On Thu, Dec 24, 2009 at 7:56 PM, ManoCR <[email protected]> wrote: > > Hi, > > I am using axis2-1.4.1, rampart-1.4, Java JDK6-1.6 and trying out > policy-samples one by one in my own programs but I am unable to go beyond > example 2. I keep getting this exception " > org.apache.ws.security.WSSecurityException: An unsupported signature or > encryption algorithm was used (unsupported key transport encryption)...". I > have looked everywhere on the net and followed every remedy that's been > cited for this problem but to no avail. I still get the error. > > I dont know if I really need the BouncyCastle.jar (bcprov-jdk16-144.jar) > but > I still did download and installed it in ${AXIS2_HOME}/lib folder, > downloaded the 2 JCE jar files (US_export_policy.jar & local_policy.jar) > and > then updated the java.security file with the following line > "security.provider.5=org.bouncycastle.jce.provider.BouncyCastleProvider" >
I think you don't have to do this. it is enough to replace the existing US_export_policy.jar & local_policy.jar with the jars comes with the JCE jar files. Amila. > > It might be some silly thing i am missing. If anybody can help me figure > out > the problem, I'd appreciate it > > Thanks in advance, > MCR > > [java] [INFO] Deploying module: addressing-1.41 - > file:/D:/axis2-1.4.1/repo > sitory/modules/addressing-1.41.mar > [java] [INFO] Deploying module: metadataExchange-1.41 - > file:/D:/axis2-1.4. > 1/repository/modules/mex-1.41.mar > [java] [INFO] Deploying module: ping-1.41 - > file:/D:/axis2-1.4.1/repository > /modules/ping-1.41.mar > [java] [INFO] Deploying module: rahas-1.4 - > file:/D:/axis2-1.4.1/repository > /modules/rahas-1.4.mar > [java] [INFO] Deploying module: rampart-1.4 - > file:/D:/axis2-1.4.1/reposito > ry/modules/rampart-1.4.mar > [java] [INFO] Deploying module: script-1.41 - > file:/D:/axis2-1.4.1/reposito > ry/modules/scripting-1.41.mar > [java] [INFO] Deploying module: smtpfault - > file:/D:/axis2-1.4.1/repository > /modules/smtpfault.mar > [java] [INFO] Deploying module: soapmonitor-1.41 - > file:/D:/axis2-1.4.1/rep > ository/modules/soapmonitor-1.41.mar > [java] [INFO] Deploying module: metadataExchange - > file:/D:/axis2-1.4.1/lib > /mex-1.4.1.jar > [java] [INFO] Deploying Web service: version.aar - > file:/D:/axis2-1.4.1/rep > ository/services/version.aar > [java] PWCBHandler Callback .... > [java] CLIENT :: PWCBHandler Callback .... modesto > [java] org.apache.axis2.AxisFault: Error during encryption > [java] at > org.apache.rampart.handler.RampartSender.invoke(RampartSender > .java:70) > [java] at org.apache.axis2.engine.Phase.invoke(Phase.java:317) > [java] at > org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264 > ) > [java] at > org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:429) > [java] at > org.apache.axis2.description.OutInAxisOperationClient.send(Ou > tInAxisOperation.java:401) > [java] at > org.apache.axis2.description.OutInAxisOperationClient.execute > Impl(OutInAxisOperation.java:228) > [java] at > org.apache.axis2.client.OperationClient.execute(OperationClie > nt.java:163) > [java] at > org.apache.axis2.client.ServiceClient.sendRobust(ServiceClien > t.java:474) > [java] at > org.apache.axis2.client.ServiceClient.sendRobust(ServiceClien > t.java:454) > [java] at com.jem.ws.cc.client.CCClient.main(Unknown Source) > [java] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native > Method) > [java] at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcces > sorImpl.java:39) > [java] at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMet > hodAccessorImpl.java:25) > [java] at java.lang.reflect.Method.invoke(Method.java:597) > [java] at > org.apache.tools.ant.taskdefs.ExecuteJava.run(ExecuteJava.jav > a:217) > [java] at > org.apache.tools.ant.taskdefs.ExecuteJava.execute(ExecuteJava > .java:152) > [java] at org.apache.tools.ant.taskdefs.Java.run(Java.java:764) > [java] at > org.apache.tools.ant.taskdefs.Java.executeJava(Java.java:218) > > [java] at > org.apache.tools.ant.taskdefs.Java.executeJava(Java.java:132) > > [java] at org.apache.tools.ant.taskdefs.Java.execute(Java.java:105) > [java] at > org.apache.tools.ant.UnknownElement.execute(UnknownElement.ja > va:288) > [java] at sun.reflect.NativeMethodAccessorImpl.invoke0(Native > Method) > [java] at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAcces > sorImpl.java:39) > [java] at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMet > hodAccessorImpl.java:25) > [java] at java.lang.reflect.Method.invoke(Method.java:597) > [java] at > org.apache.tools.ant.dispatch.DispatchUtils.execute(DispatchU > tils.java:106) > [java] at org.apache.tools.ant.Task.perform(Task.java:348) > [java] at org.apache.tools.ant.Target.execute(Target.java:357) > [java] at org.apache.tools.ant.Target.performTasks(Target.java:385) > [java] at > org.apache.tools.ant.Project.executeSortedTargets(Project.jav > a:1337) > [java] at > org.apache.tools.ant.Project.executeTarget(Project.java:1306) > > [java] at > org.apache.tools.ant.helper.DefaultExecutor.executeTargets(De > faultExecutor.java:41) > [java] at > org.apache.tools.ant.Project.executeTargets(Project.java:1189 > ) > [java] at org.apache.tools.ant.Main.runBuild(Main.java:758) > [java] at org.apache.tools.ant.Main.startAnt(Main.java:217) > [java] at > org.apache.tools.ant.launch.Launcher.run(Launcher.java:257) > [java] at > org.apache.tools.ant.launch.Launcher.main(Launcher.java:104) > [java] Caused by: org.apache.rampart.RampartException: Error during > encrypt > ion > [java] at > org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBef > oreEncrypt(AsymmetricBindingBuilder.java:544) > [java] at > org.apache.rampart.builder.AsymmetricBindingBuilder.build(Asy > mmetricBindingBuilder.java:93) > [java] at > org.apache.rampart.MessageBuilder.build(MessageBuilder.java:1 > 47) > [java] at > org.apache.rampart.handler.RampartSender.invoke(RampartSender > .java:64) > [java] ... 36 more > [java] Caused by: org.apache.ws.security.WSSecurityException: An > unsupporte > d signature or encryption algorithm was used (unsupported key transport > encrypti > on algorithm: No such algorithm: http://www.w3.org/2001/04/xmlenc#rsa-1_5) > [java] at > org.apache.ws.security.util.WSSecurityUtil.getCipherInstance( > WSSecurityUtil.java:689) > [java] at > org.apache.ws.security.message.WSSecEncryptedKey.prepareInter > nal(WSSecEncryptedKey.java:195) > [java] at > org.apache.ws.security.message.WSSecEncrypt.prepare(WSSecEncr > ypt.java:260) > [java] at > org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBef > oreEncrypt(AsymmetricBindingBuilder.java:510) > [java] ... 39 more > > Here's my policy file : > > <wsp:Policy wsu:Id="UTOverTransport" > xmlns:wsu=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd > " > xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";> > <wsp:ExactlyOne> > <wsp:All> > > <sp:AsymmetricBinding > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> > <wsp:Policy> > <sp:InitiatorToken> > <wsp:Policy> > > <sp:X509Token > sp:IncludeToken=" > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient > "> > > <wsp:Policy> > > <sp:RequireThumbprintReference/> > > <sp:WssX509V3Token10/> > > </wsp:Policy> > > </sp:X509Token> > </wsp:Policy> > </sp:InitiatorToken> > <sp:RecipientToken> > <wsp:Policy> > > <sp:X509Token > sp:IncludeToken=" > http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";> > > <wsp:Policy> > > <sp:RequireThumbprintReference/> > > <sp:WssX509V3Token10/> > > </wsp:Policy> > > </sp:X509Token> > </wsp:Policy> > </sp:RecipientToken> > <sp:AlgorithmSuite> > <wsp:Policy> > > <sp:TripleDesRsa15/> > </wsp:Policy> > </sp:AlgorithmSuite> > <sp:Layout> > <wsp:Policy> > <sp:Strict/> > </wsp:Policy> > </sp:Layout> > <sp:IncludeTimestamp/> > > <sp:OnlySignEntireHeadersAndBody/> > </wsp:Policy> > </sp:AsymmetricBinding> > > <sp:Wss10 > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> > <wsp:Policy> > <sp:MustSupportRefKeyIdentifier/> > <sp:MustSupportRefIssuerSerial/> > </wsp:Policy> > </sp:Wss10> > > <sp:SignedParts > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> > <sp:Body/> > </sp:SignedParts> > <sp:EncryptedParts > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> > <sp:Body/> > </sp:EncryptedParts> > > <ramp:RampartConfig xmlns:ramp=" > http://ws.apache.org/rampart/policy";> > <ramp:user>modesto</ramp:user> > > <ramp:encryptionUser>jem</ramp:encryptionUser> > > > <ramp:passwordCallbackClass>com.jem.ws.cc.client.PWCBHandler</ramp:passwordCallbackClass> > <ramp:signatureCrypto> > <ramp:crypto > provider="org.apache.ws.security.components.crypto.Merlin"> > <ramp:property > > name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property> > <ramp:property > > name="org.apache.ws.security.crypto.merlin.file">/JEM_CERTS-1024/modesto.jks</ramp:property> > <ramp:property > > name="org.apache.ws.security.crypto.merlin.keystore.password">modestopwd</ramp:property> > </ramp:crypto> > </ramp:signatureCrypto> > <ramp:encryptionCrypto> > <ramp:crypto > provider="org.apache.ws.security.components.crypto.Merlin"> > <ramp:property > > name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property> > <ramp:property > > name="org.apache.ws.security.crypto.merlin.file">/JEM_CERTS-1024/modesto.jks</ramp:property> > <ramp:property > > name="org.apache.ws.security.crypto.merlin.keystore.password">modestopwd</ramp:property> > </ramp:crypto> > </ramp:encryptionCrypto> > </ramp:RampartConfig> > > </wsp:All> > </wsp:ExactlyOne> > </wsp:Policy> > > > > -- > View this message in context: > http://old.nabble.com/encryption-exception-tp26914366p26914366.html > Sent from the Axis - User mailing list archive at Nabble.com. > > -- Amila Suriarachchi WSO2 Inc. blog: http://amilachinthaka.blogspot.com/
