On Fri, Jun 27, 2008 at 9:48 AM, Tim Williams <[EMAIL PROTECTED]> wrote:
> On Fri, Jun 27, 2008 at 7:53 AM, Tim Williams <[EMAIL PROTECTED]> wrote:
>> So I've essentially taken Rampart sample6 and split it across three
>> machines with my own web service instead of SimpleService. Here's
>> what happens:
>>
>> 1) client makes Mex request to Service : Service responds.
>>
>> 2) Client makes token request to STS - STS responds
>>
>> 3) Client attempts to make the actual call the Service.
>>
>> Service then responds with "axisFault: Missing wsse:Security header in
>> request"
>>
>> The server logs show something different:
>>
>> ERROR org.apache.ws.security.components.crypto.CryptoFactory -
>> Unable to instantiate (1):
>> org.apache.ws.security.components.crypto.Merlin
>> java.lang.reflect.InvocationTargetException
>>
>> So, I checked and made sure I had BouncyCastle jar in lib directory.
>> I check that security provider is updated (though I haven't a clue why
>> i'm doing this). And, now, I've run out of things to check. i'd
>> appreciate any help.
>
> This one turned out to be a keystore problem. Need to always double
> check their locations! Anyway, so I've gotten a bit further and now
> get another exception.
>
> 2008-06-27 09:39:20,915 [http-8080-1] ERROR
> org.apache.axis2.transport.http.AxisServlet -
> java.lang.NoClassDefFoundError
> at javax.crypto.Cipher.getInstance(DashoA12275)
>
> Google turns up several references to this problem and they all lead
> back to the bouncy castle/java.security thing. I have double checked
> that. One thing about my environment is that it's Solaris, and the
> apps are being run from different zones. I made the java.security
> change in the global zone and when I log into each zone it seems the
> settings are indeed there. The thing is, the STS (also in a zone) is
> having no trouble issuing/signing tokens and it's under the same
> configuration. I'll keep poking around but would greatly appreciate
> any pointers.
It turns out the exception is what i get after the first failed call
after a restart. I halt/boot the zone and attempt it and I get the
exception below. After the initial exception, subsequent calls give
me the NoClassDefFoundError as I describe above.
java.lang.ExceptionInInitializerError
at javax.crypto.Cipher.getInstance(DashoA12275)
at
org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityUtil.java:677)
...
at java.lang.Thread.run(Thread.java:595)
Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs
at javax.crypto.SunJCE_b.<clinit>(DashoA12275)
... 29 more
Caused by: java.security.PrivilegedActionException:
java.security.InvalidKeyException: Public key presented not for
certificate signature
at java.security.AccessController.doPrivileged(Native Method)
... 30 more
Caused by: java.security.InvalidKeyException: Public key presented not
for certificate signature
...
at javax.crypto.SunJCE_r.run(DashoA12275)
Any clues?
Thanks,
--tim
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
