> Now I am a little confused, isn't that what I am doing already
No. On the client side you're using:
<entry key="signaturePropFile" value="client_sign.properties"/>
<entry key="encryptionPropFile" value="server_sign.properties"/>
This is fine. On the server side you're using:
<entry key="signaturePropFile" value="client_sign.properties"/>
<entry key="decryptionPropFile" value="server_sign.properties"/>
This won't work as there is no private key in the server keystore to
perform decryption. If you were to change it around to:
<entry key="signaturePropFile" value="server_sign.properties"/>
<entry key="decryptionPropFile" value="client_sign.properties"/>
then it should work, as a private key isn't required for verifying a
signature.
One more thing, I don't believe the following will work, as I don't
think WSS4J supports encrypting signatures in this way, although I could
be wrong.
<entry key="encryptionParts"
value="{Element}{http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{
http://schemas.xmlsoap.org/soap/envelope/}Body"/>
Colm.
-----Original Message-----
From: kasperih [mailto:[EMAIL PROTECTED]
Sent: 04 March 2008 13:30
To: [email protected]
Subject: RE: WS-Security - signature problems
Now I am a little confused, isn't that what I am doing already
client.xml
<bean id="wss4jOut"
class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
<constructor-arg>
<map>
<entry key="action" value="Timestamp Encrypt" />
<entry key="user" value="football-client" />
<!-- <entry key="passwordType" value="PasswordDigest" />-->
<entry key="passwordCallbackClass"
value="football.demo.KeystorePasswordCallback" />
<entry key="signaturePropFile" value="client_sign.properties"/>
<entry key="signatureKeyIdentifier" value="DirectReference"/>
<entry key="signatureParts"
value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss
-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.o
rg/soap/envelope/}Body"/>
<entry key="encryptionPropFile" value="server_sign.properties"/>
<entry key="encryptionUser" value="football-client"/>
<entry key="encryptionParts"
value="{Element}{http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{
http://schemas.xmlsoap.org/soap/envelope/}Body"/>
<entry key="encryptionSymAlgorithm"
value="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
</map>
</constructor-arg>
</bean>
The encryptionpropfile i th server_sign-properties
server.xml
<bean id="wss4jIn"
class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
<constructor-arg>
<map>
<entry key="action" value="Timestamp Signature Encrypt" />
<!-- <entry key="passwordType" value="PasswordDigest" />-->
<entry key="passwordCallbackClass"
value="football.demo.KeystorePasswordCallback" />
<entry key="signaturePropFile"
value="client_sign.properties"/>
<entry key="decryptionPropFile"
value="server_sign.properties"/>
</map>
</constructor-arg>
</bean>
this uses the client_sign.properties for decryption.
But whar about the signature, I still need both to work.
/Kasper
O hEigeartaigh, Colm wrote:
>
>
> The problem is in how you're using the keys, not in your configuration
> for WS-Security. "server-keystore.jks" contains a "trustedCertEntry"
and
> hence can be used for encryption, as encryption only requires access
to
> a public key. It can't be used for decryption however.
>
> "client-keystore.jks" contains a "keyEntry" and hence can be used for
> decryption. So to get just encryption working for your configuration,
> use "server_sign.properties" on the outbound side, and
> "client_sign.properties" on the inbound side and it should work.
>
> If you want to add signature into the mix, then you should generate
> another set of keys.
>
> Colm.
>
> -----Original Message-----
> From: kasperih [mailto:[EMAIL PROTECTED]
> Sent: 04 March 2008 12:44
> To: [email protected]
> Subject: RE: WS-Security - signature problems
>
>
> I changed the callback class to be acommon one for both server and
> client, so
> client.xml
>
>
> <bean id="wss4jOut"
> class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
> <constructor-arg>
> <map>
> <entry key="action" value="Timestamp Signature Encrypt" />
> <entry key="user" value="football-client" />
> <!-- <entry key="passwordType" value="PasswordDigest" />-->
> <entry key="passwordCallbackClass"
> value="football.demo.KeystorePasswordCallback" />
> <entry key="signaturePropFile"
value="client_sign.properties"/>
> <entry key="signatureKeyIdentifier" value="DirectReference"/>
> <entry key="signatureParts"
>
value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss
>
-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.o
> rg/soap/envelope/}Body"/>
> <entry key="encryptionPropFile"
value="server_sign.properties"/>
> <entry key="encryptionUser" value="football-client"/>
> <entry key="encryptionParts"
>
value="{Element}{http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{
> http://schemas.xmlsoap.org/soap/envelope/}Body"/>
> <entry key="encryptionSymAlgorithm"
> value="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
> </map>
> </constructor-arg>
> </bean>
>
> The class looks like this:
>
>
> public class KeystorePasswordCallback implements CallbackHandler {
>
> private static final String password = "keyStorePassword";
>
> public void handle(Callback[] callbacks) throws IOException,
> UnsupportedCallbackException {
> for (int i = 0; i < callbacks.length; i++) {
> WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
> pc.setPassword(password);
> return;
> }
> }
> }
>
> I am not even getting an error when not starting the server, because
> nothing
> gets send.
> With this action <entry key="action" value="Timestamp Signature
Encrypt"
> />
>
> I get this output in the client window, logging is set to ALL
>
> [java] 04-03-2008 13:37:36
> org.apache.cxf.configuration.spring.ConfigurerImpl configureBean
> [java] FINE: Could not find a definition for bean with id
> {http://apache.org/football_soap_http}SoapPort.http-condu
> it - no injection will be performed.
> [java] 04-03-2008 13:37:36
> org.apache.cxf.transport.http.HTTPConduit
> finalizeConfig
> [java] FINE: No Trust Decider configured for Conduit
> '{http://apache.org/football_soap_http}SoapPort.http-conduit'
> [java] 04-03-2008 13:37:36
> org.apache.cxf.transport.http.HTTPConduit
> finalizeConfig
> [java] FINE: No Basic Auth Supplier configured for Conduit
> '{http://apache.org/football_soap_http}SoapPort.http-con
> duit'
> [java] 04-03-2008 13:37:36
> org.apache.cxf.transport.http.HTTPConduit
> finalizeConfig
> [java] FINE: Conduit
> '{http://apache.org/football_soap_http}SoapPort.http-conduit' has been
> configured for plain ht
> tp.
> [java] 04-03-2008 13:37:36
> org.apache.cxf.transport.AbstractObservable
> setMessageObserver
> [java] FINE: registering incoming observer:
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> outputChainToLog
> [java] FINE: Chain
> [EMAIL PROTECTED]
> was created. Current flow:
> [java] pre-logical [HolderOutInterceptor, SwAOutInterceptor,
> WrapperClassOutInterceptor, SoapHeaderOutFilterInter
> ceptor]
> [java] post-logical [SoapActionOutInterceptor]
> [java] prepare-send [MessageSenderInterceptor]
> [java] pre-stream [LoggingOutInterceptor,
> SoapPreProtocolOutInterceptor, AttachmentOutInterceptor,
StaxOutInterce
> ptor]
> [java] pre-protocol [SAAJOutInterceptor, WSS4JOutInterceptor,
> SOAPHandlerInterceptor]
> [java] write [SoapOutInterceptor]
> [java] pre-marshal [LogicalHandlerOutInterceptor]
> [java] marshal [WrappedOutInterceptor, BareOutInterceptor]
> [java]
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:37:36
> org.apache.cxf.jaxws.interceptors.HolderOutInterceptor handleMessage
> [java] FINE: op: [OperationInfo:
> {http://apache.org/football_soap_http}getPlayer]
> [java] 04-03-2008 13:37:36
> org.apache.cxf.jaxws.interceptors.HolderOutInterceptor handleMessage
> [java] FINE: op.hasOutput(): true
> [java] 04-03-2008 13:37:36
> org.apache.cxf.jaxws.interceptors.HolderOutInterceptor handleMessage
> [java] FINE: op.getOutput().size(): 1
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> 2e4
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> org.apache.cxf.binding.soap.interceptor.SoapHeaderOutFilterInter
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> org.apache.cxf.binding.soap.interceptor.SoapActionOutInterceptor
> @dd89f9
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> add
> [java] FINE: Adding interceptor
>
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingI
> nterceptor@
> 36ae83 to phase prepare-send-ending
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> outputChainToLog
> [java] FINE: Chain
> [EMAIL PROTECTED]
> was modified. Current flow:
> [java] pre-logical [HolderOutInterceptor, SwAOutInterceptor,
> WrapperClassOutInterceptor, SoapHeaderOutFilterInter
> ceptor]
> [java] post-logical [SoapActionOutInterceptor]
> [java] prepare-send [MessageSenderInterceptor]
> [java] pre-stream [LoggingOutInterceptor,
> SoapPreProtocolOutInterceptor, AttachmentOutInterceptor,
StaxOutInterce
> ptor]
> [java] pre-protocol [SAAJOutInterceptor, WSS4JOutInterceptor,
> SOAPHandlerInterceptor]
> [java] write [SoapOutInterceptor]
> [java] pre-marshal [LogicalHandlerOutInterceptor]
> [java] marshal [WrappedOutInterceptor, BareOutInterceptor]
> [java] prepare-send-ending [MessageSenderEndingInterceptor]
> [java]
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterc
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> add
> [java] FINE: Adding interceptor
>
[EMAIL PROTECTED]
> 836aea
> to p
> hase pre-stream-ending
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> outputChainToLog
> [java] FINE: Chain
> [EMAIL PROTECTED]
> was modified. Current flow:
> [java] pre-logical [HolderOutInterceptor, SwAOutInterceptor,
> WrapperClassOutInterceptor, SoapHeaderOutFilterInter
> ceptor]
> [java] post-logical [SoapActionOutInterceptor]
> [java] prepare-send [MessageSenderInterceptor]
> [java] pre-stream [LoggingOutInterceptor,
> SoapPreProtocolOutInterceptor, AttachmentOutInterceptor,
StaxOutInterce
> ptor]
> [java] pre-protocol [SAAJOutInterceptor, WSS4JOutInterceptor,
> SOAPHandlerInterceptor]
> [java] write [SoapOutInterceptor]
> [java] pre-marshal [LogicalHandlerOutInterceptor]
> [java] marshal [WrappedOutInterceptor, BareOutInterceptor]
> [java] pre-stream-ending [StaxOutEndingInterceptor]
> [java] prepare-send-ending [MessageSenderEndingInterceptor]
> [java]
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> add
> [java] FINE: Adding interceptor
>
org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutEndingInterce
> [EMAIL PROTECTED]
> to phase pre-protocol-ending
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> outputChainToLog
> [java] FINE: Chain
> [EMAIL PROTECTED]
> was modified. Current flow:
> [java] pre-logical [HolderOutInterceptor, SwAOutInterceptor,
> WrapperClassOutInterceptor, SoapHeaderOutFilterInter
> ceptor]
> [java] post-logical [SoapActionOutInterceptor]
> [java] prepare-send [MessageSenderInterceptor]
> [java] pre-stream [LoggingOutInterceptor,
> SoapPreProtocolOutInterceptor, AttachmentOutInterceptor,
StaxOutInterce
> ptor]
> [java] pre-protocol [SAAJOutInterceptor, WSS4JOutInterceptor,
> SOAPHandlerInterceptor]
> [java] write [SoapOutInterceptor]
> [java] pre-marshal [LogicalHandlerOutInterceptor]
> [java] marshal [WrappedOutInterceptor, BareOutInterceptor]
> [java] pre-protocol-ending [SAAJOutEndingInterceptor]
> [java] pre-stream-ending [StaxOutEndingInterceptor]
> [java] prepare-send-ending [MessageSenderEndingInterceptor]
> [java]
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> add
> [java] FINE: Adding interceptor
>
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptor
> [EMAIL PROTECTED]
> 8980 to phase post-protocol
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> outputChainToLog
> [java] FINE: Chain
> [EMAIL PROTECTED]
> was modified. Current flow:
> [java] pre-logical [HolderOutInterceptor, SwAOutInterceptor,
> WrapperClassOutInterceptor, SoapHeaderOutFilterInter
> ceptor]
> [java] post-logical [SoapActionOutInterceptor]
> [java] prepare-send [MessageSenderInterceptor]
> [java] pre-stream [LoggingOutInterceptor,
> SoapPreProtocolOutInterceptor, AttachmentOutInterceptor,
StaxOutInterce
> ptor]
> [java] pre-protocol [SAAJOutInterceptor, WSS4JOutInterceptor,
> SOAPHandlerInterceptor]
> [java] write [SoapOutInterceptor]
> [java] pre-marshal [LogicalHandlerOutInterceptor]
> [java] marshal [WrappedOutInterceptor, BareOutInterceptor]
> [java] post-protocol [WSS4JOutInterceptorInternal]
> [java] pre-protocol-ending [SAAJOutEndingInterceptor]
> [java] pre-stream-ending [StaxOutEndingInterceptor]
> [java] prepare-send-ending [MessageSenderEndingInterceptor]
> [java]
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
>
> [java] 04-03-2008 13:37:36
> org.apache.cxf.jaxws.handler.HandlerChainInvoker <init>
> [java] FINE: invoker for chain size: 0
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> e
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> add
> [java] FINE: Adding interceptor
>
org.apache.cxf.binding.soap.interceptor.SoapOutInterceptor$SoapOutEnding
> Interceptor
> @5db9eb to phase write-ending
> [java] 04-03-2008 13:37:36
> org.apache.cxf.phase.PhaseInterceptorChain
> outputChainToLog
> [java] FINE: Chain
> [EMAIL PROTECTED]
> was modified. Current flow:
> [java] pre-logical [HolderOutInterceptor, SwAOutInterceptor,
> WrapperClassOutInterceptor, SoapHeaderOutFilterInter
> ceptor]
> [java] post-logical [SoapActionOutInterceptor]
> [java] prepare-send [MessageSenderInterceptor]
> [java] pre-stream [LoggingOutInterceptor,
> SoapPreProtocolOutInterceptor, AttachmentOutInterceptor,
StaxOutInterce
> ptor]
> [java] pre-protocol [SAAJOutInterceptor, WSS4JOutInterceptor,
> SOAPHandlerInterceptor]
> [java] write [SoapOutInterceptor]
> [java] pre-marshal [LogicalHandlerOutInterceptor]
> [java] marshal [WrappedOutInterceptor, BareOutInterceptor]
> [java] post-protocol [WSS4JOutInterceptorInternal]
> [java] write-ending [SoapOutEndingInterceptor]
> [java] pre-protocol-ending [SAAJOutEndingInterceptor]
> [java] pre-stream-ending [StaxOutEndingInterceptor]
> [java] prepare-send-ending [MessageSenderEndingInterceptor]
> [java]
> [java] 04-03-2008 13:37:37
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> org.apache.cxf.jaxws.handler.logical.LogicalHandlerOutIntercepto
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:37:37
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:37:37
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:37:37
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInt
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:37:37
>
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptor
> Internal
> handleM
> essage
> [java] FINE: WSDoAllSender: enter invoke()
> [java] 04-03-2008 13:37:37
>
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptor
> Internal
> handleM
> essage
> [java] FINE: Action: 38
> [java] 04-03-2008 13:37:37
>
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptor
> Internal
> handleM
> essage
> [java] FINE: Actor: null
> [java] 04-03-2008 13:37:37 org.apache.ws.security.WSSConfig
> loadProvider
> [java] FINE: The provider JuiCE could not be added:
> org.apache.security.juice.provider.JuiCEProviderOpenSSL
> [java] 04-03-2008 13:37:37 org.apache.ws.security.util.Loader
> getResource
> [java] FINE: Trying to find [client_sign.properties] using
> [EMAIL PROTECTED] class loader.
> [java] 04-03-2008 13:37:37
> org.apache.ws.security.components.crypto.CryptoFactory loadClass
> [java] FINE: Using Crypto Engine
> [org.apache.ws.security.components.crypto.Merlin]
> [java] 04-03-2008 13:37:37 org.apache.ws.security.util.Loader
> getResource
> [java] FINE: Trying to find [client-keystore.jks] using
> [EMAIL PROTECTED] class loader.
> [java] 04-03-2008 13:37:37
org.apache.ws.security.handler.WSHandler
> splitEncParts
> [java] FINE: partDefs: 'Element'
>
,'http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-uti
> lity-1.0.x
> sd' ,'Timestamp'
> [java] 04-03-2008 13:37:37
org.apache.ws.security.handler.WSHandler
> splitEncParts
> [java] FINE: partDefs: 'Element'
> ,'http://schemas.xmlsoap.org/soap/envelope/' ,'Body'
> [java] 04-03-2008 13:37:37 org.apache.ws.security.util.Loader
> getResource
> [java] FINE: Trying to find [server_sign.properties] using
> [EMAIL PROTECTED] class loader.
> [java] 04-03-2008 13:37:37
> org.apache.ws.security.components.crypto.CryptoFactory loadClass
> [java] FINE: Using Crypto Engine
> [org.apache.ws.security.components.crypto.Merlin]
> [java] 04-03-2008 13:37:37 org.apache.ws.security.util.Loader
> getResource
> [java] FINE: Trying to find [server-keystore.jks] using
> [EMAIL PROTECTED] class loader.
> [java] 04-03-2008 13:37:37
org.apache.ws.security.handler.WSHandler
> splitEncParts
> [java] FINE: partDefs: 'Element'
> ,'http://www.w3.org/2000/09/xmldsig#'
> ,'Signature'
> [java] 04-03-2008 13:37:37
org.apache.ws.security.handler.WSHandler
> splitEncParts
> [java] FINE: partDefs: 'Content'
> ,'http://schemas.xmlsoap.org/soap/envelope/' ,'Body'
> [java] 04-03-2008 13:37:37
org.apache.ws.security.handler.WSHandler
> doSenderAction
> [java] FINE: Performing Action: 32
> [java] 04-03-2008 13:37:37
> org.apache.ws.security.message.WSSecTimestamp build
> [java] FINE: Begin add timestamp...
> [java] 04-03-2008 13:37:37
org.apache.ws.security.handler.WSHandler
> doSenderAction
> [java] FINE: Performing Action: 2
> [java] 04-03-2008 13:37:37
> org.apache.ws.security.message.WSSecSignature build
> [java] FINE: Beginning signing...
> [java] 04-03-2008 13:37:37
> org.apache.ws.security.message.WSSecSignature prepare
> [java] FINE: automatic sig algo detection: RSA
> [java] 04-03-2008 13:37:37
> org.apache.xml.security.algorithms.SignatureAlgorithm <init>
> [java] FINE: Create URI
> "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
> class "class org.apache.xml.security.algorithm
> s.implementations.SignatureBaseRSA$SignatureRSASHA1"
> [java] 04-03-2008 13:37:37
> org.apache.xml.security.algorithms.JCEMapper
> translateURItoJCEID
> [java] FINE: Request for URI
> http://www.w3.org/2000/09/xmldsig#rsa-sha1
> [java] 04-03-2008 13:37:37
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA
> <init>
> [java] FINE: Created SignatureDSA using SHA1withRSA
> [java] 04-03-2008 13:37:37
> org.apache.xml.security.utils.ElementProxy
> <init>
> [java] FINE: setElement("ds:SignatureMethod", "null")
> [java] 04-03-2008 13:37:37
> org.apache.xml.security.algorithms.SignatureAlgorithm <init>
> [java] FINE: Create URI
> "http://www.w3.org/2000/09/xmldsig#rsa-sha1";
> class "class org.apache.xml.security.algorithm
> s.implementations.SignatureBaseRSA$SignatureRSASHA1"
> [java] 04-03-2008 13:37:37
> org.apache.xml.security.algorithms.JCEMapper
> translateURItoJCEID
> [java] FINE: Request for URI
> http://www.w3.org/2000/09/xmldsig#rsa-sha1
> [java] 04-03-2008 13:37:37
> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA
> <init>
> [java] FINE: Created SignatureDSA using SHA1withRSA
>
> BUILD SUCCESSFUL
>
> If I try and remove the Signature from the action I get this:
>
> [java] 04-03-2008 13:42:52
> org.apache.cxf.configuration.spring.ConfigurerImpl configureBean
> [java] FINE: Could not find a definition for bean with id
> {http://apache.org/football_soap_http}SoapPort.http-condu
> it - no injection will be performed.
> [java] 04-03-2008 13:42:52
> org.apache.cxf.transport.http.HTTPConduit
> finalizeConfig
> [java] FINE: No Trust Decider configured for Conduit
> '{http://apache.org/football_soap_http}SoapPort.http-conduit'
> [java] 04-03-2008 13:42:52
> org.apache.cxf.transport.http.HTTPConduit
> finalizeConfig
> [java] FINE: No Basic Auth Supplier configured for Conduit
> '{http://apache.org/football_soap_http}SoapPort.http-con
> duit'
> [java] 04-03-2008 13:42:52
> org.apache.cxf.transport.http.HTTPConduit
> finalizeConfig
> [java] FINE: Conduit
> '{http://apache.org/football_soap_http}SoapPort.http-conduit' has been
> configured for plain ht
> tp.
> [java] 04-03-2008 13:42:52
> org.apache.cxf.transport.AbstractObservable
> setMessageObserver
> [java] FINE: registering incoming observer:
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> outputChainToLog
> [java] FINE: Chain
[EMAIL PROTECTED]
> was
> created. Current flow:
> [java] pre-logical [HolderOutInterceptor, SwAOutInterceptor,
> WrapperClassOutInterceptor, SoapHeaderOutFilterInter
> ceptor]
> [java] post-logical [SoapActionOutInterceptor]
> [java] prepare-send [MessageSenderInterceptor]
> [java] pre-stream [LoggingOutInterceptor,
> SoapPreProtocolOutInterceptor, AttachmentOutInterceptor,
StaxOutInterce
> ptor]
> [java] pre-protocol [SAAJOutInterceptor, WSS4JOutInterceptor,
> SOAPHandlerInterceptor]
> [java] write [SoapOutInterceptor]
> [java] pre-marshal [LogicalHandlerOutInterceptor]
> [java] marshal [WrappedOutInterceptor, BareOutInterceptor]
> [java]
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:42:52
> org.apache.cxf.jaxws.interceptors.HolderOutInterceptor handleMessage
> [java] FINE: op: [OperationInfo:
> {http://apache.org/football_soap_http}getPlayer]
> [java] 04-03-2008 13:42:52
> org.apache.cxf.jaxws.interceptors.HolderOutInterceptor handleMessage
> [java] FINE: op.hasOutput(): true
> [java] 04-03-2008 13:42:52
> org.apache.cxf.jaxws.interceptors.HolderOutInterceptor handleMessage
> [java] FINE: op.getOutput().size(): 1
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> e178
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> org.apache.cxf.binding.soap.interceptor.SoapHeaderOutFilterInter
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> org.apache.cxf.binding.soap.interceptor.SoapActionOutInterceptor
> @f5b2e4
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> add
> [java] FINE: Adding interceptor
>
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingI
> nterceptor@
> 16136f0 to phase prepare-send-ending
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> outputChainToLog
> [java] FINE: Chain
[EMAIL PROTECTED]
> was
> modified. Current flow:
> [java] pre-logical [HolderOutInterceptor, SwAOutInterceptor,
> WrapperClassOutInterceptor, SoapHeaderOutFilterInter
> ceptor]
> [java] post-logical [SoapActionOutInterceptor]
> [java] prepare-send [MessageSenderInterceptor]
> [java] pre-stream [LoggingOutInterceptor,
> SoapPreProtocolOutInterceptor, AttachmentOutInterceptor,
StaxOutInterce
> ptor]
> [java] pre-protocol [SAAJOutInterceptor, WSS4JOutInterceptor,
> SOAPHandlerInterceptor]
> [java] write [SoapOutInterceptor]
> [java] pre-marshal [LogicalHandlerOutInterceptor]
> [java] marshal [WrappedOutInterceptor, BareOutInterceptor]
> [java] prepare-send-ending [MessageSenderEndingInterceptor]
> [java]
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> org.apache.cxf.binding.soap.interceptor.SoapPreProtocolOutInterc
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> add
> [java] FINE: Adding interceptor
>
[EMAIL PROTECTED]
> d28c7
> to ph
> ase pre-stream-ending
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> outputChainToLog
> [java] FINE: Chain
[EMAIL PROTECTED]
> was
> modified. Current flow:
> [java] pre-logical [HolderOutInterceptor, SwAOutInterceptor,
> WrapperClassOutInterceptor, SoapHeaderOutFilterInter
> ceptor]
> [java] post-logical [SoapActionOutInterceptor]
> [java] prepare-send [MessageSenderInterceptor]
> [java] pre-stream [LoggingOutInterceptor,
> SoapPreProtocolOutInterceptor, AttachmentOutInterceptor,
StaxOutInterce
> ptor]
> [java] pre-protocol [SAAJOutInterceptor, WSS4JOutInterceptor,
> SOAPHandlerInterceptor]
> [java] write [SoapOutInterceptor]
> [java] pre-marshal [LogicalHandlerOutInterceptor]
> [java] marshal [WrappedOutInterceptor, BareOutInterceptor]
> [java] pre-stream-ending [StaxOutEndingInterceptor]
> [java] prepare-send-ending [MessageSenderEndingInterceptor]
> [java]
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> add
> [java] FINE: Adding interceptor
>
org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor$SAAJOutEndingInterce
> [EMAIL PROTECTED]
> to phase pre-protocol-ending
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> outputChainToLog
> [java] FINE: Chain
[EMAIL PROTECTED]
> was
> modified. Current flow:
> [java] pre-logical [HolderOutInterceptor, SwAOutInterceptor,
> WrapperClassOutInterceptor, SoapHeaderOutFilterInter
> ceptor]
> [java] post-logical [SoapActionOutInterceptor]
> [java] prepare-send [MessageSenderInterceptor]
> [java] pre-stream [LoggingOutInterceptor,
> SoapPreProtocolOutInterceptor, AttachmentOutInterceptor,
StaxOutInterce
> ptor]
> [java] pre-protocol [SAAJOutInterceptor, WSS4JOutInterceptor,
> SOAPHandlerInterceptor]
> [java] write [SoapOutInterceptor]
> [java] pre-marshal [LogicalHandlerOutInterceptor]
> [java] marshal [WrappedOutInterceptor, BareOutInterceptor]
> [java] pre-protocol-ending [SAAJOutEndingInterceptor]
> [java] pre-stream-ending [StaxOutEndingInterceptor]
> [java] prepare-send-ending [MessageSenderEndingInterceptor]
> [java]
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> add
> [java] FINE: Adding interceptor
>
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptor
> [EMAIL PROTECTED]
> f93b to phase post-protocol
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> outputChainToLog
> [java] FINE: Chain
[EMAIL PROTECTED]
> was
> modified. Current flow:
> [java] pre-logical [HolderOutInterceptor, SwAOutInterceptor,
> WrapperClassOutInterceptor, SoapHeaderOutFilterInter
> ceptor]
> [java] post-logical [SoapActionOutInterceptor]
> [java] prepare-send [MessageSenderInterceptor]
> [java] pre-stream [LoggingOutInterceptor,
> SoapPreProtocolOutInterceptor, AttachmentOutInterceptor,
StaxOutInterce
> ptor]
> [java] pre-protocol [SAAJOutInterceptor, WSS4JOutInterceptor,
> SOAPHandlerInterceptor]
> [java] write [SoapOutInterceptor]
> [java] pre-marshal [LogicalHandlerOutInterceptor]
> [java] marshal [WrappedOutInterceptor, BareOutInterceptor]
> [java] post-protocol [WSS4JOutInterceptorInternal]
> [java] pre-protocol-ending [SAAJOutEndingInterceptor]
> [java] pre-stream-ending [StaxOutEndingInterceptor]
> [java] prepare-send-ending [MessageSenderEndingInterceptor]
> [java]
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:42:52
> org.apache.cxf.jaxws.handler.HandlerChainInvoker <init>
> [java] FINE: invoker for chain size: 0
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> b
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> add
> [java] FINE: Adding interceptor
>
org.apache.cxf.binding.soap.interceptor.SoapOutInterceptor$SoapOutEnding
> Interceptor
> @19481b2 to phase write-ending
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> outputChainToLog
> [java] FINE: Chain
[EMAIL PROTECTED]
> was
> modified. Current flow:
> [java] pre-logical [HolderOutInterceptor, SwAOutInterceptor,
> WrapperClassOutInterceptor, SoapHeaderOutFilterInter
> ceptor]
> [java] post-logical [SoapActionOutInterceptor]
> [java] prepare-send [MessageSenderInterceptor]
> [java] pre-stream [LoggingOutInterceptor,
> SoapPreProtocolOutInterceptor, AttachmentOutInterceptor,
StaxOutInterce
> ptor]
> [java] pre-protocol [SAAJOutInterceptor, WSS4JOutInterceptor,
> SOAPHandlerInterceptor]
> [java] write [SoapOutInterceptor]
> [java] pre-marshal [LogicalHandlerOutInterceptor]
> [java] marshal [WrappedOutInterceptor, BareOutInterceptor]
> [java] post-protocol [WSS4JOutInterceptorInternal]
> [java] write-ending [SoapOutEndingInterceptor]
> [java] pre-protocol-ending [SAAJOutEndingInterceptor]
> [java] pre-stream-ending [StaxOutEndingInterceptor]
> [java] prepare-send-ending [MessageSenderEndingInterceptor]
> [java]
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> org.apache.cxf.jaxws.handler.logical.LogicalHandlerOutIntercepto
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:42:52
> org.apache.cxf.phase.PhaseInterceptorChain
> doIntercept
> [java] FINE: Invoking handleMessage on interceptor
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInt
> [EMAIL PROTECTED]
> [java] 04-03-2008 13:42:52
>
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptor
> Internal
> handleM
> essage
> [java] FINE: WSDoAllSender: enter invoke()
> [java] 04-03-2008 13:42:52
>
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptor
> Internal
> handleM
> essage
> [java] FINE: Action: 36
> [java] 04-03-2008 13:42:52
>
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptor
> Internal
> handleM
> essage
> [java] FINE: Actor: null
> [java] 04-03-2008 13:42:52 org.apache.ws.security.WSSConfig
> loadProvider
> [java] FINE: The provider JuiCE could not be added:
> org.apache.security.juice.provider.JuiCEProviderOpenSSL
> [java] 04-03-2008 13:42:52 org.apache.ws.security.util.Loader
> getResource
> [java] FINE: Trying to find [server_sign.properties] using
> [EMAIL PROTECTED] class loader.
> [java] 04-03-2008 13:42:52
> org.apache.ws.security.components.crypto.CryptoFactory loadClass
> [java] FINE: Using Crypto Engine
> [org.apache.ws.security.components.crypto.Merlin]
> [java] 04-03-2008 13:42:52 org.apache.ws.security.util.Loader
> getResource
> [java] FINE: Trying to find [server-keystore.jks] using
> [EMAIL PROTECTED] class loader.
> [java] 04-03-2008 13:42:53
org.apache.ws.security.handler.WSHandler
> splitEncParts
> [java] FINE: partDefs: 'Element'
> ,'http://www.w3.org/2000/09/xmldsig#'
> ,'Signature'
> [java] 04-03-2008 13:42:53
org.apache.ws.security.handler.WSHandler
> splitEncParts
> [java] FINE: partDefs: 'Content'
> ,'http://schemas.xmlsoap.org/soap/envelope/' ,'Body'
> [java] 04-03-2008 13:42:53
org.apache.ws.security.handler.WSHandler
> doSenderAction
> [java] FINE: Performing Action: 32
> [java] 04-03-2008 13:42:53
> org.apache.ws.security.message.WSSecTimestamp build
> [java] FINE: Begin add timestamp...
> [java] 04-03-2008 13:42:53
org.apache.ws.security.handler.WSHandler
> doSenderAction
> [java] FINE: Performing Action: 4
> [java] 04-03-2008 13:42:53
> org.apache.ws.security.message.WSSecEncrypt
> build
> [java] FINE: Beginning Encryption...
> [java] 04-03-2008 13:42:56
> org.apache.ws.security.message.WSSecEncryptedKey prepareInternal
> [java] FINE: cipher blksize: 117, symm key length: 24
>
> BUILD SUCCESSFUL
>
> /Kasper
>
>
> O hEigeartaigh, Colm wrote:
>>
>>
>> Can you attach a stack trace and/or logging information? I suspect
the
>> problem is in your callback implementations. Have you changed your
>> ClientCallback implementation to account for encryption as well?
>>
>> Colm.
>>
>> -----Original Message-----
>> From: kasperih [mailto:[EMAIL PROTECTED]
>> Sent: 04 March 2008 11:29
>> To: [email protected]
>> Subject: RE: WS-Security - signature problems
>>
>>
>> Hi Colm
>>
>> Thanks that was definetly wrong, I fixed that but it still doesn't
> work.
>> I
>> also changed it a bit so that it also tries to encrypt, but it
doesn't
>> seem
>> to get by the signature. If I remove the signatrue action and only
> tries
>> the
>> encrypt then that doesn't work either.
>> I gave both the cleint and the server the same alias, is that a
> problem?
>>
>> I have attached the altered code again.
>>
>> Here is part of my client.xml
>>
>> <bean id="wss4jOut"
>> class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
>> <constructor-arg>
>> <map>
>> <entry key="action" value="Timestamp Signature Encrypt" />
>> <entry key="user" value="football-client" />
>> <!-- <entry key="passwordType" value="PasswordDigest" />-->
>> <entry key="passwordCallbackClass"
>> value="football.demo.client.ClientPasswordCallback" />
>> <entry key="signaturePropFile"
> value="client_sign.properties"/>
>> <entry key="signatureKeyIdentifier" value="DirectReference"/>
>> <entry key="signatureParts"
>>
>
value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss
>>
>
-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.o
>> rg/soap/envelope/}Body"/>
>> <entry key="encryptionPropFile"
> value="server_sign.properties"/>
>> <entry key="encryptionUser" value="football-client"/>
>> <entry key="encryptionParts"
>>
>
value="{Element}{http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{
>> http://schemas.xmlsoap.org/soap/envelope/}Body"/>
>> <entry key="encryptionSymAlgorithm"
>> value="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>
>> </map>
>> </constructor-arg>
>> </bean>
>>
>> and here is the matching server.xml
>>
>> <bean id="wss4jIn"
>> class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
>> <constructor-arg>
>> <map>
>> <entry key="action" value="Timestamp Signature Encrypt"
/>
>> <!-- <entry key="passwordType" value="PasswordDigest"
> />-->
>> <entry key="passwordCallbackClass"
>> value="football.demo.server.ServerPasswordCallback" />
>> <entry key="signaturePropFile"
>> value="client_sign.properties"/>
>> <entry key="decryptionPropFile"
>> value="server_sign.properties"/>
>> </map>
>> </constructor-arg>
>> </bean>
>>
>> Kasper
>>
>>
>> O hEigeartaigh, Colm wrote:
>>>
>>>
>>> Hi Kasper,
>>>
>>> Here's the problem - you generate your keys with:
>>>
>>> "-keypass keyStorePassword"
>>>
>>> Yet your ClientPasswordCallback.java has:
>>>
>>> " pc.setPassword("keyPassword");"
>>>
>>> Change the above to "pc.setPassword("keyStorePassword");" and it
>> should
>>> work ok.
>>>
>>> Colm.
>>>
>>> -----Original Message-----
>>> From: kasperih [mailto:[EMAIL PROTECTED]
>>> Sent: 03 March 2008 19:54
>>> To: [email protected]
>>> Subject: RE: WS-Security - signature problems
>>>
>>>
>>> I have attached all the files that you asked for. Its the entire
>>> folder with all the relvant files.
>>>
>>> - keytool -genkey -alias football-client -keypass keyStorePassword
>>> -keystore client-keystore.jks -storepass keyStorePassword -dname
>>> "cn=football-client" -keyalg RSA
>>>
>>> - keytool -selfcert -alias football-client -keystore
>>> client-keystore.jks - storepass keyStorePassword -keypass
>>> keyStorePassword
>>>
>>> - keytool -export -alias football-client -file key.rsa -keystore
>>> client-keystore.jks -storepass keyStorePassword
>>>
>>> - keytool -import -alias football-client -file key.rsa -keystore
>>> server-keystore.jks -storepass keyStorePassword
>>>
>>>
>>> These are the commands I used in order to create the keys.
>>>
>>>
>>> Regards
>>> Kasper H
>>>
>>>
>>>
>>> O hEigeartaigh, Colm wrote:
>>>>
>>>>
>>>> Can you attach the full code for your sample?
>>>>
>>>> Colm.
>>>>
>>>> -----Original Message-----
>>>> From: Kasper Hansen [mailto:[EMAIL PROTECTED]
>>>> Sent: 03 March 2008 13:30
>>>> To: [email protected]
>>>> Subject: WS-Security - signature problems
>>>>
>>>> I am rather new to using the cxf. I checked out from svn and had a
>>>> look at the samples in the disrubution folder. I didn't find a
> sample
>>>> for the ws-security so I decided to make one myself.
>>>> I started with the UsernameToken and this worked fine, I added the
>>>> logging interceptor and i could see in the SOAP headers that
>>>> everything was working fine. But then I wanted to sign the message,
> I
>>>> followed the instrucions at the cxf page to make the keystores but
i
>>>> cannot get it to work. When I run my server and client, the server
>>>> runs fine and so does the client, but before I saw the messages in
> my
>>>> client windows that was sent but now it seems that nothing gets
> send,
>>>> but there is no errors to see even though I turned logging on the
> log
>>>> ALL.
>>>>
>>>> Here is what i have in my server.xml file:
>>>>
>>>> <bean id="saajIn"
>>>> class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor" />
>>>> <bean id="wss4jIn"
>>>> class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
>>>> <constructor-arg>
>>>> <map>
>>>> <entry key="action" value="UsernameToken Timestamp
>>>> Signature" />
>>>> <entry key="passwordType" value="PasswordDigest" />
>>>> <entry key="passwordCallbackClass"
>>>> value="football.demo.server.ServerPasswordCallback" />
>>>> <entry key="signaturePropFile"
>>>> value="server_sign.properties"/>
>>>> </map>
>>>> </constructor-arg>
>>>> </bean>
>>>>
>>>> <cxf:bus>
>>>> <cxf:inInterceptors>
>>>> <ref bean="saajIn"/>
>>>> <ref bean="wss4jIn"/>
>>>> </cxf:inInterceptors>
>>>> <cxf:features>
>>>> <cxf:logging/>
>>>> </cxf:features>
>>>> </cxf:bus>
>>>> </beans>
>>>>
>>>> And in my client.xml file
>>>>
>>>> <bean id="saajOut"
>>>> class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor" />
>>>> <bean id="wss4jOut"
>>>> class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
>>>> <constructor-arg>
>>>> <map>
>>>> <entry key="action" value="UsernameToken Timestamp
> Signature"
>>> />
>>>> <entry key="user" value="football-client" />
>>>> <entry key="passwordType" value="PasswordDigest" />
>>>> <entry key="passwordCallbackClass"
>>>> value="football.demo.client.ClientPasswordCallback" />
>>>> <entry key="signaturePropFile"
>>> value="client_sign.properties"/>
>>>> </map>
>>>> </constructor-arg>
>>>> </bean>
>>>>
>>>> <cxf:bus>
>>>> <cxf:outInterceptors>
>>>> <ref bean="saajOut"/>
>>>> <ref bean="wss4jOut"/>
>>>> </cxf:outInterceptors>
>>>> <cxf:features>
>>>> <cxf:logging/>
>>>> </cxf:features>
>>>> </cxf:bus>
>>>>
>>>> </beans>
>>>>
>>>>
>>>> Thr request never reaches the server because it doesn't get send,
>> here
>>>> is the last output in the client command prompt:
>>>>
>>>> [java]
>>>> [java] 03-03-2008 14:13:11
>>>> org.apache.cxf.phase.PhaseInterceptorChain doIntercept
>>>> [java] FINE: Invoking handleMessage on interceptor
>>>> org.apache.cxf.jaxws.handler.logical.LogicalHandlerOutIntercepto
>>>> [EMAIL PROTECTED]
>>>> [java] 03-03-2008 14:13:11
>>>> org.apache.cxf.phase.PhaseInterceptorChain doIntercept
>>>> [java] FINE: Invoking handleMessage on interceptor
>>>> [EMAIL PROTECTED]
>>>> [java] 03-03-2008 14:13:11
>>>> org.apache.cxf.phase.PhaseInterceptorChain doIntercept
>>>> [java] FINE: Invoking handleMessage on interceptor
>>>> [EMAIL PROTECTED]
>>>> [java] 03-03-2008 14:13:11
>>>> org.apache.cxf.phase.PhaseInterceptorChain doIntercept
>>>> [java] FINE: Invoking handleMessage on interceptor
>>>> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInt
>>>> [EMAIL PROTECTED]
>>>> [java] 03-03-2008 14:13:11
>>>>
>>>
>>
>
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptor
>>>> Internal
>>>> handleM
>>>> essage
>>>> [java] FINE: WSDoAllSender: enter invoke()
>>>> [java] 03-03-2008 14:13:11
>>>>
>>>
>>
>
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptor
>>>> Internal
>>>> handleM
>>>> essage
>>>> [java] FINE: Action: 35
>>>> [java] 03-03-2008 14:13:11
>>>>
>>>
>>
>
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptor
>>>> Internal
>>>> handleM
>>>> essage
>>>> [java] FINE: Actor: null
>>>> [java] 03-03-2008 14:13:11 org.apache.ws.security.WSSConfig
>>>> loadProvider
>>>> [java] FINE: The provider JuiCE could not be added:
>>>> org.apache.security.juice.provider.JuiCEProviderOpenSSL
>>>> [java] 03-03-2008 14:13:11 org.apache.ws.security.util.Loader
>>>> getResource
>>>> [java] FINE: Trying to find [client_sign.properties] using
>>>> [EMAIL PROTECTED] class loader.
>>>> [java] 03-03-2008 14:13:11
>>>> org.apache.ws.security.components.crypto.CryptoFactory loadClass
>>>> [java] FINE: Using Crypto Engine
>>>> [org.apache.ws.security.components.crypto.Merlin]
>>>> [java] 03-03-2008 14:13:11 org.apache.ws.security.util.Loader
>>>> getResource
>>>> [java] FINE: Trying to find [client-keystore.jks] using
>>>> [EMAIL PROTECTED] class loader.
>>>> [java] 03-03-2008 14:13:11
>>>> org.apache.ws.security.handler.WSHandler doSenderAction
>>>> [java] FINE: Performing Action: 1
>>>> [java] 03-03-2008 14:13:11
>>>> org.apache.ws.security.message.WSSecUsernameToken build
>>>> [java] FINE: Begin add username token...
>>>> [java] 03-03-2008 14:13:11
>>>> org.apache.ws.security.handler.WSHandler doSenderAction
>>>> [java] FINE: Performing Action: 32
>>>> [java] 03-03-2008 14:13:11
>>>> org.apache.ws.security.message.WSSecTimestamp build
>>>> [java] FINE: Begin add timestamp...
>>>> [java] 03-03-2008 14:13:11
>>>> org.apache.ws.security.handler.WSHandler doSenderAction
>>>> [java] FINE: Performing Action: 2
>>>> [java] 03-03-2008 14:13:11
>>>> org.apache.ws.security.message.WSSecSignature build
>>>> [java] FINE: Beginning signing...
>>>> [java] 03-03-2008 14:13:11
>>>> org.apache.ws.security.message.WSSecSignature prepare
>>>> [java] FINE: automatic sig algo detection: RSA
>>>> [java] 03-03-2008 14:13:11
>>>> org.apache.xml.security.algorithms.SignatureAlgorithm <init>
>>>> [java] FINE: Create URI
>>>> "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; class "class
>>>> org.apache.xml.security.algorithm
>>>> s.implementations.SignatureBaseRSA$SignatureRSASHA1"
>>>> [java] 03-03-2008 14:13:11
>>>> org.apache.xml.security.algorithms.JCEMapper translateURItoJCEID
>>>> [java] FINE: Request for URI
>>>> http://www.w3.org/2000/09/xmldsig#rsa-sha1
>>>> [java] 03-03-2008 14:13:11
>>>> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA
>>>> <init>
>>>> [java] FINE: Created SignatureDSA using SHA1withRSA
>>>> [java] 03-03-2008 14:13:11
>>>> org.apache.xml.security.utils.ElementProxy <init>
>>>> [java] FINE: setElement("ds:SignatureMethod", "null")
>>>> [java] 03-03-2008 14:13:11
>>>> org.apache.xml.security.algorithms.SignatureAlgorithm <init>
>>>> [java] FINE: Create URI
>>>> "http://www.w3.org/2000/09/xmldsig#rsa-sha1"; class "class
>>>> org.apache.xml.security.algorithm
>>>> s.implementations.SignatureBaseRSA$SignatureRSASHA1"
>>>> [java] 03-03-2008 14:13:11
>>>> org.apache.xml.security.algorithms.JCEMapper translateURItoJCEID
>>>> [java] FINE: Request for URI
>>>> http://www.w3.org/2000/09/xmldsig#rsa-sha1
>>>> [java] 03-03-2008 14:13:11
>>>> org.apache.xml.security.algorithms.implementations.SignatureBaseRSA
>>>> <init>
>>>> [java] FINE: Created SignatureDSA using SHA1withRSA
>>>>
>>>> BUILD SUCCESSFUL
>>>> Total time: 8 seconds
>>>>
>>>> I would have expected to see a message? Could anyone help me with
>> this
>>>> problem?
>>>>
>>>> Regards
>>>> Kasper H
>>>>
>>>> ----------------------------
>>>> IONA Technologies PLC (registered in Ireland)
>>>> Registered Number: 171387
>>>> Registered Address: The IONA Building, Shelbourne Road, Dublin 4,
>>> Ireland
>>>>
>>>>
>>> http://www.nabble.com/file/p15812284/Football.zip Football.zip
>>> --
>>> View this message in context:
>>>
>>
>
http://www.nabble.com/WS-Security---signature-problems-tp15805470p158122
>>> 84.html
>>> Sent from the cxf-user mailing list archive at Nabble.com.
>>>
>>> ----------------------------
>>> IONA Technologies PLC (registered in Ireland)
>>> Registered Number: 171387
>>> Registered Address: The IONA Building, Shelbourne Road, Dublin 4,
>> Ireland
>>>
>>>
>> http://www.nabble.com/file/p15825240/Football.zip Football.zip
>> --
>> View this message in context:
>>
>
http://www.nabble.com/WS-Security---signature-problems-tp15805470p158252
>> 40.html
>> Sent from the cxf-user mailing list archive at Nabble.com.
>>
>> ----------------------------
>> IONA Technologies PLC (registered in Ireland)
>> Registered Number: 171387
>> Registered Address: The IONA Building, Shelbourne Road, Dublin 4,
> Ireland
>>
>>
>
> --
> View this message in context:
>
http://www.nabble.com/WS-Security---signature-problems-tp15805470p158263
> 96.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>
> ----------------------------
> IONA Technologies PLC (registered in Ireland)
> Registered Number: 171387
> Registered Address: The IONA Building, Shelbourne Road, Dublin 4,
Ireland
>
>
--
View this message in context:
http://www.nabble.com/WS-Security---signature-problems-tp15805470p158271
88.html
Sent from the cxf-user mailing list archive at Nabble.com.
----------------------------
IONA Technologies PLC (registered in Ireland)
Registered Number: 171387
Registered Address: The IONA Building, Shelbourne Road, Dublin 4, Ireland
