Hi,
Seemed the policy of the my proxy faulty. Corrected it and "Service Crypto"
Exceptions are no longer thrown. But instead gets a different Exception as
following.
* NativeWorkerPool Uncaught exception*
*java.lang.NullPointerException*
* at
org.apache.ws.security.message.token.X509Security.getX509Certificate(X509Security.java:94)*
* at
org.apache.ws.security.processor.BinarySecurityTokenProcessor.getCertificatesTokenReference(BinarySecurityTokenProcessor.java:109)*
* at
org.apache.ws.security.processor.BinarySecurityTokenProcessor.handleToken(BinarySecurityTokenProcessor.java:84)*
* at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:332)*
* at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:249)*
* at org.apache.rampart.RampartEngine.process(RampartEngine.java:214)*
* at
org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92)*
* at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)*
* at org.apache.axis2.engine.Phase.invoke(Phase.java:313)*
* at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261)*
* at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:167)*
* at
org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:403)*
* at
org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:183)*
* at
org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)*
* at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)*
* at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)*
* at java.lang.Thread.run(Thread.java:722)*
This has been discussed in [1] as well. But unlike in [1], in my case, both
the client's and the server's policy is the same. (use the same policy.xml
file, which I have attached herewith).
[1] https://wso2.org/jira/browse/CARBON-9224
Regards,
Supun
On Fri, Apr 25, 2014 at 3:15 PM, Supun Sethunga <[email protected]> wrote:
> Hi,
>
> The above "Read time out" exception at the client side seems to occurs due
> to the following Exception thrown at the server side (ESB server).
>
> *[2014-04-25 15:04:19,321] ERROR - ServerCrypto error creating ServerCryto*
> *java.lang.NullPointerException*
> * at java.security.Provider$ServiceKey.<init>(Provider.java:517)*
> * at java.security.Provider$ServiceKey.<init>(Provider.java:510)*
> * at java.security.Provider.getService(Provider.java:684)*
> * at sun.security.jca.ProviderList.getService(ProviderList.java:331)*
> * at sun.security.jca.GetInstance.getInstance(GetInstance.java:157)*
> * at java.security.Security.getImpl(Security.java:695)*
> * at java.security.KeyStore.getInstance(KeyStore.java:613)*
> * at
> org.wso2.carbon.core.util.KeyStoreManager.getKeyStore(KeyStoreManager.java:138)*
> * at
> org.wso2.carbon.security.util.ServerCrypto.<init>(ServerCrypto.java:124)*
> * at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
> Method)*
> * at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)*
> * at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)*
> * at java.lang.reflect.Constructor.newInstance(Constructor.java:525)*
> * at
> org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:217)*
> * at
> org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:95)*
> * at
> org.apache.rampart.util.RampartUtil.getSignatureCrypto(RampartUtil.java:390)*
> * at org.apache.rampart.RampartEngine.process(RampartEngine.java:162)*
> * at
> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92)*
> * at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)*
> * at org.apache.axis2.engine.Phase.invoke(Phase.java:313)*
> * at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261)*
> * at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:167)*
> * at
> org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:403)*
> * at
> org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:183)*
> * at
> org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)*
> * at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)*
> * at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)*
> * at java.lang.Thread.run(Thread.java:722)*
> *[2014-04-25 15:04:19,323] ERROR - NativeWorkerPool Uncaught exception*
> *java.lang.RuntimeException: org.wso2.carbon.security.util.ServerCrypto
> cannot create instance*
> * at
> org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:231)*
> * at
> org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:95)*
> * at
> org.apache.rampart.util.RampartUtil.getSignatureCrypto(RampartUtil.java:390)*
> * at org.apache.rampart.RampartEngine.process(RampartEngine.java:162)*
> * at
> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92)*
> * at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)*
> * at org.apache.axis2.engine.Phase.invoke(Phase.java:313)*
> * at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261)*
> * at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:167)*
> * at
> org.apache.synapse.transport.passthru.ServerWorker.processEntityEnclosingRequest(ServerWorker.java:403)*
> * at
> org.apache.synapse.transport.passthru.ServerWorker.run(ServerWorker.java:183)*
> * at
> org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)*
> * at
> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)*
> * at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)*
> * at java.lang.Thread.run(Thread.java:722)*
> *Caused by: java.lang.reflect.InvocationTargetException*
> * at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native
> Method)*
> * at
> sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)*
> * at
> sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)*
> * at java.lang.reflect.Constructor.newInstance(Constructor.java:525)*
> * at
> org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:217)*
> * ... 14 more*
> *Caused by: org.apache.ws.security.components.crypto.CredentialException:
> Failed to load credentials.*
> * at
> org.wso2.carbon.security.util.ServerCrypto.<init>(ServerCrypto.java:131)*
> * ... 19 more*
> *Caused by: java.lang.NullPointerException*
> * at java.security.Provider$ServiceKey.<init>(Provider.java:517)*
> * at java.security.Provider$ServiceKey.<init>(Provider.java:510)*
> * at java.security.Provider.getService(Provider.java:684)*
> * at sun.security.jca.ProviderList.getService(ProviderList.java:331)*
> * at sun.security.jca.GetInstance.getInstance(GetInstance.java:157)*
> * at java.security.Security.getImpl(Security.java:695)*
> * at java.security.KeyStore.getInstance(KeyStore.java:613)*
> * at
> org.wso2.carbon.core.util.KeyStoreManager.getKeyStore(KeyStoreManager.java:138)*
> * at
> org.wso2.carbon.security.util.ServerCrypto.<init>(ServerCrypto.java:124)*
> * ... 19 more*
>
> Any idea what causes this?
>
> Thanks,
> Supun
>
>
>
> On Fri, Apr 25, 2014 at 12:54 PM, Supun Sethunga <[email protected]> wrote:
>
>> Hi Milinda,
>>
>> Follow is the complete error stack trace.
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>>
>> *Exception in thread "main" org.apache.axis2.AxisFault: Read timed out
>> at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430) at
>> org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:197)
>> at org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75)
>> at
>> org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:404)
>> at
>> org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:231)
>> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:443) at
>> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:406)
>> at
>> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
>> at
>> org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
>> at
>> client.SecureOrderProcessServiceStub.makeOrder(SecureOrderProcessServiceStub.java:463)
>> at
>> client.SecureOrderProcessClient.makeOrder(SecureOrderProcessClient.java:134)
>> at
>> client.SecureOrderProcessClient.main(SecureOrderProcessClient.java:55)Caused
>> by: java.net.SocketTimeoutException: Read timed out at
>> java.net.SocketInputStream.socketRead0(Native Method) at
>> java.net.SocketInputStream.read(SocketInputStream.java:150) at
>> java.net.SocketInputStream.read(SocketInputStream.java:121) at
>> sun.security.ssl.InputRecord.readFully(InputRecord.java:312) at
>> sun.security.ssl.InputRecord.read(InputRecord.java:350) at
>> sun.security.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:927) at
>> sun.security.ssl.SSLSocketImpl.readDataRecord(SSLSocketImpl.java:884)
>> at sun.security.ssl.AppInputStream.read(AppInputStream.java:102) at
>> java.io.BufferedInputStream.fill(BufferedInputStream.java:235) at
>> java.io.BufferedInputStream.read(BufferedInputStream.java:254) at
>> org.apache.commons.httpclient.HttpParser.readRawLine(HttpParser.java:78)
>> at
>> org.apache.commons.httpclient.HttpParser.readLine(HttpParser.java:106)
>> at
>> org.apache.commons.httpclient.HttpConnection.readLine(HttpConnection.java:1116)
>> at
>> org.apache.commons.httpclient.MultiThreadedHttpConnectionManager$HttpConnectionAdapter.readLine(MultiThreadedHttpConnectionManager.java:1413)
>> at
>> org.apache.commons.httpclient.HttpMethodBase.readStatusLine(HttpMethodBase.java:1973)
>> at
>> org.apache.commons.httpclient.HttpMethodBase.readResponse(HttpMethodBase.java:1735)
>> at
>> org.apache.commons.httpclient.HttpMethodBase.execute(HttpMethodBase.java:1098)
>> at
>> org.apache.commons.httpclient.HttpMethodDirector.executeWithRetry(HttpMethodDirector.java:398)
>> at
>> org.apache.commons.httpclient.HttpMethodDirector.executeMethod(HttpMethodDirector.java:171)
>> at
>> org.apache.commons.httpclient.HttpClient.executeMethod(HttpClient.java:397)
>> at
>> org.apache.axis2.transport.http.AbstractHTTPSender.executeMethod(AbstractHTTPSender.java:621)
>> at
>> org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:193)
>> ... 10 more*
>>
>> Please find the attachment for the updated code.
>>
>> Thanks,
>>
>>
>> On Fri, Apr 25, 2014 at 12:46 PM, Milinda Perera <[email protected]>wrote:
>>
>>> Hi Supun,
>>>
>>> can you send complete error stack trace and updated code.
>>>
>>> Thanks,
>>> Milinda
>>>
>>>
>>> On Fri, Apr 25, 2014 at 12:19 PM, Supun Sethunga <[email protected]>wrote:
>>>
>>>> Hi Malinda,
>>>>
>>>> Still gives the same exception.
>>>>
>>>> Thanks,
>>>>
>>>>
>>>> On Fri, Apr 25, 2014 at 11:56 AM, Milinda Perera <[email protected]>wrote:
>>>>
>>>>> Hi,
>>>>>
>>>>> I think problem is in endpoint. Try It with https endpoint.
>>>>>
>>>>> Thanks
>>>>>
>>>>>
>>>>> On Fri, Apr 25, 2014 at 11:49 AM, Supun Sethunga <[email protected]>wrote:
>>>>>
>>>>>> attached is the client.
>>>>>>
>>>>>> Thanks!
>>>>>>
>>>>>>
>>>>>> On Fri, Apr 25, 2014 at 11:39 AM, Roshan Wijesena <[email protected]>wrote:
>>>>>>
>>>>>>> can you attache your client also ..
>>>>>>>
>>>>>>>
>>>>>>> On Fri, Apr 25, 2014 at 11:14 AM, Supun Sethunga
>>>>>>> <[email protected]>wrote:
>>>>>>>
>>>>>>>> Hi,
>>>>>>>>
>>>>>>>> Im trying to secure a non-secured back-end service using a proxy.
>>>>>>>> When i create a secure proxy with policies from the ESB and execute the
>>>>>>>> client, i get the following exception.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> *Exception in thread "main" org.apache.axis2.AxisFault: Read timed
>>>>>>>> out at org.apache.axis2.AxisFault.makeFault(AxisFault.java:430)
>>>>>>>> at
>>>>>>>> org.apache.axis2.transport.http.HTTPSender.sendViaPost(HTTPSender.java:197)
>>>>>>>> at
>>>>>>>> org.apache.axis2.transport.http.HTTPSender.send(HTTPSender.java:75)
>>>>>>>> at
>>>>>>>> org.apache.axis2.transport.http.CommonsHTTPTransportSender.writeMessageWithCommons(CommonsHTTPTransportSender.java:404)
>>>>>>>> at
>>>>>>>> org.apache.axis2.transport.http.CommonsHTTPTransportSender.invoke(CommonsHTTPTransportSender.java:231)
>>>>>>>> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:443)*
>>>>>>>> ...
>>>>>>>> ...
>>>>>>>>
>>>>>>>> For the testing purpose, when I create a simple pass through proxy
>>>>>>>> and execute the client, the sent message actually reaches the proxy
>>>>>>>> with
>>>>>>>> all the security headers. (checked using ESB SOAP tracer). So I guess
>>>>>>>> my
>>>>>>>> client works fine.
>>>>>>>>
>>>>>>>> But the SOAP tracer in ESB does not track the message sent when the
>>>>>>>> secure proxy (with policy applied) is used.
>>>>>>>>
>>>>>>>> Any idea on what causes this exception?
>>>>>>>>
>>>>>>>> I have attached the policy file herewith.
>>>>>>>>
>>>>>>>> Thanks,
>>>>>>>> Supun
>>>>>>>>
>>>>>>>> --
>>>>>>>> *Supun Sethunga*
>>>>>>>> Software Engineer
>>>>>>>> WSO2, Inc.
>>>>>>>> lean | enterprise | middleware
>>>>>>>> Mobile : +94 716546324
>>>>>>>>
>>>>>>>> _______________________________________________
>>>>>>>> Dev mailing list
>>>>>>>> [email protected]
>>>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Best Regards,
>>>>>>> Senior Software Engineer-WSO2 Inc.
>>>>>>> Roshan Wijesena
>>>>>>> Mobile: *+94752126789*
>>>>>>> Email: [email protected]
>>>>>>> *WSO2, Inc. :** wso2.com <http://wso2.com/>*
>>>>>>> lean.enterprise.middleware.
>>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> *Supun Sethunga*
>>>>>> Software Engineer
>>>>>> WSO2, Inc.
>>>>>> lean | enterprise | middleware
>>>>>> Mobile : +94 716546324
>>>>>>
>>>>>> _______________________________________________
>>>>>> Dev mailing list
>>>>>> [email protected]
>>>>>> http://wso2.org/cgi-bin/mailman/listinfo/dev
>>>>>>
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Milinda Perera
>>>>> Software Engineer;
>>>>> WSO2 Inc. http://wso2.com ,
>>>>> Mobile: (+94) 714 115 032
>>>>>
>>>>>
>>>>
>>>>
>>>> --
>>>> *Supun Sethunga*
>>>> Software Engineer
>>>> WSO2, Inc.
>>>> lean | enterprise | middleware
>>>> Mobile : +94 716546324
>>>>
>>>
>>>
>>>
>>> --
>>> Milinda Perera
>>> Software Engineer;
>>> WSO2 Inc. http://wso2.com ,
>>> Mobile: (+94) 714 115 032
>>>
>>>
>>
>>
>> --
>> *Supun Sethunga*
>> Software Engineer
>> WSO2, Inc.
>> lean | enterprise | middleware
>> Mobile : +94 716546324
>>
>
>
>
> --
> *Supun Sethunga*
> Software Engineer
> WSO2, Inc.
> lean | enterprise | middleware
> Mobile : +94 716546324
>
--
*Supun Sethunga*
Software Engineer
WSO2, Inc.
lean | enterprise | middleware
Mobile : +94 716546324
<wsp:Policy wsu:Id="SigOnly"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
<wsp:ExactlyOne>
<wsp:All>
<sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
<wsp:Policy>
<sp:RequireThumbprintReference/>
<sp:WssX509V3Token10/>
<!-- sp:WssX509V3Token10/ -->
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";>
<wsp:Policy>
<sp:RequireThumbprintReference/>
<sp:WssX509V3Token10/>
<!-- sp:WssX509V3Token10/ -->
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic256/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
<sp:OnlySignEntireHeadersAndBody/>
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
</wsp:Policy>
</sp:Wss10>
<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";>
<sp:Body/>
</sp:SignedParts>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
