I still think the issue is boncycastle not being picked up as the JCE provider. Please check
http://issues.apache.org/jira/browse/WSS-99 http://issues.apache.org/jira/browse/WSS-82 thanks, nandana On Fri, Jun 27, 2008 at 8:05 PM, Tim Williams <[EMAIL PROTECTED]> wrote: > On Fri, Jun 27, 2008 at 9:48 AM, Tim Williams <[EMAIL PROTECTED]> > wrote: > > On Fri, Jun 27, 2008 at 7:53 AM, Tim Williams <[EMAIL PROTECTED]> > wrote: > >> So I've essentially taken Rampart sample6 and split it across three > >> machines with my own web service instead of SimpleService. Here's > >> what happens: > >> > >> 1) client makes Mex request to Service : Service responds. > >> > >> 2) Client makes token request to STS - STS responds > >> > >> 3) Client attempts to make the actual call the Service. > >> > >> Service then responds with "axisFault: Missing wsse:Security header in > request" > >> > >> The server logs show something different: > >> > >> ERROR org.apache.ws.security.components.crypto.CryptoFactory - > >> Unable to instantiate (1): > >> org.apache.ws.security.components.crypto.Merlin > >> java.lang.reflect.InvocationTargetException > >> > >> So, I checked and made sure I had BouncyCastle jar in lib directory. > >> I check that security provider is updated (though I haven't a clue why > >> i'm doing this). And, now, I've run out of things to check. i'd > >> appreciate any help. > > > > This one turned out to be a keystore problem. Need to always double > > check their locations! Anyway, so I've gotten a bit further and now > > get another exception. > > > > 2008-06-27 09:39:20,915 [http-8080-1] ERROR > > org.apache.axis2.transport.http.AxisServlet - > > java.lang.NoClassDefFoundError > > at javax.crypto.Cipher.getInstance(DashoA12275) > > > > Google turns up several references to this problem and they all lead > > back to the bouncy castle/java.security thing. I have double checked > > that. One thing about my environment is that it's Solaris, and the > > apps are being run from different zones. I made the java.security > > change in the global zone and when I log into each zone it seems the > > settings are indeed there. The thing is, the STS (also in a zone) is > > having no trouble issuing/signing tokens and it's under the same > > configuration. I'll keep poking around but would greatly appreciate > > any pointers. > > It turns out the exception is what i get after the first failed call > after a restart. I halt/boot the zone and attempt it and I get the > exception below. After the initial exception, subsequent calls give > me the NoClassDefFoundError as I describe above. > > > java.lang.ExceptionInInitializerError > at javax.crypto.Cipher.getInstance(DashoA12275) > at > org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityUtil.java:677) > ... > at java.lang.Thread.run(Thread.java:595) > Caused by: java.lang.SecurityException: Cannot set up certs for trusted CAs > at javax.crypto.SunJCE_b.<clinit>(DashoA12275) > ... 29 more > Caused by: java.security.PrivilegedActionException: > java.security.InvalidKeyException: Public key presented not for > certificate signature > at java.security.AccessController.doPrivileged(Native Method) > ... 30 more > Caused by: java.security.InvalidKeyException: Public key presented not > for certificate signature > ... > at javax.crypto.SunJCE_r.run(DashoA12275) > > Any clues? > Thanks, > --tim > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > >