I can't access that file you linked to. It looks like the error is on the client side:
"No certificates for user client were found for signature" Generally this means that there is some mistake in your crypto.properties file, or else your CallbackHandler is not supplying the correct password to access the private key in the keystore for signature. Colm. On Mon, Mar 18, 2013 at 1:51 AM, James Yu <[email protected]> wrote: > Hi all, > > I created a test web service with Eclipse and CXF and I referenced the > tutorial provided on the following URL for setting security: > > https://sites.google.com/site/ddmwsst/ws-security-impl?pli=1#TOC-Client-Certificates-and-KeyStore > > The server seems to work all right, when I send out a request without wss > header in soapui, I the "InvalidSecurity" faultcode. > > Test Request: > <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; > xmlns:ws="http://ws.aaa.com/";> > <soapenv:Header/> > <soapenv:Body> > <ws:echo> > <!--Optional:--> > <arg0>aaa</arg0> > </ws:echo> > </soapenv:Body> > </soapenv:Envelope> > > Test Response: > <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";> > <soap:Body> > <soap:Fault> > <faultcode xmlns:ns1=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd > ">ns1:InvalidSecurity</faultcode> > <faultstring>An error was discovered processing the > <wsse:Security> header</faultstring> > </soap:Fault> > </soap:Body> > </soap:Envelope> > > However, when I tried to test the server with client, I got the following > exception: > 2013/3/18 上午 07:46:53 org.apache.cxf.phase.PhaseInterceptorChain > doDefaultLogging > WARNING: Interceptor for { > http://ws.aaa.com/}HelloWorldService#{http://ws.aaa.com/}echo has thrown > exception, unwinding now > Throwable occurred: org.apache.cxf.binding.soap.SoapFault: Security > processing failed. > at > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:272) > at > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:134) > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265) > at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) > at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124) > at $Proxy48.echo(Unknown Source) > at com.aaa.ws.client.Main.main(Main.java:12) > Caused by: org.apache.ws.security.WSSecurityException: Error during > Signature: ; nested exception is: > org.apache.ws.security.WSSecurityException: General security error (No > certificates for user client were found for signature) > at > org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:68) > at > org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:206) > at > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:50) > at > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:257) > ... 9 more > Caused by: org.apache.ws.security.WSSecurityException: General security > error (No certificates for user client were found for signature) > at > org.apache.ws.security.message.WSSecSignature.prepare(WSSecSignature.java:316) > at > org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:760) > at > org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:65) > ... 12 more > Exception in thread "main" javax.xml.ws.WebServiceException: Security > processing failed. > at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:135) > at $Proxy48.echo(Unknown Source) > at com.aaa.ws.client.Main.main(Main.java:12) > Caused by: org.apache.ws.security.WSSecurityException: Error during > Signature: ; nested exception is: > org.apache.ws.security.WSSecurityException: General security error (No > certificates for user client were found for signature) > at > org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:68) > at > org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:206) > at > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:50) > at > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:257) > at > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:134) > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:243) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265) > at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73) > at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124) > ... 2 more > Caused by: org.apache.ws.security.WSSecurityException: General security > error (No certificates for user client were found for signature) > at > org.apache.ws.security.message.WSSecSignature.prepare(WSSecSignature.java:316) > at > org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:760) > at > org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:65) > ... 12 more > > My test package and war files can be accessed through the following URL: > https://www.dropbox.com/sh/9vc9lzx45t2i4hs/gFcJ2S7JWo > > I cross referenced with many other tutorials provided on Internet and > still don't have a clue. > Any help is very much appreciated. > > > This is a UTF-8 formatted mail > ----------------------------------------------- > James C.-C.Yu > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
