Dan,
I created JIRA CXF-222 and attached the WSDL and stack traces.
Thanks for looking at this
Mary
Daniel Kulp wrote:
The wsdl and other attachments didn't make it through the Apache filters. Any
chance you could attach them to a JIRA?
It SOUNDS like for some reason the runtime doesn't think it should be signed
so it isn't bothering to setup the crypto for the signature. Rampart always
sets up the cryptos if it the properties are there which is probably why it
worked for them. We try to not waste the time and memory setting up crypto
things if it's not necessary. I'd probably need to see the policy and such
to see what is going on, although a complete test case is definitely
preferred.
Dan
On Fri May 15 2009 9:42:58 pm Mary Thompson wrote:
Hi,
I'm new to cxf and trying to get a signed message passed between a
client and server. I started from an existing ws-policy which works with
axis2/rampart, used the cxf version of wsdl2java to generate all the
code. Then merged a few things from
apache-cxf-2.2.1/samples/ws_security/interopfest/wssec10.
The message appears to be formatted and signed correctly by the client,
but the server gets a null pointer exception in
org.apache.ws.security.message.token.X509Security.getX509Certificate
(X509Security.java:92) when processing the incoming message. I looked at
the code and it has found the certificate and is faulting because crypt
is null.
I have double checked all the configuration files including using them
for the sample MutualCertificateSignandEncrypt (after tweaking them to
encrypt) and that all works. The samples work fine as well. I am using
maven to run the client and server and have copied the pom.xml from the
sample. The only difference I can find from the sample is that I only
timestamp and sign the message (not encrypt) and I'm using a jks keystore.
The only other clue I can come up with is that when I send an unsigned
message to the server it is happy. It's as though it doesn't know the
incoming message is supposed to be signed.
I have attached the fault trace, configuration files and wsdl.
Anyone suggestions as to what could be wrong would be greatly
appreciated as I have been poking at this for way too long.
Thanks, Mary
