RE: Rampart: Encryption - Alias is null

Thu, 09 Jul 2009 14:37:21 -0700 

possibly a WSS4j Configuration issue
first you will need to the consistent use of the same Provider for server and 
client e.g.
 protected WSSConfig() 
 {
        org.apache.xml.security.Init.init();
        /*
         * The last provider added has precedence, that is if JuiCE can be add
         * then WSS4J uses this provider.
         */
        addJceProvider("BC",
                "org.bouncycastle.jce.provider.BouncyCastleProvider");
//this is usually sufficient to make it the provider du jour
  }

also you would need to tell WSS4J Security Encryption to either 
encrypt.setAlias(NonNullValidAlias)
OR
setUseThisCert(encCert);
e.g.

Utils.trace(this.getClass(), "WSS Encrypting SOAP Envelope");
WSSecEncrypt encrypt = new WSSecEncrypt();
encrypt.setEncCanonicalization(encCanonAlgo);
encrypt.setKeyEncAlgo(encKeyAlgo);
encrypt.setSymmetricEncAlgorithm(encSymAlgo);
if (encCert != null) 
{
   Utils.trace(this.getClass(), "Encrypting with Configuration provided 
Certificate");
   encrypt.setUseThisCert(encCert);
} 
else 
{
   Utils.trace(this.getClass(), "Encrypting with Keystore provided 
Certificate");
   encrypt.setUserInfo(encryptAlias);
}
 if (!signalMessage) {
      encrypt.setParts(getEncryptionParts(pMode, event));
    } else {
     encrypt.setParts(getSignalParts());
   }
 
encrypt.prepare(doc, crypto);
encrypt.prependToHeader(secHeader);
 
doc = encrypt.build(doc, crypto, secHeader);
 
Utils.trace(this.getClass(), "WSS Encrypted SOAP Envelope");

http://osdir.com/ml/wss4j-dev-ws.apache.org/2009-02/msg00043.html

Mit Freundlichen Gruben
Martin Gainty
______________________________________________ 
Verzicht und Vertraulichkeitanmerkung
 
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger 
sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung 
oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem 
Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. 
Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung 
fuer den Inhalt uebernehmen.





> Date: Thu, 9 Jul 2009 12:49:31 -0700
> From: [email protected]
> To: [email protected]
> Subject: Re: Rampart: Encryption - Alias is null
> 
> 
> I am also having this problem. Can someone please respond?
> 
> Thanks,
> 
> Josh
> 
> 
> Berner, Nicolas wrote:
> > 
> > Hi!
> > 
> >  
> > 
> > My Client ist trying to decrypt an encrypted message. It doesn´t work
> > because the result of (PasswordCallbackHandler) pc.getIdentifier() is
> > null. You can see this in the stacktrace.
> > 
> >  
> > 
> > org.apache.axis2.AxisFault: WSDoAllReceiver: security processing failed
> > 
> >       at
> > org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:214)
> > 
> >       at
> > org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:86)
> > 
> >       at
> > org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72)
> > 
> >       at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
> > 
> >       at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
> > 
> >       at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163)
> > 
> >       at
> > org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:363)
> > 
> >       at
> > org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:416)
> > 
> >       at
> > org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228)
> > 
> >       at
> > org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
> > 
> >       at
> > test.flex.client.FlexSimpleStub.getStudent(FlexSimpleStub.java:202)
> > 
> >       at test.flex.client.ServiceClient.holeStudent(ServiceClient.java:65)
> > 
> >       at test.flex.client.ServiceClient.main(ServiceClient.java:20)
> > 
> > Caused by: org.apache.ws.security.WSSecurityException: The signature or
> > decryption was invalid; nested exception is: 
> > 
> >       java.lang.Exception: alias is null
> > 
> >       at
> > org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:292)
> > 
> >       at
> > org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:92)
> > 
> >       at
> > org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:80)
> > 
> >       at
> > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:311)
> > 
> >       at
> > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:228)
> > 
> >       at
> > org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:211)
> > 
> >       ... 12 more
> > 
> > Caused by: java.lang.Exception: alias is null
> > 
> >       at
> > org.apache.ws.security.components.crypto.CryptoBase.getPrivateKey(CryptoBase.java:137)
> > 
> >       at
> > org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:290)
> > 
> >       ... 17 more
> > 
> >  
> > 
> >  
> > 
> > I can´t find anything in the Internet. Does anybody know what the problem
> > is?
> > 
> > Here is the configuration for Rampart: (I´m using Axis1.41 with Rampart
> > 1.4)
> > 
> > ---------------------------
> > 
> > For the client:
> > 
> >          <parameter name="InflowSecurity">
> > 
> >       <action>
> > 
> >         <items>Encrypt</items>
> > 
> >         <decryptionPropFile>client.properties</decryptionPropFile>
> > 
> >        
> > <passwordCallbackClass>test.flex.client.ClientPWCallback</passwordCallbackClass>
> > 
> >       </action>
> > 
> >     </parameter>
> > 
> > And the service:
> > 
> >     <parameter name="OutflowSecurity">
> > 
> >         <action>
> > 
> >             <items>Encrypt</items>
> > 
> >             <encryptionUser>client</encryptionUser>
> > 
> >             <encryptionPropFile>crypto.properties</encryptionPropFile>
> > 
> >         </action>
> > 
> >     </parameter>
> > 
> > ------------------------------
> > 
> >  
> > 
> > Best regards,
> > Nicolas Berner
> > 
> > 
> > Secaron AG
> > Ludwigstr. 45 
> > 85399 Hallbergmoos
> > Tel. +49 811 9594 - 170
> > 
> > Fax +49 811 9594 - 220
> > __________________________________
> >  
> > Secaron AG, Hallbergmoos - Amtsgericht München - HRB130366
> > Aufsichtsratsvorsitzender: Jochen Speek - Vorstand: Michael Spreng
> > (Vorsitzender), Herbert Pröll
> > 
> >  
> > 
> > 
> > 
> 
> -- 
> View this message in context: 
> http://www.nabble.com/Rampart%3A-Encryption---Alias-is-null-tp21414315p24416686.html
> Sent from the Axis - User mailing list archive at Nabble.com.
> 

_________________________________________________________________
Insert movie times and more without leaving Hotmail®. 
http://windowslive.com/Tutorial/Hotmail/QuickAdd?ocid=TXT_TAGLM_WL_HM_Tutorial_QuickAdd_062009

Reply via email to