Hi,
I was hoping someone could shed some light on the cause of the exception
attached in the text file "JavaStack.txt".
I'm using the WSS4J API to decode a message with signed body and time stamp
and encrypted body (using Certificates).
It happens in the method decodeSOAP on the line:
results =
this.secEngine.processSecurityHeader(doc,null,this.callbackHandler,this.cryp
to);
I've dug down a little and I think it is trying to invoke a method that does
not exist - but I don't have the skills to setup my Java installation so I
can set a break point within the Reflection API.
I've attached a good bit of the source, but it is in the decodeSOAP method -
where I presume I have forgotten to initialise some aspect of the Wss4J
interface
Anyone know what I've not done?
Thanks
Adrian
09:02:25.691 [main] DEBUG o.a.w.d.processor.SignatureProcessor - Verify XML
Signature
09:02:25.722 [main] DEBUG org.apache.wss4j.common.util.Loader - Trying to find
[wss4j-ehcache.xml] using sun.misc.Launcher$AppClassLoader@550a6723 class
loader.
Failed in processSecurityHeader block:
java.lang.reflect.InvocationTargetException
failed: java.lang.reflect.InvocationTargetException
org.apache.wss4j.common.ext.WSSecurityException:
java.lang.reflect.InvocationTargetException
Original Exception was net.sf.ehcache.CacheException:
java.lang.reflect.InvocationTargetException
at
org.apache.wss4j.dom.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:446)
at
org.apache.wss4j.dom.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:446)
at
org.apache.wss4j.dom.processor.SignatureProcessor.handleToken(SignatureProcessor.java:233)
at
org.apache.wss4j.dom.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:427)
at
org.apache.wss4j.dom.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:309)
at
org.apache.wss4j.dom.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:254)
at
org.apache.wss4j.dom.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:208)
at SecurityManager.decodeSOAP(SecurityManager.java:212)
at SecurityManager.handleMessage(SecurityManager.java:102)
at SecurityManager.handleMessage(SecurityManager.java:48)
at
com.sun.xml.internal.ws.handler.HandlerProcessor.callHandleMessageReverse(HandlerProcessor.java:326)
at
com.sun.xml.internal.ws.handler.HandlerProcessor.callHandlersResponse(HandlerProcessor.java:199)
at
com.sun.xml.internal.ws.handler.ClientSOAPHandlerTube.callHandlersOnResponse(ClientSOAPHandlerTube.java:148)
at
com.sun.xml.internal.ws.handler.HandlerTube.processResponse(HandlerTube.java:149)
at com.sun.xml.internal.ws.api.pipe.Fiber.__doRun(Fiber.java:636)
at com.sun.xml.internal.ws.api.pipe.Fiber._doRun(Fiber.java:585)
at com.sun.xml.internal.ws.api.pipe.Fiber.doRun(Fiber.java:570)
at com.sun.xml.internal.ws.api.pipe.Fiber.runSync(Fiber.java:467)
at com.sun.xml.internal.ws.client.Stub.process(Stub.java:308)
at com.sun.xml.internal.ws.client.sei.SEIStub.doProcess(SEIStub.java:163)
at
com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:98)
at
com.sun.xml.internal.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:78)
at com.sun.xml.internal.ws.client.sei.SEIStub.invoke(SEIStub.java:135)
at com.sun.proxy.$Proxy22.driverDetailsOperation(Unknown Source)
at Driver.main(Driver.java:96)
Caused by: net.sf.ehcache.CacheException:
java.lang.reflect.InvocationTargetException
at
org.apache.wss4j.common.cache.EHCacheManagerHolder.createCacheManager(EHCacheManagerHolder.java:165)
at
org.apache.wss4j.common.cache.EHCacheManagerHolder.getCacheManager(EHCacheManagerHolder.java:101)
at
org.apache.wss4j.common.cache.EHCacheReplayCache.<init>(EHCacheReplayCache.java:43)
at
org.apache.wss4j.common.cache.EHCacheReplayCacheFactory.newReplayCache(EHCacheReplayCacheFactory.java:31)
at
org.apache.wss4j.dom.handler.RequestData.createCache(RequestData.java:373)
at
org.apache.wss4j.dom.handler.RequestData.getTimestampReplayCache(RequestData.java:364)
at
org.apache.wss4j.dom.processor.SignatureProcessor.testMessageReplay(SignatureProcessor.java:647)
at
org.apache.wss4j.dom.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:416)
... 23 more
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:606)
at
org.apache.wss4j.common.cache.EHCacheManagerHolder.createCacheManager(EHCacheManagerHolder.java:163)
... 30 more
Caused by: java.lang.NoSuchMethodError:
org.slf4j.helpers.MessageFormatter.arrayFormat(Ljava/lang/String;[Ljava/lang/Object;)Lorg/slf4j/helpers/FormattingTuple;
at
ch.qos.logback.classic.spi.LoggingEvent.getFormattedMessage(LoggingEvent.java:298)
at
ch.qos.logback.classic.spi.LoggingEvent.prepareForDeferredProcessing(LoggingEvent.java:208)
at
ch.qos.logback.core.OutputStreamAppender.subAppend(OutputStreamAppender.java:212)
at
ch.qos.logback.core.OutputStreamAppender.append(OutputStreamAppender.java:103)
at
ch.qos.logback.core.UnsynchronizedAppenderBase.doAppend(UnsynchronizedAppenderBase.java:88)
at
ch.qos.logback.core.spi.AppenderAttachableImpl.appendLoopOnAppenders(AppenderAttachableImpl.java:48)
at ch.qos.logback.classic.Logger.appendLoopOnAppenders(Logger.java:273)
at ch.qos.logback.classic.Logger.callAppenders(Logger.java:260)
at ch.qos.logback.classic.Logger.buildLoggingEventAndAppend(Logger.java:442)
at ch.qos.logback.classic.Logger.filterAndLog_1(Logger.java:414)
at ch.qos.logback.classic.Logger.warn(Logger.java:717)
at
net.sf.ehcache.config.ConfigurationFactory.parseConfiguration(ConfigurationFactory.java:136)
at net.sf.ehcache.CacheManager.newInstance(CacheManager.java:854)
... 35 more/*
* To change this license header, choose License Headers in Project Properties.
* To change this template file, choose Tools | Templates
* and open the template in the editor.
*/
import java.util.Set;
import java.util.List;
import java.util.ArrayList;
import java.util.HashSet;
import java.security.cert.*;
import javax.xml.namespace.QName;
import javax.xml.soap.*;
import javax.xml.ws.handler.MessageContext;
import javax.xml.ws.handler.soap.SOAPHandler;
import javax.xml.ws.handler.soap.SOAPMessageContext;
import javax.xml.transform.dom.DOMSource;
import javax.xml.transform.OutputKeys;
import javax.xml.transform.Transformer;
import javax.xml.transform.TransformerException;
import javax.xml.transform.TransformerFactory;
import javax.xml.transform.stream.StreamResult;
import javax.security.auth.callback.CallbackHandler;
import org.apache.wss4j.common.crypto.*;
import org.apache.wss4j.dom.WSConstants;
import org.apache.wss4j.dom.SOAPConstants;
import org.apache.wss4j.dom.message.*;
import org.apache.wss4j.common.ext.WSSecurityException;
import org.apache.wss4j.common.WSEncryptionPart;
import org.apache.wss4j.dom.WSSecurityEngine;
import org.apache.wss4j.dom.WSSecurityEngineResult;
import org.apache.wss4j.dom.WSSConfig;
import org.apache.wss4j.dom.handler.RequestData;
import org.w3c.dom.Document;
import org.w3c.dom.Node;
/**
*
* @author awilliamson
*/
public class SecurityManager implements SOAPHandler<SOAPMessageContext> {
static BallKeyStore keysRSA = new BallKeyStore();
private Node root = null;
private Crypto crypto = null;
private WSSecurityEngine secEngine = new WSSecurityEngine();
private CallbackHandler callbackHandler = new PWCallback();
private RequestData requestData = new RequestData();
public SecurityManager(){
try {
//Where will I put the properties file?
this.crypto = CryptoFactory.getInstance("Ball.properties");
}
catch (WSSecurityException e)
{
System.err.println("Crypto crypto =
CryptoFactory.getInstance(\"Ball.properties\"): " + e.getMessage());
}
this.secEngine.setWssConfig(WSSConfig.getNewInstance());
//I don't think this is needed by the processSecurityHeader mechanism
used
this.requestData.setWssConfig(this.secEngine.getWssConfig());
}
@Override
public boolean handleMessage(SOAPMessageContext context) {
Boolean outbound = (Boolean)
context.get(MessageContext.MESSAGE_OUTBOUND_PROPERTY);
SOAPMessage message = context.getMessage();
if (outbound) {
System.out.println("SOAP message departingÂ…");
//Get the body and scramble it with the certifcate, then push it back
in.
try {
message = this.encodeSOAP(message);
message.writeTo(System.out);
System.out.println();
} catch (Exception e) {
System.out.println(e);
e.printStackTrace();
}
} else {
System.out.println("SOAP message incomingÂ…");
try {
message.writeTo(System.out);
System.out.println();
message = this.decodeSOAP(message);
} catch (Exception e) {
System.out.println(e);
e.printStackTrace();
}
}
return true;
}
@Override
public boolean handleFault(SOAPMessageContext context) {
return true;
}
@Override
public void close(MessageContext context) {
}
@Override
public Set<QName> getHeaders() {
//return Collections.emptySet();
QName securityHeader = new
QName("http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";,
"Security", "wsse");
HashSet<QName> headers = new HashSet<QName>();
headers.add(securityHeader);
return headers;
}
private SOAPMessage encodeSOAP(SOAPMessage soapMessage) throws Exception {
SOAPPart soapPart = soapMessage.getSOAPPart();
SOAPEnvelope soapEnvelope = soapPart.getEnvelope();
WSSecEncrypt builder = new WSSecEncrypt();
WSSecTimestamp builderTS = new WSSecTimestamp();
WSSecSignature builderSig = new WSSecSignature();
java.security.cert.X509Certificate recipientCert = (X509Certificate)
keysRSA.getks().getCertificate("wsstestservice");
java.security.cert.X509Certificate ourCert = (X509Certificate)
keysRSA.getks().getCertificate("wsstest");
builder.setUseThisCert(recipientCert);
builder.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
builder.setSymmetricEncAlgorithm(WSConstants.TRIPLE_DES);
builderTS.setTimeToLive(5000);
Document doc = soapEnvelope.getOwnerDocument();
org.apache.wss4j.dom.message.WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
{//Sign the Timestamp and the body this block replaces
builderSig.build(doc, crypto, secHeader)
builderSig.setX509Certificate(ourCert);
builderSig.setUserInfo("wsstest", "password1");
builderSig.setKeyIdentifierType(WSConstants.BST_DIRECT_REFERENCE);
SOAPConstants soapConstants =
org.apache.wss4j.dom.util.WSSecurityUtil.getSOAPConstants(doc.getDocumentElement());
List<WSEncryptionPart> wsEncryptionParts = new
ArrayList<WSEncryptionPart>();
WSEncryptionPart wsEncryptionPart = new WSEncryptionPart(
soapConstants.getBodyQName().getLocalPart(),
soapConstants.getEnvelopeURI(), "Content");
wsEncryptionParts.add(wsEncryptionPart);
builderTS.build(doc, secHeader);
wsEncryptionParts.add(new WSEncryptionPart(builderTS.getId()));
builderSig.setParts(wsEncryptionParts);
builderSig.setUseSingleCertificate(true);
builderSig.prepare(doc, this.crypto, secHeader);
builderSig.appendBSTElementToHeader(secHeader);
List<javax.xml.crypto.dsig.Reference> referenceList =
builderSig.addReferencesToSign(wsEncryptionParts, secHeader);
builderSig.computeSignature(referenceList);
}
try
{
builder.build(doc, this.crypto, secHeader);
}
catch (WSSecurityException e)
{
System.err.println("Failed in builder block: " + e.getMessage());
e.printStackTrace();
System.exit(1);
}
return soapMessage;
}
private SOAPMessage decodeSOAP(SOAPMessage soapMessage) throws Exception {
SOAPPart soapPart = soapMessage.getSOAPPart();
SOAPEnvelope soapEnvelope = soapPart.getEnvelope();
Document doc = soapEnvelope.getOwnerDocument();
//Process Header...
List<WSSecurityEngineResult> results = null;
try
{
results =
this.secEngine.processSecurityHeader(doc,null,this.callbackHandler,this.crypto);
}
catch (WSSecurityException e)
{
System.err.println("Failed in processSecurityHeader block: " +
e.getMessage());
e.printStackTrace();
System.exit(1);
}
if (results==null)
{
//failed?
}
//Process Body...
return soapMessage;
};
private static void dumpDocument(Node root) throws TransformerException {
Transformer transformer = TransformerFactory.newInstance().newTransformer();
transformer.setOutputProperty(OutputKeys.INDENT, "yes");
transformer.transform(new DOMSource(root), new StreamResult(System.out));
}
}
********************* Callback Handler *******************************
import java.io.IOException;
import javax.security.auth.callback.Callback;
import javax.security.auth.callback.CallbackHandler;
import javax.security.auth.callback.UnsupportedCallbackException;
import org.apache.wss4j.common.ext.WSPasswordCallback;
public class PWCallback implements CallbackHandler {
public void handle(Callback[] callbacks)
throws IOException, UnsupportedCallbackException {
for (int i = 0; i < callbacks.length; i++) {
if (callbacks[i] instanceof WSPasswordCallback) {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[i];
if (pc.getUsage() == WSPasswordCallback.DECRYPT) {
pc.setPassword("password1");
}
else {
throw new UnsupportedCallbackException(
callbacks[i], "Unrecognized Usage: " + pc.getUsage());
}
} else {
throw new UnsupportedCallbackException(
callbacks[i], "Unrecognized Callback");
}
}
}
}
******************* Snippets from the stack dump
**************************************
static CacheManager createCacheManager() throws CacheException {
try {
return (CacheManager)cacheManagerCreateMethodNoArg.invoke(null,
(Object[])null);
} catch (Exception e) {
throw new CacheException(e);
}
}
@CallerSensitive
public Object invoke(Object obj, Object... args)
throws IllegalAccessException, IllegalArgumentException,
InvocationTargetException
{
if (!override) {
if (!Reflection.quickCheckMemberAccess(clazz, modifiers)) {
// Until there is hotspot @CallerSensitive support
// can't call Reflection.getCallerClass() here
// Workaround for now: add a frame getCallerClass to
// make the caller at stack depth 2
Class<?> caller = getCallerClass();
checkAccess(caller, clazz, obj, modifiers);
}
}
MethodAccessor ma = methodAccessor; // read volatile
if (ma == null) {
ma = acquireMethodAccessor();
}
return ma.invoke(obj, args);
}
package sun.reflect;
import java.lang.reflect.InvocationTargetException;
public interface MethodAccessor {
public Object invoke(Object o, Object[] os) throws
IllegalArgumentException, InvocationTargetException;
}
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
