Could you submit a test-case that reproduces the problem? Note that CXF 2.7.x + WSS4J 1.6.x are no longer supported.
Colm. On Thu, Oct 19, 2017 at 12:45 PM, [email protected] <[email protected] > wrote: > Environment: > cxf-bundle: 2.7.18 > wss4j: 1.6.19 > > I am trying to act as a soap client and send a soap message which is both > signed and encrypted. For signing and encrypting, different keystores are > used. My own private key for signing and a server's public certificate for > encrypting the soap body. > > The signaturePropFile points to a location which is at the following level > relative to my application's jar : > > | - soap-client-application.jar > | - client (directory containing different clients and their keys) > | | - clientName > | | | - client.jks > > The issue I'm facing is the following: > DEBUG [2017-10-19 11:29:54,644] org.apache.ws.security.util.Loader: > Trying to find [file:///Users/blah/git/ms-service-tl-de-eucompliance/ > target/client/1080.1/sign.properties] using sun.misc.Launcher$ > AppClassLoader@18b4aac2 class loader. > DEBUG [2017-10-19 11:29:54,645] org.apache.ws.security.util.Loader: > Trying to find [file:///Users/blah/git/ms-service-tl-de-eucompliance/ > target/client/1080.1/sign.properties] using sun.misc.Launcher$ > AppClassLoader@18b4aac2 class loader. > DEBUG [2017-10-19 11:29:54,645] org.apache.ws.security.util.Loader: > Trying to find [file:///Users/blah/git/ms-service-tl-de-eucompliance/ > target/client/1080.1/sign.properties] using ClassLoader.getSystemResource( > ). > WARN [2017-10-19 11:29:54,649] org.apache.cxf.phase.PhaseInterceptorChain: > Interceptor for {http://EMVS.EU/20161/}Product#{http://EMVS.EU/20161/ > }ProcessProductMasterData has thrown exception, unwinding now > ! org.apache.ws.security.WSSecurityException: General security error > (Cannot load the resource file:///Users/blah/git/ms- > service-tl-de-eucompliance/target/client/1080.1/sign.properties) > ! at org.apache.ws.security.components.crypto.CryptoFactory.getProperties( > CryptoFactory.java:261) > ! at org.apache.ws.security.components.crypto.CryptoFactory.getInstance( > CryptoFactory.java:186) > ! at org.apache.cxf.ws.security.wss4j.AbstractWSS4JInterceptor. > loadCryptoFromPropertiesFile(AbstractWSS4JInterceptor.java:224) > ! at org.apache.ws.security.handler.WSHandler.loadCrypto( > WSHandler.java:910) > ! at org.apache.ws.security.handler.WSHandler. > loadSignatureCrypto(WSHandler.java:823) > ! at org.apache.ws.security.handler.WSHandler. > doSenderAction(WSHandler.java:143) > ! at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200( > WSS4JOutInterceptor.java:52) > ! at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$ > WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:265) > > As you can see above, the application is unable to load the sign.props > file even though the path is valid. I tried several different paths like > the following but I get the same error: > - (Cannot load the resource file:///Users/blah/git/ms- > service-tl-de-eucompliance/target/client/1080.1/sign.properties) > - (Cannot load the resource file:Users/blah/git/ms- > service-tl-de-eucompliance/target/client/1080.1/sign.properties) > - (Cannot load the resource /Users/blah/git/ms-service-tl- > de-eucompliance/target/client/1080.1/sign.properties) > > I have also followed this thread: https://stackoverflow.com/ > questions/30685860/how-to-load-the-cxf-wss4j-crypto- > property-file-from-external-location-other-than . This thread has 2 > comments: > > 1. > one is to load the properties by extending the WSS4JOutInterceptor class. > This works but I need to be able to use different keystores: one for > signing and another different one for encrypting. The crypto property does > not allow me to do that. > > 2. > the other is to do what I have been describing above which is to create > the files in a certain place on the filesystem and then load them up. I get > the error above when I do this. This is supposedly fixed in > https://issues.apache.org/jira/browse/WSS-540 . > > I'm not sure what I'm doing wrongly. Any help is greatly appreciated. I > have been trying to solve this for a couple of days now. > > Thanks! > -PR > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
