Hi Nandana,
This is the complete error stack, underneath is the policy xml file
Exception in thread "main" org.apache.axis2.AxisFault: Error in creating an
encrypted key
at
org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:70)
at org.apache.axis2.engine.Phase.invoke(Phase.java:292)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:212)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:377)
at
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:374)
at
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:211)
at
org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
at be.***.***.***.v1.****ServiceStub.consultPerson(Unknown Source)
at org.***.***.TestClient.consultPerson(TestClient.java:82)
at org.***.***.TestClient.main(TestClient.java:36)
Caused by: org.apache.rampart.RampartException: Error in creating an
encrypted key
at
org.apache.rampart.builder.BindingBuilder.getEncryptedKeyBuilder(BindingBuilder.java:219)
at
org.apache.rampart.builder.SymmetricBindingBuilder.setupEncryptedKey(SymmetricBindingBuilder.java:562)
at
org.apache.rampart.builder.SymmetricBindingBuilder.doSignBeforeEncrypt(SymmetricBindingBuilder.java:351)
at
org.apache.rampart.builder.SymmetricBindingBuilder.build(SymmetricBindingBuilder.java:80)
at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:128)
at
org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:64)
... 9 more
Caused by: org.apache.ws.security.WSSecurityException: Cannot
encrypt/decrypt data; nested exception is:
java.security.InvalidKeyException: Wrong key usage
at
org.apache.ws.security.message.WSSecEncryptedKey.prepareInternal(WSSecEncryptedKey.java:193)
at
org.apache.ws.security.message.WSSecEncryptedKey.prepare(WSSecEncryptedKey.java:167)
at
org.apache.rampart.builder.BindingBuilder.getEncryptedKeyBuilder(BindingBuilder.java:215)
... 14 more
Caused by: java.security.InvalidKeyException: Wrong key usage
at javax.crypto.Cipher.init(DashoA13*..)
at javax.crypto.Cipher.init(DashoA13*..)
at
org.apache.ws.security.message.WSSecEncryptedKey.prepareInternal(WSSecEncryptedKey.java:191)
... 16 more
This is the policy i'm using right new. this probably isn't the final policy
i need but as i said in the beginning, i'm still an the learning curve
concerning this.
<wsp:Policy wsu:Id="SecConvPolicy2"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
<wsp:ExactlyOne>
<wsp:All>
<sp:SymmetricBinding
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<wsp:Policy>
<sp:ProtectionToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
<wsp:Policy>
<sp:RequireDerivedKeys/>
<sp:RequireThumbprintReference/>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:ProtectionToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128Rsa15/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:SignedParts>
<sp:Body/>
</sp:SignedParts>
<sp:EncryptedParts>
</sp:EncryptedParts>
<sp:Layout>
<wsp:Policy>
<sp:Lax/>
</wsp:Policy>
</sp:Layout>
</wsp:Policy>
</sp:SymmetricBinding>
<ramp:RampartConfig
xmlns:ramp="http://ws.apache.org/rampart/policy";>
<ramp:user>****</ramp:user>
<ramp:encryptionUser>*****</ramp:encryptionUser>
<ramp:passwordCallbackClass>org.admb.kbows.PWCallBackHandler</ramp:passwordCallbackClass>
<ramp:signatureCrypto>
<ramp:crypto
provider="org.apache.ws.security.components.crypto.Merlin">
<ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
<ramp:property
name="org.apache.ws.security.crypto.merlin.file">client.jks</ramp:property>
<ramp:property
name="org.apache.ws.security.crypto.merlin.keystore.password">****</ramp:property>
</ramp:crypto>
</ramp:signatureCrypto>
</ramp:RampartConfig>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
tnx for looking at this!
cheers
thomas
Nunny wrote:
>
> Hi Thomas,
>
>> from the certificate authority doesn't allow use for encryption, i get a
>> "java.security.InvalidKeyException: Wrong key usage" - exception.
>> So, is there a possibility to use a protectionToken without automatically
>> loading an encryption key?
>
> Can you post the complete stack trace of the above mentioned exception
> so that we can see what is really happening. Can please post the complete
> policy you are using including the rampart config information. ( replace
> usernames,
> passwords with dummy values).
>
> Will fix the JIRA about Signature Token soon.
>
> thanks,
> nandana
>
> http://nandana83.blogspot.com/
> http://nandanasm.wordpress.com/
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
--
View this message in context:
http://www.nabble.com/Apache-rampart-without-encryption--%3E-nullpointerException-tp15408083p15427080.html
Sent from the Axis - User mailing list archive at Nabble.com.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
