cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: Original Exception was org.apache.wss4j.common.ext.WSSecurityException: Cannot find key for alias: [devstore]
Date Thu, 18 Jan 2018 10:42:31 GMT
The problem here is that you have specified an "Encryption" action as well,
but you have not specified any encryption properties file. So WSS4J can't
find the key to use to encrypt the message.

I would take a step back a bit first. The stacktrace you gave earlier in
this thread (" Sign before encryption failed due to ...") indicates that
there is a security policy in place. Can you confirm if there is as
security policy in the WSDL of the service you are invoking? If so then you
configure security differently than you are currently doing. To explain,
there are two ways of configuring WS-Security in CXF. One is when you have
no security policy, then you have to explicitly tell CXF what to do (sign
this message part, add a Timestamp, encrypt this other part, etc.),
basically like you've been doing above.

The second way is if you have a WS-SecurityPolicy fragment attached to the
service which can tell CXF what to do to secure the message. All you need
in this case is to configure CXF with the user + signature/encryption
properties files. See here:
http://cxf.apache.org/docs/ws-securitypolicy.html

So the first step is to figure out which approach you need to use.

Colm.

On Thu, Jan 18, 2018 at 8:18 AM, Al Grant <bigal.nz@gmail.com> wrote:

> After fixing the cert/key issue I have changed my interceptor props from:
>
>         Map<String, Object> outProps = new HashMap<>();
>         outProps.put(WSHandlerConstants.ACTION,
>                 WSHandlerConstants.TIMESTAMP + " " +
>                 WSHandlerConstants.SIGNATURE + " " +
>                 WSHandlerConstants.ENCRYPT);
>         outProps.put(WSHandlerConstants.USER, "signingonly");
>         outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
> ClientCallbackHandler.class.getName());
>         outProps.put(WSHandlerConstants.SIG_PROP_FILE,
> "client_sign.properties");
>
>         org.apache.cxf.endpoint.Client client =
> org.apache.cxf.frontend.ClientProxy.getClient(irsiService);
>         org.apache.cxf.endpoint.Endpoint cxfEndpoint =
> client.getEndpoint();
>         WSS4JInInterceptor wss4jin = new WSS4JInInterceptor(outProps);
>         WSS4JOutInterceptor wss4jout = new WSS4JOutInterceptor(outProps);
>
>         cxfEndpoint.getOutInterceptors().add(wss4jout);
>         cxfEndpoint.getInInterceptors().add(wss4jin);
>
>         response = iisrService.setEpisode(request);
>
>         System.out.println(response.isSuccess());
>         System.out.println("Sent");
>
> I am closer now - the stack trace now is:
>
> WARNING: Interceptor for
> {urn:rsi.govt.au/schema/common}RSIService#{urn:rsi.
> govt.au/schema/common}SetSale
> has thrown exception, unwinding now
> java.lang.NullPointerException
>         at org.apache.wss4j.dom.message.WSSecEncrypt.prepare(
> WSSecEncrypt.java:137)
>         at org.apache.wss4j.dom.message.WSSecEncrypt.build(
> WSSecEncrypt.java:170)
>         at
> org.apache.wss4j.dom.action.EncryptionAction.execute(
> EncryptionAction.java:126)
>         at
> org.apache.wss4j.dom.handler.WSHandler.doSenderAction(WSHandler.java:238)
>         at
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$100(
> WSS4JOutInterceptor.java:55)
>         at
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$
> WSS4JOutInterceptorInternal.handleMessageInternal(
> WSS4JOutInterceptor.java:264)
>         at
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$
> WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:136)
>         at
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$
> WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:123)
>         at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(
> PhaseInterceptorChain.java:308)
>         at org.apache.cxf.endpoint.ClientImpl.doInvoke(
> ClientImpl.java:516)
>         at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
>         at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
>         at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
>         at org.apache.cxf.frontend.ClientProxy.invokeSync(
> ClientProxy.java:96)
>         at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(
> JaxWsClientProxy.java:139)
>         at com.sun.proxy.$Proxy39.setEpisode(Unknown Source)
>         at com.CmsExport.createEpisode(CmsExport.java:116)
>         at com.JFrameTest.writefiletoDB(JFrameTest.java:180)
>         at com.JFrameTest$FileWorkerThread.run(JFrameTest.java:994)
>
> Exception in thread "Thread-2" javax.xml.ws.soap.SOAPFaultException: Fault
> string, and possibly fault code, not set
>         at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(
> JaxWsClientProxy.java:161)
>         at com.sun.proxy.$Proxy39.setSale(Unknown Source)
>         at com.CmsExport.createSale(CmsExport.java:116)
>         at com.JFrameTest.writefiletoDB(JFrameTest.java:180)
>         at com.JFrameTest$FileWorkerThread.run(JFrameTest.java:994)
> Caused by: java.lang.NullPointerException
>         at org.apache.wss4j.dom.message.WSSecEncrypt.prepare(
> WSSecEncrypt.java:137)
>         at org.apache.wss4j.dom.message.WSSecEncrypt.build(
> WSSecEncrypt.java:170)
>         at
> org.apache.wss4j.dom.action.EncryptionAction.execute(
> EncryptionAction.java:126)
>         at
> org.apache.wss4j.dom.handler.WSHandler.doSenderAction(WSHandler.java:238)
>         at
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$100(
> WSS4JOutInterceptor.java:55)
>         at
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$
> WSS4JOutInterceptorInternal.handleMessageInternal(
> WSS4JOutInterceptor.java:264)
>         at
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$
> WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:136)
>         at
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$
> WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:123)
>         at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(
> PhaseInterceptorChain.java:308)
>         at org.apache.cxf.endpoint.ClientImpl.doInvoke(
> ClientImpl.java:516)
>         at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
>         at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
>         at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
>         at org.apache.cxf.frontend.ClientProxy.invokeSync(
> ClientProxy.java:96)
>         at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(
> JaxWsClientProxy.java:139)
>
> Any clues as to what this Intercepter/Null Pointer might be caused by?
>
>
>
> --
> Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message