Dear x,
Im sorry for insisting on this issue...but when i include the
configuration for signing the response all goes well (the service
class implementation is called) until the signature is tryed on the
server:
org.codehaus.xfire.fault.XFireFault: WSDoAllSender: Empty username for
specified action
at
org.codehaus.xfire.security.wss4j.WSS4JOutHandler.invoke(WSS4JOutHandler.java:113)
at
org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
at
org.codehaus.xfire.service.binding.PostInvocationHandler.invoke(PostInvocationHandler.java:36)
at
org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
at
org.codehaus.xfire.transport.DefaultEndpoint.onReceive(DefaultEndpoint.java:64)
at
org.codehaus.xfire.transport.AbstractChannel.receive(AbstractChannel.java:38)
at
org.codehaus.xfire.transport.http.XFireServletController.invoke(XFireServletController.java:278)
at
org.codehaus.xfire.transport.http.XFireServletController.doService(XFireServletController.java:130)
at
org.codehaus.xfire.transport.http.XFireServlet.doPost(XFireServlet.java:116)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
at
org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
at
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
at
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
Is there something missing in the services.xml? (there isnt any
example of this - server signing).
<outHandlers>
<handler handlerClass="org.codehaus.xfire.util.dom.DOMOutHandler" />
<bean class="org.codehaus.xfire.security.wss4j.WSS4JOutHandler"
xmlns="">
<property name="properties">
<props>
<prop key="action">Encrypt UsernameToken Signature</prop>
<prop
key="encryptionPropFile">META-INF/xfire/server_outsecurity_enc.properties</prop>
<prop
key="passwordCallbackClass">org.codehaus.xfire.demo.PasswordHandler</prop>
<prop
key="signaturePropFile">META-INF/xfire/server_outsecurity_sign.properties</prop>
</props>
</property>
</bean>
</outHandlers>
Thank you very much,
António Lourinho
On 1/16/07, Tomek Sztelak <[EMAIL PROTECTED]> wrote:
Sure
On 1/16/07, Antonio Lourinho <[EMAIL PROTECTED]> wrote:
> Hello,
>
> Please allow me to correct this information:
>
> I managed to configure security for the client do cypher and sign the
> request and for the server to cypher the response. This works
> correctly.
>
> Is it possible for the server to also sign the response?
>
> Thanks in advance,
> Antonio Lourinho
>
>
>
> On 1/16/07, Antonio Lourinho <[EMAIL PROTECTED]> wrote:
> > Hello,
> >
> > I did just that. I have two keystores, both containing the personal
> > private key and the other participant public key certificate.
> >
> > I have configured in the server the following:
> >
> > <service>
> > <name>ClientInformationListSec</name>
> >
<namespace>http://pt.brisa.integration.viaverde/ClientInformationListWS</namespace>
> >
<serviceClass>pt.brisa.clientinformationlist.integration.ws.ClientInformationListWS</serviceClass>
> > <inHandlers>
> > <handler handlerClass="org.codehaus.xfire.util.dom.DOMInHandler" />
> > <bean class="org.codehaus.xfire.security.wss4j.WSS4JInHandler"
xmlns="">
> > <property name="properties">
> > <props>
> > <prop key="action">Encrypt Signature
UsernameToken</prop>
> > <prop
> > key="decryptionPropFile">META-INF/xfire/insecurity_enc.properties</prop>
> > <prop
> > key="signaturePropFile">META-INF/xfire/insecurity_sign.properties</prop>
> > <prop
> > key="passwordCallbackClass">org.codehaus.xfire.demo.PasswordHandler</prop>
> > </props>
> > </property>
> > </bean>
> >
> > <handler
> > handlerClass="org.codehaus.xfire.demo.ValidateUserTokenHandler" />
> > </inHandlers>
> >
> > <outHandlers>
> > <handler handlerClass="org.codehaus.xfire.util.dom.DOMOutHandler" />
> > <bean class="org.codehaus.xfire.security.wss4j.WSS4JOutHandler"
> > xmlns="">
> > <property name="properties">
> > <props>
> > <prop key="action">Encrypt Signature</prop>
> > <prop
> >
key="encryptionPropFile">META-INF/xfire/server_outsecurity_enc.properties</prop>
> > <prop
> >
key="signaturePropFile">META-INF/xfire/server_outsecurity_sign.properties</prop>
> > <prop
> > key="passwordCallbackClass">org.codehaus.xfire.demo.PasswordHandler</prop>
> > </props>
> > </property>
> > </bean>
> > </outHandlers>
> > <properties>
> > <property key="mtom-enabled">true</property>
> > </properties>
> > </service>
> >
> > and in the the client:
> >
> > properties.setProperty(WSHandlerConstants.ACTION,
> > WSHandlerConstants.ENCRYPT + " " + WSHandlerConstants.SIGNATURE + " "
> > + WSHandlerConstants.USERNAME_TOKEN);
> > // set user used to encrypt message
> > properties.setProperty(WSHandlerConstants.ENCRYPTION_USER,
> > "serveralias");
> >
> > //sender username for signature
> > properties.setProperty(WSHandlerConstants.USER, "client-344-839");
> >
> > // Configuration of public key used to encrypt message goes to
> > properties file.
> > properties.setProperty(WSHandlerConstants.ENC_PROP_FILE,
> >
> > "org/codehaus/xfire/client/outsecurity_enc.properties");
> >
> > //properties file for signature
> > properties.setProperty(WSHandlerConstants.SIG_KEY_ID,
"IssuerSerial");
> > properties.setProperty(WSHandlerConstants.SIG_PROP_FILE,
> > "org/codehaus/xfire/client/outsecurity_sign.properties");
> >
> > // Specyfy callback class to retrive passwords
> > properties.setProperty(WSHandlerConstants.PW_CALLBACK_CLASS,
> > PasswordHandler.class
> > .getName());
> >
> >
> > An error occurs:
> >
> > MIT: 345281 [http-8585-Processor23] INFO
> > org.codehaus.xfire.handler.DefaultFaultHandler - Fault occurred!
> > org.codehaus.xfire.fault.XFireFault: WSS4JInHandler: security
> > processing failed(actions mismatch)
> > at
org.codehaus.xfire.security.wss4j.WSS4JInHandler.invoke(WSS4JInHandler.java:239)
> > at
org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
> > at
org.codehaus.xfire.transport.DefaultEndpoint.onReceive(DefaultEndpoint.java:64)
> > at
org.codehaus.xfire.transport.AbstractChannel.receive(AbstractChannel.java:38)
> > at
org.codehaus.xfire.transport.http.XFireServletController.invoke(XFireServletController.java:278)
> > at
org.codehaus.xfire.transport.http.XFireServletController.doService(XFireServletController.java:130)
> > at
org.codehaus.xfire.transport.http.XFireServlet.doPost(XFireServlet.java:116)
> > at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
> > at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
> > at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
> > at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
> > at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
> > at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178)
> > at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126)
> > at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
> > at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
> > at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
> > at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869)
> > at
org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664)
> > at
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
> > at
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
> > at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
> > at java.lang.Thread.run(Thread.java:595)
> >
> > The configuration is symetric. Is there an easy way to know what is the
problem?
> >
> > Thanks in advance,
> > António Lourinho
> >
> > On 1/15/07, Tomek Sztelak <[EMAIL PROTECTED]> wrote:
> > > >
> > > > Is there any example of signature+cypher both ways available
(WS-Security)?
> > > >
> > >
> > > No, but configurations of client and server are symmtric, so you can
> > > just use example of signature + encryption and copy configuration on
> > > other side.
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe from this list please visit:
> > >
> > > http://xircles.codehaus.org/manage_email
> > >
> > >
> >
>
> ---------------------------------------------------------------------
> To unsubscribe from this list please visit:
>
> http://xircles.codehaus.org/manage_email
>
>
--
-----
When one of our products stops working, we'll blame another vendor
within 24 hours.
---------------------------------------------------------------------
To unsubscribe from this list please visit:
http://xircles.codehaus.org/manage_email
---------------------------------------------------------------------
To unsubscribe from this list please visit:
http://xircles.codehaus.org/manage_email
