How are you deploying the STS? Is it possible there is some other application in the container that is using an older version of XML Security?
Colm. On Mon, Jun 11, 2012 at 7:11 PM, Sunil Bapat <[email protected]> wrote: > This is happening on the server side when the STS is processing the > request. > Here's the output of the dependency tree. > > [INFO] [dependency:tree] > [INFO] test:asymmetric-sts:war:dev > [INFO] +- > org.apache.cxf.services.sts:cxf-services-sts-core:jar:2.6.1:provided > [INFO] | +- org.apache.cxf:cxf-rt-ws-security:jar:2.6.1:provided > [INFO] | | +- org.apache.cxf:cxf-api:jar:2.6.1:provided > [INFO] | | | +- > org.codehaus.woodstox:woodstox-core-asl:jar:4.1.2:provided > [INFO] | | | | \- org.codehaus.woodstox:stax2-api:jar:3.1.1:provided > [INFO] | | | +- > org.apache.ws.xmlschema:xmlschema-core:jar:2.0.2:provided > [INFO] | | | +- > org.apache.geronimo.specs:geronimo-javamail_1.4_spec:jar:1.7.1:provided > [INFO] | | | \- wsdl4j:wsdl4j:jar:1.6.2:provided > [INFO] | | +- org.apache.cxf:cxf-rt-core:jar:2.6.1:provided > [INFO] | | | \- com.sun.xml.bind:jaxb-impl:jar:2.1.13:provided > [INFO] | | +- org.apache.cxf:cxf-rt-bindings-soap:jar:2.6.1:provided > [INFO] | | | \- > org.apache.cxf:cxf-rt-databinding-jaxb:jar:2.6.1:provided > [INFO] | | +- net.sf.ehcache:ehcache-core:jar:2.5.1:provided > [INFO] | | | \- org.slf4j:slf4j-api:jar:1.6.1:provided > [INFO] | | \- org.apache.ws.security:wss4j:jar:1.6.6:provided > [INFO] | | +- org.apache.santuario:xmlsec:jar:1.5.2:provided > [INFO] | | \- org.opensaml:opensaml:jar:2.5.1-1:provided > [INFO] | | \- org.opensaml:openws:jar:1.4.2-1:provided > [INFO] | | \- org.opensaml:xmltooling:jar:1.3.2-1:provided > [INFO] | | \- joda-time:joda-time:jar:1.6.2:provided > [INFO] | \- org.apache.cxf:cxf-rt-ws-addr:jar:2.6.1:provided > [INFO] | \- org.apache.cxf:cxf-rt-ws-policy:jar:2.6.1:provided > [INFO] | \- org.apache.neethi:neethi:jar:3.0.2:provided > [INFO] +- junit:junit:jar:4.0:test (scope not updated to compile) > [INFO] +- org.springframework:spring-jdbc:jar:3.0.7.RELEASE:compile > [INFO] | +- org.springframework:spring-beans:jar:3.0.7.RELEASE:compile > [INFO] | +- org.springframework:spring-core:jar:3.0.7.RELEASE:compile > [INFO] | | +- org.springframework:spring-asm:jar:3.0.7.RELEASE:compile > [INFO] | | \- commons-logging:commons-logging:jar:1.1.1:compile > [INFO] | \- org.springframework:spring-tx:jar:3.0.7.RELEASE:compile > [INFO] | +- aopalliance:aopalliance:jar:1.0:compile > [INFO] | +- org.springframework:spring-aop:jar:3.0.7.RELEASE:compile > [INFO] | \- > org.springframework:spring-context:jar:3.0.7.RELEASE:compile > [INFO] | \- > org.springframework:spring-expression:jar:3.0.7.RELEASE:compile > [INFO] \- log4j:log4j:jar:1.2.16:provided (scope not updated to compile) > > Thanks > Sunil. > > > On Mon, Jun 11, 2012 at 5:06 AM, Colm O hEigeartaigh > <[email protected]> wrote: > > Are you getting that error when the STS receives the request or when the > > client is processing the response? Either way it looks like you are > pulling > > in an older version of XML Security. Could you verify by running a "mvn > > dependency:tree" and attaching the output? > > > > Colm. > > > > On Sun, Jun 10, 2012 at 1:03 PM, Sunil Bapat <[email protected]> wrote: > > > >> Using CXF 2.6.1, I am getting the following exception when trying to > >> make a web service call to an STS with asymmetric binding. I am using > >> the CXF STS client, which is calling a CXF STS. My maven project pulls > >> in include xmlsec-1.5.2. Anything else I am missing? > >> > >> Servlet.service() for servlet CXFServlet threw exception: > >> java.lang.NoSuchMethodError: > >> org.apache.xml.security.encryption.XMLCipher.setSecureValidation(Z)V > >> at > >> > org.apache.ws.security.processor.ReferenceListProcessor.decryptEncryptedData(ReferenceListProcessor.java:290) > >> [wss4j-1.6.6.jar:1.6.6] > >> at > >> > org.apache.ws.security.processor.EncryptedKeyProcessor.decryptDataRef(EncryptedKeyProcessor.java:365) > >> [wss4j-1.6.6.jar:1.6.6] > >> at > >> > org.apache.ws.security.processor.EncryptedKeyProcessor.decryptDataRefs(EncryptedKeyProcessor.java:324) > >> [wss4j-1.6.6.jar:1.6.6] > >> at > >> > org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:137) > >> [wss4j-1.6.6.jar:1.6.6] > >> at > >> > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396) > >> [wss4j-1.6.6.jar:1.6.6] > >> at > >> > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:289) > >> [cxf-rt-ws-security-2.6.1.jar:2.6.1] > >> at > >> > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:97) > >> [cxf-rt-ws-security-2.6.1.jar:2.6.1] > >> at > >> > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262) > >> [cxf-api-2.6.1.jar:2.6.1] > >> at > >> > org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:122) > >> [cxf-api-2.6.1.jar:2.6.1] > >> at > >> > org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:211) > >> [cxf-rt-transports-http-2.6.1.jar:2.6.1] > >> at > >> > org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:213) > >> [cxf-rt-transports-http-2.6.1.jar:2.6.1] > >> > >> Thanks > >> Sunil. > >> > > > > > > > > -- > > Colm O hEigeartaigh > > > > Talend Community Coder > > http://coders.talend.com > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
