I am using Axis2 v1.3 and Rampart v1.3 on JBossAS v4.0.5 running on Java
1.6.0_03.
I am learning to implement WS-Security. Both my service and my client run
within the same JBoss server.
I am trying to configure my client to sign outgoing messages. In the client's
axis2.xml, I have the following snippet:
<parameter name="OutflowSecurity">
<action>
<items>UsernameTokenSignature</items>
<user>Client</user>
<passwordCallbackClass>com.vegas.test.client.PasswordHandler</passwordCallbackClass>
<signaturePropFile>WEB-INF/security.properties</signaturePropFile>
<signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
<signatureParts>{content}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd}UsernameToken</signatureParts>
</action>
</parameter>
The client's security.properties looks like this:
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=nateroe
org.apache.ws.security.crypto.merlin.file=WEB-INF/client.jks
Meanwhile, the service's service.xml contains this snippet:
<parameter name="InflowSecurity">
<action>
<items>UsernameTokenSignature</items>
<passwordCallbackClass>
com.vegas.test.PasswordHandler
</passwordCallbackClass>
<signaturePropFile>security.properties</signaturePropFile>
</action>
</parameter>
And the service's security.properties is like so:
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=nateroe
org.apache.ws.security.crypto.merlin.file=service.jks
My password handlers are both implemented. The keystores are both in the
classpath (I had different errors before I fixed that problem.)
When my client calls the service, I get the following exception:
18:18:16,926 ERROR [STDERR] org.apache.axis2.AxisFault: WSDoAllReceiver:
security processing failed
18:18:16,926 ERROR [STDERR] at
org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:486)
18:18:16,926 ERROR [STDERR] at
org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:343)
18:18:16,926 ERROR [STDERR] at
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:389)
18:18:16,926 ERROR [STDERR] at
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:211)
18:18:16,926 ERROR [STDERR] at
org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
18:18:16,942 ERROR [STDERR] at
com.vegas.test.client.DoCalculateStub.add(DoCalculateStub.java:925)
18:18:16,942 ERROR [STDERR] at
com.vegas.test.client.SoapTestClient.processSOAP(SoapTestClient.java:113)
18:18:16,942 ERROR [STDERR] at
com.vegas.test.client.SoapTestClient.doPost(SoapTestClient.java:93)
18:18:16,942 ERROR [STDERR] at
javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
18:18:16,942 ERROR [STDERR] at
javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
18:18:16,942 ERROR [STDERR] at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
18:18:16,942 ERROR [STDERR] at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
18:18:16,942 ERROR [STDERR] at
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
18:18:16,942 ERROR [STDERR] at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202)
18:18:16,942 ERROR [STDERR] at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
18:18:16,957 ERROR [STDERR] at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
18:18:16,957 ERROR [STDERR] at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
18:18:16,957 ERROR [STDERR] at
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175)
18:18:16,957 ERROR [STDERR] at
org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74)
18:18:16,957 ERROR [STDERR] at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
18:18:16,957 ERROR [STDERR] at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
18:18:16,957 ERROR [STDERR] at
org.jboss.web.tomcat.tc5.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:156)
18:18:16,957 ERROR [STDERR] at
org.jboss.web.tomcat.tc5.sso.ClusteredSingleSignOn.invoke(ClusteredSingleSignOn.java:637)
18:18:16,957 ERROR [STDERR] at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
18:18:16,957 ERROR [STDERR] at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
18:18:16,973 ERROR [STDERR] at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
18:18:16,973 ERROR [STDERR] at
org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
18:18:16,973 ERROR [STDERR] at
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
18:18:16,973 ERROR [STDERR] at
org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112)
18:18:16,973 ERROR [STDERR] at java.lang.Thread.run(Thread.java:619)
I'm not sure how to figure out why this is happening. I turned the log level
up to DEBUG, but this didn't reveal any further information.
Have I misconfigured something? How can I learn what security processing is
failed (and thus learn the root of the problem?)
Thanks,
Nate Roe
