cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From David Zhang <zhng...@hotmail.com>
Subject Symmetric Binding
Date Mon, 21 Mar 2011 15:25:06 GMT

Hello,

 

i am new to using apache cxf. I want to secure a web service with symmetric binding, but i
always run into an error.

Maybe i did a mistake when configuring the service. Can anybody help me?

 

I have a self-signed certificate for the server and i have the public key on the client side.

 

I generated the client with CXF wsdl2java tool. And it seems to work fine. The client sends
a request to the server. I can watch the request on a tcp/ip monitor.

There is the ws security header with a binary security token and the soap body is obviously
encrypted.

 

On the server side the message even gets decrypted. I know this, because the service implementation
is called with correct parameters.

 

The problem occurs when the response should be sent. I get a null pointer when a key should
be copied into the response:

 

Caused by: java.lang.NullPointerException
at com.sun.org.apache.xerces.internal.dom.CoreDocumentImpl.importNode(CoreDocumentImpl.java:1532)
[:1.6.0_24]
at com.sun.org.apache.xerces.internal.dom.CoreDocumentImpl.importNode(CoreDocumentImpl.java:1498)
[:1.6.0_24]
at com.sun.xml.internal.messaging.saaj.soap.SOAPDocumentImpl.importNode(SOAPDocumentImpl.java:146)
[:1.6.0_24]
at org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.cloneElement(AbstractBindingBuilder.java:538)
[:2.3.3]
at org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:306)
[:2.3.3]
... 36 more

 

With a debugger i observed that in this method a variable sigTok is not null, but sigTok.getTok
returns null.

 

Can somebody help me with this problem, please?

 

Here is my security policy:

 

<?xml version="1.0" encoding="UTF-8"?>
<wsp:Policy xmlns:wsp="http://www.w3.org/ns/ws-policy" xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<sp:SymmetricBinding>
<wsp:Policy>
<sp:ProtectionToken>
<wsp:Policy>
<sp:X509Token IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Always">
<wsp:Policy>
<sp:RequireDerivedKeys/>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:ProtectionToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128Rsa15/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
</wsp:Policy>
</sp:SymmetricBinding>
<sp:EncryptedParts>
<sp:Body/>
</sp:EncryptedParts>
</wsp:Policy>

 

 
 		 	   		  
Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message