> >> I get the follow error:
>>> >> org.apache.axis2.AxisFault: An error occurred when verifying security
>>> >> for the message.
>>> >>        at
>>> >>
>>> >> org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:512)
>>> >>        at
>>> >>
>>> >> org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:370)
>>> >>        at
>>> >>
>>> >> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:416)
>>> >>
>>> >> Also get the following in the log:
>>> >> 2011-01-19 16:02:38 [main] [DEBUG] Request body sent
>>> >> 2011-01-19 16:02:38 [main] [DEBUG] << "HTTP/1.1 500 Internal Server
>>> >> Error[\r][\n]"
>>> >> 2011-01-19 16:02:38 [main] [DEBUG] << "HTTP/1.1 500 Internal Server
>>> >> Error[\r][\n]"
>>> >> 2011-01-19 16:02:38 [main] [DEBUG] << "Date: Wed, 19 Jan 2011
16:02:39
>>> >> GMT[\r][\n]"
>>> >> 2011-01-19 16:02:38 [main] [DEBUG] << "Server:
>>> >> Microsoft-IIS/6.0[\r][\n]"
>>> >> 2011-01-19 16:02:38 [main] [DEBUG] << "X-Powered-By: ASP.NET[\r][\n]"
>>> >> 2011-01-19 16:02:38 [main] [DEBUG] << "X-AspNet-Version:
>>> >> 2.0.50727[\r][\n]"
>>> >> 2011-01-19 16:02:38 [main] [DEBUG] << "Connection: close[\r][\n]"
>>> >> 2011-01-19 16:02:38 [main] [DEBUG] << "Cache-Control: private[\r][\n]"
>>> >> 2011-01-19 16:02:38 [main] [DEBUG] << "Content-Type:
>>> >> application/soap+xml; charset=utf-8[\r][\n]"
>>> >> 2011-01-19 16:02:38 [main] [DEBUG] << "Content-Length: 643[\r][\n]"
>>> >> 2011-01-19 16:02:38 [main] [DEBUG] << "[\r][\n]"
>>> >> ...
>>> >> 2011-01-19 16:02:38 [main] [DEBUG] ***********************
>>> >> RampartReceiver received
>>> >> <?xml version='1.0' encoding='utf-8'?><s:Envelope
>>> >> xmlns:s="http://www.w3.org/2003/05/soap-envelope"
>>> >> xmlns:a="http://www.w3.org/2005/08/addressing"><s:Header><a:Action
>>> >>
>>> >>
>>> >> s:mustUnderstand="1">http://www.w3.org/2005/08/addressing/soap/fault</a:Action><a:RelatesTo>urn:uuid:C18F4C3E6ACADFD1F31295452955592</a:RelatesTo></s:Header><s:Body><s:Fault><s:Code><s:Value>s:Sender</s:Value><s:Subcode><s:Value
>>> >>
>>> >>
>>> >> xmlns:a="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">a:InvalidSecurity</s:Value></s:Subcode></s:Code><s:Reason><s:Text
>>> >> xml:lang="en-GB">An error occurred when verifying security for the
>>> >> message.</s:Text></s:Reason></s:Fault></s:Body></s:Envelope>
>>> >>
>>> >>
>>> >> I've carried out an internet search but get no definitive answer and
>>> >> I'm hoping someone here can help.
>>> >>
>>> >> ---------------------------------------------------------------------
>>> >> To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
>>> >> For additional commands, e-mail: java-dev-help@axis.apache.org
>>> >>
>>> >
>>> >
>>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
>>> For additional commands, e-mail: java-dev-help@axis.apache.org
>>>
>>
>>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org


Mime
View raw message