Hello Freeman, Thanks for your advice, I'll check it out. I've the merlin line into the properties file and I play with the alias name (I show the aliases in my keystore and play with the alias names).
I'll check the example. Thanks! 2010/12/9 Freeman Fang <[email protected]> > Hi, > > We actually have a ws_security/sign_enc example shipped with kit which > should exactly match your scenario, you may need check that example to see > the difference with your code and figure out why your code doesn't work. > And my other comment inline. > > On 2010-12-10, at 上午4:27, Juan Pablo Pizarro wrote: > > Hello everybody, I'm trying to use X509 certificate to sign/encrypt a >> request. I have JDK6 (of Oracle/Sun), Eclipse helios, LInux Ubuntu 9.4 and >> CXF 2.4 SNAPSHOT. >> >> My config is: >> >> SpringBusFactory bf = new SpringBusFactory(); >> URL busFile = Client.class.getResource("wssec.xml"); >> Bus bus = bf.createBus(busFile.toString()); >> SpringBusFactory.setDefaultBus(bus); >> >> Map<String,Object> outProps = new HashMap<String,Object>(); >> outProps.put("action", "Timestamp Signature Encrypt"); >> outProps.put("user", "DNAWSSCliente"); >> outProps.put("signaturePropFile", "Client_Sign.properties"); >> outProps.put("signatureKeyIdentifier", "DirectReference"); >> outProps.put("passwordCallbackClass", >> com.casa.wss.demo.UTPasswordCallback.class.getName()); >> outProps.put("signatureParts", "{Element}{ >> >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd%7DTimestamp%3B%7BElement%7D%7Bhttp://schemas.xmlsoap.org/soap/envelope/%7DBody> >> "); >> outProps.put("encryptionPropFile", "Client_Sign.properties"); >> outProps.put("encryptionUser", "DNAWSSCliente"); >> outProps.put("signatureUser", "DNAWSS"); >> outProps.put("encryptionParts", "{Element}{ >> >> http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body<http://www.w3.org/2000/09/xmldsig#%7DSignature%3B%7BContent%7D%7Bhttp://schemas.xmlsoap.org/soap/envelope/%7DBody> >> "); >> outProps.put("encryptionSymAlgorithm", " >> http://www.w3.org/2001/04/xmlenc#tripledes-cbc";); >> outProps.put("encryptionKeyTransportAlgorithm", " >> http://www.w3.org/2001/04/xmlenc#rsa-1_5";); >> WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps); >> //request >> bus.getInInterceptors().add(wssOut); >> bus.getInInterceptors().add(new SAAJOutInterceptor()); >> >> Map<String,Object> inProps= new HashMap<String,Object>(); >> inProps.put("action", "Timestamp Signature Encrypt"); >> inProps.put("signaturePropFile", "Client_Sign.properties"); >> inProps.put("passwordCallbackClass", >> com.casa.wss.demo.UTPasswordCallback.class.getName()); >> inProps.put("decryptionPropFile", "Client_Sign.properties"); >> WSS4JInInterceptor wssIn = new WSS4JInInterceptor(inProps); >> //response >> bus.getInInterceptors().add(wssIn); >> bus.getInInterceptors().add(new SAAJInInterceptor()); >> >> The signature parts are not the correct, but the error is previus (in >> other >> test I put the correct parts). >> >> My properties file: >> > I think here you miss > > org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin > > > >> org.apache.ws.security.crypto.merlin.keystore.type=JKS >> org.apache.ws.security.crypto.merlin.keystore.password=dnawsscliente2 >> org.apache.ws.security.crypto.merlin.keystore.alias=dnawss >> > > and how about change to > org.apache.ws.security.crypto.merlin.keystore.alias= DNAWSSCliente > > Freeman > > > org.apache.ws.security.crypto.merlin.file=DNAWSSCliente.jks >> >> The public and private key is into the same file. >> >> I google and up to now, i didn't found a solution. >> >> And the error: >> >> log4j:WARN No appenders could be found for logger >> (org.apache.cxf.bus.spring.BusApplicationContext). >> log4j:WARN Please initialize the log4j system properly. >> Dec 9, 2010 5:51:39 PM org.apache.cxf.bus.spring.BusApplicationContext >> getConfigResources >> INFO: Loaded configuration file >> >> file:/home/jpp/JAVA/workspace/pruebaDNA8/build/classes/com/casa/wss/demo/wssec.xml. >> Dec 9, 2010 5:55:39 PM >> org.apache.cxf.service.factory.ReflectionServiceFactoryBean >> buildServiceFromWSDL >> INFO: Creating Service >> {http://tempuri.org/}MenStock<http://tempuri.org/%7DMenStock>from WSDL: >> http://wss.aduanas.gub.uy/LuciaWsSecurity/Stock.svc?wsdl >> Dec 9, 2010 5:55:41 PM >> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler >> doSignBeforeEncrypt >> WARNING: Sign before encryption failed due to : No signature username >> found. >> Dec 9, 2010 5:55:41 PM org.apache.cxf.phase.PhaseInterceptorChain >> doDefaultLogging >> WARNING: Interceptor for { >> http://tempuri.org/}MenStock#{http://tempuri.org/}MensajeStock<http://tempuri.org/%7DMenStock#%7Bhttp://tempuri.org/%7DMensajeStock>has >> thrown >> exception, unwinding now >> org.apache.cxf.interceptor.Fault: No signature username found. >> at >> >> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:145) >> at >> >> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:90) >> at >> >> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:139) >> at >> >> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:77) >> at >> >> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247) >> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516) >> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313) >> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265) >> at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) >> at >> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124) >> at $Proxy43.mensajeStock(Unknown Source) >> at com.casa.wss.demo.Client.main(Client.java:177) >> Caused by: org.apache.cxf.ws.policy.PolicyException: No signature username >> found. >> at >> >> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:283) >> at >> >> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.getSignatureBuider(AbstractBindingBuilder.java:1349) >> at >> >> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignature(AsymmetricBindingHandler.java:395) >> at >> >> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:107) >> ... 11 more >> javax.xml.ws.soap.SOAPFaultException: No signature username found. >> at >> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:146) >> at $Proxy43.mensajeStock(Unknown Source) >> at com.casa.wss.demo.Client.main(Client.java:177) >> Caused by: org.apache.cxf.ws.policy.PolicyException: No signature username >> found. >> at >> >> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:283) >> at >> >> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.getSignatureBuider(AbstractBindingBuilder.java:1349) >> at >> >> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignature(AsymmetricBindingHandler.java:395) >> at >> >> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:107) >> at >> >> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:90) >> at >> >> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:139) >> at >> >> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:77) >> at >> >> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247) >> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516) >> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313) >> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265) >> at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) >> at >> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124) >> ... 2 more >> > > > -- > Freeman Fang > > ------------------------ > > FuseSource: http://fusesource.com > blog: http://freemanfang.blogspot.com > twitter: http://twitter.com/freemanfang > Apache Servicemix:http://servicemix.apache.org > Apache Cxf: http://cxf.apache.org > Apache Karaf: http://karaf.apache.org > Apache Felix: http://felix.apache.org > >
