FW: Security

Tue, 19 Sep 2006 19:18:31 -0700

Title: FW: Security


    ______________________________________________
    From:   Donnison, Louise 
    Sent:   Wednesday, 20 September 2006 1:50 p.m.
    To:     '[email protected]'
    Subject:        Security

    Hi
    I am trying to work on an example for two levels of secuirty in the scenario of a purchase order which has credit card details.

    I wish to have the credit card details encrypted differently to the main part of the message as i wish to pass the credit card details onto another

    web service that of a creditcard checking.
    What is the best approach to accomplish this?


    I have tried initially to follow the secuirty example for having 2 actions in an outflowsecurity element
    (I am using the sec.proprties that comes with the example)
    1. However if I set the following:

    <parameter name="OutflowSecurity">    
            <action>
            <items>Signature NoSerialization</items>
            <user>alice</user>
            <passwordCallbackClass>com.eds.jcoe.webservices.security.PasswordCallbackHandler</passwordCallbackClass>
            <signaturePropFile>sec.properties</signaturePropFile>
            <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
            <encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
            <encryptionUser>bob</encryptionUser>
            <signatureParts>{Element}{http://service.webservices.jcoe.com/xsd}number</signatureParts>
            <optimizeParts>//xenc:EncryptedData/xenc:CipherData/xenc:CipherValue</optimizeParts>
         </action>
        <action>
          <items>Timestamp SignatureEncrypt</items>
          <user>bob</user>
          <passwordCallbackClass>com.eds.jcoe.webservices.security.CreditCardPasswordCallbackHandler</passwordCallbackClass>

          <encryptionUser>bob</encryptionUser>
          <signaturePropFile>sec.properties</signaturePropFile>
          <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
          <encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
          <encryptionUser>bob</encryptionUser>
          <signatureParts>{Element}{http://service.webservices.jcoe.com/xsd}shippingAddress</signatureParts>
          <optimizeParts>//xenc:EncryptedData/xenc:CipherData/xenc:CipherValue</optimizeParts>
       </action>   

    I get a null pointer exception

    2006-09-20 13:28:03,314 INFO [org.apache.axis2.deployment.DeploymentEngine] - no services directory found , new one created

    2006-09-20 13:28:03,384 INFO [org.apache.axis2.deployment.DeploymentEngine] - Deploying module : addressing-1.0
    2006-09-20 13:28:04,456 INFO [org.apache.axis2.deployment.DeploymentEngine] - Deploying module : rampart-1.0
    Error is java.lang.NullPointerException


    2. If I set:

    <parameter name="OutflowSecurity">    
            <action>
            <items>Signature Timestamp</items>
            <user>alice</user>
            <passwordCallbackClass>com.eds.jcoe.webservices.security.PasswordCallbackHandler</passwordCallbackClass>
            <signaturePropFile>sec.properties</signaturePropFile>
            <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
            <encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
            <encryptionUser>bob</encryptionUser>
            <signatureParts>{Element}{http://service.webservices.jcoe.com/xsd}number</signatureParts>
            <optimizeParts>//xenc:EncryptedData/xenc:CipherData/xenc:CipherValue</optimizeParts>
         </action>
        <action>
          <items>Timestamp Signature Encrypt</items>
          <user>bob</user>
          <passwordCallbackClass>com.eds.jcoe.webservices.security.PasswordCallbackHandler</passwordCallbackClass>
          <encryptionUser>bob</encryptionUser>
          <signaturePropFile>sec.properties</signaturePropFile>
          <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
          <encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
          <encryptionUser>bob</encryptionUser>
          <signatureParts>{Element}{http://service.webservices.jcoe.com/xsd}expiry</signatureParts>
          <optimizeParts>//xenc:EncryptedData/xenc:CipherData/xenc:CipherValue</optimizeParts>
       </action>   



    Does the Service.xml have to have 2 action elements too??


    <parameter name="InflowSecurity">
         <action>
         <items>Signature Timestamp</items>
         <passwordCallbackClass>com.jcoe.webservices.security.PasswordCallbackHandler</passwordCallbackClass>
         <signaturePropFile>sec.properties</signaturePropFile>
          </action>
          <action>
           <items>Timestamp Signature Encrypt</items>
           <passwordCallbackClass>com.jcoe.webservices.security.PasswordCallbackHandler</passwordCallbackClass>
            <signaturePropFile>sec.properties</signaturePropFile>
          </action>    
        </parameter>
       
        I get this error
       
        WSDoAllReceiver: security processing failed; nested exception is:
            org.apache.ws.security.WSSecurityException: General security error (WSSecurityEngine: No crypto propery file supplied for decryption)&#xd;

       





Reply via email to