cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bschuette <bjo...@schuetteonline.de>
Subject Re: WS-SecureConversation and RequireDerivedKeys causes Exception
Date Tue, 10 Nov 2009 16:20:26 GMT

Got it,

I mixed the policy-driven configuration with my own wss4j interceptors.
Removing them and adding the proper configuration to the jaxws:client did
the trick.
Quite simple!


bschuette wrote:
> 
> Hi there,
> 
> using CXF 2.2.4, I have to implement a  client against an Axis2 server
> using the follwing policy snippet:
> 
> <sp:X509Token
> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always">
> 	<wsp:Policy>
> 	   <sp:RequireDerivedKeys/>
> 	   <sp:WssX509V3Token10 />
> 	</wsp:Policy>
> </sp:X509Token>
> 
> Security actions used are Signature and Encryption.
> 
> According the docs, I configure my client through cxf.xml using the
> createdByApi option:
> 
> <jaxws:client
> 		name="{http://com.foo/fooService}FooPort"
> 		createdFromAPI="true" wsdlLocation="wsdl/fooService.wsdl">
> ... <!-- WS-Security in- and out-interceptors -->
> 
> Calling the client, I get the following exception:
> 
> org.apache.ws.security.WSSecurityException: General security error; nested
> exception is:
>         org.apache.ws.security.conversation.ConversationException: Error
> in key derivation
>         at
> org.apache.ws.security.processor.DerivedKeyTokenProcessor.deriveKey(DerivedKeyTokenProcessor.java:117)
>         at
> org.apache.ws.security.processor.DerivedKeyTokenProcessor.handleToken(DerivedKeyTokenProcessor.java:86)
>         at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:326)
>         at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:243)
>         at
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:198)
>         at
> org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:77)
>         at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:236)
>         at
> org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:664)
>         at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:2160)
>         at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:2040)
>         at
> org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1965)
>         at
> org.apache.cxf.io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java:47)
>         at
> org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:188)
>         at
> org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
>         at
> org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:627)
>         at
> org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
>         at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:236)
>         at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:478)
>         at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:308)
>         at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:260)
>         at
> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
>         at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
>         at ...bla...
>        Caused by:
> org.apache.ws.security.conversation.ConversationException: Error in key
> derivation
>         at
> org.apache.ws.security.conversation.dkalgo.P_SHA1.createKey(P_SHA1.java:65)
>         at
> org.apache.ws.security.processor.DerivedKeyTokenProcessor.deriveKey(DerivedKeyTokenProcessor.java:114)
>         ... 24 more
> Caused by: java.lang.IllegalArgumentException: Missing argument
>         at javax.crypto.spec.SecretKeySpec.<init>(DashoA12275)
>         at
> org.apache.ws.security.conversation.dkalgo.P_SHA1.P_hash(P_SHA1.java:86)
>         at
> org.apache.ws.security.conversation.dkalgo.P_SHA1.createKey(P_SHA1.java:55)
>         ... 25 more
> 
> 
> Any hints?
> 
> 
> 

-- 
View this message in context: http://old.nabble.com/WS-SecureConversation-and-RequireDerivedKeys-causes-Exception-tp26271856p26286185.html
Sent from the cxf-user mailing list archive at Nabble.com.


Mime
View raw message