From dev-return-18381-archive-asf-public=cust-asf.ponee.io@ws.apache.org  Wed Jul 11 10:44:05 2018
Return-Path: <dev-return-18381-archive-asf-public=cust-asf.ponee.io@ws.apache.org>
X-Original-To: archive-asf-public@cust-asf.ponee.io
Delivered-To: archive-asf-public@cust-asf.ponee.io
Received: from mail.apache.org (hermes.apache.org [140.211.11.3])
	by mx-eu-01.ponee.io (Postfix) with SMTP id 7CC6F18062A
	for <archive-asf-public@cust-asf.ponee.io>; Wed, 11 Jul 2018 10:44:04 +0200 (CEST)
Received: (qmail 85142 invoked by uid 500); 11 Jul 2018 08:44:03 -0000
Mailing-List: contact dev-help@ws.apache.org; run by ezmlm
Precedence: bulk
List-Help: <mailto:dev-help@ws.apache.org>
List-Unsubscribe: <mailto:dev-unsubscribe@ws.apache.org>
List-Post: <mailto:dev@ws.apache.org>
List-Id: <dev.ws.apache.org>
Reply-To: dev@ws.apache.org
Delivered-To: mailing list dev@ws.apache.org
Received: (qmail 85131 invoked by uid 99); 11 Jul 2018 08:44:03 -0000
Received: from pnap-us-west-generic-nat.apache.org (HELO spamd2-us-west.apache.org) (209.188.14.142)
    by apache.org (qpsmtpd/0.29) with ESMTP; Wed, 11 Jul 2018 08:44:03 +0000
Received: from localhost (localhost [127.0.0.1])
	by spamd2-us-west.apache.org (ASF Mail Server at spamd2-us-west.apache.org) with ESMTP id DBE5F1A2BF5
	for <dev@ws.apache.org>; Wed, 11 Jul 2018 08:44:02 +0000 (UTC)
X-Virus-Scanned: Debian amavisd-new at spamd2-us-west.apache.org
X-Spam-Flag: NO
X-Spam-Score: -109.501
X-Spam-Level:
X-Spam-Status: No, score=-109.501 tagged_above=-999 required=6.31
	tests=[ENV_AND_HDR_SPF_MATCH=-0.5, KAM_ASCII_DIVIDERS=0.8,
	RCVD_IN_DNSWL_MED=-2.3, SPF_PASS=-0.001, USER_IN_DEF_SPF_WL=-7.5,
	USER_IN_WHITELIST=-100] autolearn=disabled
Received: from mx1-lw-eu.apache.org ([10.40.0.8])
	by localhost (spamd2-us-west.apache.org [10.40.0.9]) (amavisd-new, port 10024)
	with ESMTP id kdIhSwDr25hC for <dev@ws.apache.org>;
	Wed, 11 Jul 2018 08:44:01 +0000 (UTC)
Received: from mailrelay1-us-west.apache.org (mailrelay1-us-west.apache.org [209.188.14.139])
	by mx1-lw-eu.apache.org (ASF Mail Server at mx1-lw-eu.apache.org) with ESMTP id 25BBF5F23D
	for <dev@ws.apache.org>; Wed, 11 Jul 2018 08:44:01 +0000 (UTC)
Received: from jira-lw-us.apache.org (unknown [207.244.88.139])
	by mailrelay1-us-west.apache.org (ASF Mail Server at mailrelay1-us-west.apache.org) with ESMTP id 55645E0114
	for <dev@ws.apache.org>; Wed, 11 Jul 2018 08:44:00 +0000 (UTC)
Received: from jira-lw-us.apache.org (localhost [127.0.0.1])
	by jira-lw-us.apache.org (ASF Mail Server at jira-lw-us.apache.org) with ESMTP id 0BA3721EE2
	for <dev@ws.apache.org>; Wed, 11 Jul 2018 08:44:00 +0000 (UTC)
Date: Wed, 11 Jul 2018 08:44:00 +0000 (UTC)
From: "yagnya dutta dhal (JIRA)" <jira@apache.org>
To: dev@ws.apache.org
Message-ID: <JIRA.13170239.1530788084000.20801.1531298640045@Atlassian.JIRA>
In-Reply-To: <JIRA.13170239.1530788084000@Atlassian.JIRA>
References: <JIRA.13170239.1530788084000@Atlassian.JIRA> <JIRA.13170239.1530788084755@jira-lw-us.apache.org>
Subject: [jira] [Commented] (WSS-631) issue with wss4j  message resource
 bundle.
MIME-Version: 1.0
Content-Type: text/plain; charset=utf-8
Content-Transfer-Encoding: quoted-printable
X-JIRA-FingerPrint: 30527f35849b9dde25b450d4833f0394


    [ https://issues.apache.org/jira/browse/WSS-631?page=3Dcom.atlassian.ji=
ra.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=3D1653973=
3#comment-16539733 ]=20

yagnya dutta dhal commented on WSS-631:
---------------------------------------

Thanks, Colm!

Indeed this trick works, wondering I could do something like this at the ti=
me of deployment=C2=A0in tomcat.

> issue with wss4j  message resource bundle.
> ------------------------------------------
>
>                 Key: WSS-631
>                 URL: https://issues.apache.org/jira/browse/WSS-631
>             Project: WSS4J
>          Issue Type: Bug
>          Components: WSS4J Core
>            Reporter: yagnya dutta dhal
>            Assignee: Colm O hEigeartaigh
>            Priority: Major
>
> Hi,
> I get an exception org.apache.wss4j.common.ext.WSSecurityException: No me=
ssage with ID *"INVALID_SECURITY_TOKEN" found in resource bundle "org/apach=
e/xml/security/resource/xmlsecurity"* related to WSS4J security after upgra=
ding CXF to 3.1.5.
> Exception stack trace
> -------------------------
> org.apache.cxf.binding.soap.SoapFault: A security error was encountered w=
hen verifying the message
>  at org.apache.cxf.ws.security.wss4j.WSS4JUtils.createSoapFault(WSS4JUtil=
s.java:220)
>  at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInte=
rnal(WSS4JInInterceptor.java:329)
>  at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS=
4JInInterceptor.java:184)
>  at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handle=
Message(PolicyBasedWSS4JInInterceptor.java:79)
>  at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handle=
Message(PolicyBasedWSS4JInInterceptor.java:66)
>  at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseIntercept=
orChain.java:308)
>  at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainIniti=
ationObserver.java:121)
>  at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(Abstract=
HTTPDestination.java:253)
>  at org.apache.cxf.transport.servlet.ServletController.invokeDestination(=
ServletController.java:234)
>  at org.apache.cxf.transport.servlet.ServletController.invoke(ServletCont=
roller.java:208)
>  at org.apache.cxf.transport.servlet.ServletController.invoke(ServletCont=
roller.java:160)
>  at org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpr=
ingServlet.java:180)
>  at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(Ab=
stractHTTPServlet.java:298)
>  at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractH=
TTPServlet.java:217)
>  at javax.servlet.http.HttpServlet.service(HttpServlet.java:595)
>  at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(Abstract=
HTTPServlet.java:273)
>  at org.eclipse.jetty.servlet.ServletHolder.handle(ServletHolder.java:652=
)
>  at org.eclipse.jetty.servlet.ServletHandler.doHandle(ServletHandler.java=
:447)
>  at org.eclipse.jetty.server.handler.ContextHandler.doHandle(ContextHandl=
er.java:1038)
>  at org.eclipse.jetty.servlet.ServletHandler.doScope(ServletHandler.java:=
374)
>  at org.eclipse.jetty.server.handler.ContextHandler.doScope(ContextHandle=
r.java:972)
>  at org.eclipse.jetty.server.handler.ScopedHandler.handle(ScopedHandler.j=
ava:135)
>  at org.eclipse.jetty.server.handler.HandlerWrapper.handle(HandlerWrapper=
.java:116)
>  at org.eclipse.jetty.server.Server.handle(Server.java:363)
>  at org.eclipse.jetty.server.AbstractHttpConnection.handleRequest(Abstrac=
tHttpConnection.java:483)
>  at org.eclipse.jetty.server.AbstractHttpConnection.content(AbstractHttpC=
onnection.java:931)
>  at org.eclipse.jetty.server.AbstractHttpConnection$RequestHandler.conten=
t(AbstractHttpConnection.java:992)
>  at org.eclipse.jetty.http.HttpParser.parseNext(HttpParser.java:948)
>  at org.eclipse.jetty.http.HttpParser.parseAvailable(HttpParser.java:240)
>  at org.eclipse.jetty.server.AsyncHttpConnection.handle(AsyncHttpConnecti=
on.java:82)
>  at org.eclipse.jetty.io.nio.SelectChannelEndPoint.handle(SelectChannelEn=
dPoint.java:628)
>  at org.eclipse.jetty.io.nio.SelectChannelEndPoint$1.run(SelectChannelEnd=
Point.java:52)
>  at org.eclipse.jetty.util.thread.QueuedThreadPool.runJob(QueuedThreadPoo=
l.java:608)
>  at org.eclipse.jetty.util.thread.QueuedThreadPool$3.run(QueuedThreadPool=
.java:543)
>  at java.lang.Thread.run(Thread.java:748)
>  Caused by: org.apache.wss4j.common.ext.WSSecurityException: No message w=
ith ID *"INVALID_SECURITY_TOKEN" found in resource bundle "org/apache/xml/s=
ecurity/resource/xmlsecurity"*
>  at com.emc.healthcare.xua.validator.XuaValidator.validate(XuaValidator.j=
ava:86)
>  at org.apache.wss4j.dom.processor.SAMLTokenProcessor.handleSAMLToken(SAM=
LTokenProcessor.java:162)
>  at org.apache.wss4j.dom.processor.SAMLTokenProcessor.handleToken(SAMLTok=
enProcessor.java:89)
>  at org.apache.wss4j.dom.engine.WSSecurityEngine.processSecurityHeader(WS=
SecurityEngine.java:344)
>  at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInte=
rnal(WSS4JInInterceptor.java:280)
> _After some googling I found out that there is a solution has been discus=
sed in https://issues.apache.org/jira/browse/WSS-576, my problem is we've n=
ot initialized explicitly anywhere in our application XMLSec or WSSec, so i=
n this scenario how exactly we should resolve this issue, Any suggestion wi=
ll be greatly helpful._
> Thanks,
>  Yagnya



--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org