[
https://issues.apache.org/jira/browse/CXF-6864?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Charles Moulliard updated CXF-6864:
-----------------------------------
Description:
The STS Demo packaged within the distribution of CXF 3.0.9 doesn't work
When the client issues the request to get the token from the STS server, the
following error is reported
Server
{code}
Apr 08, 2016 11:57:04 AM org.eclipse.jetty.server.AbstractConnector doStart
INFO: Started SelectChannelConnector@localhost:8080
Server ready...
Apr 08, 2016 11:57:42 AM
org.apache.cxf.services.SecurityTokenService.UT_Port.STS
INFO: Inbound Message
----------------------------
ID: 1
Address: http://localhost:8080/SecurityTokenService/UT?wsdl
Http-Method: GET
Content-Type:
Headers: {Accept=[*/*], Cache-Control=[no-cache], connection=[keep-alive],
Content-Type=[null], Host=[localhost:8080], Pragma=[no-cache],
User-Agent=[Apache CXF 3.0.9]}
--------------------------------------
{code}
Client
{code}
INFO: Creating Service {http://apache.org/hello_world_soap_http}SOAPService
from WSDL:
file:/Users/chmoulli/Downloads/apache-cxf-3.0.9/samples/sts/wsdl/hello_world.wsdl
Invoking greetMe...
Apr 08, 2016 11:57:42 AM org.apache.cxf.phase.PhaseInterceptorChain
doDefaultLogging
WARNING: Interceptor for
{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService#{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Issue
has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: Illegal key size
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:388)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.handleBinding(SymmetricBindingHandler.java:124)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessageInternal(PolicyBasedWSS4JOutInterceptor.java:210)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:115)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:102)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
at
org.apache.cxf.ws.security.trust.AbstractSTSClient.issue(AbstractSTSClient.java:849)
at
org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:61)
at
org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:55)
at
org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:51)
at
org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.getTokenFromSTS(IssuedTokenInterceptorProvider.java:397)
at
org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.issueToken(IssuedTokenInterceptorProvider.java:531)
at
org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.handleMessage(IssuedTokenInterceptorProvider.java:165)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138)
at com.sun.proxy.$Proxy49.greetMe(Unknown Source)
at demo.wssec.client.Client.main(Client.java:77)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.codehaus.mojo.exec.ExecJavaMojo$1.run(ExecJavaMojo.java:291)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.cxf.ws.policy.PolicyException: Illegal key size
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractCommonBindingHandler.policyNotAsserted(AbstractCommonBindingHandler.java:117)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryptionDerived(SymmetricBindingHandler.java:492)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryption(SymmetricBindingHandler.java:509)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:381)
... 31 more
Caused by: org.apache.wss4j.common.ext.WSSecurityException: Illegal key size
Original Exception was
org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size
Original Exception was java.security.InvalidKeyException: Illegal key size
at
org.apache.wss4j.dom.message.WSSecEncrypt.encryptElement(WSSecEncrypt.java:704)
at
org.apache.wss4j.dom.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:446)
at
org.apache.wss4j.dom.message.WSSecDKEncrypt.encryptForExternalRef(WSSecDKEncrypt.java:137)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryptionDerived(SymmetricBindingHandler.java:485)
... 33 more
Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Illegal
key size
Original Exception was java.security.InvalidKeyException: Illegal key size
at
org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1183)
at
org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1128)
at
org.apache.xml.security.encryption.XMLCipher.encryptElementContent(XMLCipher.java:901)
at
org.apache.xml.security.encryption.XMLCipher.doFinal(XMLCipher.java:1032)
at
org.apache.wss4j.dom.message.WSSecEncrypt.encryptElement(WSSecEncrypt.java:701)
... 36 more
Caused by: java.security.InvalidKeyException: Illegal key size
at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
at javax.crypto.Cipher.implInit(Cipher.java:805)
at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
at javax.crypto.Cipher.init(Cipher.java:1396)
at javax.crypto.Cipher.init(Cipher.java:1327)
at
org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1181)
... 40 more
Apr 08, 2016 11:57:42 AM org.apache.cxf.phase.PhaseInterceptorChain
doDefaultLogging
WARNING: Interceptor for
{http://apache.org/hello_world_soap_http}SOAPService#{http://apache.org/hello_world_soap_http}greetMe
has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: Illegal key size
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:388)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.handleBinding(SymmetricBindingHandler.java:124)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessageInternal(PolicyBasedWSS4JOutInterceptor.java:210)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:115)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:102)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
at
org.apache.cxf.ws.security.trust.AbstractSTSClient.issue(AbstractSTSClient.java:849)
at
org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:61)
at
org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:55)
at
org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:51)
at
org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.getTokenFromSTS(IssuedTokenInterceptorProvider.java:397)
at
org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.issueToken(IssuedTokenInterceptorProvider.java:531)
at
org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.handleMessage(IssuedTokenInterceptorProvider.java:165)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138)
at com.sun.proxy.$Proxy49.greetMe(Unknown Source)
at demo.wssec.client.Client.main(Client.java:77)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.codehaus.mojo.exec.ExecJavaMojo$1.run(ExecJavaMojo.java:291)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.cxf.ws.policy.PolicyException: Illegal key size
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractCommonBindingHandler.policyNotAsserted(AbstractCommonBindingHandler.java:117)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryptionDerived(SymmetricBindingHandler.java:492)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryption(SymmetricBindingHandler.java:509)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:381)
... 31 more
Caused by: org.apache.wss4j.common.ext.WSSecurityException: Illegal key size
Original Exception was
org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size
Original Exception was java.security.InvalidKeyException: Illegal key size
at
org.apache.wss4j.dom.message.WSSecEncrypt.encryptElement(WSSecEncrypt.java:704)
at
org.apache.wss4j.dom.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:446)
at
org.apache.wss4j.dom.message.WSSecDKEncrypt.encryptForExternalRef(WSSecDKEncrypt.java:137)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryptionDerived(SymmetricBindingHandler.java:485)
... 33 more
Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Illegal
key size
Original Exception was java.security.InvalidKeyException: Illegal key size
at
org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1183)
at
org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1128)
at
org.apache.xml.security.encryption.XMLCipher.encryptElementContent(XMLCipher.java:901)
at
org.apache.xml.security.encryption.XMLCipher.doFinal(XMLCipher.java:1032)
at
org.apache.wss4j.dom.message.WSSecEncrypt.encryptElement(WSSecEncrypt.java:701)
... 36 more
Caused by: java.security.InvalidKeyException: Illegal key size
at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
at javax.crypto.Cipher.implInit(Cipher.java:805)
at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
at javax.crypto.Cipher.init(Cipher.java:1396)
at javax.crypto.Cipher.init(Cipher.java:1327)
at
org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1181)
... 40 more
{code}
was:
The STS Demo packaged within the distribution of CXF 3.0.9 doesn't work
When the client issues the request to get the token from the STS server, the
following error is reported
Server
{code}
Apr 08, 2016 11:57:04 AM org.eclipse.jetty.server.AbstractConnector doStart
INFO: Started SelectChannelConnector@localhost:8080
Server ready...
Apr 08, 2016 11:57:42 AM
org.apache.cxf.services.SecurityTokenService.UT_Port.STS
INFO: Inbound Message
----------------------------
ID: 1
Address: http://localhost:8080/SecurityTokenService/UT?wsdl
Http-Method: GET
Content-Type:
Headers: {Accept=[*/*], Cache-Control=[no-cache], connection=[keep-alive],
Content-Type=[null], Host=[localhost:8080], Pragma=[no-cache],
User-Agent=[Apache CXF 3.0.9]}
--------------------------------------
{code}
Client
{code}
WARNING: Interceptor for
{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService#{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Issue
has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: Illegal key size
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:388)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.handleBinding(SymmetricBindingHandler.java:124)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessageInternal(PolicyBasedWSS4JOutInterceptor.java:210)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:115)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:102)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
at
org.apache.cxf.ws.security.trust.AbstractSTSClient.issue(AbstractSTSClient.java:849)
at
org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:61)
at
org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:55)
at
org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:51)
at
org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.getTokenFromSTS(IssuedTokenInterceptorProvider.java:397)
at
org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.issueToken(IssuedTokenInterceptorProvider.java:531)
at
org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.handleMessage(IssuedTokenInterceptorProvider.java:165)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138)
at com.sun.proxy.$Proxy49.greetMe(Unknown Source)
at demo.wssec.client.Client.main(Client.java:77)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.codehaus.mojo.exec.ExecJavaMojo$1.run(ExecJavaMojo.java:291)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.cxf.ws.policy.PolicyException: Illegal key size
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractCommonBindingHandler.policyNotAsserted(AbstractCommonBindingHandler.java:117)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryptionDerived(SymmetricBindingHandler.java:492)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryption(SymmetricBindingHandler.java:509)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:381)
... 31 more
Caused by: org.apache.wss4j.common.ext.WSSecurityException: Illegal key size
Original Exception was
org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size
Original Exception was java.security.InvalidKeyException: Illegal key size
at
org.apache.wss4j.dom.message.WSSecEncrypt.encryptElement(WSSecEncrypt.java:704)
at
org.apache.wss4j.dom.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:446)
at
org.apache.wss4j.dom.message.WSSecDKEncrypt.encryptForExternalRef(WSSecDKEncrypt.java:137)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryptionDerived(SymmetricBindingHandler.java:485)
... 33 more
Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Illegal
key size
Original Exception was java.security.InvalidKeyException: Illegal key size
at
org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1183)
at
org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1128)
at
org.apache.xml.security.encryption.XMLCipher.encryptElementContent(XMLCipher.java:901)
at
org.apache.xml.security.encryption.XMLCipher.doFinal(XMLCipher.java:1032)
at
org.apache.wss4j.dom.message.WSSecEncrypt.encryptElement(WSSecEncrypt.java:701)
... 36 more
Caused by: java.security.InvalidKeyException: Illegal key size
at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
at javax.crypto.Cipher.implInit(Cipher.java:805)
at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
at javax.crypto.Cipher.init(Cipher.java:1396)
at javax.crypto.Cipher.init(Cipher.java:1327)
at
org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1181)
... 40 more
Apr 08, 2016 11:57:42 AM org.apache.cxf.phase.PhaseInterceptorChain
doDefaultLogging
WARNING: Interceptor for
{http://apache.org/hello_world_soap_http}SOAPService#{http://apache.org/hello_world_soap_http}greetMe
has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: Illegal key size
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:388)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.handleBinding(SymmetricBindingHandler.java:124)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessageInternal(PolicyBasedWSS4JOutInterceptor.java:210)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:115)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:102)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
at
org.apache.cxf.ws.security.trust.AbstractSTSClient.issue(AbstractSTSClient.java:849)
at
org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:61)
at
org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:55)
at
org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:51)
at
org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.getTokenFromSTS(IssuedTokenInterceptorProvider.java:397)
at
org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.issueToken(IssuedTokenInterceptorProvider.java:531)
at
org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.handleMessage(IssuedTokenInterceptorProvider.java:165)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138)
at com.sun.proxy.$Proxy49.greetMe(Unknown Source)
at demo.wssec.client.Client.main(Client.java:77)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.codehaus.mojo.exec.ExecJavaMojo$1.run(ExecJavaMojo.java:291)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.cxf.ws.policy.PolicyException: Illegal key size
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractCommonBindingHandler.policyNotAsserted(AbstractCommonBindingHandler.java:117)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryptionDerived(SymmetricBindingHandler.java:492)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryption(SymmetricBindingHandler.java:509)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:381)
... 31 more
Caused by: org.apache.wss4j.common.ext.WSSecurityException: Illegal key size
Original Exception was
org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size
Original Exception was java.security.InvalidKeyException: Illegal key size
at
org.apache.wss4j.dom.message.WSSecEncrypt.encryptElement(WSSecEncrypt.java:704)
at
org.apache.wss4j.dom.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:446)
at
org.apache.wss4j.dom.message.WSSecDKEncrypt.encryptForExternalRef(WSSecDKEncrypt.java:137)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryptionDerived(SymmetricBindingHandler.java:485)
... 33 more
Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Illegal
key size
Original Exception was java.security.InvalidKeyException: Illegal key size
at
org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1183)
at
org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1128)
at
org.apache.xml.security.encryption.XMLCipher.encryptElementContent(XMLCipher.java:901)
at
org.apache.xml.security.encryption.XMLCipher.doFinal(XMLCipher.java:1032)
at
org.apache.wss4j.dom.message.WSSecEncrypt.encryptElement(WSSecEncrypt.java:701)
... 36 more
Caused by: java.security.InvalidKeyException: Illegal key size
at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
at javax.crypto.Cipher.implInit(Cipher.java:805)
at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
at javax.crypto.Cipher.init(Cipher.java:1396)
at javax.crypto.Cipher.init(Cipher.java:1327)
at
org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1181)
... 40 more
{code}
> STS Demo - Invalid Key
> ----------------------
>
> Key: CXF-6864
> URL: https://issues.apache.org/jira/browse/CXF-6864
> Project: CXF
> Issue Type: Bug
> Affects Versions: 3.0.9
> Reporter: Charles Moulliard
>
> The STS Demo packaged within the distribution of CXF 3.0.9 doesn't work
> When the client issues the request to get the token from the STS server, the
> following error is reported
> Server
> {code}
> Apr 08, 2016 11:57:04 AM org.eclipse.jetty.server.AbstractConnector doStart
> INFO: Started SelectChannelConnector@localhost:8080
> Server ready...
> Apr 08, 2016 11:57:42 AM
> org.apache.cxf.services.SecurityTokenService.UT_Port.STS
> INFO: Inbound Message
> ----------------------------
> ID: 1
> Address: http://localhost:8080/SecurityTokenService/UT?wsdl
> Http-Method: GET
> Content-Type:
> Headers: {Accept=[*/*], Cache-Control=[no-cache], connection=[keep-alive],
> Content-Type=[null], Host=[localhost:8080], Pragma=[no-cache],
> User-Agent=[Apache CXF 3.0.9]}
> --------------------------------------
> {code}
> Client
> {code}
> INFO: Creating Service {http://apache.org/hello_world_soap_http}SOAPService
> from WSDL:
> file:/Users/chmoulli/Downloads/apache-cxf-3.0.9/samples/sts/wsdl/hello_world.wsdl
> Invoking greetMe...
> Apr 08, 2016 11:57:42 AM org.apache.cxf.phase.PhaseInterceptorChain
> doDefaultLogging
> WARNING: Interceptor for
> {http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService#{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Issue
> has thrown exception, unwinding now
> org.apache.cxf.interceptor.Fault: Illegal key size
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:388)
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.handleBinding(SymmetricBindingHandler.java:124)
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessageInternal(PolicyBasedWSS4JOutInterceptor.java:210)
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:115)
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:102)
> at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
> at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
> at
> org.apache.cxf.ws.security.trust.AbstractSTSClient.issue(AbstractSTSClient.java:849)
> at
> org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:61)
> at
> org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:55)
> at
> org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:51)
> at
> org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.getTokenFromSTS(IssuedTokenInterceptorProvider.java:397)
> at
> org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.issueToken(IssuedTokenInterceptorProvider.java:531)
> at
> org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.handleMessage(IssuedTokenInterceptorProvider.java:165)
> at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
> at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
> at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
> at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138)
> at com.sun.proxy.$Proxy49.greetMe(Unknown Source)
> at demo.wssec.client.Client.main(Client.java:77)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:497)
> at org.codehaus.mojo.exec.ExecJavaMojo$1.run(ExecJavaMojo.java:291)
> at java.lang.Thread.run(Thread.java:745)
> Caused by: org.apache.cxf.ws.policy.PolicyException: Illegal key size
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractCommonBindingHandler.policyNotAsserted(AbstractCommonBindingHandler.java:117)
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryptionDerived(SymmetricBindingHandler.java:492)
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryption(SymmetricBindingHandler.java:509)
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:381)
> ... 31 more
> Caused by: org.apache.wss4j.common.ext.WSSecurityException: Illegal key size
> Original Exception was
> org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size
> Original Exception was java.security.InvalidKeyException: Illegal key size
> at
> org.apache.wss4j.dom.message.WSSecEncrypt.encryptElement(WSSecEncrypt.java:704)
> at
> org.apache.wss4j.dom.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:446)
> at
> org.apache.wss4j.dom.message.WSSecDKEncrypt.encryptForExternalRef(WSSecDKEncrypt.java:137)
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryptionDerived(SymmetricBindingHandler.java:485)
> ... 33 more
> Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Illegal
> key size
> Original Exception was java.security.InvalidKeyException: Illegal key size
> at
> org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1183)
> at
> org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1128)
> at
> org.apache.xml.security.encryption.XMLCipher.encryptElementContent(XMLCipher.java:901)
> at
> org.apache.xml.security.encryption.XMLCipher.doFinal(XMLCipher.java:1032)
> at
> org.apache.wss4j.dom.message.WSSecEncrypt.encryptElement(WSSecEncrypt.java:701)
> ... 36 more
> Caused by: java.security.InvalidKeyException: Illegal key size
> at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
> at javax.crypto.Cipher.implInit(Cipher.java:805)
> at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
> at javax.crypto.Cipher.init(Cipher.java:1396)
> at javax.crypto.Cipher.init(Cipher.java:1327)
> at
> org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1181)
> ... 40 more
> Apr 08, 2016 11:57:42 AM org.apache.cxf.phase.PhaseInterceptorChain
> doDefaultLogging
> WARNING: Interceptor for
> {http://apache.org/hello_world_soap_http}SOAPService#{http://apache.org/hello_world_soap_http}greetMe
> has thrown exception, unwinding now
> org.apache.cxf.interceptor.Fault: Illegal key size
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:388)
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.handleBinding(SymmetricBindingHandler.java:124)
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessageInternal(PolicyBasedWSS4JOutInterceptor.java:210)
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:115)
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:102)
> at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
> at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
> at
> org.apache.cxf.ws.security.trust.AbstractSTSClient.issue(AbstractSTSClient.java:849)
> at
> org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:61)
> at
> org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:55)
> at
> org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:51)
> at
> org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.getTokenFromSTS(IssuedTokenInterceptorProvider.java:397)
> at
> org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.issueToken(IssuedTokenInterceptorProvider.java:531)
> at
> org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.handleMessage(IssuedTokenInterceptorProvider.java:165)
> at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
> at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
> at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
> at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138)
> at com.sun.proxy.$Proxy49.greetMe(Unknown Source)
> at demo.wssec.client.Client.main(Client.java:77)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
> at java.lang.reflect.Method.invoke(Method.java:497)
> at org.codehaus.mojo.exec.ExecJavaMojo$1.run(ExecJavaMojo.java:291)
> at java.lang.Thread.run(Thread.java:745)
> Caused by: org.apache.cxf.ws.policy.PolicyException: Illegal key size
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractCommonBindingHandler.policyNotAsserted(AbstractCommonBindingHandler.java:117)
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryptionDerived(SymmetricBindingHandler.java:492)
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryption(SymmetricBindingHandler.java:509)
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:381)
> ... 31 more
> Caused by: org.apache.wss4j.common.ext.WSSecurityException: Illegal key size
> Original Exception was
> org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size
> Original Exception was java.security.InvalidKeyException: Illegal key size
> at
> org.apache.wss4j.dom.message.WSSecEncrypt.encryptElement(WSSecEncrypt.java:704)
> at
> org.apache.wss4j.dom.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:446)
> at
> org.apache.wss4j.dom.message.WSSecDKEncrypt.encryptForExternalRef(WSSecDKEncrypt.java:137)
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryptionDerived(SymmetricBindingHandler.java:485)
> ... 33 more
> Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Illegal
> key size
> Original Exception was java.security.InvalidKeyException: Illegal key size
> at
> org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1183)
> at
> org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1128)
> at
> org.apache.xml.security.encryption.XMLCipher.encryptElementContent(XMLCipher.java:901)
> at
> org.apache.xml.security.encryption.XMLCipher.doFinal(XMLCipher.java:1032)
> at
> org.apache.wss4j.dom.message.WSSecEncrypt.encryptElement(WSSecEncrypt.java:701)
> ... 36 more
> Caused by: java.security.InvalidKeyException: Illegal key size
> at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
> at javax.crypto.Cipher.implInit(Cipher.java:805)
> at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
> at javax.crypto.Cipher.init(Cipher.java:1396)
> at javax.crypto.Cipher.init(Cipher.java:1327)
> at
> org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1181)
> ... 40 more
> {code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)
