axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Megadeth <calisto.s...@gmail.com>
Subject JAX-WS client and service with Rampart module for signing messages
Date Tue, 26 Jun 2012 07:45:34 GMT

Hi, 

I created java project. It is client of my jax-ws web service and I use it
for signing messages. 
I renamed rampart.mar to rampart.jar and put it into classpath of java
project (also addressing and rahas mars). I am not sure if this is correct,
but it works for me. 

In client I put this: 

String axis2xml = "C:/.../conf/client.axis2.xml"; 
System.setProperty(Constants.AXIS2_CONF, axis2xml); 
FileSystemConfigurator configurator = new FileSystemConfigurator(null,
axis2xml); 
ClientConfigurationFactory factory = new
ClientConfigurationFactory(configurator); 
MetadataFactoryRegistry.setFactory(ClientConfigurationFactory.class,
factory); 

JaxwsLibrary service = new JaxwsLibrary(); 
ESomePortType stub = service.getLibrary(); 

BindingProvider provider = (BindingProvider)stub; 

Policy policy = loadPolicy("sign-policy-client.xml"); 
provider.getRequestContext().put(RampartMessageData.KEY_RAMPART_POLICY,
policy); 

provider.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, 
"http://localhost:8080........../MyWebService"); 

I realized that I MUST set factory BEFORE creating service object. If you do
not, then Axis will not be configured properly. 
As you can see, my entire policy is in separate xml. I also put this policy
into wsdl, but I am not sure if this one (from wsdl) is used anywhere. 

Then I generate service jar: 
<jar jarfile="${service-archive-name}.jar">  
<fileset dir="${compiled-code}"/>  
</jar>  

"compiled-code" is directory where resides classes generated by wsimport. 
Then I put this into axis2.xml on the service side (I am not sure this is
correct): 

<parameter name="OutflowSecurity">  
<action>  
<items>Signature</items>  
<user>serveralias</user>  
<passwordCallbackClass>hr.bla.bla.PWServiceHandler</passwordCallbackClass>  
<signaturePropFile>crypto.properties</signaturePropFile>  
</action>  
</parameter>  

<parameter name="InflowSecurity">  
<action>  
<items>Signature</items>  
<passwordCallbackClass>hr.bla.bla.PWServiceHandler</passwordCallbackClass>  
<signaturePropFile>crypto.properties</signaturePropFile>  
</action>  
</parameter>  

Also, I put crypto.properties, My.jks and handler class into MyUtil.jar. 
Then MyUtil.jar is added to /WEB-INF/lib. 

When I start all this (WebSphere 6.1, Rational Software Developer with
TCP/IP monitoring, Axis 1.6.0 and Rampart 1.6.0; axis and rampart versions
MUST be the same) client sends signed message to web service. From the web
service side this message is validated, but when server sends
acknowledgement message something goes wrong. 
I can see from debugger that password handler (on service side) do his job,
but after that I see this (without security everything works ok): 

[2012.06.18 10:08:52:000 CEST] 0000001f ServletWrappe E SRVE0068E: Uncaught
exception thrown in one of the service methods of the servlet: AxisServlet.
Exception thrown : java.lang.NullPointerException 
at
org.apache.rampart.builder.BindingBuilder.getSignatureBuilder(BindingBuilder.java:281) 
at
org.apache.rampart.builder.BindingBuilder.getSignatureBuilder(BindingBuilder.java:255) 
at
org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:717)

at
org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:414)

at
org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricBindingBuilder.java:90)

at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:147) 
at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:65) 
at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340) 
at org.apache.axis2.engine.Phase.invoke(Phase.java:313) 
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:262) 
at org.apache.axis2.engine.AxisEngine.sendFault(AxisEngine.java:516) 
at
org.apache.axis2.transport.http.AxisServlet.handleFault(AxisServlet.java:433) 
at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:216) 
at javax.servlet.http.HttpServlet.service(HttpServlet.java:763) 
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856) 
at
com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:989) 
at
com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:501) 
at
com.ibm.ws.wswebcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:464) 
at
com.ibm.ws.webcontainer.servlet.CacheServletWrapper.handleRequest(CacheServletWrapper.java:90)

at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:744) 
at
com.ibm.ws.wswebcontainer.WebContainer.handleRequest(WebContainer.java:1455) 
at
com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:113) 
at
com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:454)

at
com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:383)

at
com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:279) 
at
com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:214)

at
com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113)

at
com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165)

at
com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217) 
at
com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161) 
at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:136) 
at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:195) 
at
com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:743) 
at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:873) 
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1469) 

I realize that above exception is because I forgot to load policy for
service. 
But where I need to put it ? 
I know that somehow I can put policy inside axis2.xml, but I don't know how.   

Using this: 

https://issues.apache.org/jira/browse/AXIS2-4611?p...em.issuetabpanels:all-tabpanel  
I tried to create aar and put policy in service.xml. 
But for that I need axis2 1.7 and rampart 1.7. (The same thing is with 1.6.0
versions). 
I can see my service from axis console, and also I can open wsdl by click on
web service link. 

After I start client TCP/IP monitor gave me: 
<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header
xmlns:wsa="http://www.w3.org/2005/08/addressing"><wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
soapenv:mustUnderstand="1"><wsu:Timestamp
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Timestamp-1"><wsu:Created>2012-06-18T14:45:29.000Z</wsu:Created><wsu:Expires>2012-06-18T14:50:29.000Z</wsu:Expires></wsu:Timestamp><wsse:BinarySecurityToken
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
wsu:Id="CertId-CFAD48F0CEE02316E613400307290001">MIICKzCCAZSgAwIBAgIET9nnZDANBgkqhkiG9w0BAQQFADBaMQswCQYDVQQGEwJIUjENMAsGA1UEChMERmluYTETMBEGA1UECxMKUHJvZ3JhbWVyaTEnMCUGA1UEAxMeZHRvbWxqZW5vdmljMS5pbnRyYW5ldC5maW5hLmhyMB4XDTEyMDYxNDEzMzAxMloXDTEzMDYxNDEzMzAxMlowWjELMAkGA1UEBhMCSFIxDTALBgNVBAoTBEZpbmExEzARBgNVBAsTClByb2dyYW1lcmkxJzAlBgNVBAMTHmR0b21samVub3ZpYzEuaW50cmFuZXQuZmluYS5ocjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAu/FWX1RIOSHaVSMHMU/debHywi5PMkKXQISeWljpZ/by4T/HEQGFB9muJDnOTdHJ8ELF0s+r1RUAF/+mG5sD3UpUZeAmyP+haSQh5weD7Aj/OUf3g8S6/Ftk5OkS4XOaVWqJwhpkTrLa9Lgk2fQLpOW2Zsk0z62Cb87/VsYy42ECAwEAATANBgkqhkiG9w0BAQQFAAOBgQAJ0+fNH8o3BPV9JgQrjdJbeObRccNT7fIR3YtMgtm/Xp6/hqMAbS/qBkNsPx4VJImc8xjXnWdDr6I0+nsxTtCmw5FIPKKkYaYWxo3r/LZy6eZwcSfAzxWGVv4S4b8lIkZqLn2iBBKNEwDPr5dDtCMj5+SfvDmRo1Kp096K7iEqHw==</wsse:BinarySecurityToken><ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-2">  
<ds:SignedInfo>  
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />  
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"
/>  
<ds:Reference URI="#Id-806760470">  
<ds:Transforms>  
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />  
</ds:Transforms>  
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />  
<dsigestValue>PZ7Tv3Iei2t9trchNcReIWIPqdg=</dsigestValue>  
</ds:Reference>  
<ds:Reference URI="#Timestamp-1">  
<ds:Transforms>  
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" />  
</ds:Transforms>  
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" />  
<dsigestValue>dW1lWCZA1zJ+aKHv7k6oIE7VcDE=</dsigestValue>  
</ds:Reference>  
</ds:SignedInfo>  
<ds:SignatureValue>  
Vw2alx+bvcoUqhtYKeYfNm4LEi6P1PBqJs2vDu9mzN4VghsLiYXQsADaK2S+izxNLIy+FwVuXn/z 
DI7tyPqZtZW6GXUGfl8fSJvDbxtcX7SWu8mQwzQGuK9gBQRLMkqEvB3Gh/YuNpD8htiU1jFM4jBw 
yhgIQco07s1R5B+yK5U= 
</ds:SignatureValue>  
<ds:KeyInfo Id="KeyId-CFAD48F0CEE02316E613400307290002">  
<wsse:SecurityTokenReference
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="STRId-CFAD48F0CEE02316E613400307290003"><wsse:Reference
URI="#CertId-CFAD48F0CEE02316E613400307290001"
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"
/></wsse:SecurityTokenReference>  
</ds:KeyInfo>  
</ds:Signature></wsse:Security><wsa:Action>http://www.w3.org/2005/08/addressing/soap/fault</wsa:Action><wsa:RelatesTo>urn:uuid:4a9625ed-87b6-4238-8fc8-2589f578edd9</wsa:RelatesTo></soapenv:Header><soapenv:Body
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="Id-806760470"><soapenv:Fault><faultcode>soapenv:Server</faultcode><faultstring>java.lang.RuntimeException:
The service class cannot be found for this 
AxisService.</faultstring><detail
/></soapenv:Fault></soapenv:Body></soapenv:Envelope>  

I suppose that rampart now runs but without Axis doing web service method
call. 
Probably Axis can't find service class. Also debugger won't debug this class
in Eclipse. 

This is error from axis log:
Exception in thread "main" javax.xml.ws.soap.SOAPFaultException:
java.lang.RuntimeException: The service class cannot be found for this
AxisService.
	at
org.apache.axis2.jaxws.marshaller.impl.alt.MethodMarshallerUtils.createSystemException(MethodMarshallerUtils.java:1326)
	at
org.apache.axis2.jaxws.marshaller.impl.alt.MethodMarshallerUtils.demarshalFaultResponse(MethodMarshallerUtils.java:1052)
	at
org.apache.axis2.jaxws.marshaller.impl.alt.DocLitBareMethodMarshaller.demarshalFaultResponse(DocLitBareMethodMarshaller.java:415)
	at
org.apache.axis2.jaxws.client.proxy.JAXWSProxyHandler.getFaultResponse(JAXWSProxyHandler.java:577)
	at
org.apache.axis2.jaxws.client.proxy.JAXWSProxyHandler.createResponse(JAXWSProxyHandler.java:520)
	at
org.apache.axis2.jaxws.client.proxy.JAXWSProxyHandler.invokeSEIMethod(JAXWSProxyHandler.java:386)
	at
org.apache.axis2.jaxws.client.proxy.JAXWSProxyHandler.invoke(JAXWSProxyHandler.java:171)
	at $Proxy28.sendOutgoingInvoice(Unknown Source)
	at
hr.fina.jaxws.invoicesStatusesService.client.WebServiceClient.main(WebServiceClient.java:92)

Do I need to comment some of this features in axis2.xml ? 
    
    <deployer extension=".class" directory="pojo"
class="org.apache.axis2.deployment.POJODeployer"/>
    <deployer extension=".jar" directory="servicejars" 
              class="org.apache.axis2.jaxws.framework.JAXWSDeployer"/>
    <deployer extension=".jar" directory="transports" 
              class="org.apache.axis2.deployment.TransportDeployer"/>

I read on web that this is some problem between axis2 engine, jdk 1.6 and
Websphere 6.1.
What to do next ?

Please, help me. 

Thanks.
-- 
View this message in context: http://old.nabble.com/JAX-WS-client-and-service-with-Rampart-module-for-signing-messages-tp34070987p34070987.html
Sent from the Axis - User mailing list archive at Nabble.com.


---------------------------------------------------------------------
To unsubscribe, e-mail: java-user-unsubscribe@axis.apache.org
For additional commands, e-mail: java-user-help@axis.apache.org


Mime
View raw message