Can you attach the full code for your sample? Colm.
-----Original Message----- From: Kasper Hansen [mailto:[EMAIL PROTECTED] Sent: 03 March 2008 13:30 To: [email protected] Subject: WS-Security - signature problems I am rather new to using the cxf. I checked out from svn and had a look at the samples in the disrubution folder. I didn't find a sample for the ws-security so I decided to make one myself. I started with the UsernameToken and this worked fine, I added the logging interceptor and i could see in the SOAP headers that everything was working fine. But then I wanted to sign the message, I followed the instrucions at the cxf page to make the keystores but i cannot get it to work. When I run my server and client, the server runs fine and so does the client, but before I saw the messages in my client windows that was sent but now it seems that nothing gets send, but there is no errors to see even though I turned logging on the log ALL. Here is what i have in my server.xml file: <bean id="saajIn" class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" /> <bean id="wss4jIn" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> <constructor-arg> <map> <entry key="action" value="UsernameToken Timestamp Signature" /> <entry key="passwordType" value="PasswordDigest" /> <entry key="passwordCallbackClass" value="football.demo.server.ServerPasswordCallback" /> <entry key="signaturePropFile" value="server_sign.properties"/> </map> </constructor-arg> </bean> <cxf:bus> <cxf:inInterceptors> <ref bean="saajIn"/> <ref bean="wss4jIn"/> </cxf:inInterceptors> <cxf:features> <cxf:logging/> </cxf:features> </cxf:bus> </beans> And in my client.xml file <bean id="saajOut" class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor" /> <bean id="wss4jOut" class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> <constructor-arg> <map> <entry key="action" value="UsernameToken Timestamp Signature" /> <entry key="user" value="football-client" /> <entry key="passwordType" value="PasswordDigest" /> <entry key="passwordCallbackClass" value="football.demo.client.ClientPasswordCallback" /> <entry key="signaturePropFile" value="client_sign.properties"/> </map> </constructor-arg> </bean> <cxf:bus> <cxf:outInterceptors> <ref bean="saajOut"/> <ref bean="wss4jOut"/> </cxf:outInterceptors> <cxf:features> <cxf:logging/> </cxf:features> </cxf:bus> </beans> Thr request never reaches the server because it doesn't get send, here is the last output in the client command prompt: [java] [java] 03-03-2008 14:13:11 org.apache.cxf.phase.PhaseInterceptorChain doIntercept [java] FINE: Invoking handleMessage on interceptor org.apache.cxf.jaxws.handler.logical.LogicalHandlerOutIntercepto [EMAIL PROTECTED] [java] 03-03-2008 14:13:11 org.apache.cxf.phase.PhaseInterceptorChain doIntercept [java] FINE: Invoking handleMessage on interceptor [EMAIL PROTECTED] [java] 03-03-2008 14:13:11 org.apache.cxf.phase.PhaseInterceptorChain doIntercept [java] FINE: Invoking handleMessage on interceptor [EMAIL PROTECTED] [java] 03-03-2008 14:13:11 org.apache.cxf.phase.PhaseInterceptorChain doIntercept [java] FINE: Invoking handleMessage on interceptor org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInt [EMAIL PROTECTED] [java] 03-03-2008 14:13:11 org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptor Internal handleM essage [java] FINE: WSDoAllSender: enter invoke() [java] 03-03-2008 14:13:11 org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptor Internal handleM essage [java] FINE: Action: 35 [java] 03-03-2008 14:13:11 org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptor Internal handleM essage [java] FINE: Actor: null [java] 03-03-2008 14:13:11 org.apache.ws.security.WSSConfig loadProvider [java] FINE: The provider JuiCE could not be added: org.apache.security.juice.provider.JuiCEProviderOpenSSL [java] 03-03-2008 14:13:11 org.apache.ws.security.util.Loader getResource [java] FINE: Trying to find [client_sign.properties] using [EMAIL PROTECTED] class loader. [java] 03-03-2008 14:13:11 org.apache.ws.security.components.crypto.CryptoFactory loadClass [java] FINE: Using Crypto Engine [org.apache.ws.security.components.crypto.Merlin] [java] 03-03-2008 14:13:11 org.apache.ws.security.util.Loader getResource [java] FINE: Trying to find [client-keystore.jks] using [EMAIL PROTECTED] class loader. [java] 03-03-2008 14:13:11 org.apache.ws.security.handler.WSHandler doSenderAction [java] FINE: Performing Action: 1 [java] 03-03-2008 14:13:11 org.apache.ws.security.message.WSSecUsernameToken build [java] FINE: Begin add username token... [java] 03-03-2008 14:13:11 org.apache.ws.security.handler.WSHandler doSenderAction [java] FINE: Performing Action: 32 [java] 03-03-2008 14:13:11 org.apache.ws.security.message.WSSecTimestamp build [java] FINE: Begin add timestamp... [java] 03-03-2008 14:13:11 org.apache.ws.security.handler.WSHandler doSenderAction [java] FINE: Performing Action: 2 [java] 03-03-2008 14:13:11 org.apache.ws.security.message.WSSecSignature build [java] FINE: Beginning signing... [java] 03-03-2008 14:13:11 org.apache.ws.security.message.WSSecSignature prepare [java] FINE: automatic sig algo detection: RSA [java] 03-03-2008 14:13:11 org.apache.xml.security.algorithms.SignatureAlgorithm <init> [java] FINE: Create URI "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; class "class org.apache.xml.security.algorithm s.implementations.SignatureBaseRSA$SignatureRSASHA1" [java] 03-03-2008 14:13:11 org.apache.xml.security.algorithms.JCEMapper translateURItoJCEID [java] FINE: Request for URI http://www.w3.org/2000/09/xmldsig#rsa-sha1 [java] 03-03-2008 14:13:11 org.apache.xml.security.algorithms.implementations.SignatureBaseRSA <init> [java] FINE: Created SignatureDSA using SHA1withRSA [java] 03-03-2008 14:13:11 org.apache.xml.security.utils.ElementProxy <init> [java] FINE: setElement("ds:SignatureMethod", "null") [java] 03-03-2008 14:13:11 org.apache.xml.security.algorithms.SignatureAlgorithm <init> [java] FINE: Create URI "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; class "class org.apache.xml.security.algorithm s.implementations.SignatureBaseRSA$SignatureRSASHA1" [java] 03-03-2008 14:13:11 org.apache.xml.security.algorithms.JCEMapper translateURItoJCEID [java] FINE: Request for URI http://www.w3.org/2000/09/xmldsig#rsa-sha1 [java] 03-03-2008 14:13:11 org.apache.xml.security.algorithms.implementations.SignatureBaseRSA <init> [java] FINE: Created SignatureDSA using SHA1withRSA BUILD SUCCESSFUL Total time: 8 seconds I would have expected to see a message? Could anyone help me with this problem? Regards Kasper H ---------------------------- IONA Technologies PLC (registered in Ireland) Registered Number: 171387 Registered Address: The IONA Building, Shelbourne Road, Dublin 4, Ireland
