axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Anamitra.Bhattachar...@mro.com
Subject Re: [AXIS2] encryption issues [Interesting findings]
Date Wed, 07 Jun 2006 18:02:35 GMT
ok done the test
1>dropped the file [the zip file that u gave me] and renamed it to jar in
my repository/services folder
2>started the weblogic 9.1 server [with the bc....jar file no more in the
system classpath]
3>got this error
ogic Server with Java HotSpot(TM) Client VM Version 1.5.0_04-b05 from Sun
Micros
ystems Inc.>
<Jun 7, 2006 1:56:11 PM EDT> <Info> <Management> <BEA-141107> <Version:
WebLogic
 Server 9.1  Mon Dec 12 19:26:33 EST 2005 689178 >
<Jun 7, 2006 1:56:19 PM EDT> <Info> <WebLogicServer> <BEA-000215>
<Loaded
Licens
e : C:\bea9\license.bea>
<Jun 7, 2006 1:56:19 PM EDT> <Notice> <WebLogicServer> <BEA-000365>
<Server
stat
e changed to STARTING>
<Jun 7, 2006 1:56:19 PM EDT> <Info> <WorkManager> <BEA-002900>
<Initializing sel
f-tuning thread pool>
<Jun 7, 2006 1:56:20 PM EDT> <Notice> <Log Management> <BEA-170019>
<The
server
log file
C:\bea9\user_projects\domains\harrierdomain\servers\harrier\logs\harrie
r.log is opened. All server side log events will be written to this file.>
<Jun 7, 2006 1:56:25 PM EDT> <Notice> <Security> <BEA-090082> <Security
initiali
zing using security realm myrealm.>
<Jun 7, 2006 1:56:31 PM EDT> <Notice> <WebLogicServer> <BEA-000365>
<Server
stat
e changed to STANDBY>
<Jun 7, 2006 1:56:31 PM EDT> <Notice> <WebLogicServer> <BEA-000365>
<Server
stat
e changed to STARTING>
- Deploying module : addressing-1.0
- Deploying module : rampart-1.0
- Deploying module : soapmonitor-1.0
- Invalid service  SimpleService.jar due to
java.lang.ExceptionInInitializerErro
r
        at javax.crypto.Cipher.getInstance(DashoA12275)
        at SimpleService.<clinit>(SimpleService.java:24)
        at java.lang.Class.forName0(Native Method)
        at java.lang.Class.forName(Class.java:242)
        at
org.apache.ws.java2wsdl.SchemaGenerator.<init>(SchemaGenerator.java:7
0)
        at
org.apache.axis2.deployment.util.Utils.fillAxisService(Utils.java:209
)
        at
org.apache.axis2.deployment.ServiceBuilder.populateService(ServiceBui
lder.java:149)
        at
org.apache.axis2.deployment.repository.util.ArchiveReader.buildServic
eGroup(ArchiveReader.java:76)
        at
org.apache.axis2.deployment.repository.util.ArchiveReader.processServ
iceGroup(ArchiveReader.java:118)
        at
org.apache.axis2.deployment.DeploymentEngine.doDeploy(DeploymentEngin
e.java:620)
        at
org.apache.axis2.deployment.repository.util.WSInfoList.update(WSInfoL
ist.java:195)
        at
org.apache.axis2.deployment.RepositoryListener.update(RepositoryListe
ner.java:207)
        at
org.apache.axis2.deployment.RepositoryListener.checkServices(Reposito
ryListener.java:155)
        at
org.apache.axis2.deployment.DeploymentEngine.loadServices(DeploymentE
ngine.java:91)
        at
org.apache.axis2.deployment.WarBasedAxisConfigurator.loadServices(War
BasedAxisConfigurator.java:133)
        at
org.apache.axis2.context.ConfigurationContextFactory.createConfigurat
ionContext(ConfigurationContextFactory.java:42)
        at
org.apache.axis2.transport.http.AxisServlet.initConfigContext(AxisSer
vlet.java:213)
        at
org.apache.axis2.transport.http.AxisServlet.init(AxisServlet.java:182
)
        at
weblogic.servlet.internal.StubSecurityHelper$ServletInitAction.run(St
ubSecurityHelper.java:276)
        at
weblogic.security.acl.internal.AuthenticatedSubject.doAs(Authenticate
dSubject.java:321)
        at
weblogic.security.service.SecurityManager.runAs(SecurityManager.java:
121)
        at
weblogic.servlet.internal.StubSecurityHelper.createServlet(StubSecuri
tyHelper.java:68)
        at
weblogic.servlet.internal.StubLifecycleHelper.createOneInstance(StubL
ifecycleHelper.java:58)
        at
weblogic.servlet.internal.StubLifecycleHelper.<init>(StubLifecycleHel
per.java:48)
        at
weblogic.servlet.internal.ServletStubImpl.prepareServlet(ServletStubI
mpl.java:493)
        at
weblogic.servlet.internal.WebAppServletContext.preloadServlet(WebAppS
ervletContext.java:1688)
        at
weblogic.servlet.internal.WebAppServletContext.loadServletsOnStartup(
WebAppServletContext.java:1665)
        at
weblogic.servlet.internal.WebAppServletContext.preloadResources(WebAp
pServletContext.java:1585)
        at
weblogic.servlet.internal.WebAppServletContext.start(WebAppServletCon
text.java:2678)
        at
weblogic.servlet.internal.WebAppModule.startContexts(WebAppModule.jav
a:874)
        at
weblogic.servlet.internal.WebAppModule.start(WebAppModule.java:326)
        at
weblogic.application.internal.flow.ModuleListenerInvoker.start(Module
ListenerInvoker.java:114)
        at
weblogic.application.internal.flow.ModuleStateDriver$3.next(ModuleSta
teDriver.java:204)
        at
weblogic.application.utils.StateMachineDriver.nextState(StateMachineD
river.java:26)
        at
weblogic.application.internal.flow.ModuleStateDriver.start(ModuleStat
eDriver.java:60)
        at
weblogic.application.internal.flow.StartModulesFlow.activate(StartMod
ulesFlow.java:25)
        at
weblogic.application.internal.BaseDeployment$2.next(BaseDeployment.ja
va:640)
        at
weblogic.application.utils.StateMachineDriver.nextState(StateMachineD
river.java:26)
        at
weblogic.application.internal.BaseDeployment.activate(BaseDeployment.
java:252)
        at
weblogic.application.internal.DeploymentStateChecker.activate(Deploym
entStateChecker.java:154)
        at
weblogic.deploy.internal.targetserver.AppContainerInvoker.activate(Ap
pContainerInvoker.java:80)
        at
weblogic.deploy.internal.targetserver.BasicDeployment.activate(BasicD
eployment.java:176)
        at
weblogic.deploy.internal.targetserver.BasicDeployment.activateFromSer
verLifecycle(BasicDeployment.java:347)
        at
weblogic.management.deploy.internal.DeploymentAdapter$1.activate(Depl
oymentAdapter.java:50)
        at
weblogic.management.deploy.internal.AppTransition$2.transitionApp(App
Transition.java:30)
        at
weblogic.management.deploy.internal.ConfiguredDeployments.transitionA
pps(ConfiguredDeployments.java:232)
        at
weblogic.management.deploy.internal.ConfiguredDeployments.activate(Co
nfiguredDeployments.java:168)
        at
weblogic.management.deploy.internal.ConfiguredDeployments.deploy(Conf
iguredDeployments.java:122)
        at
weblogic.management.deploy.internal.DeploymentServerService.resume(De
ploymentServerService.java:173)
        at
weblogic.management.deploy.internal.DeploymentServerService.start(Dep
loymentServerService.java:89)
        at weblogic.t3.srvr.SubsystemRequest.run(SubsystemRequest.java:64)
        at
weblogic.work.ServerWorkManagerImpl$WorkAdapterImpl.run(ServerWorkMan
agerImpl.java:518)
        at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
        at weblogic.work.ExecuteThread.run(ExecuteThread.java:179)
Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
        at javax.crypto.SunJCE_b.<clinit>(DashoA12275)
        ... 54 more
Caused by: java.security.PrivilegedActionException:
java.security.InvalidKeyExce
ption: Public key presented not for certificate signature
        at java.security.AccessController.doPrivileged(Native Method)
        ... 55 more
Caused by: java.security.InvalidKeyException: Public key presented not for
certi
ficate signature
        at
org.bouncycastle.jce.provider.X509CertificateObject.checkSignature(Un
known Source)
        at
org.bouncycastle.jce.provider.X509CertificateObject.verify(Unknown So
urce)
        at javax.crypto.SunJCE_b.c(DashoA12275)
        at javax.crypto.SunJCE_b.b(DashoA12275)
        at javax.crypto.SunJCE_q.run(DashoA12275)
        ... 56 more

<Jun 7, 2006 1:57:09 PM EDT> <Notice> <Log Management> <BEA-170027>
<The
server
initialized the domain log broadcaster successfully. Log messages will now
be br


                                                                           
             "Ruchith                                                      
             Fernando"                                                     
             <ruchith.fernando                                          To 
             @gmail.com>               axis-user@ws.apache.org             
                                                                        cc 
             06/07/2006 11:52                                              
             AM                                                    Subject 
                                       Re: [AXIS2] encryption issues       
                                       [Interesting findings]              
             Please respond to                                             
             axis-user@ws.apac                                             
                  he.org                                                   
                                                                           
                                                                           
                                                                           




Hi Anamitra,

I have the a service available here : [1]

When the service class is being loaded it will try to do create a
Cipher instance of type "RSA/NONE/PKCS1PADDING" (this is not available
in the Sun JDK bu default). Service code is here [2].

Importantly I included bcprov-jdk15-132.jar in the "lib" dir of the
service archive.

I checked this with the SimpleHTTPserver and JDK 1.5 and the service
was successfully loaded.

Please try it out.

Thanks,
Ruchith

[1] http://people.apache.org/~ruchithf/SimpleService.aar
[2] http://rafb.net/paste/results/Sgwy3r89.html

On 6/5/06, Ruchith Fernando <ruchith.fernando@gmail.com> wrote:
> Hi Anamitra,
>
> Thank you for digging into this issue and sharing your findings.
> IMHO if the classloaders worked properly the bcprov-*.jar in the "lib"
> dir of "rampart" should be picked and it should work.
>
> So it seems like we have a classloading issue with Weblogic in loading
> the libs of a module. I will send a simple test service for you to try
> with Weblogic to see whether we can load the classes properly within a
> service.
>
> Thanks,
> Ruchith
>
> On 6/5/06, Anamitra.Bhattacharyya@mro.com
> <Anamitra.Bhattacharyya@mro.com> wrote:
> > Hi Ruchith
> > thanks for your response. I did some more experiments and here are the
> > findings.
> > Firstly after ur mail I downloaded the bcprov-jdk15-133.jar - that
seemed
> > the latest. Just FYI -- Previously I was using the bcprov-jdk13-132.jar
> > with jdk 1.5.
> > I am running the server in Weblogic 9.x which runs on jdk 1.5. I
deployed
> > axis as a Webb Application there and I had the bcprov-jdk15-133.jar in
the
> > WEB-INF/lib folder. Just FYI -- I did have bcprov-jdk13-132.jar under
the
> > same folder previously.
> >
> > I ran the test again and I got the exact same error. As Weblogic
truncates
> > the error - I looked in the log and got more detailed error
> > This is the first time the client is hitting the Weblogic server .
> > java.lang.ExceptionInInitializerError
> >       at javax.crypto.Cipher.getInstance(DashoA12275)
> >       at
> >
org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityUtil.java:686)

> >       at
> >
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:116)

> >       at
> >
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:84)

> >       at
> >
org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:76)

> >       at
> >
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:269)

> >       at
> >
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:191)

> >       at
> >
org.apache.axis2.security.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:180)

> >       at
> >
org.apache.axis2.security.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:82)

> >       at org.apache.axis2.engine.Phase.invoke(Phase.java:381)
> >       at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:473)
> >       at
org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:445)
> >                 ............................................
> >       .......................................
> >
> > Strangely if I run the test client again ie the Weblogic server was NOT
> > bounced in between I get a slightly different error - but at the same
> > place:
> >
> > java.lang.NoClassDefFoundError
> >       at javax.crypto.Cipher.getInstance(DashoA12275)
> >       at
> >
org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityUtil.java:686)

> >       at
> >
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:116)

> >       at
> >
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:84)

> >       at
> >
org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:76)

> >       at
> >
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:269)

> >       at
> >
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:191)

> >       at
> >
org.apache.axis2.security.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:180)

> >       at
> >
org.apache.axis2.security.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:82)

> >       at org.apache.axis2.engine.Phase.invoke(Phase.java:381)
> >       at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:473)
> >       at
org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:445)
> >                 ............................................
> >       .......................................
> >
> > This to me indicated that I am missing some files. So I went ahead and
> > added the bcprov-jdk15-133.jar in Weblogics system classpath and that
> > started working like charm. So somehow the Web App class loader or Axis
> > Classloader is not able to load the bcprov-jdk15-133.jar!!! It seems
some
> > issue with classloaders here and not sure if Axis has its own
classloader
> > that is causing some issue? OR its a Weblogic 9.1 Classloader issue. I
am
> > attaching the whole stack trace from Weblogic log with this mail [at
the
> > top I only showed top part of it] - the first series [starting with
> > java.lang.ExceptionInInitializerError] is for the first try and then
there
> > is a 20 lines of debug and then the second try exception
> > [java.lang.NoClassDefFoundError]. But strangely if u search with the
> > "org.bouncycastle.jce.provider" u will see it in the first series of
stack
> > trace - so somebody is loading the bouncy castle!. Everything works
great
> > the moment I put that bouncy..jar in Weblogcs system classpath. But
> > strangely my signature test worked without any issue - not sure if that
> > didnt use bouncy castle or not.
> >
> >
> >
> >
> > java.lang.ExceptionInInitializerError
> >       at javax.crypto.Cipher.getInstance(DashoA12275)
> >       at
> >
org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityUtil.java:686)

> >       at
> >
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:116)

> >       at
> >
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:84)

> >       at
> >
org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:76)

> >       at
> >
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:269)

> >       at
> >
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:191)

> >       at
> >
org.apache.axis2.security.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:180)

> >       at
> >
org.apache.axis2.security.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:82)

> >       at org.apache.axis2.engine.Phase.invoke(Phase.java:381)
> >       at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:473)
> >       at
org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:445)
> >       at
> >
org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:284)

> >       at
> >
org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:136)
> >       at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
> >       at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> >       at
> >
weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:225)

> >       at
> >
weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:127)

> >       at
> >
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:272)
> >       at
> >
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:165)
> >       at
> >
weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3153)

> >       at
> >
weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)

> >       at
> >
weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
> >       at
> >
weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:1973)

> >       at
> >
weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1880)

> >       at
> >
weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1310)

> >       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
> >       at weblogic.work.ExecuteThread.run(ExecuteThread.java:179)
> > java.lang.SecurityException: Cannot set up certs for trusted CAs
> >       at javax.crypto.SunJCE_b.<clinit>(DashoA12275)
> >       at javax.crypto.Cipher.getInstance(DashoA12275)
> >       at
> >
org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityUtil.java:686)

> >       at
> >
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:116)

> >       at
> >
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:84)

> >       at
> >
org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:76)

> >       at
> >
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:269)

> >       at
> >
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:191)

> >       at
> >
org.apache.axis2.security.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:180)

> >       at
> >
org.apache.axis2.security.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:82)

> >       at org.apache.axis2.engine.Phase.invoke(Phase.java:381)
> >       at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:473)
> >       at
org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:445)
> >       at
> >
org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:284)

> >       at
> >
org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:136)
> >       at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
> >       at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> >       at
> >
weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:225)

> >       at
> >
weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:127)

> >       at
> >
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:272)
> >       at
> >
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:165)
> >       at
> >
weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3153)

> >       at
> >
weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)

> >       at
> >
weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
> >       at
> >
weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:1973)

> >       at
> >
weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1880)

> >       at
> >
weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1310)

> >       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
> >       at weblogic.work.ExecuteThread.run(ExecuteThread.java:179)
> > java.security.PrivilegedActionException:
java.security.InvalidKeyException:
> > Public key presented not for certificate signature
> >       at java.security.AccessController.doPrivileged(Native Method)
> >       at javax.crypto.SunJCE_b.<clinit>(DashoA12275)
> >       at javax.crypto.Cipher.getInstance(DashoA12275)
> >       at
> >
org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityUtil.java:686)

> >       at
> >
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:116)

> >       at
> >
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:84)

> >       at
> >
org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:76)

> >       at
> >
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:269)

> >       at
> >
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:191)

> >       at
> >
org.apache.axis2.security.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:180)

> >       at
> >
org.apache.axis2.security.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:82)

> >       at org.apache.axis2.engine.Phase.invoke(Phase.java:381)
> >       at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:473)
> >       at
org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:445)
> >       at
> >
org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:284)

> >       at
> >
org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:136)
> >       at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
> >       at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> >       at
> >
weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:225)

> >       at
> >
weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:127)

> >       at
> >
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:272)
> >       at
> >
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:165)
> >       at
> >
weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3153)

> >       at
> >
weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)

> >       at
> >
weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
> >       at
> >
weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:1973)

> >       at
> >
weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1880)

> >       at
> >
weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1310)

> >       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
> >       at weblogic.work.ExecuteThread.run(ExecuteThread.java:179)
> > java.security.InvalidKeyException: Public key presented not for
certificate
> > signature
> >       at
> >
org.bouncycastle.jce.provider.X509CertificateObject.checkSignature(Unknown
> > Source)
> >       at
org.bouncycastle.jce.provider.X509CertificateObject.verify(Unknown
> > Source)
> >       at javax.crypto.SunJCE_b.c(DashoA12275)
> >       at javax.crypto.SunJCE_b.b(DashoA12275)
> >       at javax.crypto.SunJCE_q.run(DashoA12275)
> >       at java.security.AccessController.doPrivileged(Native Method)
> >       at javax.crypto.SunJCE_b.<clinit>(DashoA12275)
> >       at javax.crypto.Cipher.getInstance(DashoA12275)
> >       at
> >
org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityUtil.java:686)

> >       at
> >
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:116)

> >       at
> >
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:84)

> >       at
> >
org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:76)

> >       at
> >
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:269)

> >       at
> >
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:191)

> >       at
> >
org.apache.axis2.security.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:180)

> >       at
> >
org.apache.axis2.security.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:82)

> >       at org.apache.axis2.engine.Phase.invoke(Phase.java:381)
> >       at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:473)
> >       at
org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:445)
> >       at
> >
org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:284)

> >       at
> >
org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:136)
> >       at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
> >       at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> >       at
> >
weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:225)

> >       at
> >
weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:127)

> >       at
> >
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:272)
> >       at
> >
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:165)
> >       at
> >
weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3153)

> >       at
> >
weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)

> >       at
> >
weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
> >       at
> >
weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:1973)

> >       at
> >
weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1880)

> >       at
> >
weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1310)

> >       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
> >       at weblogic.work.ExecuteThread.run(ExecuteThread.java:179)
> > >
> > ####<Jun 4, 2006 3:41:06 PM EDT> <Info> <ServletContext-/axis2>
<D2DFJ971>
> > <harrier> <[ACTIVE] ExecuteThread: '0' for queue:
'weblogic.kernel.Default
> > (self-tuning)'> <<anonymous>> <> <> <1149450066125>
<000000>
<JspServlet:
> > param verbose initialized to: true>
> > ####<Jun 4, 2006 3:41:06 PM EDT> <Info> <ServletContext-/axis2>
<D2DFJ971>
> > <harrier> <[ACTIVE] ExecuteThread: '0' for queue:
'weblogic.kernel.Default
> > (self-tuning)'> <<anonymous>> <> <> <1149450066125>
<000000>
<JspServlet:
> > param packagePrefix initialized to: jsp_servlet>
> > ####<Jun 4, 2006 3:41:06 PM EDT> <Info> <ServletContext-/axis2>
<D2DFJ971>
> > <harrier> <[ACTIVE] ExecuteThread: '0' for queue:
'weblogic.kernel.Default
> > (self-tuning)'> <<anonymous>> <> <> <1149450066125>
<000000>
<JspServlet:
> > param compilerclass initialized to: null>
> > ####<Jun 4, 2006 3:41:06 PM EDT> <Info> <ServletContext-/axis2>
<D2DFJ971>
> > <harrier> <[ACTIVE] ExecuteThread: '0' for queue:
'weblogic.kernel.Default
> > (self-tuning)'> <<anonymous>> <> <> <1149450066125>
<000000>
<JspServlet:
> > param compileCommand initialized to: javac>
> > ####<Jun 4, 2006 3:41:06 PM EDT> <Info> <ServletContext-/axis2>
<D2DFJ971>
> > <harrier> <[ACTIVE] ExecuteThread: '0' for queue:
'weblogic.kernel.Default
> > (self-tuning)'> <<anonymous>> <> <> <1149450066125>
<000000>
<JspServlet:
> > param compilerval initialized to: javac>
> > ####<Jun 4, 2006 3:41:06 PM EDT> <Info> <ServletContext-/axis2>
<D2DFJ971>
> > <harrier> <[ACTIVE] ExecuteThread: '0' for queue:
'weblogic.kernel.Default
> > (self-tuning)'> <<anonymous>> <> <> <1149450066125>
<000000>
<JspServlet:
> > param pageCheckSeconds initialized to: 1>
> > ####<Jun 4, 2006 3:41:06 PM EDT> <Info> <ServletContext-/axis2>
<D2DFJ971>
> > <harrier> <[ACTIVE] ExecuteThread: '0' for queue:
'weblogic.kernel.Default
> > (self-tuning)'> <<anonymous>> <> <> <1149450066125>
<000000>
<JspServlet:
> > param encoding initialized to: null>
> > ####<Jun 4, 2006 3:41:06 PM EDT> <Info> <ServletContext-/axis2>
<D2DFJ971>
> > <harrier> <[ACTIVE] ExecuteThread: '0' for queue:
'weblogic.kernel.Default
> > (self-tuning)'> <<anonymous>> <> <> <1149450066125>
<000000>
<JspServlet:
> > param superclass initialized to null>
> > ####<Jun 4, 2006 3:41:06 PM EDT> <Info> <ServletContext-/axis2>
<D2DFJ971>
> > <harrier> <[ACTIVE] ExecuteThread: '0' for queue:
'weblogic.kernel.Default
> > (self-tuning)'> <<anonymous>> <> <> <1149450066140>
<000000>
<JspServlet:
> > param workingDir initialized to:
> >
C:\bea9\user_projects\domains\harrierdomain\servers\harrier\tmp\_WL_user\axis2\c9hx0f>

> >
> > ####<Jun 4, 2006 3:41:06 PM EDT> <Info> <ServletContext-/axis2>
<D2DFJ971>
> > <harrier> <[ACTIVE] ExecuteThread: '0' for queue:
'weblogic.kernel.Default
> > (self-tuning)'> <<anonymous>> <> <> <1149450066140>
<000000>
<JspServlet:
> > initialization complete>
> > ####<Jun 4, 2006 3:41:31 PM EDT> <Info> <Health> <D2DFJ971>
<harrier>
> > <weblogic.GCMonitor> <<anonymous>> <> <> <1149450091687>
<BEA-310002>
<80%
> > of the total memory in the server is free>
> > ####<Jun 4, 2006 3:44:56 PM EDT> <Error> <HTTP> <D2DFJ971>
<harrier>
> > <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default
> > (self-tuning)'> <<WLS Kernel>> <> <> <1149450296640>
<BEA-101017>
> > <[weblogic.servlet.internal.WebAppServletContext@139d891 - name:
'axis2',
> > context-path: '/axis2'] Root cause of ServletException.
> > java.lang.NoClassDefFoundError
> >       at javax.crypto.Cipher.getInstance(DashoA12275)
> >       at
> >
org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityUtil.java:686)

> >       at
> >
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:116)

> >       at
> >
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:84)

> >       at
> >
org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:76)

> >       at
> >
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:269)

> >       at
> >
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:191)

> >       at
> >
org.apache.axis2.security.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:180)

> >       at
> >
org.apache.axis2.security.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:82)

> >       at org.apache.axis2.engine.Phase.invoke(Phase.java:381)
> >       at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:473)
> >       at
org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:445)
> >       at
> >
org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:284)

> >       at
> >
org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:136)
> >       at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
> >       at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> >       at
> >
weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:225)

> >       at
> >
weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:127)

> >       at
> >
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:272)
> >       at
> >
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:165)
> >       at
> >
weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3153)

> >       at
> >
weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)

> >       at
> >
weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
> >       at
> >
weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:1973)

> >       at
> >
weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1880)

> >       at
> >
weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1310)

> >       at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
> >       at weblogic.work.ExecuteThread.run(ExecuteThread.java:179)
> > >
> >
> > Any clue whats going on.
> >
> > thanks
> > Anamitra
> >
> >
> >
> >
> >
> >              "Ruchith
> >              Fernando"
> >              <ruchith.fernando
To
> >              @gmail.com>               axis-user@ws.apache.org
> >
cc
> >              06/03/2006 12:58
> >              AM
Subject
> >                                        Re: [AXIS2] encryption issues
> >
> >              Please respond to
> >              axis-user@ws.apac
> >                   he.org
> >
> >
> >
> >
> >
> >
> > Hi Anamitra,
> >
> > The problem is that you don't have the bouncycastle JCE provider set
> > at the server side and it uses the default (SUN) JCE provider.
> >
> > Where have you hosted the service? If it is Apache Tomcat please try
> > adding the bcprov-jdk15-132.jar (since you are on JDK 1.5) into the
> > lib dir of the axis2/WEB-INF directory.
> >
> > If this doesn't work please try to host the service with
> > org.apache.axis2.transport.http.SimpleHTTPServer and make sure you
> > include the bcprov-jdk15-132.jar in the classpath when you start
> > SimpleHTTPServer.
> >
> > BTW were you able to run the security sample available in the
> > axis2-1.0-std-bin distro?
> >
> >
> > Thanks,
> > Ruchith
> >
> > On 6/3/06, Anamitra.Bhattacharyya@mro.com
> > <Anamitra.Bhattacharyya@mro.com> wrote:
> > >
> > > Hi
> > > I am trying to test the Axis 2 WS Security features and I have
engaged
> > the
> > > rampart module. I have tested the signature and the usernametoken
profile
> > > so far but having issues with the Encrypt action. I have 2 key stores
one
> > > for the client and another for the server. I have added the server
public
> > > key certificate to the client store. The client is generating the
request
> > > xml file fine [as seen the tcp monitor] but the server is giving this
> > > error. I have set the java.security file provider -
> > >
security.provider.7=org.bouncycastle.jce.provider.BouncyCastleProvider.
> > > This was needed for the axis 1.2 - so hoping this still holds good.
This
> > > used to work for axis 1.2. Not sure what I am missing here. Any
pointer
> > is
> > > appreciated.
> > >
> > > thanks
> > > Anamitra
> > >
> > > java.lang.ExceptionInInitializerError
> > >         at javax.crypto.Cipher.getInstance(DashoA12275)
> > >         at
> > > org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecuri
> > > tyUtil.java:686)
> > >         at
> > > org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte
> > > dKey(EncryptedKeyProcessor.java:116)
> > >         at
> > > org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte
> > > dKey(EncryptedKeyProcessor.java:84)
> > >         at
> > > org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(En
> > > cryptedKeyProcessor.java:76)
> > >         Truncated. see log file for complete stacktrace
> > > java.lang.SecurityException: Cannot set up certs for trusted CAs
> > >         at javax.crypto.SunJCE_b.<clinit>(DashoA12275)
> > >         at javax.crypto.Cipher.getInstance(DashoA12275)
> > >         at
> > > org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecuri
> > > tyUtil.java:686)
> > >         at
> > > org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte
> > > dKey(EncryptedKeyProcessor.java:116)
> > >         at
> > > org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte
> > > dKey(EncryptedKeyProcessor.java:84)
> > >         Truncated. see log file for complete stacktrace
> > > java.security.PrivilegedActionException:
> > java.security.InvalidKeyException:
> > > Publ
> > > ic key presented not for certificate signature
> > >         at java.security.AccessController.doPrivileged(Native Method)
> > >         at javax.crypto.SunJCE_b.<clinit>(DashoA12275)
> > >         at javax.crypto.Cipher.getInstance(DashoA12275)
> > >         at
> > > org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecuri
> > > tyUtil.java:686)
> > >         at
> > > org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte
> > > dKey(EncryptedKeyProcessor.java:116)
> > >         Truncated. see log file for complete stacktrace
> > > java.security.InvalidKeyException: Public key presented not for
> > certificate
> > > sign
> > > ature
> > >         at
> > > org.bouncycastle.jce.provider.X509CertificateObject.verify(Unknown So
> > > urce)
> > >         at javax.crypto.SunJCE_b.c(DashoA12275)
> > >         at javax.crypto.SunJCE_b.b(DashoA12275)
> > >         at javax.crypto.SunJCE_q.run(DashoA12275)
> > >         at java.security.AccessController.doPrivileged(Native Method)
> > >         Truncated. see log file for complete stacktrace
> > > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> > > For additional commands, e-mail: axis-user-help@ws.apache.org
> > >
> > >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> > For additional commands, e-mail: axis-user-help@ws.apache.org
> >
> >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
> > For additional commands, e-mail: axis-user-help@ws.apache.org
> >
> >
>

---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org





---------------------------------------------------------------------
To unsubscribe, e-mail: axis-user-unsubscribe@ws.apache.org
For additional commands, e-mail: axis-user-help@ws.apache.org


Mime
View raw message