axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ruchith Fernando" <ruchith.ferna...@gmail.com>
Subject Re: [Axis2][0.95][JDK1.4 and JDK 1.5] Still got security sample problems :)
Date Sun, 26 Mar 2006 05:38:07 GMT
Hi,

To ensure bouncycastle provider is picked up we insert it as the
second in the list of providers.
This done is each time the security handlers are invoked.

Can you please run the attached TestCipher.java snippet and verify the
above behaviour works in your _specific_ JDK version?
VERY IMPORTANT : Make sure you have bcprov-jdk13-131.jar in the classpath.

This is what I did to compile and run TestCipher.java from the same
dir that it is saved:

$ javac TestCipher.java

$ java -cp ~/.maven/repository/bouncycastle/jars/bcprov-jdk13-131.jar:.
TestCipher

Thanks,
Ruchith


On 3/26/06, Ali Sadik Kumlali <as_kumlali@yahoo.com> wrote:
> Hi Ruchith,
>
>  Thank you for your help. I want you to make sure that I didn't write my own
> code and only try to run the samples/security that comes with Axis2.
> Actually, I replaced it with the separately distributed sample listed in the
> site. I could not find a big difference other than a typo in service.xml,
> though.
>
>  Anyway, I re-checked my folder structure and build.xml according to your
> instructions, but could not find any difference. Moreover I tried followings
> with JDK 1.5:
>
>  1) Renamed c:\axis2\lib to c:\axis2\libx and ran the sample. As expected, I
>  got "c:\axis2\lib not found" ant error. Therefore, I made sure that
> build.xml is proper.
>
>  2) I did the same for c:\axis2\samples\security\lib folder and got the same
> error. Therefore, I made sure that build.xml is proper.
>
>  3) Put bcprov-jdk13-131.jar under c:\axis2\samples\security\lib and ran the
> sample. Got the "known error"[1].
>
>  4) Put bcprov-jdk13-131. jar under
> D:\programs\Java\jdk1.5.0_01\jre\lib\ext\ and ran the
> sample. Got the "known error"[1].
>
>  [1] known error:
>  ------------------------------------
>
>  c:\axis2\samples\security>ant
>
>  Buildfile: build.xml
>
>  securitySample:
>       [java] org.apache.axis2.AxisFault: WSHandler: Encryption: error during
> mess
>  age processingorg.apache.ws.security.WSSecurityException:
> An unsupported signatu
>  re or encryption algorithm was used; nested exception is:
>       [java]
> org.apache.xml.security.encryption.XMLEncryptionException:
> Canno
>  t find any provider supporting AES/CBC/ISO10126Padding
>
>      [java] Original Exception was
> java.security.NoSuchAlgorithmException:
>  ...
>  ------------------------------------
>
>  Thanks a lot.
>
>  Ali Sadik Kumlali
>
>
> Ruchith Fernando <ruchith.fernando@gmail.com> wrote:
>
>  Hi,
>
> Seems like the bouncycastle.jar is not in the classpath of the client.
> This is the JCE provider we use instead of the default impl and it
> contains implementations of the required algorithms.
>
> Please check whether you have a directory named 'lib' within in the
> samples/security directory and it should contain bcprov-jdk13-131.jar
> file [1].
> Also please check whether the build.xml that you use has the following path
> def.
>
>
>
>
>
>
>
>
>
>
> And if those are available you can see that the ant build file
> properly loads all the jars in the 'lib' directory.
>
> Thanks,
> Ruchith
>
> [1] This directory also contains :
> commons-discovery-0.2.jar
> secUtil.jar
> wss4j-SNAPSHOT.jar
> xmlsec-1.2.1.jar
>
> On 3/25/06, Ali Sadik Kumlali wrote:
> > Dear all,
> >
> > Thanks to Axis2 team, 0.95 relase has finally announced on the site.
> >
> > Happily, there is an extra download for security sample which makes me
> feel
> > I finally get rid of security sample nightmare :)
> >
> > Unfortunately and surprisingly, I can't get security sample to work and
> > still get the same errors. I've listed all my journey with the new release
> > step by step.
> >
> > Hope, I'll somehow find a way to make it work :)
> >
> > Thanks,
> >
> > Ali Sadik Kumlali
> >
> >
> >
> -------------------------------------------------------------------------------
> > TRIALS WITH JDK 1.4
> >
> -------------------------------------------------------------------------------
> > Let's make sure the Java version:
> >
> > c:\axis2\samples\security>java -version
> > java version "1.4.2_02"
> > Java(TM) 2 Runtime Environment, Standard Edition (build 1.4.2_02-b03)
> > Java HotSpot(TM) Client VM (build 1.4.2_02-b03, mixed mode)
> >
> > Let's run the sample:
> >
> > c:\axis2\samples\security>ant
> > Buildfile : build.xml
> >
> > securitySample:
> > [java] org.apache.axis2.AxisFault: WSHandler: Encryption: error during
> > mess
> > age processingorg.apache.ws.security.WSSecurityException:
> > An unsupported signatu
> > re or encryption algorithm was used; nested exception is:
> > [java]
> >
> org.apache.xml.security.encryption.XMLEncryptionException:
> & gt; Canno
>
> > t find any provider supporting AES/CBC/ISO10126Padding
> > < span style="font-family: courier;"> [java] Original Exception was
> > java.security.NoSuchAlgorithmException: Canno
> > t find any provider supporting AES/CBC/ISO10126Padding; nested exception
> > is:
> > [java]
> > org.apache.ws.security.WSSecurityException: WSHandler:
> > Encryptio
> > n: error during message
> > processingorg.apache.ws.security.WSSecurityException: An
> > unsupported signature or encryption algorithm was used; nested exception
> > is:
> > [java]
> > org.apache.xml.security.encryption.XMLEncryptionEx
> ception:
> > Canno
> > t find any provider supporting AES/CBC/ISO10126Padding
> > [java] Original Exception was
> > java.security.NoSuchAlgorithmException: Canno
> > t find any provider supporting AES/CBC/ISO10126Padding
> > [java] at
> >
> org.apache.axis2.security.WSDoAllSender.invoke(WSDoAllSender.
> > java:253)
> >
> > ...
> >
> >
> >
> -------------------------------------------------------------------------------
> > TRIALS WITH JDK 1.5
> >
> -------------------------------------------------------------------------------
> > Let's make sure the Java version:
> >
> > c:\axis2\samples\security>java -version
> > java version "1.5.0_01"
> > Java(TM) 2 Runtime Environment, Standard Edition (build 1.5.0_01-b08)
> > Java HotSpot(TM) Client VM (build 1.5.0_01-b08, mixed mode)
> >
> > Let's run the sample:
> >
> > c:\axis2\samples\security>ant
> > Buildfile: build.xml
> >
> > securitySample:
> > [java] Exception in thread "main" java.lang.NoClassDefFoundError:
> > org/apach
> > e/xpath/compiler/FuncLoader
> > [java] at
> > org.apache.ws.security.WSSConfig.(WSSConfig.java:75)<
> br>> [java] at
>
> >
> org.apache.ws.security.WSSConfig.getNewInstance(WSSConfig.jav
> > a:98)
> > [java] at
> > org.apache.ws.security.WSSConfig.(WSSConfig.java:48)
> > [java] at
> > org.apache.ws.security.WSSecurityEngine.(WSSecurityEn
>
> > gine.java:51)
> > ...
> >
> > I remembered Ruchith Fernando's advice related to JDK 1.5 & Xalan and
> > followed the link he gave:
> >
> >
> http://svn.apache.org/viewcvs.cgi/*checkout*/webservices/axis2/trunk/java/xdocs/faq.html.
> >
> > Found an item mentioned to download xalan-2.7.0.jar. I downloaded it from:
> >
> > http://www.apache.org/dist/java-repository/xalan/jars/
> >
> > and put under c:\axis2\lib but got the same error. Searched in Google for
> > org.apache.xpath.compiler.FuncLoader. What I found that
> the
> > FuncLoader.class existed in xalan-2.6.0.jar not in xalan-2.7.0.jar.
> > Finally, down loaded xalan-2.6.0.jar and put under c:\axis2\lib. This time
> I
>
> > got the same error found in JDK 1.4:
> >
> > securitySample:
> > [java] org.apache.axis2.AxisFault: WSHandler: Encryption: error during
> > mess
> > age processingorg.apache.ws.security.WSSecurityException:
> > An unsupported signatu
> > re or encryption algorithm was used; nested exception is:
> > [java]
> >
> org.apache.xml.security.encryption.XMLEncryptionException:
> > Canno
> > t find any provider supporting AES/CBC/ISO10126Padding
> > [java] Original Exception was
> > java.security.NoSuchAlgorithmException: Canno
> > t find any provider supporting AES/CBC/ISO10126Padding; nested exception
> > is:
> > [java]
> > org.apache.ws.security.WSSecurityException: WSHandler:
> > Encryptio
> > n: error during message
> > processingorg.apache.ws.security.WSSecurityException: An
> > unsupported signature or encryption algorithm was used; nested exception
> > is:
> > [java]
> >
> org.apache.xml.security.encryption.XMLEncryptionException:
> > Canno
> > ...
> >
> > Again looked in FAQ and added
> >
> >
> security.provider.7=org.bouncycastle.jce.provider.BouncyCastleProvider
> >
> > line to
> > < br>
> > d:\programs\java\jre1.5.0_06\lib\security\java.security
> >
> > file. I made sure that java -version belonged to the java installation
> > found under d:\programs\java\jre1.5.0_06. Therefore, I must had changed
> > correct java.security file.
> >
> > Finally, ran the ant script again and, unfortunately, got the same error.
> >
> >
> >
> > ________________________________
> > Yahoo! Messenger with Voice. PC-to-Phone calls for ridiculously low rates.
> >
> >
>
>
>
>
>  ________________________________
> Blab-away for as little as 1�/min. Make PC-to-Phone Calls using Yahoo!
> Messenger with Voice.
>
>
Mime
View raw message