Hi,
I gave the below a try, unfortunately it doesn't solve the entire problem :(
I copied the java.security file out of my jdk's lib folder and
re-ordered the providers as indicated in case that was causing an
issue.
The error report is below:
testTimestampSignEncrypt(org.apache.servicemix.camel.nmr.ws.security.WSSecurityTest)
Time elapsed: 13.989 sec <<< ERROR!
javax.xml.ws.WebServiceException: Could not send Message.
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:135)
at $Proxy69.sayHi(Unknown Source)
at
org.apache.servicemix.camel.nmr.ws.security.WSSecurityTest.testTimestampSignEncrypt(WSSecurityTest.java:137)
... cut some trace here ...
at org.apache.maven.surefire.booter.SurefireBooter.main(SurefireBooter.java:875)
Caused by: java.io.IOException: Server returned HTTP response code:
500 for URL: http://localhost:19000/SOAPServiceWSSecurity/T
imestampSignEncrypt
Port 19000 is not in use by any other process on the system so there
should not have been any bind type issues occurring here.
J
On Tue, Apr 20, 2010 at 10:41 PM, Freeman Fang <[email protected]> wrote:
> Hi,
>
> I believe security test for IBM JDK, we should specify the order for
> Cryptography Package Providers.
>
> Something like
> add file
> src/test/resources/ibm.security
> wtih content
> # On the ibm jdk, we want to place IBMJCE before IBMJSSEProvider2 in the
> # list
> security.provider.1=com.ibm.crypto.provider.IBMJCE
> security.provider.2=com.ibm.jsse2.IBMJSSEProvider2
>
> then add ibmjdk profile to pom.xml like
>
> <profiles>
> <profile>
> <id>ibmjdk</id>
> <activation>
> <property>
> <name>java.vendor</name>
> <value>IBM Corporation</value>
> </property>
> </activation>
> <build>
> <plugins>
> <plugin>
> <groupId>org.apache.maven.plugins</groupId>
> <artifactId>maven-surefire-plugin</artifactId>
> <configuration>
> <forkMode>pertest</forkMode>
> <systemProperties>
>
> <property>
> <name>java.security.properties</name>
> <value>${basedir}/target/test-classes/ibm.security</value>
> </property>
>
> </systemProperties>
> </configuration>
> </plugin>
>
> </plugins>
> </build>
> </profile>
> </profiles>
>
> Could you please do a test with this configuration?
>
> Thanks
> Freeman
>
> On 2010-4-21, at 上午3:17, Jamie G. wrote:
>
>> Just tested on AIX 5.3 with JDK 1.5.0 IBM J9 2.3 AIX ppc-32 and the
>> test case fails.
>>
>> Tests in error:
>>
>> testTimestampSignEncrypt(org.apache.servicemix.camel.nmr.ws.security.WSSecurityTest)
>>
>> On Mon, Apr 19, 2010 at 11:33 PM, Freeman Fang <[email protected]>
>> wrote:
>>>
>>> Hi Chris,
>>>
>>> Thanks.
>>> Just add the affected java version for Google to see.
>>> Java 1.5 update 6 and java 1.6 update 1(Occurred in Dec 2009) for Mac
>>> break wss4j.
>>>
>>> Freeman
>>> On 2010-4-20, at 上午6:18, Chris Custine wrote:
>>>
>>>> Hi All,
>>>> I spent a fair amount of time resolving this issue today while releasing
>>>> SMX
>>>> 4.2 so I thought it was worth documenting here for all of Google to see.
>>>>
>>>> While running unit tests in the SMX 4 features module, I could not get
>>>> the
>>>> WSSecurityTest to pass on Mac OSX although it appeared to work
>>>> flawlessly
>>>> on
>>>> Linux. It turns out that Apple changed the default storepass on the
>>>> cacerts
>>>> keystore in a recent update, and this is different from the original Sun
>>>> default so some applications will have issues on Mac OSX after this
>>>> update.
>>>> In this case the issue is WSS4J but there isn't really anything they can
>>>> do
>>>> about it. Therefore the solution is to run the following command to
>>>> change
>>>> the password back to the original defaults:
>>>>
>>>> sudo keytool -storepasswd -new changeit
>>>> -keystore
>>>>
>>>> /System/Library/Frameworks/JavaVM.framework/Resources/Deploy.bundle/Contents/Home/lib/security/cacerts
>>>> -storepass
>>>> changeme
>>>>
>>>> After this, all of the security tests will function properly :-)
>>>>
>>>> Hope this helps!
>>>>
>>>> Chris
>>>>
>>>> --
>>>> Chris Custine
>>>> FUSESource :: http://fusesource.com
>>>> My Blog :: http://blog.organicelement.com
>>>> Apache ServiceMix :: http://servicemix.apache.org
>>>> Apache Felix :: http://felix.apache.org
>>>> Apache Directory Server :: http://directory.apache.org
>>>
>>>
>>> --
>>> Freeman Fang
>>> ------------------------
>>> Open Source SOA: http://fusesource.com
>>>
>>>
>
>
> --
> Freeman Fang
> ------------------------
> Open Source SOA: http://fusesource.com
>
>
