Hi All
I am trying to send some singed string from client to the server and in
server side I am trying to verify it. My code is as per below.
*Client Side*
//Get the filesystem keystore default primary certificate
KeyStoreManager keyStoreManager;
keyStoreManager =
KeyStoreManager.getInstance(MultitenantConstants.SUPER_TENANT_ID);
Signature signature;
try {
//Sign the secret
keyStoreManager.getDefaultPrimaryCertificate();
signature = Signature.getInstance("SHA1WithRSA");
signature.initSign(keyStoreManager.getDefaultPrivateKey());
signature.update(serverSecret.getBytes());
String signatureString = new String(signature.sign());
String headerString = new String(username + ":" + signatureString + ":" +
serverSecret);
// Set authorization header to service client
List headerList = new ArrayList();
Header header = new Header();
header.setName(HTTPConstants.HEADER_AUTHORIZATION);
header.setValue("CloudLogin " +
Base64Utils.encode(headerString.getBytes()));
headerList.add(header);
serviceClient.getOptions().setProperty(HTTPConstants.HTTP_HEADERS,
headerList);
} catch (Exception e) {
String msg = "Failed to get primary default certificate";
log.error(msg, e);
throw new AppFactoryException(msg, e);
}
*Server Side*
//Get the filesystem keystore default primary certificate
KeyStoreManager keyStoreManager =
KeyStoreManager.getInstance(MultitenantConstants.SUPER_TENANT_ID);
X509Certificate cert =
keyStoreManager.getDefaultPrimaryCertificate();
//Authorization: CloudLogin xxxxxxx
//header data base64encode(username:signature:secret)
String authorizationHeader =
request.getHeader(HTTPConstants.HEADER_AUTHORIZATION);
String[] headerData =
decodeAuthorizationHeader(authorizationHeader);
Signature signature = Signature.getInstance("SHA1WithRSA");
signature.initVerify(cert.getPublicKey());
signature.update(headerData[2].getBytes());
if (signature.verify(headerData[1].getBytes())) {
//my logic goes here
}
} catch (Exception e) {
log.error("Error authenticating the user " + e.getMessage(), e);
}
return isAuthenticated;
}
I ended up with the error [1]. Any idea what I am doing wrong. And idea
would be appreciated.
@Prabath: We are going to do what you suggested in M7. For just M6 we are
trying to go with this solution.
[1][2014-10-03 21:40:52,242] ERROR
{org.wso2.carbon.identity.authenticator.cloud.CloudAuthenticator} - Error
authenticating the user Signature length not correct: got 203 but was
expecting 128
java.security.SignatureException: Signature length not correct: got 203 but
was expecting 128
at sun.security.rsa.RSASignature.engineVerify(RSASignature.java:189)
at java.security.Signature$Delegate.engineVerify(Signature.java:1172)
at java.security.Signature.verify(Signature.java:623)
at
org.wso2.carbon.identity.authenticator.cloud.CloudAuthenticator.isAuthenticated(CloudAuthenticator.java:114)
at
org.wso2.carbon.server.admin.module.handler.AuthenticationHandler.isAuthenticated(AuthenticationHandler.java:187)
at
org.wso2.carbon.server.admin.module.handler.AuthenticationHandler.authenticate(AuthenticationHandler.java:96)
at
org.wso2.carbon.server.admin.module.handler.AuthenticationHandler.invoke(AuthenticationHandler.java:66)
at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:167)
at
org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172)
at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:146)
at
org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:755)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
at
org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
at
org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
at
org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:848)
at
org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at
org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:171)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)
at
org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:178)
at
org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
at
org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:56)
at
org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
at
org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:141)
at
org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:156)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:936)
at
org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:52)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1004)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:589)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1653)
at
java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:744)
Thanks & Regards
Danushka Fernando
Software Engineer
WSO2 inc. http://wso2.com/
Mobile : +94716332729
_______________________________________________
Dev mailing list
[email protected]
http://wso2.org/cgi-bin/mailman/listinfo/dev
