Thanks Dan for those precisions, they are very helpful indeed.
As I cannot push the application to production with a snapshot library, I
am requesting the other party to sign only the detail subtree of the soap
fault message.
By the way, depending on the snapshots (2.5.3 or 2.6.0) raises another
issue: the CXF bus is not loaded. I guess it is a possible mismatch of
dependent libraries.
A snippet of the stacktrace is shown below. Should you have any idea of the
causes of this, i will appreciate. For information, I am not running into
this with CXF releases until 2.5.2.
Cheers,
Maj
java.lang.NoSuchMethodError:
org.springframework.context.support.AbstractApplicationContext.getApplicationListeners()Ljava/util/Collection;
at
org.apache.cxf.transport.servlet.CXFServlet.loadBus(CXFServlet.java:52)
at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.init(CXFNonSpringServlet.java:66)
at
org.apache.catalina.core.StandardWrapper.loadServlet(StandardWrapper.java:1173)
at
org.apache.catalina.core.StandardWrapper.load(StandardWrapper.java:993)
at
org.apache.catalina.core.StandardContext.loadOnStartup(StandardContext.java:4187)
at
org.apache.catalina.core.StandardContext.start(StandardContext.java:4496)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
at org.apache.catalina.core.StandardHost.start(StandardHost.java:785)
at org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1045)
at
org.apache.catalina.core.StandardEngine.start(StandardEngine.java:443)
at
org.apache.catalina.core.StandardService.start(StandardService.java:519)
at
org.apache.catalina.core.StandardServer.start(StandardServer.java:710)
at org.apache.catalina.startup.Catalina.start(Catalina.java:581)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
at java.lang.reflect.Method.invoke(Unknown Source)
at org.apache.catalina.startup.Bootstrap.start(Bootstrap.java:289)
at org.apache.catalina.startup.Bootstrap.main(Bootstrap.java:414)
12 avr. 2012 16:48:58 org.apache.catalina.core.StandardContext loadOnStartup
java.lang.NoSuchMethodError:
org.springframework.context.support.AbstractApplicationContext.getApplicationListeners()Ljava/util/Collection;
at
org.apache.cxf.transport.servlet.CXFServlet.loadBus(CXFServlet.java:52)
at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.init(CXFNonSpringServlet.java:66)
On 11 April 2012 23:35, Daniel Kulp <[email protected]> wrote:
> On Wednesday, April 11, 2012 12:57:37 PM Fansi wrote:
> > Hi,
> >
> > Thanks for replying.
> >
> > I am getting the same issue using cxf 2.3.9 and wss4j 1.5.12. May be
> > something is wrong with the signature itself. i am going the check.
>
> You *MAY* actually have to go all the way to the latest 2.5.3-SNAPSHOT or
> 2.6.0-SNAPSHOT. As part of CXF-4181, Aki, Alessio, and I did a bunch of
> updates to the SAAJInInterceptor and other SAAJ handling to make sure the
> Faults are properly parsed into the SAAJ model needed for the security.
> With the older versions, if you JUST sign the detail element, it may work,
> but signing the entire body likely won't.
>
> Dan
>
>
> >
> > Cheers,
> >
> > Maj
> >
> > On 11 April 2012 10:26, Freeman Fang <[email protected]> wrote:
> > > Hi,
> > >
> > > Could you try with more recent CXF version, most likely this issue
> > > already get resolved.
> > > CXF 2.1.9 is quite old and even CXF 2.2.x is out-of-support now.
> > >
> > > Freeman
> > >
> > > On 2012-4-10, at 下午5:30, Fansi wrote:
> > > Hi mate,
> > >
> > >> I am currently encountering an apparently old issue with CXF. In fact
> > >> signature verification systematically fails when signed message is a
> > >> soap
> > >> fault. Signature verification for regular message is OK.
> > >>
> > >> I am using Mule ESB as security proxy, which in turn integrates CXF
> > >> 2.1.9. A snippet of the stack trace is shown below. From this mailing
> > >> list's archive, I noticed that this issue has been raised by someone
> > >> else on september 2009.
> > >>
> > >> Does anyone has any hint as to how to manage this? Any suggestion
> would
> > >> be appreciated.
> > >>
> > >> With kind regards,
> > >>
> > >> Maj
> > >>
> > >> org.apache.ws.security.**WSSecurityException: The signature or
> > >> decryption was
> > >> invalid
> > >>
> > >> at
> > >>
> > >> org.apache.ws.security.**processor.SignatureProcessor.**
> > >> verifyXMLSignature(**SignatureProcessor.java:529)
> > >>
> > >> at
> > >>
> > >> org.apache.ws.security.**processor.SignatureProcessor.**handleToken(**
> > >> SignatureProcessor.java:97)
> > >>
> > >> at
> > >>
> > >> org.apache.ws.security.**WSSecurityEngine.**processSecurityHeader(**
> > >> WSSecurityEngine.java:326)
> > >>
> > >> at
> > >>
> > >> org.apache.ws.security.**WSSecurityEngine.**processSecurityHeader(**
> > >> WSSecurityEngine.java:243)
> > >>
> > >> at
> > >>
> > >>
> org.apache.cxf.ws.security.**wss4j.WSS4JInInterceptor.**handleMessage(*
> > >> *
> > >> WSS4JInInterceptor.java:180)
> > >>
> > >> at
> > >>
> > >>
> org.apache.cxf.ws.security.**wss4j.WSS4JInInterceptor.**handleMessage(*
> > >> *
> > >> WSS4JInInterceptor.java:67)
> > >>
> > >> at
> > >>
> > >> org.apache.cxf.phase.**PhaseInterceptorChain.**doIntercept(**
> > >> PhaseInterceptorChain.java:**243)
> > >
> > > ------------------------------**---------------
> > > Freeman Fang
> > >
> > > FuseSource
> > > Email:[email protected]
> > > Web: fusesource.com
> > > Twitter: freemanfang
> > > Blog: http://freemanfang.blogspot.**com
> > > <http://freemanfang.blogspot.com>
> > > http://blog.sina.com.cn/u/**1473905042<
> http://blog.sina.com.cn/u/1473905
> > > 042> weibo: http://weibo.com/u/1473905042
> --
> Daniel Kulp
> [email protected]
> http://dankulp.com/blog
>
