On Sat, Jan 16, 2010 at 10:53 AM, Thilina Mahesh Buddhika <[email protected] > wrote:
> Hi, > > I was able to reproduce the exact error. This happens because of an old > version of WSS4J present in the classpath. In the maven project, it has an > indirect dependency to wss4j-1.5.4-*, but it should be wss4j-1.5.7-wso2v2. > > Manually replacing the older version with the latest version will fix the > issue. But this has to be fixed at the Carbon level. > Can you fix for 2.0.3? Samisa... > > Thanks. > /thilina > > On Sat, Jan 16, 2010 at 8:08 AM, Amila Suriarachchi <[email protected]>wrote: > >> Then I tried with the 6th scenario with the same procedure. >> >> This time server side works well. but got this exception at the client >> side. >> >> Jan 16, 2010 8:05:50 AM org.apache.xml.security.signature.Reference verify >> INFO: Verification successful for URI "#Id-412537538" >> Jan 16, 2010 8:05:50 AM org.apache.xml.security.signature.Reference verify >> INFO: Verification successful for URI "#Timestamp-1" >> Jan 16, 2010 8:05:50 AM org.apache.xml.security.signature.Reference verify >> INFO: Verification successful for URI "#SigConf-2" >> Exception in thread "main" java.lang.NoSuchMethodError: >> org.apache.ws.security.WSDataRef.getAlgo()Ljava/lang/String; >> at >> org.apache.rampart.PolicyBasedResultsValidator.validateEncryptionAlgorithm(PolicyBasedResultsValidator.java:874) >> at >> org.apache.rampart.PolicyBasedResultsValidator.validateEncryptedParts(PolicyBasedResultsValidator.java:407) >> at >> org.apache.rampart.PolicyBasedResultsValidator.validate(PolicyBasedResultsValidator.java:119) >> at org.apache.rampart.RampartEngine.process(RampartEngine.java:255) >> >> at >> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92) >> at org.apache.axis2.engine.Phase.invoke(Phase.java:318) >> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:256) >> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:165) >> at >> org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:364) >> at >> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:417) >> at >> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229) >> at >> org.apache.axis2.client.OperationClient.execute(OperationClient.java:165) >> at >> org.wso2.www.types.HelloServiceStub.greet(HelloServiceStub.java:190) >> at org.wso2.www.types.TestStub.testStub(TestStub.java:44) >> at org.wso2.www.types.TestStub.main(TestStub.java:58) >> >> Amila. >> >> >> On Fri, Jan 15, 2010 at 7:44 PM, Thilina Mahesh Buddhika < >> [email protected]> wrote: >> >>> Hi Amila, >>> >>> I will try the sample code you have given. >>> >>> Thanks. >>> /thilina >>> >>> >>> On Fri, Jan 15, 2010 at 7:42 PM, Amila Suriarachchi <[email protected]>wrote: >>> >>>> >>>> >>>> On Fri, Jan 15, 2010 at 5:15 PM, Charitha Kankanamge <[email protected] >>>> > wrote: >>>> >>>>> We usually test all 16 security scenarios through the selenium test >>>>> framework and all were successful in WSAS-3.1.2 release. However we do not >>>>> use code generated client in there. >>>> >>>> >>>> if you have a time please have a look with method I have given. I think >>>> that is the most likely path any new comer would follow. >>>> >>>> Amila. >>>> >>>> >>>>> We set the client side policy using >>>>> opts.setProperty(RampartMessageData.KEY_RAMPART_POLICY, >>>>> loadPolicy("client-policy-path"-policy.xml")); >>>>> >>>>> Regards >>>>> Charitha >>>>> >>>>> Charitha Kankanamge >>>>> WSO2 Inc. >>>>> http://wso2.org >>>>> email: [email protected] >>>>> cell: +94 718 359 265 >>>>> blog: http://charithaka.blogspot.com >>>>> >>>>> >>>>> On Fri, Jan 15, 2010 at 4:41 PM, Amila Suriarachchi <[email protected]>wrote: >>>>> >>>>>> hi, >>>>>> >>>>>> I tried to this in order to create a secure service. >>>>>> >>>>>> 1. Start the WSO2wsas 3.1.2 and goto HelloService. >>>>>> 2. Then enable security using Admin console and selet the 'Sign and >>>>>> encrypt - X509 Authentication' (5 th case) >>>>>> 3. Click on the Generate Client and generate the code with adb. >>>>>> 4. Geneate the maven project with the generated pom.xml >>>>>> >>>>>> Invoke the service with the following client code. >>>>>> >>>>>> try { >>>>>> HelloServiceStub stub = new HelloServiceStub(" >>>>>> http://127.0.0.1:8088/services/HelloService.HelloServiceHttpSoap11Endpoint/ >>>>>> "); >>>>>> stub._getServiceClient().engageModule("rampart"); >>>>>> StAXOMBuilder builder = new >>>>>> StAXOMBuilder("conf/policy.xml"); >>>>>> Policy policy = >>>>>> PolicyEngine.getPolicy(builder.getDocumentElement()); >>>>>> >>>>>> stub._getServiceClient().getAxisService().getPolicySubject().attachPolicy(policy); >>>>>> stub.greet("hellow"); >>>>>> } catch (AxisFault axisFault) { >>>>>> axisFault.printStackTrace(); >>>>>> } catch (java.rmi.RemoteException e) { >>>>>> e.printStackTrace(); >>>>>> } catch (XMLStreamException e) { >>>>>> e.printStackTrace(); >>>>>> } catch (FileNotFoundException e) { >>>>>> e.printStackTrace(); >>>>>> } >>>>>> >>>>>> Policy.xml contains following. I added the rampart mar to classpath. >>>>>> >>>>>> <wsp:Policy wsu:Id="SigEncr" >>>>>> xmlns:wsu=" >>>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd >>>>>> " >>>>>> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"> >>>>>> <wsp:ExactlyOne> >>>>>> <wsp:All> >>>>>> <ramp:RampartConfig xmlns:ramp=" >>>>>> http://ws.apache.org/rampart/policy"> >>>>>> <ramp:user>wso2carbon</ramp:user> >>>>>> <ramp:encryptionUser>wso2carbon</ramp:encryptionUser> >>>>>> >>>>>> <ramp:passwordCallbackClass>org.wso2.www.types.PWCallbackHandler</ramp:passwordCallbackClass> >>>>>> >>>>>> <ramp:signatureCrypto> >>>>>> <ramp:crypto >>>>>> provider="org.apache.ws.security.components.crypto.Merlin"> >>>>>> <ramp:property >>>>>> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property> >>>>>> <ramp:property >>>>>> name="org.apache.ws.security.crypto.merlin.file">/home/amila/downloads/wso2wsas-3.1.2/resources/security/wso2carbon.jks</ramp:property> >>>>>> <ramp:property >>>>>> name="org.apache.ws.security.crypto.merlin.keystore.password">wso2carbon</ramp:property> >>>>>> </ramp:crypto> >>>>>> </ramp:signatureCrypto> >>>>>> <ramp:encryptionCypto> >>>>>> <ramp:crypto >>>>>> provider="org.apache.ws.security.components.crypto.Merlin"> >>>>>> <ramp:property >>>>>> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property> >>>>>> <ramp:property >>>>>> name="org.apache.ws.security.crypto.merlin.file">/home/amila/downloads/wso2wsas-3.1.2/resources/security/wso2carbon.jks</ramp:property> >>>>>> <ramp:property >>>>>> name="org.apache.ws.security.crypto.merlin.keystore.password">wso2carbon</ramp:property> >>>>>> </ramp:crypto> >>>>>> </ramp:encryptionCypto> >>>>>> </ramp:RampartConfig> >>>>>> </wsp:All> >>>>>> </wsp:ExactlyOne> >>>>>> </wsp:Policy> >>>>>> >>>>>> Callback handler class like this >>>>>> >>>>>> public class PWCallbackHandler implements CallbackHandler { >>>>>> >>>>>> public void handle(Callback[] callbacks) throws IOException, >>>>>> UnsupportedCallbackException { >>>>>> for (int i = 0; i < callbacks.length; i++) { >>>>>> WSPasswordCallback pwcb = (WSPasswordCallback) >>>>>> callbacks[i]; >>>>>> String id = pwcb.getIdentifer(); >>>>>> if ("wso2carbon".equals(id)) { >>>>>> pwcb.setPassword("wso2carbon"); >>>>>> } >>>>>> } >>>>>> } >>>>>> } >>>>>> >>>>>> Then I am getting following error at the server side. >>>>>> >>>>>> aused by: org.apache.ws.security.WSSecurityException: An unsupported >>>>>> token was provided (Token type " >>>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v1 >>>>>> ") >>>>>> at >>>>>> org.apache.ws.security.processor.SignatureProcessor.createSecurityToken(SignatureProcessor.java:594) >>>>>> at >>>>>> org.apache.ws.security.processor.SignatureProcessor.getCertificatesTokenReference(SignatureProcessor.java:558) >>>>>> at >>>>>> org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:274) >>>>>> at >>>>>> org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:99) >>>>>> at >>>>>> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:329) >>>>>> at >>>>>> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:246) >>>>>> at >>>>>> org.apache.rampart.RampartEngine.process(RampartEngine.java:154) >>>>>> at >>>>>> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92) >>>>>> >>>>>> I think this senario should work out of the box. What could be the >>>>>> problem? >>>>>> >>>>>> thanks, >>>>>> Amila. >>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Carbon-dev mailing list >>>>>> [email protected] >>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>>> >>>>>> >>>>> >>>>> _______________________________________________ >>>>> Carbon-dev mailing list >>>>> [email protected] >>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>> >>>>> >>>> >>>> _______________________________________________ >>>> Carbon-dev mailing list >>>> [email protected] >>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>> >>>> >>> >>> >>> -- >>> Thilina Mahesh Buddhika >>> >>> WSO2 Inc. ; http://wso2.com >>> http://blog.thilinamb.com >>> >>> _______________________________________________ >>> Carbon-dev mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >> >> _______________________________________________ >> Carbon-dev mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >> >> > > > -- > Thilina Mahesh Buddhika > WSO2 Inc. ; http://wso2.com > http://blog.thilinamb.com > > _______________________________________________ > Carbon-dev mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > -- Samisa Abeysinghe Director, Engineering - WSO2 Inc. http://www.wso2.com/ - "lean . enterprise . middleware"
_______________________________________________ Carbon-dev mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
