I was able to configure the server and the client but I have a strange
exception:
INFO: Interceptor has thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: Security processing failed.
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:213)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:86)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:221)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:276)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:222)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:177)
at $Proxy42.sendFileToDerwid(Unknown Source)
at com.xyz.test.soap.test.Client.main(Client.java:78)
Caused by: org.apache.ws.security.WSSecurityException: WSHandler: Signature:
error during message procesingorg.apache.ws.security.WSSecurityException:
General security error (Unexpected number of X509Data: for Signature)
at
org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57)
at
org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:192)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:47)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:198)
... 8 more
Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: Security
processing failed.
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:218)
at $Proxy42.sendFileToDerwid(Unknown Source)
at com.xyz.test.soap.test.Client.main(Client.java:78)
Caused by: org.apache.cxf.binding.soap.SoapFault: Security processing
failed.
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:213)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:86)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:221)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:276)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:222)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:177)
... 2 more
Caused by: org.apache.ws.security.WSSecurityException: WSHandler: Signature:
error during message procesingorg.apache.ws.security.WSSecurityException:
General security error (Unexpected number of X509Data: for Signature)
at
org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57)
at
org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:192)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:47)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:198)
... 8 more
I have the keystore on the calsspath and the certificate is inside, i can
export it using alias and password, here is the certificate:
-----BEGIN CERTIFICATE-----
MIIDbTCCAyugAwIBAgIESQ3KKzALBgcqhkjOOAQDBQAwgZkxFzAVBgNVBAYTDklUIC1rZXlhbGcg
UlNBMQ4wDAYDVQQIEwVJdGFseTEfMB0GA1UEBxMWTW9yc2FubyBhbCBUYWdsaWFtZW50bzEfMB0G
A1UEChMWQWN0aXZlLU1lZGlhLUdyb3VwLmNvbTERMA8GA1UECxMIUmVzZWFyY2gxGTAXBgNVBAMT
EEhvcnN0IEV4ZW5iZXJnZXIwHhcNMDgxMTAyMTU0MTMxWhcNMDkwMTMxMTU0MTMxWjCBmTEXMBUG
A1UEBhMOSVQgLWtleWFsZyBSU0ExDjAMBgNVBAgTBUl0YWx5MR8wHQYDVQQHExZNb3JzYW5vIGFs
IFRhZ2xpYW1lbnRvMR8wHQYDVQQKExZBY3RpdmUtTWVkaWEtR3JvdXAuY29tMREwDwYDVQQLEwhS
ZXNlYXJjaDEZMBcGA1UEAxMQSG9yc3QgRXhlbmJlcmdlcjCCAbcwggEsBgcqhkjOOAQBMIIBHwKB
gQD9f1OBHXUSKVLfSpwu7OTn9hG3UjzvRADDHj+AtlEmaUVdQCJR+1k9jVj6v8X1ujD2y5tVbNeB
O4AdNG/yZmC3a5lQpaSfn+gEexAiwk+7qdf+t8Yb+DtX58aophUPBPuD9tPFHsMCNVQTWhaRMvZ1
864rYdcq7/IiAxmd0UgBxwIVAJdgUI8VIwvMspK5gqLrhAvwWBz1AoGBAPfhoIXWmz3ey7yrXDa4
V7l5lK+7+jrqgvlXTAs9B4JnUVlXjrrUWU/mcQcQgYC0SRZxI+hMKBYTt88JMozIpuE8FnqLVHyN
KOCjrh4rs6Z1kW6jfwv6ITVi8ftiegEkO8yk8b6oUZCJqIPf4VrlnwaSi2ZegHtVJWQBTDv+z0kq
A4GEAAKBgAu1WpClKoOmiDOXiCpjKuksKHa5wbXWCqB6rWG0ZY0q3RkFIaE2bI7bykQ4+DslonJ2
bg5A9MwAPEDuwm2B4VVdNkVrmKmPt+XautUpJT/Yb8X5UqUYX1cV1Ve4RJf/mrb6bomDhg76EPQm
DC/37XsN5ikGS2Qi8NjQvDnu4KiNMAsGByqGSM44BAMFAAMvADAsAhR0X9WVNOiisyO7FhzHRxCk
7YQcYQIUNdGZPGnG5ybG85Y+2WgiyoOJ6P8=
-----END CERTIFICATE-----
here is my config file, client:
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=TestPass
org.apache.ws.security.crypto.merlin.keystore.alias=TestSoapClient
org.apache.ws.security.crypto.merlin.file=TestSoapPublic.jks
and server:
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=H3x3nb3rg3r
org.apache.ws.security.crypto.merlin.file=DerWidSoapPrivate.jks
Thanks
Giulio
JuliusIT wrote:
>
>
> Benson Margulies-4 wrote:
>>
>> What's wrong with just using Spring from a simple applicaton to launch
>> the server?
>>
>> In any case, you can certainly configure the http conduit for SSL
>> without spring, but I'm hoping that Glen will see this and have one of
>> his handy samples to help you out.
>>
>>
>
> I love Spring. Really. Our Web application for handling documents are made
> with Spring. If I could I'll use it for sure. But my Boss will run it as a
> standalone server runned, as thin as possibile, inside a Debian bash
> deamon. I don't agree with this choise, we already have apache and tomcat
> up and running. So I have to follow this requirement.
> I've found this
>
> http://cwiki.apache.org/CXF20DOC/ws-security.html
>
> I' doing it now.
>
> For sure an example will be apriciated.
> And then I have to move to Momt... for binary files sending.
> I know I seems like a blind moving around. But I'm really in a hurry with
> this.
>
>
>
--
View this message in context:
http://www.nabble.com/SSL-on-server-side-without-container-tp20288256p20292099.html
Sent from the cxf-user mailing list archive at Nabble.com.
