Hi,
I am working with Rampart1.3 on Axis 2-1.3. I have successfully executed all the samples, using policy.xml, that comes with Rampart. I am now trying to execute a symmetric encryption example. I am using the attached policy.xml and services.xml file. When I run my client, I get the following error. There may be some problem with the way my services.xml and policy.xml files are written. I will highly appreciate if someone could help me with it. Regards Manish Verma <ns1:echo xmlns:ns1="http://service.SymmetricEncSecurity.WS.Axis2.eklavya.org";><param0 >Hello world</param0></ns1:echo> org.apache.axis2.AxisFault: Error during encryption at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:70) at org.apache.axis2.engine.Phase.invoke(Phase.java:292) at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:212) at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:377) at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperatio n.java:374) at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisO peration.java:211) at org.apache.axis2.client.OperationClient.execute(OperationClient.java:163) at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:528) at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:508) at org.eklavya.Axis2.WS.SymmetricEncSecurity.client.SymmetricEncSecurityService Client.main(SymmetricEncSecurityServiceClient.java:70) Caused by: org.apache.rampart.RampartException: Error during encryption at org.apache.rampart.builder.SymmetricBindingBuilder.doSignBeforeEncrypt(Symme tricBindingBuilder.java:540) at org.apache.rampart.builder.SymmetricBindingBuilder.build(SymmetricBindingBui lder.java:80) at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:128) at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:64) ... 9 more Caused by: org.apache.ws.security.WSSecurityException: Cannot encrypt/decrypt data; nested exception is: org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size or default parameters Original Exception was java.security.InvalidKeyException: Illegal key size or default parameters at org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:4 80) at org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:4 06) at org.apache.ws.security.message.WSSecEncrypt.encryptForExternalRef(WSSecEncry pt.java:362) at org.apache.rampart.builder.SymmetricBindingBuilder.doSignBeforeEncrypt(Symme tricBindingBuilder.java:528) ... 12 more Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size or default parameters Original Exception was java.security.InvalidKeyException: Illegal key size or default parametersnull at org.apache.xml.security.encryption.XMLCipher.encryptData(Unknown Source) at org.apache.xml.security.encryption.XMLCipher.encryptData(Unknown Source) at org.apache.xml.security.encryption.XMLCipher.encryptElementContent(Unknown Source) at org.apache.xml.security.encryption.XMLCipher.doFinal(Unknown Source) at org.apache.ws.security.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:4 75) ... 15 more ---------------------------------- Manish Verma +91 99155 98590 (Cell) +91 172 3056 502 (Work) VermaM1947 (AOL) [EMAIL PROTECTED]
<!-- ~ Licensed to the Apache Software Foundation (ASF) under one ~ or more contributor license agreements. See the NOTICE file ~ distributed with this work for additional information ~ regarding copyright ownership. The ASF licenses this file ~ to you under the Apache License, Version 2.0 (the ~ "License"); you may not use this file except in compliance ~ with the License. You may obtain a copy of the License at ~ ~ http://www.apache.org/licenses/LICENSE-2.0 ~ ~ Unless required by applicable law or agreed to in writing, ~ software distributed under the License is distributed on an ~ "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY ~ KIND, either express or implied. See the License for the ~ specific language governing permissions and limitations ~ under the License. --> <!-- services.xml of sample-1 : No Security--> <service name="SymmetricEncSecurityService" scope="application"> <description>Symmetric Encryption Security</description> <operation name="echo"> <messageReceiver class="org.apache.axis2.rpc.receivers.RPCMessageReceiver" /> </operation> <parameter name="ServiceClass"> org.eklavya.Axis2.WS.SymmetricEncSecurity.service.SymmetricEncSecurityService </parameter> <module ref="rampart" /> <module ref="addressing" /> <wsp:Policy wsu:Id="SymmetricEnc" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";> <wsp:ExactlyOne> <wsp:All> <sp:SymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <wsp:Policy> <sp:ProtectionToken> <wsp:Policy> <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";> <wsp:Policy> <sp:WssX509V3Token10 /> </wsp:Policy> </sp:X509Token> </wsp:Policy> </sp:ProtectionToken> <sp:AlgorithmSuite> <wsp:Policy> <sp:TripleDesRsa15 /> </wsp:Policy> </sp:AlgorithmSuite> <sp:Layout> <wsp:Policy> <sp:Strict /> </wsp:Policy> </sp:Layout> <sp:IncludeTimestamp /> </wsp:Policy> </sp:SymmetricBinding> <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <wsp:Policy> <sp:MustSupportRefKeyIdentifier /> <sp:MustSupportRefIssuerSerial /> </wsp:Policy> </sp:Wss10> <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <sp:Body /> </sp:EncryptedParts> <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy";> <ramp:user>service</ramp:user> <ramp:encryptionUser>client</ramp:encryptionUser> <ramp:passwordCallbackClass> org.eklavya.Axis2.WS.SymetricEncSecurity.service.PWCBHandler </ramp:passwordCallbackClass> <ramp:encryptionCypto> <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin"> <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type"> JKS </ramp:property> <ramp:property name="org.apache.ws.security.crypto.merlin.file"> service.jks </ramp:property> <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password"> changeme </ramp:property> </ramp:crypto> </ramp:encryptionCypto> <ramp:signatureCrypto> <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin"> <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type"> JKS </ramp:property> <ramp:property name="org.apache.ws.security.crypto.merlin.file"> service.jks </ramp:property> <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password"> changeme </ramp:property> </ramp:crypto> </ramp:signatureCrypto> </ramp:RampartConfig> </wsp:All> </wsp:ExactlyOne> </wsp:Policy> </service>
<?xml version="1.0" encoding="UTF-8"?> <!-- ! ! Copyright 2006 The Apache Software Foundation. ! ! Licensed under the Apache License, Version 2.0 (the "License"); ! you may not use this file except in compliance with the License. ! You may obtain a copy of the License at ! ! http://www.apache.org/licenses/LICENSE-2.0 ! ! Unless required by applicable law or agreed to in writing, software ! distributed under the License is distributed on an "AS IS" BASIS, ! WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. ! See the License for the specific language governing permissions and ! limitations under the License. !--> <wsp:Policy wsu:Id="SymmetricEnc" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";> <wsp:ExactlyOne> <wsp:All> <sp:SymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <wsp:Policy> <sp:ProtectionToken> <wsp:Policy> <sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never";> <wsp:Policy> <sp:WssX509V3Token10 /> </wsp:Policy> </sp:X509Token> </wsp:Policy> </sp:ProtectionToken> <sp:AlgorithmSuite> <wsp:Policy> <sp:TripleDesRsa15 /> </wsp:Policy> </sp:AlgorithmSuite> <sp:Layout> <wsp:Policy> <sp:Strict /> </wsp:Policy> </sp:Layout> <sp:IncludeTimestamp /> </wsp:Policy> </sp:SymmetricBinding> <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <wsp:Policy> <sp:MustSupportRefKeyIdentifier /> <sp:MustSupportRefIssuerSerial /> </wsp:Policy> </sp:Wss10> <sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> <sp:Body /> </sp:EncryptedParts> <ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy";> <ramp:user>client</ramp:user> <ramp:encryptionUser>service</ramp:encryptionUser> <ramp:passwordCallbackClass> org.eklavya.Axis2.WS.SymetricEncSecurity.client.ClientPWCBHandler </ramp:passwordCallbackClass> <ramp:encryptionCypto> <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin"> <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type"> JKS </ramp:property> <ramp:property name="org.apache.ws.security.crypto.merlin.file"> client.jks </ramp:property> <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password"> changeme </ramp:property> </ramp:crypto> </ramp:encryptionCypto> <ramp:signatureCrypto> <ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin"> <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type"> JKS </ramp:property> <ramp:property name="org.apache.ws.security.crypto.merlin.file"> client.jks </ramp:property> <ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password"> changeme </ramp:property> </ramp:crypto> </ramp:signatureCrypto> </ramp:RampartConfig> </wsp:All> </wsp:ExactlyOne> </wsp:Policy>
