-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hi Akos--
You may want to take this question to the Apache Airavata dev list:
[email protected] <mailto:[email protected]> (cc'd).
Marlon
On 10/2/13 5:37 AM, Akos Hajnal wrote:
I don't know what "OA4MP" is, but I guess we use the
same cog-jglobus-1.8.jar-bcprov-jdk14-140.jar libs (downloaded my
maven),
and get
the same Exception.
What is amazing the exception is thrown
in BouncyCastleUtil.getIdentity(X509Certificate cert), in a line
silimar to
if (! (cert instanceof
org.bouncycastle.jce.provider.X509CertificateObject) ) {
System.out.println(cert.getClass()); throw new Exception(); }
and the classname printed is:
"org.bouncycastle.jce.provider.X509CertificateObject". Another X-file...
Regards, Akos Hajnal
2013. október 1., kedd 17:42:05 UTC+2 időpontban Jeff Gaynor a
következőt
írta:
What version of OA4MP are you using and where did you get it from?
Jeff
On 09/30/2013 08:43 AM, Akos Hajnal wrote:
Dear Jeff,ďż˝
I tried:
Security.addProvider(new BouncyCastleProvider());
setProvider("BC");
installSecureRandomProvider();
(the same as static code of�CertUtil)
at the very beginning when my webapp is deployed, but I get the same
exception.
Maybe something stucked earlier. On the first deploy it works without
exception, but never after redeploy.
I use v1.8.
Regards, Akos Hajnal
2013. m�jus 22., szerda 22:58:39 UTC+2 id�pontban Jeff Gaynor a
k�vetkez�t �rta:
Hmmm. You might try the following two lines of code
Security.addProvider(new
org.bouncycastle.jce.provider.BouncyCastleProvider());
CertUtil.setCertFactory(CertificateFactory.getInstance("X.509",
"BC"));
The first call is from java.security and the CertUtil is in OA4MP.ďż˝
This will require that the bouncy castle provider be used. This
should be
used as early in your code as possible, before any OA4MP calls.
There is also a chance this might be a class loader issue, but it
would
be good to check this possibility out first since it is easy.
Jeff
On 05/22/2013 03:26 PM, Amila Jayasekara wrote:
Hi All,
I am getting following error when trying to communicate with MyProxy
server to create credentials.
*An error occurred while retrieving credentials from credential store.
But continuing with password credentials.ďż˝*
*java.lang.IllegalArgumentException: [JGLOBUS-35] Unexpected
certificate
type: "class sun.security.x509.X509CertImpl"*
* at
org.globus.gsi.bc.BouncyCastleUtil.getIdentity(BouncyCastleUtil.java:453)
*
* at
org.globus.gsi.bc.BouncyCastleUtil.getIdentity(BouncyCastleUtil.java:470)
*
* at
org.globus.gsi.GlobusCredential.getIdentity(GlobusCredential.java:401)*
* at
org.globus.gsi.gssapi.GlobusGSSCredentialImpl.<init>(GlobusGSSCredentialImpl.java:70)
*
* at
org.apache.airavata.gfac.utils.MyProxyManager.getCredentialsFromStore(MyProxyManager.java:231)
*
at
org.apache.airavata.gfac.context.security.GSISecurityContext.getGssCredentials(GSISecurityContext.java:82)
at
org.apache.airavata.gfac.handler.GramDirectorySetupHandler.invoke(GramDirectorySetupHandler.java:80)
at
org.apache.airavata.gfac.GFacAPI.invokeInFlowHandlers(GFacAPI.java:132)
at org.apache.airavata.gfac.GFacAPI.schedule(GFacAPI.java:63)
at org.apache.airavata.gfac.GFacAPI.submitJob(GFacAPI.java:53)
at
org.apache.airavata.xbaya.invoker.EmbeddedGFacInvoker.invoke(EmbeddedGFacInvoker.java:334)
at
org.apache.airavata.xbaya.interpretor.WorkflowInterpreter.handleWSComponent(WorkflowInterpreter.java:710)
at
org.apache.airavata.xbaya.interpretor.WorkflowInterpreter.executeDynamically(WorkflowInterpreter.java:530)
at
org.apache.airavata.xbaya.interpretor.WorkflowInterpreter.access$000(WorkflowInterpreter.java:89)
at
org.apache.airavata.xbaya.interpretor.WorkflowInterpreter$1.run(WorkflowInterpreter.java:197)
In�*org.apache.airavata.gfac.utils.MyProxyManager*�I have
following
code;
X509Certificate[] certificates = new X509Certificate[1];
certificates[0] = <certificate from oa4mp>
GlobusCredential newCredential = new GlobusCredential(<privateKey
from oa4mp>,
ďż˝ ďż˝ ďż˝ ďż˝ ďż˝ ďż˝ ďż˝ ďż˝ ďż˝ ďż˝ ďż˝ ďż˝ certificates);
return new GlobusGSSCredentialImpl(newCredential,
� � � � � � �GSSCredential.INITIATE_AND_ACCEPT);
I debugged and confirmed that the assetResponse returned by OA4MP
server has "*sun.security.x509.X509CertImpl" *object type.
What am I doing wrong here ?
Any help to resolve this issue is appreciated.
Thanks in advance.
Regards,
Amilaďż˝
--
You received this message because you are subscribed to the Google
Groups
"science gateway security discussion" group.
To unsubscribe from this group and stop receiving emails from it,
send an
email to [email protected]
<http://sciencegatewaysecurity.org>.
Visit this group at
http://groups.google.com/a/sciencegatewaysecurity.org/group/discuss/?hl=en-US
.
ďż˝
ďż˝
--
You received this message because you are subscribed to the Google
Groups
"science gateway security discussion" group.
To unsubscribe from this group and stop receiving emails from it,
send an
email to [email protected] <javascript:>.
Visit this group at
http://groups.google.com/a/sciencegatewaysecurity.org/group/discuss/.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG/MacGPG2 v2.0.18 (Darwin)
Comment: GPGTools - http://gpgtools.org
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iQEcBAEBAgAGBQJSTBUTAAoJEOEgD2XReDo5zskH/jebarHRrjMG2XBCB43PEH0A
2MY+zfrS1YieGGeFggRUV1j10iirn2doDPtvIfek1P8hXWbzHd7AAX0vMwvaVi+4
05J0Ydj3a+wGObGqd3h6rYmr535jmkWvgL7NhnSqvQfYbAi/0SxrUjW8fTadFNvg
d139jrKsmYEpnRg2gWxERfi1jqQoJw1ZrXgbvytoL7+nXNC4/z6YoEQy8EwwG3LC
oW6H480imcQGQOlCnW1ZrOIz8M2RecR/rvlt+0Cic1565e0GyzkUReHCnSgOPU5v
hi9+ZguHPl6oEFfwn+3BpoAhD/2+1evqzefm9rw2Bs9G2OiooqFKfmHFvzjVYQA=
=d026
-----END PGP SIGNATURE-----
--
You received this message because you are subscribed to the Google
Groups "science gateway security discussion" group.
To unsubscribe from this group and stop receiving emails from it,
send an email to [email protected].
Visit this group at
http://groups.google.com/a/sciencegatewaysecurity.org/group/discuss/.
