axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Ruchith Fernando" <ruchith.ferna...@gmail.com>
Subject Re: [AXIS2] encryption issues
Date Sat, 03 Jun 2006 04:58:00 GMT
Hi Anamitra,

The problem is that you don't have the bouncycastle JCE provider set
at the server side and it uses the default (SUN) JCE provider.

Where have you hosted the service? If it is Apache Tomcat please try
adding the bcprov-jdk15-132.jar (since you are on JDK 1.5) into the
lib dir of the axis2/WEB-INF directory.

If this doesn't work please try to host the service with
org.apache.axis2.transport.http.SimpleHTTPServer and make sure you
include the bcprov-jdk15-132.jar in the classpath when you start
SimpleHTTPServer.

BTW were you able to run the security sample available in the
axis2-1.0-std-bin distro?


Thanks,
Ruchith

On 6/3/06, Anamitra.Bhattacharyya@mro.com
<Anamitra.Bhattacharyya@mro.com> wrote:
>
> Hi
> I am trying to test the Axis 2 WS Security features and I have engaged the
> rampart module. I have tested the signature and the usernametoken profile
> so far but having issues with the Encrypt action. I have 2 key stores one
> for the client and another for the server. I have added the server public
> key certificate to the client store. The client is generating the request
> xml file fine [as seen the tcp monitor] but the server is giving this
> error. I have set the java.security file provider -
> security.provider.7=org.bouncycastle.jce.provider.BouncyCastleProvider.
> This was needed for the axis 1.2 - so hoping this still holds good. This
> used to work for axis 1.2. Not sure what I am missing here. Any pointer is
> appreciated.
>
> thanks
> Anamitra
>
> java.lang.ExceptionInInitializerError
>         at javax.crypto.Cipher.getInstance(DashoA12275)
>         at
> org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecuri
> tyUtil.java:686)
>         at
> org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte
> dKey(EncryptedKeyProcessor.java:116)
>         at
> org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte
> dKey(EncryptedKeyProcessor.java:84)
>         at
> org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(En
> cryptedKeyProcessor.java:76)
>         Truncated. see log file for complete stacktrace
> java.lang.SecurityException: Cannot set up certs for trusted CAs
>         at javax.crypto.SunJCE_b.<clinit>(DashoA12275)
>         at javax.crypto.Cipher.getInstance(DashoA12275)
>         at
> org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecuri
> tyUtil.java:686)
>         at
> org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte
> dKey(EncryptedKeyProcessor.java:116)
>         at
> org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte
> dKey(EncryptedKeyProcessor.java:84)
>         Truncated. see log file for complete stacktrace
> java.security.PrivilegedActionException: java.security.InvalidKeyException:
> Publ
> ic key presented not for certificate signature
>         at java.security.AccessController.doPrivileged(Native Method)
>         at javax.crypto.SunJCE_b.<clinit>(DashoA12275)
>         at javax.crypto.Cipher.getInstance(DashoA12275)
>         at
> org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecuri
> tyUtil.java:686)
>         at
> org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte
> dKey(EncryptedKeyProcessor.java:116)
>         Truncated. see log file for complete stacktrace
> java.security.InvalidKeyException: Public key presented not for certificate
> sign
> ature
>         at
> org.bouncycastle.jce.provider.X509CertificateObject.verify(Unknown So
> urce)
>         at javax.crypto.SunJCE_b.c(DashoA12275)
>         at javax.crypto.SunJCE_b.b(DashoA12275)
>         at javax.crypto.SunJCE_q.run(DashoA12275)
>         at java.security.AccessController.doPrivileged(Native Method)
>         Truncated. see log file for complete stacktrace
> >
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> For additional commands, e-mail: axis-user-help@ws.apache.org
>
>

---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org


Mime
View raw message