That article was written back in Kolovoz 2007, so maybe it's a bit old. Here's newer links that might provide you more information:
http://www.jroller.com/gmazza/entry/using_cxf_and_wss4j_to http://www.jroller.com/gmazza/entry/implementing_ws_security_with_the HTH, Glen Oliver Gottwald-2 wrote: > > Hi Experts, > > I'm currently configuring an example from the following link for CXF and > WS-Security: > http://domagojtechtips.blogspot.com/2007/08/cxf-spring-and-ws-security-putting-it.html > > <http://domagojtechtips.blogspot.com/2007/08/cxf-spring-and-ws-security-putting-it.html> > > What I need to know is the following: > 1. Is the jks file creation process below correct. > 2. How the fields are set in the code section to reflect the jks > parameters. > > I would greatly appreciate any help. > > It would be great to have a CXF specialist as a reference for a project > ongoing project. > > I used the following commands to create the jks files: > keytool -genkey -alias myAlias -keypass myAliasPassword -keystore > client_keystore.jks -storepass keyStorePassword -dname "cn=ws-client" > -keyalg RSA > keytool -selfcert -alias myAlias -keystore client_keystore.jks > -storepass keyStorePassword -keypass myAliasPassword > keytool -export -alias myAlias -file key.rsa -keystore > client_keystore.jks -storepass keyStorePassword > keytool -import -alias myAlias -file key.rsa -keystore > server_publicstore.jks -storepass keyStorePassword > > The following is the service code: > public void handle(Callback[] callbacks) throws IOException, > UnsupportedCallbackException { > WSPasswordCallback pc = (WSPasswordCallback) callbacks[0]; > logger.debug("identifier: " + pc.getIdentifer()); > if (pc.getIdentifer().equals("ws-client")) { > // set the password on the callback. This will later be compared to > the > // password which was sent from the client. > pc.setPassword("password"); > } > } > > The following is the client code: > public void handle(Callback[] callbacks) throws IOException, > UnsupportedCallbackException { > > for (int i=0; i< callbacks.length; i++) { > WSPasswordCallback pc = (WSPasswordCallback) callbacks[0]; > > int usage = pc.getUsage(); > > System.out.println("identifier: " + pc.getIdentifer()); > System.out.println("usage: " + pc.getUsage()); > > if (usage == WSPasswordCallback.USERNAME_TOKEN) { > // username token pwd... > pc.setPassword("password"); > } else if (usage == WSPasswordCallback.SIGNATURE) { > // set the password for client's keystore.keyPassword > System.out.println("[5]"); > pc.setPassword("keyPassword"); > } > } > } > > I get the following error: > Nov 18, 2008 10:21:37 AM org.apache.cxf.phase.PhaseInterceptorChain > doIntercept > INFO: Interceptor has thrown exception, unwinding now > org.apache.cxf.binding.soap.SoapFault: Security processing failed. > at > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:234) > at > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:107) > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:220) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:466) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:299) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:251) > at > org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) > at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124) > at $Proxy43.returnUploadResume(Unknown Source) > at com.thea.client.Client.main(Client.java:46) > Caused by: org.apache.ws.security.WSSecurityException: WSHandler: > Signature: error during message > processingorg.apache.ws.security.WSSecurityException: General security > error (Unexpected number of X509Data: for Signature) > at > org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57) > at > org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:197) > at > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:47) > at > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:219) > ... 9 more > Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: Security > processing failed. > at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:145) > at $Proxy43.returnUploadResume(Unknown Source) > at com.thea.client.Client.main(Client.java:46) > Caused by: org.apache.cxf.binding.soap.SoapFault: Security processing > failed. > at > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:234) > at > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:107) > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:220) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:466) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:299) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:251) > at > org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) > at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124) > ... 2 more > Caused by: org.apache.ws.security.WSSecurityException: WSHandler: > Signature: error during message > processingorg.apache.ws.security.WSSecurityException: General security > error (Unexpected number of X509Data: for Signature) > at > org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57) > at > org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:197) > at > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:47) > at > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:219) > ... 9 more > > oliver > > > > -- View this message in context: http://www.nabble.com/Java-CXF---jks---proper-configuration-tp20567184p20568540.html Sent from the cxf-user mailing list archive at Nabble.com.
