Mohamed Anis Mekki created AXIS2-5904:
-----------------------------------------
Summary: Intermittent Rampart policy configuration missing Error
Key: AXIS2-5904
URL: https://issues.apache.org/jira/browse/AXIS2-5904
Project: Axis2
Issue Type: Bug
Components: client-api, codegen, modules, rpc
Affects Versions: 1.7.0
Environment: Apache Tomcat 9
Reporter: Mohamed Anis Mekki
Priority: Critical
I created a secured (sign body) Axis2 Web Service and generated .aar archive
which I deployed to Axis2 Container (.war in Apache Tomcat). I then used
Java2WSDL to generate a client stub. I finally created the class below that
uses the client stub.
In a nutshell the main method of the class calls consecutively the first then
the second method of the service. I create a separate service stub for each
call, using serviceStub() method and configure correctly the rampart security
policy using getRampartConfig() method.
{code:java}
package tn.nat.cnss.client;
import java.util.Properties;
import java.rmi.RemoteException;
import org.apache.axis2.AxisFault;
import org.apache.axis2.context.ConfigurationContext;
import org.apache.axis2.context.ConfigurationContextFactory;
import org.apache.axis2.transport.http.HTTPConstants;
import org.apache.neethi.Policy;
import org.apache.rampart.policy.model.CryptoConfig;
import org.apache.rampart.policy.model.RampartConfig;
import tn.nat.cnss.client.Sample2SignBodyServiceStub.ArrayOfString;
import tn.nat.cnss.client.Sample2SignBodyServiceStub.Operation1;
import tn.nat.cnss.client.Sample2SignBodyServiceStub.Operation2;
import tn.nat.cnss.client.Sample2SignBodyServiceStub.Operation1Response;
import tn.nat.cnss.client.Sample2SignBodyServiceStub.Operation2Response;
import tn.nat.cnss.client.Sample2SignBodyServiceStub.ServiceRequestOperation1;
import tn.nat.cnss.client.Sample2SignBodyServiceStub.ServiceRequestOperation2;
public class Sample2SignBodyServiceClient
{
private static Policy getRampartConfig()
{
RampartConfig rampartConfig = new RampartConfig();
rampartConfig.setUser("clientkey");
rampartConfig.setPwCbClass("tn.nat.cnss.client.PasswordCallBackHandler");
CryptoConfig sigCrypto = new CryptoConfig();
sigCrypto.setProvider("org.apache.ws.security.components.crypto.Merlin");
Properties props = new Properties();
props.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", "JKS");
props.setProperty("org.apache.ws.security.crypto.merlin.file","keys/client.jks");
props.setProperty("org.apache.ws.security.crypto.merlin.keystore.password",
"clientStorePW");
sigCrypto.setProp(props);
rampartConfig.setSigCryptoConfig(sigCrypto);
Policy policy = new Policy();
policy.addAssertion(rampartConfig);
return policy;
}
private static Sample2SignBodyServiceStub serviceStub() throws AxisFault
{
org.apache.log4j.Logger.getRootLogger().setLevel(org.apache.log4j.Level.OFF);
ConfigurationContext ctx =
ConfigurationContextFactory.createConfigurationContextFromFileSystem("client-repo",
null);
Sample2SignBodyServiceStub serviceStub = new
Sample2SignBodyServiceStub(ctx,"http://localhost:8080/axis2/services/Sample2SignBodyService";);
serviceStub._getServiceClient().engageModule("rampart");
Policy rampartConfig = getRampartConfig();
serviceStub._getServiceClient().getAxisService().getPolicySubject().attachPolicy(rampartConfig);
serviceStub._getServiceClient().getOptions().setTimeOutInMilliSeconds(300000);
serviceStub._getServiceClient().getOptions().setProperty(HTTPConstants.SO_TIMEOUT,
new Integer(300000));
serviceStub._getServiceClient().getOptions().setProperty(HTTPConstants.CONNECTION_TIMEOUT,
new Integer(300000));
return serviceStub;
}
public static Operation1Response operation1(String...parameters) throws
RemoteException, AxisFault
{
Sample2SignBodyServiceStub serviceStub = serviceStub();
ServiceRequestOperation1 req = new ServiceRequestOperation1();
req.setParam1(parameters[0]);
req.setParam2(parameters[1]);
req.setParam3(parameters[2]);
Operation1 operation = new Operation1();
operation.setServiceRequestOperation1(req);
Operation1Response resp = serviceStub.operation1(operation);
serviceStub._getServiceClient().cleanupTransport();
serviceStub._getServiceClient().cleanup();
serviceStub.cleanup();
return resp;
}
public static Operation2Response operation2(String...parameters) throws
RemoteException, AxisFault
{
Sample2SignBodyServiceStub serviceStub = serviceStub();
ServiceRequestOperation2 req = new ServiceRequestOperation2();
req.setParam1(parameters[0]);
req.setParam2(parameters[1]);
Operation2 operation = new Operation2();
operation.setServiceRequestOperation2(req);
Operation2Response resp = serviceStub.operation2(operation);
serviceStub._getServiceClient().cleanupTransport();
serviceStub._getServiceClient().cleanup();
serviceStub.cleanup();
return resp;
}
public static void main(String[] args) throws Exception
{
Operation1Response operation1Response = operation1("0",
"99999", "99999");
System.out.println("operation1: Debut Execution");
System.out.println(operation1Response.get_return().getResult());
System.out.println("Nombre de colonnes: " +
operation1Response.get_return().getNumberColumns());
System.out.println("Nombre de lignes: " +
operation1Response.get_return().getNumberLines());
for (ArrayOfString array :
operation1Response.get_return().getDataSet())
{
for (String s : array.localArray)
{
System.out.print(s + "\t");
}
System.out.println();
}
System.out.println("operation1: Fin Execution");
Operation2Response operation2Response = operation2("0",
"99999");
System.out.println("operation2: Debut Execution");
System.out.println(operation2Response.get_return().getResult());
System.out.println("Nombre de colonnes: " +
operation2Response.get_return().getNumberColumns());
System.out.println("Nombre de lignes: " +
operation2Response.get_return().getNumberLines());
for (ArrayOfString array :
operation2Response.get_return().getDataSet())
{
for (String s : array.localArray)
{
System.out.print(s + "\t");
}
System.out.println();
}
System.out.println("operation2: Fin Execution");
}
}
{code}
The problem is that execution leads to the intermittent error below. By
intermittent I mean that sometimes both operation calls execute properly, but
some other times only the first call or none.
{code:java}
org.apache.axis2.AxisFault: Rampart policy configuration missing
at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:76)
at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:335)
at org.apache.axis2.engine.Phase.invoke(Phase.java:308)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:250)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:415)
at
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:399)
at
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:150)
at
tn.nat.cnss.client.Sample4SignEncryptBodyServiceSSLStub.operation2(Sample4SignEncryptBodyServiceSSLStub.java:307)
at
tn.nat.cnss.client.Sample4SignEncryptBodyServiceSSLClient.operation2(Sample4SignEncryptBodyServiceSSLClient.java:121)
at
tn.nat.cnss.client.Sample4SignEncryptBodyServiceSSLClient.main(Sample4SignEncryptBodyServiceSSLClient.java:162)
Caused by: org.apache.rampart.RampartException: Rampart policy configuration
missing
at
org.apache.rampart.builder.BindingBuilder.getSignatureBuilder(BindingBuilder.java:277)
at
org.apache.rampart.builder.BindingBuilder.getSignatureBuilder(BindingBuilder.java:250)
at
org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:760)
at
org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:417)
at
org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricBindingBuilder.java:88)
at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:147)
at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:65)
... 10 more
{code}
I use Axis2 version 1.7.0 and Apache Tomcat 9.0 with Java 8.
--
This message was sent by Atlassian JIRA
(v6.4.14#64029)
---------------------------------------------------------------------
To unsubscribe, e-mail: [email protected]
For additional commands, e-mail: [email protected]
