Got it, I mixed the policy-driven configuration with my own wss4j interceptors. Removing them and adding the proper configuration to the jaxws:client did the trick. Quite simple!
bschuette wrote: > > Hi there, > > using CXF 2.2.4, I have to implement a client against an Axis2 server > using the follwing policy snippet: > > <sp:X509Token > sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Always";> > <wsp:Policy> > <sp:RequireDerivedKeys/> > <sp:WssX509V3Token10 /> > </wsp:Policy> > </sp:X509Token> > > Security actions used are Signature and Encryption. > > According the docs, I configure my client through cxf.xml using the > createdByApi option: > > <jaxws:client > name="{http://com.foo/fooService}FooPort"; > createdFromAPI="true" wsdlLocation="wsdl/fooService.wsdl"> > ... <!-- WS-Security in- and out-interceptors --> > > Calling the client, I get the following exception: > > org.apache.ws.security.WSSecurityException: General security error; nested > exception is: > org.apache.ws.security.conversation.ConversationException: Error > in key derivation > at > org.apache.ws.security.processor.DerivedKeyTokenProcessor.deriveKey(DerivedKeyTokenProcessor.java:117) > at > org.apache.ws.security.processor.DerivedKeyTokenProcessor.handleToken(DerivedKeyTokenProcessor.java:86) > at > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:326) > at > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:243) > at > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:198) > at > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:77) > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:236) > at > org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:664) > at > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:2160) > at > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:2040) > at > org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1965) > at > org.apache.cxf.io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java:47) > at > org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:188) > at > org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66) > at > org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:627) > at > org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62) > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:236) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:478) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:308) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:260) > at > org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) > at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124) > at ...bla... > Caused by: > org.apache.ws.security.conversation.ConversationException: Error in key > derivation > at > org.apache.ws.security.conversation.dkalgo.P_SHA1.createKey(P_SHA1.java:65) > at > org.apache.ws.security.processor.DerivedKeyTokenProcessor.deriveKey(DerivedKeyTokenProcessor.java:114) > ... 24 more > Caused by: java.lang.IllegalArgumentException: Missing argument > at javax.crypto.spec.SecretKeySpec.<init>(DashoA12275) > at > org.apache.ws.security.conversation.dkalgo.P_SHA1.P_hash(P_SHA1.java:86) > at > org.apache.ws.security.conversation.dkalgo.P_SHA1.createKey(P_SHA1.java:55) > ... 25 more > > > Any hints? > > > -- View this message in context: http://old.nabble.com/WS-SecureConversation-and-RequireDerivedKeys-causes-Exception-tp26271856p26286185.html Sent from the cxf-user mailing list archive at Nabble.com.
