Hi Srinivas, You must use the USER property to configure the keystore alias when you are only doing signature. SIGNATURE_USER comes in to play in the scenario of (e.g.) a UsernameToken and a Signature, when you specify the username of the UsernameToken via USER, and the keystore alias via SIGNATURE_USER. I've tested this in a unit test on trunk and it works fine:
http://svn.apache.org/viewvc?view=revision&revision=1142961 Could you take a look at the test-case and see if anything jumps out at you. Failing that, you'll need to supply a test-case to show the problem. Colm. On Mon, Jul 4, 2011 at 12:20 PM, srinivas thallapalli <[email protected]> wrote: > Hi Colm, > > Actually I am configuring UsernameToken, Encrypt and Signature standards for > my cxf webservice. > With 2.3.7 version of CXF everything working fine. Upgrading to 2.4.1 > causing this issue, the keystores and configurations files are same. > > With my investigation, I suspect there is conflict is happening with USER > and SIGNATURE_USER. > I am > > Tested in following scenarios: > > case 1: If I use only Signature standard by passing alias name to > SIGNATURE_USER, exception coming up > as *org.apache.cxf.binding.soap.SoapFault: Empty username for > specified action*. If I > pass same alias name with USER property, it works fine. > > case 2: If I use UsernameToken and Signature by passing USERNAMETOKEN > username to USER property > and SIGNATURE aliasname to SIGNATURE_USER. then the original > issue is reproducible. > > So my conclusion is, some how signature alias also reffering to USER > property, hence there is no private key for usernametoken user in keystore > and fails. > > Please let me know, if any further information is required. > > Thanks and Regards > Srini > > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/WS-Security-Issue-with-upgrading-from-CXF-2-3-3-to-CXF-2-4-1-tp4541788p4549716.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh http://coheigea.blogspot.com/ Talend - http://www.talend.com
