On Sat, Jan 16, 2010 at 10:55 AM, Samisa Abeysinghe <[email protected]> wrote:
> > > On Sat, Jan 16, 2010 at 10:53 AM, Thilina Mahesh Buddhika < > [email protected]> wrote: > >> Hi, >> >> I was able to reproduce the exact error. This happens because of an old >> version of WSS4J present in the classpath. In the maven project, it has an >> indirect dependency to wss4j-1.5.4-*, but it should be wss4j-1.5.7-wso2v2. >> >> Manually replacing the older version with the latest version will fix the >> issue. But this has to be fixed at the Carbon level. >> > > Can you fix for 2.0.3? > Sure, will do. Thanks. /thilina > > Samisa... > > >> >> Thanks. >> /thilina >> >> On Sat, Jan 16, 2010 at 8:08 AM, Amila Suriarachchi <[email protected]>wrote: >> >>> Then I tried with the 6th scenario with the same procedure. >>> >>> This time server side works well. but got this exception at the client >>> side. >>> >>> Jan 16, 2010 8:05:50 AM org.apache.xml.security.signature.Reference >>> verify >>> INFO: Verification successful for URI "#Id-412537538" >>> Jan 16, 2010 8:05:50 AM org.apache.xml.security.signature.Reference >>> verify >>> INFO: Verification successful for URI "#Timestamp-1" >>> Jan 16, 2010 8:05:50 AM org.apache.xml.security.signature.Reference >>> verify >>> INFO: Verification successful for URI "#SigConf-2" >>> Exception in thread "main" java.lang.NoSuchMethodError: >>> org.apache.ws.security.WSDataRef.getAlgo()Ljava/lang/String; >>> at >>> org.apache.rampart.PolicyBasedResultsValidator.validateEncryptionAlgorithm(PolicyBasedResultsValidator.java:874) >>> at >>> org.apache.rampart.PolicyBasedResultsValidator.validateEncryptedParts(PolicyBasedResultsValidator.java:407) >>> at >>> org.apache.rampart.PolicyBasedResultsValidator.validate(PolicyBasedResultsValidator.java:119) >>> at org.apache.rampart.RampartEngine.process(RampartEngine.java:255) >>> >>> at >>> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92) >>> at org.apache.axis2.engine.Phase.invoke(Phase.java:318) >>> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:256) >>> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:165) >>> at >>> org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:364) >>> at >>> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:417) >>> at >>> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229) >>> at >>> org.apache.axis2.client.OperationClient.execute(OperationClient.java:165) >>> at >>> org.wso2.www.types.HelloServiceStub.greet(HelloServiceStub.java:190) >>> at org.wso2.www.types.TestStub.testStub(TestStub.java:44) >>> at org.wso2.www.types.TestStub.main(TestStub.java:58) >>> >>> Amila. >>> >>> >>> On Fri, Jan 15, 2010 at 7:44 PM, Thilina Mahesh Buddhika < >>> [email protected]> wrote: >>> >>>> Hi Amila, >>>> >>>> I will try the sample code you have given. >>>> >>>> Thanks. >>>> /thilina >>>> >>>> >>>> On Fri, Jan 15, 2010 at 7:42 PM, Amila Suriarachchi <[email protected]>wrote: >>>> >>>>> >>>>> >>>>> On Fri, Jan 15, 2010 at 5:15 PM, Charitha Kankanamge < >>>>> [email protected]> wrote: >>>>> >>>>>> We usually test all 16 security scenarios through the selenium test >>>>>> framework and all were successful in WSAS-3.1.2 release. However we do >>>>>> not >>>>>> use code generated client in there. >>>>> >>>>> >>>>> if you have a time please have a look with method I have given. I think >>>>> that is the most likely path any new comer would follow. >>>>> >>>>> Amila. >>>>> >>>>> >>>>>> We set the client side policy using >>>>>> opts.setProperty(RampartMessageData.KEY_RAMPART_POLICY, >>>>>> loadPolicy("client-policy-path"-policy.xml")); >>>>>> >>>>>> Regards >>>>>> Charitha >>>>>> >>>>>> Charitha Kankanamge >>>>>> WSO2 Inc. >>>>>> http://wso2.org >>>>>> email: [email protected] >>>>>> cell: +94 718 359 265 >>>>>> blog: http://charithaka.blogspot.com >>>>>> >>>>>> >>>>>> On Fri, Jan 15, 2010 at 4:41 PM, Amila Suriarachchi >>>>>> <[email protected]>wrote: >>>>>> >>>>>>> hi, >>>>>>> >>>>>>> I tried to this in order to create a secure service. >>>>>>> >>>>>>> 1. Start the WSO2wsas 3.1.2 and goto HelloService. >>>>>>> 2. Then enable security using Admin console and selet the 'Sign and >>>>>>> encrypt - X509 Authentication' (5 th case) >>>>>>> 3. Click on the Generate Client and generate the code with adb. >>>>>>> 4. Geneate the maven project with the generated pom.xml >>>>>>> >>>>>>> Invoke the service with the following client code. >>>>>>> >>>>>>> try { >>>>>>> HelloServiceStub stub = new HelloServiceStub(" >>>>>>> http://127.0.0.1:8088/services/HelloService.HelloServiceHttpSoap11Endpoint/ >>>>>>> "); >>>>>>> stub._getServiceClient().engageModule("rampart"); >>>>>>> StAXOMBuilder builder = new >>>>>>> StAXOMBuilder("conf/policy.xml"); >>>>>>> Policy policy = >>>>>>> PolicyEngine.getPolicy(builder.getDocumentElement()); >>>>>>> >>>>>>> stub._getServiceClient().getAxisService().getPolicySubject().attachPolicy(policy); >>>>>>> stub.greet("hellow"); >>>>>>> } catch (AxisFault axisFault) { >>>>>>> axisFault.printStackTrace(); >>>>>>> } catch (java.rmi.RemoteException e) { >>>>>>> e.printStackTrace(); >>>>>>> } catch (XMLStreamException e) { >>>>>>> e.printStackTrace(); >>>>>>> } catch (FileNotFoundException e) { >>>>>>> e.printStackTrace(); >>>>>>> } >>>>>>> >>>>>>> Policy.xml contains following. I added the rampart mar to classpath. >>>>>>> >>>>>>> <wsp:Policy wsu:Id="SigEncr" >>>>>>> xmlns:wsu=" >>>>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd >>>>>>> " >>>>>>> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy >>>>>>> "> >>>>>>> <wsp:ExactlyOne> >>>>>>> <wsp:All> >>>>>>> <ramp:RampartConfig xmlns:ramp=" >>>>>>> http://ws.apache.org/rampart/policy"> >>>>>>> <ramp:user>wso2carbon</ramp:user> >>>>>>> <ramp:encryptionUser>wso2carbon</ramp:encryptionUser> >>>>>>> >>>>>>> <ramp:passwordCallbackClass>org.wso2.www.types.PWCallbackHandler</ramp:passwordCallbackClass> >>>>>>> >>>>>>> <ramp:signatureCrypto> >>>>>>> <ramp:crypto >>>>>>> provider="org.apache.ws.security.components.crypto.Merlin"> >>>>>>> <ramp:property >>>>>>> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property> >>>>>>> <ramp:property >>>>>>> name="org.apache.ws.security.crypto.merlin.file">/home/amila/downloads/wso2wsas-3.1.2/resources/security/wso2carbon.jks</ramp:property> >>>>>>> <ramp:property >>>>>>> name="org.apache.ws.security.crypto.merlin.keystore.password">wso2carbon</ramp:property> >>>>>>> </ramp:crypto> >>>>>>> </ramp:signatureCrypto> >>>>>>> <ramp:encryptionCypto> >>>>>>> <ramp:crypto >>>>>>> provider="org.apache.ws.security.components.crypto.Merlin"> >>>>>>> <ramp:property >>>>>>> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property> >>>>>>> <ramp:property >>>>>>> name="org.apache.ws.security.crypto.merlin.file">/home/amila/downloads/wso2wsas-3.1.2/resources/security/wso2carbon.jks</ramp:property> >>>>>>> <ramp:property >>>>>>> name="org.apache.ws.security.crypto.merlin.keystore.password">wso2carbon</ramp:property> >>>>>>> </ramp:crypto> >>>>>>> </ramp:encryptionCypto> >>>>>>> </ramp:RampartConfig> >>>>>>> </wsp:All> >>>>>>> </wsp:ExactlyOne> >>>>>>> </wsp:Policy> >>>>>>> >>>>>>> Callback handler class like this >>>>>>> >>>>>>> public class PWCallbackHandler implements CallbackHandler { >>>>>>> >>>>>>> public void handle(Callback[] callbacks) throws IOException, >>>>>>> UnsupportedCallbackException { >>>>>>> for (int i = 0; i < callbacks.length; i++) { >>>>>>> WSPasswordCallback pwcb = (WSPasswordCallback) >>>>>>> callbacks[i]; >>>>>>> String id = pwcb.getIdentifer(); >>>>>>> if ("wso2carbon".equals(id)) { >>>>>>> pwcb.setPassword("wso2carbon"); >>>>>>> } >>>>>>> } >>>>>>> } >>>>>>> } >>>>>>> >>>>>>> Then I am getting following error at the server side. >>>>>>> >>>>>>> aused by: org.apache.ws.security.WSSecurityException: An unsupported >>>>>>> token was provided (Token type " >>>>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v1 >>>>>>> ") >>>>>>> at >>>>>>> org.apache.ws.security.processor.SignatureProcessor.createSecurityToken(SignatureProcessor.java:594) >>>>>>> at >>>>>>> org.apache.ws.security.processor.SignatureProcessor.getCertificatesTokenReference(SignatureProcessor.java:558) >>>>>>> at >>>>>>> org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:274) >>>>>>> at >>>>>>> org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:99) >>>>>>> at >>>>>>> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:329) >>>>>>> at >>>>>>> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:246) >>>>>>> at >>>>>>> org.apache.rampart.RampartEngine.process(RampartEngine.java:154) >>>>>>> at >>>>>>> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92) >>>>>>> >>>>>>> I think this senario should work out of the box. What could be the >>>>>>> problem? >>>>>>> >>>>>>> thanks, >>>>>>> Amila. >>>>>>> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Carbon-dev mailing list >>>>>>> [email protected] >>>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>>>> >>>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Carbon-dev mailing list >>>>>> [email protected] >>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>>> >>>>>> >>>>> >>>>> _______________________________________________ >>>>> Carbon-dev mailing list >>>>> [email protected] >>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>> >>>>> >>>> >>>> >>>> -- >>>> Thilina Mahesh Buddhika >>>> >>>> WSO2 Inc. ; http://wso2.com >>>> http://blog.thilinamb.com >>>> >>>> _______________________________________________ >>>> Carbon-dev mailing list >>>> [email protected] >>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>> >>>> >>> >>> _______________________________________________ >>> Carbon-dev mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >> >> >> -- >> Thilina Mahesh Buddhika >> WSO2 Inc. ; http://wso2.com >> http://blog.thilinamb.com >> >> _______________________________________________ >> Carbon-dev mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >> >> > > > -- > Samisa Abeysinghe > Director, Engineering - WSO2 Inc. > > http://www.wso2.com/ - "lean . enterprise . middleware" > > _______________________________________________ > Carbon-dev mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > > -- Thilina Mahesh Buddhika WSO2 Inc. ; http://wso2.com http://blog.thilinamb.com
_______________________________________________ Carbon-dev mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
