On Sat, Jan 16, 2010 at 10:59 AM, Thilina Mahesh Buddhika <[email protected] > wrote:
> > > On Sat, Jan 16, 2010 at 10:55 AM, Samisa Abeysinghe <[email protected]>wrote: > >> >> >> On Sat, Jan 16, 2010 at 10:53 AM, Thilina Mahesh Buddhika < >> [email protected]> wrote: >> >>> Hi, >>> >>> I was able to reproduce the exact error. This happens because of an old >>> version of WSS4J present in the classpath. In the maven project, it has an >>> indirect dependency to wss4j-1.5.4-*, but it should be wss4j-1.5.7-wso2v2. >>> >>> Manually replacing the older version with the latest version will fix the >>> issue. But this has to be fixed at the Carbon level. >>> >> >> Can you fix for 2.0.3? >> > > Sure, will do. > Thanks Thilina. And also please add the rampart.mar dependency as well to the POM. otherwise users has to put it manually. Amila. > > Thanks. > /thilina > > >> >> Samisa... >> >> >>> >>> Thanks. >>> /thilina >>> >>> On Sat, Jan 16, 2010 at 8:08 AM, Amila Suriarachchi <[email protected]>wrote: >>> >>>> Then I tried with the 6th scenario with the same procedure. >>>> >>>> This time server side works well. but got this exception at the client >>>> side. >>>> >>>> Jan 16, 2010 8:05:50 AM org.apache.xml.security.signature.Reference >>>> verify >>>> INFO: Verification successful for URI "#Id-412537538" >>>> Jan 16, 2010 8:05:50 AM org.apache.xml.security.signature.Reference >>>> verify >>>> INFO: Verification successful for URI "#Timestamp-1" >>>> Jan 16, 2010 8:05:50 AM org.apache.xml.security.signature.Reference >>>> verify >>>> INFO: Verification successful for URI "#SigConf-2" >>>> Exception in thread "main" java.lang.NoSuchMethodError: >>>> org.apache.ws.security.WSDataRef.getAlgo()Ljava/lang/String; >>>> at >>>> org.apache.rampart.PolicyBasedResultsValidator.validateEncryptionAlgorithm(PolicyBasedResultsValidator.java:874) >>>> at >>>> org.apache.rampart.PolicyBasedResultsValidator.validateEncryptedParts(PolicyBasedResultsValidator.java:407) >>>> at >>>> org.apache.rampart.PolicyBasedResultsValidator.validate(PolicyBasedResultsValidator.java:119) >>>> at org.apache.rampart.RampartEngine.process(RampartEngine.java:255) >>>> >>>> at >>>> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92) >>>> at org.apache.axis2.engine.Phase.invoke(Phase.java:318) >>>> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:256) >>>> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:165) >>>> at >>>> org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:364) >>>> at >>>> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:417) >>>> at >>>> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229) >>>> at >>>> org.apache.axis2.client.OperationClient.execute(OperationClient.java:165) >>>> at >>>> org.wso2.www.types.HelloServiceStub.greet(HelloServiceStub.java:190) >>>> at org.wso2.www.types.TestStub.testStub(TestStub.java:44) >>>> at org.wso2.www.types.TestStub.main(TestStub.java:58) >>>> >>>> Amila. >>>> >>>> >>>> On Fri, Jan 15, 2010 at 7:44 PM, Thilina Mahesh Buddhika < >>>> [email protected]> wrote: >>>> >>>>> Hi Amila, >>>>> >>>>> I will try the sample code you have given. >>>>> >>>>> Thanks. >>>>> /thilina >>>>> >>>>> >>>>> On Fri, Jan 15, 2010 at 7:42 PM, Amila Suriarachchi <[email protected]>wrote: >>>>> >>>>>> >>>>>> >>>>>> On Fri, Jan 15, 2010 at 5:15 PM, Charitha Kankanamge < >>>>>> [email protected]> wrote: >>>>>> >>>>>>> We usually test all 16 security scenarios through the selenium test >>>>>>> framework and all were successful in WSAS-3.1.2 release. However we do >>>>>>> not >>>>>>> use code generated client in there. >>>>>> >>>>>> >>>>>> if you have a time please have a look with method I have given. I >>>>>> think that is the most likely path any new comer would follow. >>>>>> >>>>>> Amila. >>>>>> >>>>>> >>>>>>> We set the client side policy using >>>>>>> opts.setProperty(RampartMessageData.KEY_RAMPART_POLICY, >>>>>>> loadPolicy("client-policy-path"-policy.xml")); >>>>>>> >>>>>>> Regards >>>>>>> Charitha >>>>>>> >>>>>>> Charitha Kankanamge >>>>>>> WSO2 Inc. >>>>>>> http://wso2.org >>>>>>> email: [email protected] >>>>>>> cell: +94 718 359 265 >>>>>>> blog: http://charithaka.blogspot.com >>>>>>> >>>>>>> >>>>>>> On Fri, Jan 15, 2010 at 4:41 PM, Amila Suriarachchi >>>>>>> <[email protected]>wrote: >>>>>>> >>>>>>>> hi, >>>>>>>> >>>>>>>> I tried to this in order to create a secure service. >>>>>>>> >>>>>>>> 1. Start the WSO2wsas 3.1.2 and goto HelloService. >>>>>>>> 2. Then enable security using Admin console and selet the 'Sign and >>>>>>>> encrypt - X509 Authentication' (5 th case) >>>>>>>> 3. Click on the Generate Client and generate the code with adb. >>>>>>>> 4. Geneate the maven project with the generated pom.xml >>>>>>>> >>>>>>>> Invoke the service with the following client code. >>>>>>>> >>>>>>>> try { >>>>>>>> HelloServiceStub stub = new HelloServiceStub(" >>>>>>>> http://127.0.0.1:8088/services/HelloService.HelloServiceHttpSoap11Endpoint/ >>>>>>>> "); >>>>>>>> stub._getServiceClient().engageModule("rampart"); >>>>>>>> StAXOMBuilder builder = new >>>>>>>> StAXOMBuilder("conf/policy.xml"); >>>>>>>> Policy policy = >>>>>>>> PolicyEngine.getPolicy(builder.getDocumentElement()); >>>>>>>> >>>>>>>> stub._getServiceClient().getAxisService().getPolicySubject().attachPolicy(policy); >>>>>>>> stub.greet("hellow"); >>>>>>>> } catch (AxisFault axisFault) { >>>>>>>> axisFault.printStackTrace(); >>>>>>>> } catch (java.rmi.RemoteException e) { >>>>>>>> e.printStackTrace(); >>>>>>>> } catch (XMLStreamException e) { >>>>>>>> e.printStackTrace(); >>>>>>>> } catch (FileNotFoundException e) { >>>>>>>> e.printStackTrace(); >>>>>>>> } >>>>>>>> >>>>>>>> Policy.xml contains following. I added the rampart mar to classpath. >>>>>>>> >>>>>>>> <wsp:Policy wsu:Id="SigEncr" >>>>>>>> xmlns:wsu=" >>>>>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd >>>>>>>> " >>>>>>>> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy >>>>>>>> "> >>>>>>>> <wsp:ExactlyOne> >>>>>>>> <wsp:All> >>>>>>>> <ramp:RampartConfig xmlns:ramp=" >>>>>>>> http://ws.apache.org/rampart/policy"> >>>>>>>> <ramp:user>wso2carbon</ramp:user> >>>>>>>> >>>>>>>> <ramp:encryptionUser>wso2carbon</ramp:encryptionUser> >>>>>>>> >>>>>>>> <ramp:passwordCallbackClass>org.wso2.www.types.PWCallbackHandler</ramp:passwordCallbackClass> >>>>>>>> >>>>>>>> <ramp:signatureCrypto> >>>>>>>> <ramp:crypto >>>>>>>> provider="org.apache.ws.security.components.crypto.Merlin"> >>>>>>>> <ramp:property >>>>>>>> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property> >>>>>>>> <ramp:property >>>>>>>> name="org.apache.ws.security.crypto.merlin.file">/home/amila/downloads/wso2wsas-3.1.2/resources/security/wso2carbon.jks</ramp:property> >>>>>>>> <ramp:property >>>>>>>> name="org.apache.ws.security.crypto.merlin.keystore.password">wso2carbon</ramp:property> >>>>>>>> </ramp:crypto> >>>>>>>> </ramp:signatureCrypto> >>>>>>>> <ramp:encryptionCypto> >>>>>>>> <ramp:crypto >>>>>>>> provider="org.apache.ws.security.components.crypto.Merlin"> >>>>>>>> <ramp:property >>>>>>>> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property> >>>>>>>> <ramp:property >>>>>>>> name="org.apache.ws.security.crypto.merlin.file">/home/amila/downloads/wso2wsas-3.1.2/resources/security/wso2carbon.jks</ramp:property> >>>>>>>> <ramp:property >>>>>>>> name="org.apache.ws.security.crypto.merlin.keystore.password">wso2carbon</ramp:property> >>>>>>>> </ramp:crypto> >>>>>>>> </ramp:encryptionCypto> >>>>>>>> </ramp:RampartConfig> >>>>>>>> </wsp:All> >>>>>>>> </wsp:ExactlyOne> >>>>>>>> </wsp:Policy> >>>>>>>> >>>>>>>> Callback handler class like this >>>>>>>> >>>>>>>> public class PWCallbackHandler implements CallbackHandler { >>>>>>>> >>>>>>>> public void handle(Callback[] callbacks) throws IOException, >>>>>>>> UnsupportedCallbackException { >>>>>>>> for (int i = 0; i < callbacks.length; i++) { >>>>>>>> WSPasswordCallback pwcb = (WSPasswordCallback) >>>>>>>> callbacks[i]; >>>>>>>> String id = pwcb.getIdentifer(); >>>>>>>> if ("wso2carbon".equals(id)) { >>>>>>>> pwcb.setPassword("wso2carbon"); >>>>>>>> } >>>>>>>> } >>>>>>>> } >>>>>>>> } >>>>>>>> >>>>>>>> Then I am getting following error at the server side. >>>>>>>> >>>>>>>> aused by: org.apache.ws.security.WSSecurityException: An unsupported >>>>>>>> token was provided (Token type " >>>>>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v1 >>>>>>>> ") >>>>>>>> at >>>>>>>> org.apache.ws.security.processor.SignatureProcessor.createSecurityToken(SignatureProcessor.java:594) >>>>>>>> at >>>>>>>> org.apache.ws.security.processor.SignatureProcessor.getCertificatesTokenReference(SignatureProcessor.java:558) >>>>>>>> at >>>>>>>> org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:274) >>>>>>>> at >>>>>>>> org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:99) >>>>>>>> at >>>>>>>> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:329) >>>>>>>> at >>>>>>>> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:246) >>>>>>>> at >>>>>>>> org.apache.rampart.RampartEngine.process(RampartEngine.java:154) >>>>>>>> at >>>>>>>> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92) >>>>>>>> >>>>>>>> I think this senario should work out of the box. What could be the >>>>>>>> problem? >>>>>>>> >>>>>>>> thanks, >>>>>>>> Amila. >>>>>>>> >>>>>>>> >>>>>>>> _______________________________________________ >>>>>>>> Carbon-dev mailing list >>>>>>>> [email protected] >>>>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>>>>> >>>>>>>> >>>>>>> >>>>>>> _______________________________________________ >>>>>>> Carbon-dev mailing list >>>>>>> [email protected] >>>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>>>> >>>>>>> >>>>>> >>>>>> _______________________________________________ >>>>>> Carbon-dev mailing list >>>>>> [email protected] >>>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>>> >>>>>> >>>>> >>>>> >>>>> -- >>>>> Thilina Mahesh Buddhika >>>>> >>>>> WSO2 Inc. ; http://wso2.com >>>>> http://blog.thilinamb.com >>>>> >>>>> _______________________________________________ >>>>> Carbon-dev mailing list >>>>> [email protected] >>>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>>> >>>>> >>>> >>>> _______________________________________________ >>>> Carbon-dev mailing list >>>> [email protected] >>>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>>> >>>> >>> >>> >>> -- >>> Thilina Mahesh Buddhika >>> WSO2 Inc. ; http://wso2.com >>> http://blog.thilinamb.com >>> >>> _______________________________________________ >>> Carbon-dev mailing list >>> [email protected] >>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >>> >>> >> >> >> -- >> Samisa Abeysinghe >> Director, Engineering - WSO2 Inc. >> >> http://www.wso2.com/ - "lean . enterprise . middleware" >> >> _______________________________________________ >> Carbon-dev mailing list >> [email protected] >> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev >> >> > > > -- > Thilina Mahesh Buddhika > WSO2 Inc. ; http://wso2.com > http://blog.thilinamb.com > > _______________________________________________ > Carbon-dev mailing list > [email protected] > https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev > >
_______________________________________________ Carbon-dev mailing list [email protected] https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
