The error you are seeing is unrelated to whether the policy interceptor is invoked or not - WSS4JInInterceptor processes the inbound request in both cases. The root cause is the last error:
> Caused by: javax.xml.crypto.NoSuchMechanismException: class configured for > XMLSignatureFactory: org.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory > not a XMLSignatureFactory What kind of environment are you running? I have seen similar errors with Websphere. Could you turn logging up to the max and attach it? Colm. On Sat, Feb 4, 2012 at 8:43 PM, sram <[email protected]> wrote: > I work on CXF2.5.2 with WS-SecurityPolicy following instructions > (DoubleItAsymmetricSESupportingPolicy) posted from > > http://svn.apache.org/viewvc/cxf/trunk/systests/ws-security-examples/src/test/resources/org/apache/cxf/systest/wssec/examples/ut/DoubleItUt.wsdl?view=markup > > Issue is, when signature is mandated in my policy file, instead of > PolicyInterceptor I see WSS4JInterceptor invoked, which tries to process and > fails with General Security Error below. I have xmlsec-1.4.6.jar, > wss4j-1.6.4.jar in classpath > > I tried a different policy, TLS with usernametoken, and found > PolicyInterceptor rightly invoked and processing instructions. Am I missing > something or is this a bug. Please advise. > >>>>>>>>>> > cxf-servlet.xml > > <jaxws:endpoint ... > <jaxws:properties> > <entry key="ws-security.ut.validator"> > <ref bean="SecurityInterceptor" /> > </entry> > <entry key="ws-security.callback-handler" > value="com.mellon.workbench.services.ping.UTPasswordCallback"/> > <entry key="ws-security.signature.properties" > value="classpath:server-keystore.properties"/> > </jaxws:properties> > </jaxws:endpoint> > >>>>>> > web.xml > contextConfigLocation takes, > classpath:META-INF/cxf/cxf-all.xml > > >>>>>>> > Exception > 2/4/12 15:11:01:373 EST] 00000032 WSS4JInInterc W > org.apache.ws.security.WSSecurityException: > General security error (Unable to load class > org.apache.ws.security.processor.SignatureProcessor) > at org.apache.ws.security.WSSConfig.getProcessor(WSSConfig.java:791) > at > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:394) > at > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:249) > at > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:85) > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263) > at > org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:123) > at > org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:207) > at > org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:213) > ... > > Caused by: javax.xml.crypto.NoSuchMechanismException: class configured for > XMLSignatureFactory: org.jcp.xml.dsig.internal.dom.DOMXMLSignatureFactory > not a XMLSignatureFactory > at javax.xml.crypto.dsig.XMLDSigSecurity.doGetImpl(Unknown Source) > at javax.xml.crypto.dsig.XMLDSigSecurity.getImpl(Unknown Source) > at javax.xml.crypto.dsig.XMLDSigSecurity.getImpl(Unknown Source) > at javax.xml.crypto.dsig.XMLSignatureFactory.findInstance(Unknown > Source) > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/WSSJ-Interceptor-invoked-instead-of-Policy-tp5456874p5456874.html > Sent from the cxf-user mailing list archive at Nabble.com. -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
