I will be more than happy to test that. Just FYI - I engaged rampart in the
global level [ie axis2.xml] and not per service [ie not in service.xml].
Also I have canged the axis2.xml.path and the axis2.repository.path in the
web.xml to point to a folder in my drive. I have the modules under
C:\axis2\myrepository\modules.
<init-param>
<param-name>axis2.xml.path</param-name>
<param-value>C:\axis2\myrepository\axis2.xml</param-value>
</init-param>
<init-param>
<param-name>axis2.repository.path</param-name>
<param-value>C:\axis2\myrepository</param-value>
</init-param>
thanks
Anamitra
"Ruchith
Fernando"
<ruchith.fernando To
@gmail.com> [email protected]
cc
06/04/2006 11:43
PM Subject
Re: [AXIS2] encryption issues
[Interesting findings]
Please respond to
[EMAIL PROTECTED]
he.org
Hi Anamitra,
Thank you for digging into this issue and sharing your findings.
IMHO if the classloaders worked properly the bcprov-*.jar in the "lib"
dir of "rampart" should be picked and it should work.
So it seems like we have a classloading issue with Weblogic in loading
the libs of a module. I will send a simple test service for you to try
with Weblogic to see whether we can load the classes properly within a
service.
Thanks,
Ruchith
On 6/5/06, [EMAIL PROTECTED]
<[EMAIL PROTECTED]> wrote:
> Hi Ruchith
> thanks for your response. I did some more experiments and here are the
> findings.
> Firstly after ur mail I downloaded the bcprov-jdk15-133.jar - that seemed
> the latest. Just FYI -- Previously I was using the bcprov-jdk13-132.jar
> with jdk 1.5.
> I am running the server in Weblogic 9.x which runs on jdk 1.5. I deployed
> axis as a Webb Application there and I had the bcprov-jdk15-133.jar in
the
> WEB-INF/lib folder. Just FYI -- I did have bcprov-jdk13-132.jar under the
> same folder previously.
>
> I ran the test again and I got the exact same error. As Weblogic
truncates
> the error - I looked in the log and got more detailed error
> This is the first time the client is hitting the Weblogic server .
> java.lang.ExceptionInInitializerError
> at javax.crypto.Cipher.getInstance(DashoA12275)
> at
>
org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityUtil.java:686)
> at
>
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:116)
> at
>
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:84)
> at
>
org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:76)
> at
>
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:269)
> at
>
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:191)
> at
>
org.apache.axis2.security.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:180)
> at
>
org.apache.axis2.security.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:82)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:381)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:473)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:445)
> ............................................
> .......................................
>
> Strangely if I run the test client again ie the Weblogic server was NOT
> bounced in between I get a slightly different error - but at the same
> place:
>
> java.lang.NoClassDefFoundError
> at javax.crypto.Cipher.getInstance(DashoA12275)
> at
>
org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityUtil.java:686)
> at
>
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:116)
> at
>
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:84)
> at
>
org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:76)
> at
>
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:269)
> at
>
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:191)
> at
>
org.apache.axis2.security.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:180)
> at
>
org.apache.axis2.security.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:82)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:381)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:473)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:445)
> ............................................
> .......................................
>
> This to me indicated that I am missing some files. So I went ahead and
> added the bcprov-jdk15-133.jar in Weblogics system classpath and that
> started working like charm. So somehow the Web App class loader or Axis
> Classloader is not able to load the bcprov-jdk15-133.jar!!! It seems some
> issue with classloaders here and not sure if Axis has its own classloader
> that is causing some issue? OR its a Weblogic 9.1 Classloader issue. I am
> attaching the whole stack trace from Weblogic log with this mail [at the
> top I only showed top part of it] - the first series [starting with
> java.lang.ExceptionInInitializerError] is for the first try and then
there
> is a 20 lines of debug and then the second try exception
> [java.lang.NoClassDefFoundError]. But strangely if u search with the
> "org.bouncycastle.jce.provider" u will see it in the first series of
stack
> trace - so somebody is loading the bouncy castle!. Everything works great
> the moment I put that bouncy..jar in Weblogcs system classpath. But
> strangely my signature test worked without any issue - not sure if that
> didnt use bouncy castle or not.
>
>
>
>
> java.lang.ExceptionInInitializerError
> at javax.crypto.Cipher.getInstance(DashoA12275)
> at
>
org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityUtil.java:686)
> at
>
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:116)
> at
>
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:84)
> at
>
org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:76)
> at
>
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:269)
> at
>
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:191)
> at
>
org.apache.axis2.security.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:180)
> at
>
org.apache.axis2.security.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:82)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:381)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:473)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:445)
> at
>
org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:284)
> at
> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:136)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> at
>
weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:225)
> at
>
weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:127)
> at
>
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:272)
> at
>
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:165)
> at
>
weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3153)
> at
>
weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
> at
> weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
> at
>
weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:1973)
> at
>
weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1880)
> at
>
weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1310)
> at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
> at weblogic.work.ExecuteThread.run(ExecuteThread.java:179)
> java.lang.SecurityException: Cannot set up certs for trusted CAs
> at javax.crypto.SunJCE_b.<clinit>(DashoA12275)
> at javax.crypto.Cipher.getInstance(DashoA12275)
> at
>
org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityUtil.java:686)
> at
>
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:116)
> at
>
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:84)
> at
>
org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:76)
> at
>
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:269)
> at
>
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:191)
> at
>
org.apache.axis2.security.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:180)
> at
>
org.apache.axis2.security.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:82)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:381)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:473)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:445)
> at
>
org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:284)
> at
> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:136)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> at
>
weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:225)
> at
>
weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:127)
> at
>
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:272)
> at
>
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:165)
> at
>
weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3153)
> at
>
weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
> at
> weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
> at
>
weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:1973)
> at
>
weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1880)
> at
>
weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1310)
> at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
> at weblogic.work.ExecuteThread.run(ExecuteThread.java:179)
> java.security.PrivilegedActionException:
java.security.InvalidKeyException:
> Public key presented not for certificate signature
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.crypto.SunJCE_b.<clinit>(DashoA12275)
> at javax.crypto.Cipher.getInstance(DashoA12275)
> at
>
org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityUtil.java:686)
> at
>
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:116)
> at
>
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:84)
> at
>
org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:76)
> at
>
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:269)
> at
>
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:191)
> at
>
org.apache.axis2.security.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:180)
> at
>
org.apache.axis2.security.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:82)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:381)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:473)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:445)
> at
>
org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:284)
> at
> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:136)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> at
>
weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:225)
> at
>
weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:127)
> at
>
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:272)
> at
>
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:165)
> at
>
weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3153)
> at
>
weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
> at
> weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
> at
>
weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:1973)
> at
>
weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1880)
> at
>
weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1310)
> at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
> at weblogic.work.ExecuteThread.run(ExecuteThread.java:179)
> java.security.InvalidKeyException: Public key presented not for
certificate
> signature
> at
>
org.bouncycastle.jce.provider.X509CertificateObject.checkSignature(Unknown
> Source)
> at
org.bouncycastle.jce.provider.X509CertificateObject.verify(Unknown
> Source)
> at javax.crypto.SunJCE_b.c(DashoA12275)
> at javax.crypto.SunJCE_b.b(DashoA12275)
> at javax.crypto.SunJCE_q.run(DashoA12275)
> at java.security.AccessController.doPrivileged(Native Method)
> at javax.crypto.SunJCE_b.<clinit>(DashoA12275)
> at javax.crypto.Cipher.getInstance(DashoA12275)
> at
>
org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityUtil.java:686)
> at
>
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:116)
> at
>
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:84)
> at
>
org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:76)
> at
>
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:269)
> at
>
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:191)
> at
>
org.apache.axis2.security.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:180)
> at
>
org.apache.axis2.security.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:82)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:381)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:473)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:445)
> at
>
org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:284)
> at
> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:136)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> at
>
weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:225)
> at
>
weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:127)
> at
>
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:272)
> at
>
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:165)
> at
>
weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3153)
> at
>
weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
> at
> weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
> at
>
weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:1973)
> at
>
weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1880)
> at
>
weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1310)
> at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
> at weblogic.work.ExecuteThread.run(ExecuteThread.java:179)
> >
> ####<Jun 4, 2006 3:41:06 PM EDT> <Info> <ServletContext-/axis2>
<D2DFJ971>
> <harrier> <[ACTIVE] ExecuteThread: '0' for queue:
'weblogic.kernel.Default
> (self-tuning)'> <<anonymous>> <> <> <1149450066125> <000000> <JspServlet:
> param verbose initialized to: true>
> ####<Jun 4, 2006 3:41:06 PM EDT> <Info> <ServletContext-/axis2>
<D2DFJ971>
> <harrier> <[ACTIVE] ExecuteThread: '0' for queue:
'weblogic.kernel.Default
> (self-tuning)'> <<anonymous>> <> <> <1149450066125> <000000> <JspServlet:
> param packagePrefix initialized to: jsp_servlet>
> ####<Jun 4, 2006 3:41:06 PM EDT> <Info> <ServletContext-/axis2>
<D2DFJ971>
> <harrier> <[ACTIVE] ExecuteThread: '0' for queue:
'weblogic.kernel.Default
> (self-tuning)'> <<anonymous>> <> <> <1149450066125> <000000> <JspServlet:
> param compilerclass initialized to: null>
> ####<Jun 4, 2006 3:41:06 PM EDT> <Info> <ServletContext-/axis2>
<D2DFJ971>
> <harrier> <[ACTIVE] ExecuteThread: '0' for queue:
'weblogic.kernel.Default
> (self-tuning)'> <<anonymous>> <> <> <1149450066125> <000000> <JspServlet:
> param compileCommand initialized to: javac>
> ####<Jun 4, 2006 3:41:06 PM EDT> <Info> <ServletContext-/axis2>
<D2DFJ971>
> <harrier> <[ACTIVE] ExecuteThread: '0' for queue:
'weblogic.kernel.Default
> (self-tuning)'> <<anonymous>> <> <> <1149450066125> <000000> <JspServlet:
> param compilerval initialized to: javac>
> ####<Jun 4, 2006 3:41:06 PM EDT> <Info> <ServletContext-/axis2>
<D2DFJ971>
> <harrier> <[ACTIVE] ExecuteThread: '0' for queue:
'weblogic.kernel.Default
> (self-tuning)'> <<anonymous>> <> <> <1149450066125> <000000> <JspServlet:
> param pageCheckSeconds initialized to: 1>
> ####<Jun 4, 2006 3:41:06 PM EDT> <Info> <ServletContext-/axis2>
<D2DFJ971>
> <harrier> <[ACTIVE] ExecuteThread: '0' for queue:
'weblogic.kernel.Default
> (self-tuning)'> <<anonymous>> <> <> <1149450066125> <000000> <JspServlet:
> param encoding initialized to: null>
> ####<Jun 4, 2006 3:41:06 PM EDT> <Info> <ServletContext-/axis2>
<D2DFJ971>
> <harrier> <[ACTIVE] ExecuteThread: '0' for queue:
'weblogic.kernel.Default
> (self-tuning)'> <<anonymous>> <> <> <1149450066125> <000000> <JspServlet:
> param superclass initialized to null>
> ####<Jun 4, 2006 3:41:06 PM EDT> <Info> <ServletContext-/axis2>
<D2DFJ971>
> <harrier> <[ACTIVE] ExecuteThread: '0' for queue:
'weblogic.kernel.Default
> (self-tuning)'> <<anonymous>> <> <> <1149450066140> <000000> <JspServlet:
> param workingDir initialized to:
>
C:\bea9\user_projects\domains\harrierdomain\servers\harrier\tmp\_WL_user\axis2\c9hx0f>
>
> ####<Jun 4, 2006 3:41:06 PM EDT> <Info> <ServletContext-/axis2>
<D2DFJ971>
> <harrier> <[ACTIVE] ExecuteThread: '0' for queue:
'weblogic.kernel.Default
> (self-tuning)'> <<anonymous>> <> <> <1149450066140> <000000> <JspServlet:
> initialization complete>
> ####<Jun 4, 2006 3:41:31 PM EDT> <Info> <Health> <D2DFJ971> <harrier>
> <weblogic.GCMonitor> <<anonymous>> <> <> <1149450091687> <BEA-310002>
<80%
> of the total memory in the server is free>
> ####<Jun 4, 2006 3:44:56 PM EDT> <Error> <HTTP> <D2DFJ971> <harrier>
> <[ACTIVE] ExecuteThread: '0' for queue: 'weblogic.kernel.Default
> (self-tuning)'> <<WLS Kernel>> <> <> <1149450296640> <BEA-101017>
> <[EMAIL PROTECTED] - name: 'axis2',
> context-path: '/axis2'] Root cause of ServletException.
> java.lang.NoClassDefFoundError
> at javax.crypto.Cipher.getInstance(DashoA12275)
> at
>
org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityUtil.java:686)
> at
>
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:116)
> at
>
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:84)
> at
>
org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:76)
> at
>
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:269)
> at
>
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:191)
> at
>
org.apache.axis2.security.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:180)
> at
>
org.apache.axis2.security.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:82)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:381)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:473)
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:445)
> at
>
org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:284)
> at
> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:136)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
> at
>
weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:225)
> at
>
weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:127)
> at
>
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:272)
> at
>
weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:165)
> at
>
weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3153)
> at
>
weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
> at
> weblogic.security.service.SecurityManager.runAs(SecurityManager.java:121)
> at
>
weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:1973)
> at
>
weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:1880)
> at
>
weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1310)
> at weblogic.work.ExecuteThread.execute(ExecuteThread.java:207)
> at weblogic.work.ExecuteThread.run(ExecuteThread.java:179)
> >
>
> Any clue whats going on.
>
> thanks
> Anamitra
>
>
>
>
>
> "Ruchith
> Fernando"
> <ruchith.fernando
To
> @gmail.com> [email protected]
>
cc
> 06/03/2006 12:58
> AM
Subject
> Re: [AXIS2] encryption issues
>
> Please respond to
> [EMAIL PROTECTED]
> he.org
>
>
>
>
>
>
> Hi Anamitra,
>
> The problem is that you don't have the bouncycastle JCE provider set
> at the server side and it uses the default (SUN) JCE provider.
>
> Where have you hosted the service? If it is Apache Tomcat please try
> adding the bcprov-jdk15-132.jar (since you are on JDK 1.5) into the
> lib dir of the axis2/WEB-INF directory.
>
> If this doesn't work please try to host the service with
> org.apache.axis2.transport.http.SimpleHTTPServer and make sure you
> include the bcprov-jdk15-132.jar in the classpath when you start
> SimpleHTTPServer.
>
> BTW were you able to run the security sample available in the
> axis2-1.0-std-bin distro?
>
>
> Thanks,
> Ruchith
>
> On 6/3/06, [EMAIL PROTECTED]
> <[EMAIL PROTECTED]> wrote:
> >
> > Hi
> > I am trying to test the Axis 2 WS Security features and I have engaged
> the
> > rampart module. I have tested the signature and the usernametoken
profile
> > so far but having issues with the Encrypt action. I have 2 key stores
one
> > for the client and another for the server. I have added the server
public
> > key certificate to the client store. The client is generating the
request
> > xml file fine [as seen the tcp monitor] but the server is giving this
> > error. I have set the java.security file provider -
> > security.provider.7=org.bouncycastle.jce.provider.BouncyCastleProvider.
> > This was needed for the axis 1.2 - so hoping this still holds good.
This
> > used to work for axis 1.2. Not sure what I am missing here. Any pointer
> is
> > appreciated.
> >
> > thanks
> > Anamitra
> >
> > java.lang.ExceptionInInitializerError
> > at javax.crypto.Cipher.getInstance(DashoA12275)
> > at
> > org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecuri
> > tyUtil.java:686)
> > at
> > org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte
> > dKey(EncryptedKeyProcessor.java:116)
> > at
> > org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte
> > dKey(EncryptedKeyProcessor.java:84)
> > at
> > org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(En
> > cryptedKeyProcessor.java:76)
> > Truncated. see log file for complete stacktrace
> > java.lang.SecurityException: Cannot set up certs for trusted CAs
> > at javax.crypto.SunJCE_b.<clinit>(DashoA12275)
> > at javax.crypto.Cipher.getInstance(DashoA12275)
> > at
> > org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecuri
> > tyUtil.java:686)
> > at
> > org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte
> > dKey(EncryptedKeyProcessor.java:116)
> > at
> > org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte
> > dKey(EncryptedKeyProcessor.java:84)
> > Truncated. see log file for complete stacktrace
> > java.security.PrivilegedActionException:
> java.security.InvalidKeyException:
> > Publ
> > ic key presented not for certificate signature
> > at java.security.AccessController.doPrivileged(Native Method)
> > at javax.crypto.SunJCE_b.<clinit>(DashoA12275)
> > at javax.crypto.Cipher.getInstance(DashoA12275)
> > at
> > org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecuri
> > tyUtil.java:686)
> > at
> > org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncrypte
> > dKey(EncryptedKeyProcessor.java:116)
> > Truncated. see log file for complete stacktrace
> > java.security.InvalidKeyException: Public key presented not for
> certificate
> > sign
> > ature
> > at
> > org.bouncycastle.jce.provider.X509CertificateObject.verify(Unknown So
> > urce)
> > at javax.crypto.SunJCE_b.c(DashoA12275)
> > at javax.crypto.SunJCE_b.b(DashoA12275)
> > at javax.crypto.SunJCE_q.run(DashoA12275)
> > at java.security.AccessController.doPrivileged(Native Method)
> > Truncated. see log file for complete stacktrace
> > >
> >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
