cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Juan Pablo Pizarro <juanpablo.piza...@gmail.com>
Subject Re: No signature username found.
Date Thu, 09 Dec 2010 23:40:16 GMT
Hello Freeman,

Thanks for your advice, I'll check it out. I've the merlin line into the
properties file and I play with the alias name (I show the aliases in my
keystore and play with the alias names).

I'll check the example.

Thanks!


2010/12/9 Freeman Fang <freeman.fang@gmail.com>

> Hi,
>
> We actually have a ws_security/sign_enc example shipped with kit which
> should exactly match your scenario, you may need check that example to see
> the difference with your code and figure out why your code doesn't work.
> And my other comment inline.
>
> On 2010-12-10, at 上午4:27, Juan Pablo Pizarro wrote:
>
>  Hello everybody, I'm trying to use X509 certificate to sign/encrypt a
>> request. I have JDK6 (of Oracle/Sun), Eclipse helios, LInux Ubuntu 9.4 and
>> CXF 2.4 SNAPSHOT.
>>
>> My config is:
>>
>>           SpringBusFactory bf = new SpringBusFactory();
>>           URL busFile = Client.class.getResource("wssec.xml");
>>           Bus bus = bf.createBus(busFile.toString());
>>           SpringBusFactory.setDefaultBus(bus);
>>
>>           Map<String,Object> outProps = new HashMap<String,Object>();
>>           outProps.put("action", "Timestamp Signature Encrypt");
>>           outProps.put("user", "DNAWSSCliente");
>>           outProps.put("signaturePropFile", "Client_Sign.properties");
>>           outProps.put("signatureKeyIdentifier", "DirectReference");
>>           outProps.put("passwordCallbackClass",
>> com.casa.wss.demo.UTPasswordCallback.class.getName());
>>           outProps.put("signatureParts", "{Element}{
>>
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd%7DTimestamp%3B%7BElement%7D%7Bhttp://schemas.xmlsoap.org/soap/envelope/%7DBody>
>> ");
>>           outProps.put("encryptionPropFile", "Client_Sign.properties");
>>           outProps.put("encryptionUser", "DNAWSSCliente");
>>           outProps.put("signatureUser", "DNAWSS");
>>           outProps.put("encryptionParts", "{Element}{
>>
>> http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body<http://www.w3.org/2000/09/xmldsig#%7DSignature%3B%7BContent%7D%7Bhttp://schemas.xmlsoap.org/soap/envelope/%7DBody>
>> ");
>>           outProps.put("encryptionSymAlgorithm", "
>> http://www.w3.org/2001/04/xmlenc#tripledes-cbc");
>>           outProps.put("encryptionKeyTransportAlgorithm", "
>> http://www.w3.org/2001/04/xmlenc#rsa-1_5");
>>           WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
>> //request
>>           bus.getInInterceptors().add(wssOut);
>>           bus.getInInterceptors().add(new SAAJOutInterceptor());
>>
>>           Map<String,Object> inProps= new HashMap<String,Object>();
>>           inProps.put("action", "Timestamp Signature Encrypt");
>>           inProps.put("signaturePropFile", "Client_Sign.properties");
>>           inProps.put("passwordCallbackClass",
>> com.casa.wss.demo.UTPasswordCallback.class.getName());
>>           inProps.put("decryptionPropFile", "Client_Sign.properties");
>>           WSS4JInInterceptor wssIn = new WSS4JInInterceptor(inProps);
>> //response
>>           bus.getInInterceptors().add(wssIn);
>>           bus.getInInterceptors().add(new SAAJInInterceptor());
>>
>> The signature parts are not the correct, but the error is previus (in
>> other
>> test I put the correct parts).
>>
>> My properties file:
>>
> I think here you miss
>
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
>
>
>
>> org.apache.ws.security.crypto.merlin.keystore.type=JKS
>> org.apache.ws.security.crypto.merlin.keystore.password=dnawsscliente2
>> org.apache.ws.security.crypto.merlin.keystore.alias=dnawss
>>
>
> and how about change to
> org.apache.ws.security.crypto.merlin.keystore.alias= DNAWSSCliente
>
> Freeman
>
>
>  org.apache.ws.security.crypto.merlin.file=DNAWSSCliente.jks
>>
>> The public and private key is into the same file.
>>
>> I google and up to now, i didn't found a solution.
>>
>> And the error:
>>
>> log4j:WARN No appenders could be found for logger
>> (org.apache.cxf.bus.spring.BusApplicationContext).
>> log4j:WARN Please initialize the log4j system properly.
>> Dec 9, 2010 5:51:39 PM org.apache.cxf.bus.spring.BusApplicationContext
>> getConfigResources
>> INFO: Loaded configuration file
>>
>> file:/home/jpp/JAVA/workspace/pruebaDNA8/build/classes/com/casa/wss/demo/wssec.xml.
>> Dec 9, 2010 5:55:39 PM
>> org.apache.cxf.service.factory.ReflectionServiceFactoryBean
>> buildServiceFromWSDL
>> INFO: Creating Service {http://tempuri.org/}MenStock<http://tempuri.org/%7DMenStock>from
WSDL:
>> http://wss.aduanas.gub.uy/LuciaWsSecurity/Stock.svc?wsdl
>> Dec 9, 2010 5:55:41 PM
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler
>> doSignBeforeEncrypt
>> WARNING: Sign before encryption failed due to : No signature username
>> found.
>> Dec 9, 2010 5:55:41 PM org.apache.cxf.phase.PhaseInterceptorChain
>> doDefaultLogging
>> WARNING: Interceptor for {
>> http://tempuri.org/}MenStock#{http://tempuri.org/}MensajeStock<http://tempuri.org/%7DMenStock#%7Bhttp://tempuri.org/%7DMensajeStock>has
thrown
>> exception, unwinding now
>> org.apache.cxf.interceptor.Fault: No signature username found.
>>   at
>>
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:145)
>>   at
>>
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:90)
>>   at
>>
>> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:139)
>>   at
>>
>> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:77)
>>   at
>>
>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247)
>>   at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
>>   at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
>>   at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
>>   at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
>>   at
>> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
>>   at $Proxy43.mensajeStock(Unknown Source)
>>   at com.casa.wss.demo.Client.main(Client.java:177)
>> Caused by: org.apache.cxf.ws.policy.PolicyException: No signature username
>> found.
>>   at
>>
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:283)
>>   at
>>
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.getSignatureBuider(AbstractBindingBuilder.java:1349)
>>   at
>>
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignature(AsymmetricBindingHandler.java:395)
>>   at
>>
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:107)
>>   ... 11 more
>> javax.xml.ws.soap.SOAPFaultException: No signature username found.
>>   at
>> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:146)
>>   at $Proxy43.mensajeStock(Unknown Source)
>>   at com.casa.wss.demo.Client.main(Client.java:177)
>> Caused by: org.apache.cxf.ws.policy.PolicyException: No signature username
>> found.
>>   at
>>
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:283)
>>   at
>>
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.getSignatureBuider(AbstractBindingBuilder.java:1349)
>>   at
>>
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignature(AsymmetricBindingHandler.java:395)
>>   at
>>
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:107)
>>   at
>>
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:90)
>>   at
>>
>> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:139)
>>   at
>>
>> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:77)
>>   at
>>
>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247)
>>   at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
>>   at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
>>   at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
>>   at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
>>   at
>> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
>>   ... 2 more
>>
>
>
> --
> Freeman Fang
>
> ------------------------
>
> FuseSource: http://fusesource.com
> blog: http://freemanfang.blogspot.com
> twitter: http://twitter.com/freemanfang
> Apache Servicemix:http://servicemix.apache.org
> Apache Cxf: http://cxf.apache.org
> Apache Karaf: http://karaf.apache.org
> Apache Felix: http://felix.apache.org
>
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message