On Fri, Jun 27, 2008 at 9:48 AM, Tim Williams <[EMAIL PROTECTED]> wrote: > On Fri, Jun 27, 2008 at 7:53 AM, Tim Williams <[EMAIL PROTECTED]> wrote: >> So I've essentially taken Rampart sample6 and split it across three >> machines with my own web service instead of SimpleService. Here's >> what happens: >> >> 1) client makes Mex request to Service : Service responds. >> >> 2) Client makes token request to STS - STS responds >> >> 3) Client attempts to make the actual call the Service. >> >> Service then responds with "axisFault: Missing wsse:Security header in >> request" >> >> The server logs show something different: >> >> ERROR org.apache.ws.security.components.crypto.CryptoFactory - >> Unable to instantiate (1): >> org.apache.ws.security.components.crypto.Merlin >> java.lang.reflect.InvocationTargetException >> >> So, I checked and made sure I had BouncyCastle jar in lib directory. >> I check that security provider is updated (though I haven't a clue why >> i'm doing this). And, now, I've run out of things to check. i'd >> appreciate any help. > > This one turned out to be a keystore problem. Need to always double > check their locations! Anyway, so I've gotten a bit further and now > get another exception. > > 2008-06-27 09:39:20,915 [http-8080-1] ERROR > org.apache.axis2.transport.http.AxisServlet - > java.lang.NoClassDefFoundError > at javax.crypto.Cipher.getInstance(DashoA12275) > > Google turns up several references to this problem and they all lead > back to the bouncy castle/java.security thing. I have double checked > that. One thing about my environment is that it's Solaris, and the > apps are being run from different zones. I made the java.security > change in the global zone and when I log into each zone it seems the > settings are indeed there. The thing is, the STS (also in a zone) is > having no trouble issuing/signing tokens and it's under the same > configuration. I'll keep poking around but would greatly appreciate > any pointers.
It turns out the exception is what i get after the first failed call after a restart. I halt/boot the zone and attempt it and I get the exception below. After the initial exception, subsequent calls give me the NoClassDefFoundError as I describe above. java.lang.ExceptionInInitializerError at javax.crypto.Cipher.getInstance(DashoA12275) at org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityUtil.java:677) ... at java.lang.Thread.run(Thread.java:595) Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs at javax.crypto.SunJCE_b.<clinit>(DashoA12275) ... 29 more Caused by: java.security.PrivilegedActionException: java.security.InvalidKeyException: Public key presented not for certificate signature at java.security.AccessController.doPrivileged(Native Method) ... 30 more Caused by: java.security.InvalidKeyException: Public key presented not for certificate signature ... at javax.crypto.SunJCE_r.run(DashoA12275) Any clues? Thanks, --tim --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]