Hi, tnx for that quick reply. i'm gonna create the jira issue.
i'm a bit stuck with the protectionToken. It does work but if i use this, rampart automatically tries to load an encryption key. The key i received from the certificate authority doesn't allow use for encryption, i get a "java.security.InvalidKeyException: Wrong key usage" - exception. I don't think the government will give us another certificate that does allow encryption. So, is there a possibility to use a protectionToken without automatically loading an encryption key? thanks in advance! cheers thomas Nunny wrote: > > Hi Thomas, > This seems a bug in Rampart. Please go on create a JIRA issue [1]. > For the moment, you can use protection token property instead of signature > token property. That would work. > > thanks, > /nandana > > [1] - http://issues.apache.org/jira/browse/Rampart > > On Feb 11, 2008 3:09 PM, thomasV <[EMAIL PROTECTED]> wrote: >> >> Hi, >> >> i'm sort of a webservices newbie and i have to build a WS-client to >> consume >> some webservices the government provided for our company. >> these webservices have ws-security enabled so i'm building the client >> using >> apache axis with the rampart module (i'm using version 1.3). >> The webservices require me to only Sign the message, and not do any >> encryption. So i try to build a policy file with a SignatureToken without >> an >> EncryptionToken. This is the snippet from my policy xml file: >> <sp:SignatureToken> >> <wsp:Policy> >> <sp:X509Token >> sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";> >> >> <wsp:Policy> >> >> <sp:RequireDerivedKeys/> >> >> <sp:RequireThumbprintReference/> >> >> <sp:WssX509V3Token10/> >> >> </wsp:Policy> >> </sp:X509Token> >> </wsp:Policy> >> </sp:SignatureToken> >> >> I attached a keystore through the rampart config part of the policy.xml. >> When I try to run the client, >> it gives me the following exception: >> Exception in thread "main" java.lang.NullPointerException >> at >> org.apache.rampart.policy.RampartPolicyBuilder.symmetricBinding(RampartPolicyBuilder.java:288) >> at >> org.apache.rampart.policy.RampartPolicyBuilder.processSymmetricPolicyBinding(RampartPolicyBuilder.java:158) >> .... >> >> The code where this goes wrong is here: >> private static void symmetricBinding(SymmetricBinding binding, >> RampartPolicyData rpd) throws WSSPolicyException { >> Assertion token = binding.getProtectionToken(); >> >> if (token != null) { >> >> rpd.setProtectionToken(((ProtectionToken)token).getProtectionToken()); >> } else { >> token = binding.getEncryptionToken(); >> Assertion token1 = binding.getSignatureToken(); >> if (token == null && token1 == null) { >> // this is an error - throw something >> } >> rpd.setEncryptionToken( >> ((EncryptionToken) token).getEncryptionToken()); >> rpd.setSignatureToken(((SignatureToken) >> token).getSignatureToken()); >> } >> } >> >> >> So, this is something i don't get: >> I only add add a signatureToken and still rampart tries to add an >> encryptionToken?! >> It looks like it is impossible to add a signature without an >> encryptionToken. >> >> Am is missing something here or is this a bug in Rampart? >> >> Any help or advice will be very much appreciated! >> >> tnx >> Thomas >> -- >> View this message in context: >> http://www.nabble.com/Apache-rampart-without-encryption--%3E-nullpointerException-tp15408083p15408083.html >> Sent from the Axis - User mailing list archive at Nabble.com. >> >> >> --------------------------------------------------------------------- >> To unsubscribe, e-mail: [EMAIL PROTECTED] >> For additional commands, e-mail: [EMAIL PROTECTED] >> >> > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > -- View this message in context: http://www.nabble.com/Apache-rampart-without-encryption--%3E-nullpointerException-tp15408083p15408888.html Sent from the Axis - User mailing list archive at Nabble.com. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
