axis-java-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Alberto G R (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (RAMPART-395) org.apache.rampart.RampartException: Missing wsse:Security header in request
Date Tue, 30 Oct 2012 14:52:11 GMT

    [ https://issues.apache.org/jira/browse/RAMPART-395?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13486919#comment-13486919
] 

Alberto G R commented on RAMPART-395:
-------------------------------------

There was an error getting private keys from the jks. Client runs fine :-)
                
> org.apache.rampart.RampartException: Missing wsse:Security header in request
> ----------------------------------------------------------------------------
>
>                 Key: RAMPART-395
>                 URL: https://issues.apache.org/jira/browse/RAMPART-395
>             Project: Rampart
>          Issue Type: Question
>         Environment: Windows 7, Weblogic 10.3.3.0, axis2-1.4.1, rampart 1.4
>            Reporter: Alberto G R
>
> Hi to all,
> I have been creating a client for a webservice deployed on my local Weblogic server.
I try to consume the web service, but I get the following errors (server and client side...):
> Server side error (console,cmd): 
> [ERROR] org/apache/xml/utils/URI$MalformedURIException
> java.lang.NoClassDefFoundError: org/apache/xml/utils/URI$MalformedURIException
>         at org.apache.ws.security.message.EnvelopeIdResolver.engineResolve(EnvelopeIdResolver.java:135)
>         at org.apache.xml.security.utils.resolver.ResourceResolver.resolve(Unknown Source)
>         at org.apache.xml.security.signature.Reference.getContentsBeforeTransformation(Unknown
Source)
>         at org.apache.xml.security.signature.Reference.dereferenceURIandPerformTransforms(Unknown
Source)
>         at org.apache.xml.security.signature.Reference.calculateDigest(Unknown Source)
>         at org.apache.xml.security.signature.Reference.verify(Unknown Source)
>         at org.apache.xml.security.signature.Manifest.verifyReferences(Unknown Source)
>         at org.apache.xml.security.signature.SignedInfo.verify(Unknown Source)
>         at org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Unknown
Source)
>         at org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Unknown
Source)
>         at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:328)
>         at org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:85)
>         at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:311)
>         at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:228)
>         at org.apache.rampart.RampartEngine.process(RampartEngine.java:146)
>         at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92)
>         at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
>         at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
>         at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163)
>         at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275)
>         at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:133)
>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:820)
>         at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
>         at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
>         at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
>         at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:183)
>         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.doIt(WebAppServletContext.java:3686)
>         at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3650)
>         at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
>         at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
>         at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2268)
>         at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2174)
>         at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1446)
>         at weblogic.work.ExecuteThread.execute(ExecuteThread.java:201)
>         at weblogic.work.ExecuteThread.run(ExecuteThread.java:173)
> ***************
> Client side error:
> Exception in thread "main" org.apache.axis2.AxisFault: Missing wsse:Security header in
request
> 	at org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:166)
> 	at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:99)
> 	at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
> 	at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
> 	at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163)
> 	at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:363)
> 	at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:416)
> 	at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228)
> 	at org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
> 	at hcdsns.notificaciones.test.Tester.consumirRecepcionPolicy2(Tester.java:270)
> 	at hcdsns.notificaciones.test.Tester.main(Tester.java:106)
> Caused by: org.apache.rampart.RampartException: Missing wsse:Security header in request
> 	at org.apache.rampart.RampartEngine.process(RampartEngine.java:117)
> 	at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92)
> 	... 9 more
> Java Result: 1
> On Server, service I want to consume services.xml is:
> <service name="RecepcionPolicy">
> 	<operation name="recepcion">
> 		<messageReceiver class="org.apache.axis2.rpc.receivers.RPCMessageReceiver"/>
> 	</operation>    
> 	<parameter name="ServiceClass" locked="false">hcdSns.notificaciones.recepcionws.WSRecepcion</parameter>
> 	<module ref="rampart" />
> 	<module ref="addressing" />
> 	<wsp:Policy wsu:Id="SigOnly" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
> 		<wsp:ExactlyOne>
> 			<wsp:All>
> 				<sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> 					<wsp:Policy>
> 						<sp:InitiatorToken>
> 							<wsp:Policy>
> 								<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
> 									<wsp:Policy>
> 										<sp:WssX509V3Token10/>
> 									</wsp:Policy>
> 								</sp:X509Token>
> 							</wsp:Policy>
> 						</sp:InitiatorToken>
> 						<sp:RecipientToken>
> 							<wsp:Policy>
> 								<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
> 									<wsp:Policy>
> 										<sp:WssX509V3Token10/>
> 									</wsp:Policy>
> 								</sp:X509Token>
> 							</wsp:Policy>
> 						</sp:RecipientToken>
> 						<sp:AlgorithmSuite>
> 							<wsp:Policy>
> 								<sp:TripleDesRsa15/>
> 							</wsp:Policy>
> 						</sp:AlgorithmSuite>
> 						<sp:Layout>
> 							<wsp:Policy>
> 								<sp:Strict/>
> 							</wsp:Policy>
> 						</sp:Layout>
> 						<sp:IncludeTimestamp/>
> 						<sp:OnlySignEntireHeadersAndBody/>
> 					</wsp:Policy>
> 				</sp:AsymmetricBinding>
> 				<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> 					<wsp:Policy>
> 						<sp:MustSupportRefKeyIdentifier/>
> 						<sp:MustSupportRefIssuerSerial/>
> 					</wsp:Policy>
> 				</sp:Wss10>
> 				<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> 					<sp:Body/>
> 				</sp:SignedParts>
> 	
> 				<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy"> 
> 					<ramp:user>localserver</ramp:user>
> 					<ramp:passwordCallbackClass>hcdSns.notificaciones.recepcionws.PWCBHandler</ramp:passwordCallbackClass>
> 					<ramp:signatureCrypto>
> 						<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
> 							<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
> 							<ramp:property name="org.apache.ws.security.crypto.merlin.file">localServer.jks</ramp:property>
> 							<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">prueba</ramp:property>
> 						</ramp:crypto>
> 					</ramp:signatureCrypto>
> 				</ramp:RampartConfig>
> 				
> 			</wsp:All>
> 		</wsp:ExactlyOne>
> 	</wsp:Policy>
> </service>
> **************
> Client policy is: 
> <wsp:Policy wsu:Id="SigOnly" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">
> 		<wsp:ExactlyOne>
> 			<wsp:All>
> 				<sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> 					<wsp:Policy>
> 						<sp:InitiatorToken>
> 							<wsp:Policy>
> 								<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
> 									<wsp:Policy>
> 										<sp:WssX509V3Token10/>
> 									</wsp:Policy>
> 								</sp:X509Token>
> 							</wsp:Policy>
> 						</sp:InitiatorToken>
> 						<sp:RecipientToken>
> 							<wsp:Policy>
> 								<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
> 									<wsp:Policy>
> 										<sp:WssX509V3Token10/>
> 									</wsp:Policy>
> 								</sp:X509Token>
> 							</wsp:Policy>
> 						</sp:RecipientToken>
> 						<sp:AlgorithmSuite>
> 							<wsp:Policy>
> 								<sp:TripleDesRsa15/>
> 							</wsp:Policy>
> 						</sp:AlgorithmSuite>
> 						<sp:Layout>
> 							<wsp:Policy>
> 								<sp:Strict/>
> 							</wsp:Policy>
> 						</sp:Layout>
> 						<sp:IncludeTimestamp/>
> 						<sp:OnlySignEntireHeadersAndBody/>
> 					</wsp:Policy>
> 				</sp:AsymmetricBinding>
> 				<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> 					<wsp:Policy>
> 						<sp:MustSupportRefKeyIdentifier/>
> 						<sp:MustSupportRefIssuerSerial/>
> 					</wsp:Policy>
> 				</sp:Wss10>
> 				<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> 					<sp:Body/>
> 				</sp:SignedParts>
> 	
> 				<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy"> 
> 					<ramp:user>localserver</ramp:user>
> 					<ramp:passwordCallbackClass>hcdsns.notificaciones.recepcionws.PWCBHandler</ramp:passwordCallbackClass>
> 					<ramp:signatureCrypto>
> 						<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
> 							<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
> 							<ramp:property name="org.apache.ws.security.crypto.merlin.file">keys/localServer.jks</ramp:property>
> 							<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">prueba</ramp:property>
> 						</ramp:crypto>
> 					</ramp:signatureCrypto>
> 				</ramp:RampartConfig>
> 			</wsp:All>
> 		</wsp:ExactlyOne>
> 	</wsp:Policy>
> I have been testing this problem, and I think Client side is ok, but Ì don`t understand
what's wrong on server side.
> Thanks for all :-)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org


Mime
View raw message