Hello,
I did just that. I have two keystores, both containing the personal
private key and the other participant public key certificate.
I have configured in the server the following:
<service>
<name>ClientInformationListSec</name>
<namespace>http://pt.brisa.integration.viaverde/ClientInformationListWS</namespace>
<serviceClass>pt.brisa.clientinformationlist.integration.ws.ClientInformationListWS</serviceClass>
<inHandlers>
<handler handlerClass="org.codehaus.xfire.util.dom.DOMInHandler" />
<bean class="org.codehaus.xfire.security.wss4j.WSS4JInHandler" xmlns="">
<property name="properties">
<props>
<prop key="action">Encrypt Signature UsernameToken</prop>
<prop
key="decryptionPropFile">META-INF/xfire/insecurity_enc.properties</prop>
<prop
key="signaturePropFile">META-INF/xfire/insecurity_sign.properties</prop>
<prop
key="passwordCallbackClass">org.codehaus.xfire.demo.PasswordHandler</prop>
</props>
</property>
</bean>
<handler
handlerClass="org.codehaus.xfire.demo.ValidateUserTokenHandler" />
</inHandlers>
<outHandlers>
<handler handlerClass="org.codehaus.xfire.util.dom.DOMOutHandler" />
<bean class="org.codehaus.xfire.security.wss4j.WSS4JOutHandler"
xmlns="">
<property name="properties">
<props>
<prop key="action">Encrypt Signature</prop>
<prop
key="encryptionPropFile">META-INF/xfire/server_outsecurity_enc.properties</prop>
<prop
key="signaturePropFile">META-INF/xfire/server_outsecurity_sign.properties</prop>
<prop
key="passwordCallbackClass">org.codehaus.xfire.demo.PasswordHandler</prop>
</props>
</property>
</bean>
</outHandlers>
<properties>
<property key="mtom-enabled">true</property>
</properties>
</service>
and in the the client:
properties.setProperty(WSHandlerConstants.ACTION,
WSHandlerConstants.ENCRYPT + " " + WSHandlerConstants.SIGNATURE + " "
+ WSHandlerConstants.USERNAME_TOKEN);
// set user used to encrypt message
properties.setProperty(WSHandlerConstants.ENCRYPTION_USER,
"serveralias");
//sender username for signature
properties.setProperty(WSHandlerConstants.USER, "client-344-839");
// Configuration of public key used to encrypt message goes to
properties file.
properties.setProperty(WSHandlerConstants.ENC_PROP_FILE,
"org/codehaus/xfire/client/outsecurity_enc.properties");
//properties file for signature
properties.setProperty(WSHandlerConstants.SIG_KEY_ID, "IssuerSerial");
properties.setProperty(WSHandlerConstants.SIG_PROP_FILE,
"org/codehaus/xfire/client/outsecurity_sign.properties");
// Specyfy callback class to retrive passwords
properties.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS,
PasswordHandler.class
.getName());
An error occurs:
MIT: 345281 [http-8585-Processor23] INFO
org.codehaus.xfire.handler.DefaultFaultHandler - Fault occurred!
org.codehaus.xfire.fault.XFireFault: WSS4JInHandler: security
processing failed(actions mismatch)
at
org.codehaus.xfire.security.wss4j.WSS4JInHandler.invoke(WSS4JInHandler.java:239)
at
org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
at
org.codehaus.xfire.transport.DefaultEndpoint.onReceive(DefaultEndpoint.java:64)
at
org.codehaus.xfire.transport.AbstractChannel.receive(AbstractChannel.java:38)
at
org.codehaus.xfire.transport.http.XFireServletController.invoke(XFireServletController.java:278)
at
org.codehaus.xfire.transport.http.XFireServletController.doService(XFireServletController.java:130)
at
org.codehaus.xfire.transport.http.XFireServlet.doPost(XFireServlet.java:116)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
at
org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
at
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
at
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
The configuration is symetric. Is there an easy way to know what is the problem?
Thanks in advance,
António Lourinho
On 1/15/07, Tomek Sztelak <[EMAIL PROTECTED]> wrote:
>
> Is there any example of signature+cypher both ways available (WS-Security)?
>
No, but configurations of client and server are symmtric, so you can
just use example of signature + encryption and copy configuration on
other side.
---------------------------------------------------------------------
To unsubscribe from this list please visit:
http://xircles.codehaus.org/manage_email
---------------------------------------------------------------------
To unsubscribe from this list please visit:
http://xircles.codehaus.org/manage_email
