Hi,
We actually have a ws_security/sign_enc example shipped with kit which
should exactly match your scenario, you may need check that example to
see the difference with your code and figure out why your code doesn't
work.
And my other comment inline.
On 2010-12-10, at 上午4:27, Juan Pablo Pizarro wrote:
Hello everybody, I'm trying to use X509 certificate to sign/encrypt a
request. I have JDK6 (of Oracle/Sun), Eclipse helios, LInux Ubuntu
9.4 and
CXF 2.4 SNAPSHOT.
My config is:
SpringBusFactory bf = new SpringBusFactory();
URL busFile = Client.class.getResource("wssec.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
Map<String,Object> outProps = new HashMap<String,Object>();
outProps.put("action", "Timestamp Signature Encrypt");
outProps.put("user", "DNAWSSCliente");
outProps.put("signaturePropFile",
"Client_Sign.properties");
outProps.put("signatureKeyIdentifier", "DirectReference");
outProps.put("passwordCallbackClass",
com.casa.wss.demo.UTPasswordCallback.class.getName());
outProps.put("signatureParts", "{Element}{
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body
");
outProps.put("encryptionPropFile",
"Client_Sign.properties");
outProps.put("encryptionUser", "DNAWSSCliente");
outProps.put("signatureUser", "DNAWSS");
outProps.put("encryptionParts", "{Element}{
http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas.xmlsoap.org/soap/envelope/
}Body
");
outProps.put("encryptionSymAlgorithm", "
http://www.w3.org/2001/04/xmlenc#tripledes-cbc";);
outProps.put("encryptionKeyTransportAlgorithm", "
http://www.w3.org/2001/04/xmlenc#rsa-1_5";);
WSS4JOutInterceptor wssOut = new
WSS4JOutInterceptor(outProps);
//request
bus.getInInterceptors().add(wssOut);
bus.getInInterceptors().add(new SAAJOutInterceptor());
Map<String,Object> inProps= new HashMap<String,Object>();
inProps.put("action", "Timestamp Signature Encrypt");
inProps.put("signaturePropFile", "Client_Sign.properties");
inProps.put("passwordCallbackClass",
com.casa.wss.demo.UTPasswordCallback.class.getName());
inProps.put("decryptionPropFile",
"Client_Sign.properties");
WSS4JInInterceptor wssIn = new WSS4JInInterceptor(inProps);
//response
bus.getInInterceptors().add(wssIn);
bus.getInInterceptors().add(new SAAJInInterceptor());
The signature parts are not the correct, but the error is previus
(in other
test I put the correct parts).
My properties file:
I think here you miss
org
.apache
.ws
.security
.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=JKS
org.apache.ws.security.crypto.merlin.keystore.password=dnawsscliente2
org.apache.ws.security.crypto.merlin.keystore.alias=dnawss
and how about change to
org.apache.ws.security.crypto.merlin.keystore.alias= DNAWSSCliente
Freeman
org.apache.ws.security.crypto.merlin.file=DNAWSSCliente.jks
The public and private key is into the same file.
I google and up to now, i didn't found a solution.
And the error:
log4j:WARN No appenders could be found for logger
(org.apache.cxf.bus.spring.BusApplicationContext).
log4j:WARN Please initialize the log4j system properly.
Dec 9, 2010 5:51:39 PM org.apache.cxf.bus.spring.BusApplicationContext
getConfigResources
INFO: Loaded configuration file
file:/home/jpp/JAVA/workspace/pruebaDNA8/build/classes/com/casa/wss/
demo/wssec.xml.
Dec 9, 2010 5:55:39 PM
org.apache.cxf.service.factory.ReflectionServiceFactoryBean
buildServiceFromWSDL
INFO: Creating Service {http://tempuri.org/}MenStock from WSDL:
http://wss.aduanas.gub.uy/LuciaWsSecurity/Stock.svc?wsdl
Dec 9, 2010 5:55:41 PM
org
.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler
doSignBeforeEncrypt
WARNING: Sign before encryption failed due to : No signature
username found.
Dec 9, 2010 5:55:41 PM org.apache.cxf.phase.PhaseInterceptorChain
doDefaultLogging
WARNING: Interceptor for {
http://tempuri.org/}MenStock#{http://tempuri.org/}MensajeStock has
thrown
exception, unwinding now
org.apache.cxf.interceptor.Fault: No signature username found.
at
org
.apache
.cxf
.ws
.security
.wss4j
.policyhandlers
.AsymmetricBindingHandler
.doSignBeforeEncrypt(AsymmetricBindingHandler.java:145)
at
org
.apache
.cxf
.ws
.security
.wss4j
.policyhandlers
.AsymmetricBindingHandler
.handleBinding(AsymmetricBindingHandler.java:90)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor
$
PolicyBasedWSS4JOutInterceptorInternal
.handleMessage(PolicyBasedWSS4JOutInterceptor.java:139)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor
$
PolicyBasedWSS4JOutInterceptorInternal
.handleMessage(PolicyBasedWSS4JOutInterceptor.java:77)
at
org
.apache
.cxf
.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:
247)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
at
org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:
124)
at $Proxy43.mensajeStock(Unknown Source)
at com.casa.wss.demo.Client.main(Client.java:177)
Caused by: org.apache.cxf.ws.policy.PolicyException: No signature
username
found.
at
org
.apache
.cxf
.ws
.security
.wss4j
.policyhandlers
.AbstractBindingBuilder
.policyNotAsserted(AbstractBindingBuilder.java:283)
at
org
.apache
.cxf
.ws
.security
.wss4j
.policyhandlers
.AbstractBindingBuilder
.getSignatureBuider(AbstractBindingBuilder.java:1349)
at
org
.apache
.cxf
.ws
.security
.wss4j
.policyhandlers
.AsymmetricBindingHandler.doSignature(AsymmetricBindingHandler.java:
395)
at
org
.apache
.cxf
.ws
.security
.wss4j
.policyhandlers
.AsymmetricBindingHandler
.doSignBeforeEncrypt(AsymmetricBindingHandler.java:107)
... 11 more
javax.xml.ws.soap.SOAPFaultException: No signature username found.
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:
146)
at $Proxy43.mensajeStock(Unknown Source)
at com.casa.wss.demo.Client.main(Client.java:177)
Caused by: org.apache.cxf.ws.policy.PolicyException: No signature
username
found.
at
org
.apache
.cxf
.ws
.security
.wss4j
.policyhandlers
.AbstractBindingBuilder
.policyNotAsserted(AbstractBindingBuilder.java:283)
at
org
.apache
.cxf
.ws
.security
.wss4j
.policyhandlers
.AbstractBindingBuilder
.getSignatureBuider(AbstractBindingBuilder.java:1349)
at
org
.apache
.cxf
.ws
.security
.wss4j
.policyhandlers
.AsymmetricBindingHandler.doSignature(AsymmetricBindingHandler.java:
395)
at
org
.apache
.cxf
.ws
.security
.wss4j
.policyhandlers
.AsymmetricBindingHandler
.doSignBeforeEncrypt(AsymmetricBindingHandler.java:107)
at
org
.apache
.cxf
.ws
.security
.wss4j
.policyhandlers
.AsymmetricBindingHandler
.handleBinding(AsymmetricBindingHandler.java:90)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor
$
PolicyBasedWSS4JOutInterceptorInternal
.handleMessage(PolicyBasedWSS4JOutInterceptor.java:139)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor
$
PolicyBasedWSS4JOutInterceptorInternal
.handleMessage(PolicyBasedWSS4JOutInterceptor.java:77)
at
org
.apache
.cxf
.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:
247)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
at
org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:
124)
... 2 more
--
Freeman Fang
------------------------
FuseSource: http://fusesource.com
blog: http://freemanfang.blogspot.com
twitter: http://twitter.com/freemanfang
Apache Servicemix:http://servicemix.apache.org
Apache Cxf: http://cxf.apache.org
Apache Karaf: http://karaf.apache.org
Apache Felix: http://felix.apache.org
