Hi Jean-Noel, Yes I have access to the logs of the server :) But when I open the filee (stdout, stderr, ...) it doesn't contain anything. Or I check the bad files ;)
Best regards Tabin Cédric > Hi, > > Don't you have access to the server logs? There might be more details in > there. > > /jnc > > -----Original Message----- > From: Tabin Cédric -[ thecaptain ]- [mailto:[EMAIL PROTECTED] > Sent: mercredi 15 février 2006 9:46 > To: [email protected] > Subject: Re: [Newbie][Signature Encrypt] Server Error > > re, > > mmmh the error still stays (am I damned :D). I put here the stack trace > error. I am not very familiar with axis/wss4j but doesn't that come from > the server ? I mean... it looks like the client is okay isn't it ? > > Best regards > > Tabin Cédric > > - Using Crypto Engine [org.apache.ws.security.components.crypto.Merlin] > Exception in thread "main" AxisFault > faultCode: {http://xml.apache.org/axis/}Server > faultSubcode: > faultString: Server Error > faultActor: > faultNode: > faultDetail: > {http://xml.apache.org/axis/}stackTrace:Server Error > at > org.apache.axis.handlers.soap.SOAPService.invoke(SOAPService.java:473) > at org.apache.axis.server.AxisServer.invoke(AxisServer.java:281) > at > org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:699) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:709) > at > org.apache.axis.transport.http.AxisServletBase.service(AxisServletBase.java: > 327) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:802) > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Application > FilterChain.java:252) > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterCh > ain.java:173) > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.ja > va:213) > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.ja > va:178) > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126 > ) > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105 > ) > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java > :107) > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) > at > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) > at > org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processC > onnection(Http11BaseProtocol.java:667) > at > org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.jav > a:527) > at > org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWo > rkerThread.java:80) > at > org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.jav > a:684) > at java.lang.Thread.run(Unknown Source) > > {http://xml.apache.org/axis/}hostname:whl00213b > > Server Error > at > org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFaultBuilder.java:2 > 22) > at > org.apache.axis.message.SOAPFaultBuilder.endElement(SOAPFaultBuilder.java:12 > 9) > at > org.apache.axis.encoding.DeserializationContext.endElement(DeserializationCo > ntext.java:1087) > at org.apache.xerces.parsers.AbstractSAXParser.endElement(Unknown > Source) > at > org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanEndElement(Unknown > Source) > at > org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatc > her.dispatch(Unknown > Source) > at > org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown > Source) > at org.apache.xerces.parsers.XML11Configuration.parse(Unknown > Source) > at org.apache.xerces.parsers.XML11Configuration.parse(Unknown > Source) > at org.apache.xerces.parsers.XMLParser.parse(Unknown Source) > at org.apache.xerces.parsers.AbstractSAXParser.parse(Unknown Source) at > org.apache.xerces.jaxp.SAXParserImpl$JAXPSAXParser.parse(Unknown > Source) > at javax.xml.parsers.SAXParser.parse(SAXParser.java:375) > at > org.apache.axis.encoding.DeserializationContext.parse(DeserializationContext > .java:227) > at org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:696) > at org.apache.axis.Message.getSOAPEnvelope(Message.java:435) > at > org.apache.axis.handlers.soap.MustUnderstandChecker.invoke(MustUnderstandChe > cker.java:62) > at org.apache.axis.client.AxisClient.invoke(AxisClient.java:206) > at org.apache.axis.client.Call.invokeEngine(Call.java:2784) > at org.apache.axis.client.Call.invoke(Call.java:2767) > at org.apache.axis.client.Call.invoke(Call.java:2443) > at org.apache.axis.client.Call.invoke(Call.java:2366) > at org.apache.axis.client.Call.invoke(Call.java:1812) > at > eteaching.webservice.remote.MoodleETeachingSoapBindingStub.authenticate(Mood > leETeachingSoapBindingStub.java:411) > at eteaching.Main.main(Main.java:45) > >> Try DirectReference instead of X509KeyIdentifier for the >> encryptionKeyIdentifier parametes. >> >> And as I am aware of it, yes wss4j automatically selects the private >> key to decrypt the message. >> >> Emanuel >> >> On 2/15/06, Tabin Cédric -[ thecaptain ]- <[EMAIL PROTECTED]> >> wrote: >>> Hi Emmanuel and thanks for the so fast reply :) >>> >>> So I tried what you wrote me and I obtain those files : >>> >>> CLIENT >>> ------ >>> <deployment xmlns="http://xml.apache.org/axis/wsdd/"; >>> xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> >>> <transport name="http" >>> pivot="java:org.apache.axis.transport.http.HTTPSender"/> >>> <globalConfiguration > >>> <requestFlow > >>> <handler type="java:org.apache.ws.axis.security.WSDoAllSender" > >>> <parameter name="action" value="Signature Encrypt"/> >>> <parameter name="user" value="privatekey"/> >>> <parameter name="passwordCallbackClass" >>> value="eteaching.webservice.security.WSMainPasswordCallback"/> >>> <parameter name="signaturePropFile" value="crypto.properties" /> >>> <parameter name="encryptionUser" value="privatekey" /> >>> <parameter name="encryptionPropFile" value="crypto.properties" /> >>> >>> <parameter name="encryptionKeyIdentifier" >>> value="X509KeyIdentifier" /> >>> </handler> >>> </requestFlow> >>> </globalConfiguration> >>> </deployment> >>> >>> SERVER >>> ------ >>> <deployment xmlns="http://xml.apache.org/axis/wsdd/"; >>> xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> >>> >>> <service name="MoodleETeaching" provider="java:RPC"> >>> >>> <requestFlow> >>> <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver"> >>> <parameter name="passwordCallbackClass" >>> value="eteaching.webservice.security.WSMoodlePasswordCallback"/> >>> <parameter name="action" value="Signature Encrypt"/> >>> <parameter name="signaturePropFile" value="crypto.properties" /> >>> >>> <parameter name="decryptionPropFile" value="crypto.properties" /> >>> </handler> >>> </requestFlow> >>> >>> <parameter name="scope" value="Session" /> >>> <parameter name="className" >>> value="eteaching.webservice.MoodleETeaching"/> >>> <parameter name="allowedMethods" value="*"/> >>> >>> </deployment> >>> >>> but the server error stays :( I wonder why it wasn't working when I >>> didn't specifiy the encryptionPropFile and the decryptionPropFile... >>> the soap requests won't be encrypted ? I'm following the tutorials on >>> this page : http://ws.apache.org/wss4j/package.html on "Combine >>> Signature and Encryption" ! >>> >>> "Yes, the encryption is done with the public key so only the owner of >>> the private key can decrypt it." Yes, but does wss3j automatically >>> select the private key for the decryption on the server ? or must I >>> specify something in my deployment wsdd ??? >>> >>> Best regards >>> >>> Tabin Cédric >>> >>> > Hi Tabin! >>> > >>> > In the client wsdd configuration settings you have to set the >>> encryption properties also, meaning the parameters: encryptionUser >>> (which should be the alias of the certificate used to encrypt), >>> encryptionKeyIdentifier and encryptionPropFile (crypto.properties). >>> > >>> > On the server side you have to set the decryptionPropFile >>> > (crypto.properties to locate the keystore with the private key that >>> should be used to decrypt). >>> > >>> > Yes, the encryption is done with the public key so only the owner >>> of >>> the private key can decrypt it. >>> > >>> > Hope it helps! >>> > >>> > Emanuel >>> > >>> > On 2/15/06, Tabin Cédric -[ thecaptain ]- <[EMAIL PROTECTED]> >>> wrote: >>> >> Hi all ! >>> >> >>> >> I'm trying to set up the Signature Encrypt between my >>> >> client/webservice. As I can see, the signature & encryption are >>> okay for my client but the server doesn't work : he throws me an >>> Server Error (not very useful :D). Here are my configurations : >>> >> >>> >> CLIENT >>> >> ------ >>> >> >>> >> <deployment xmlns="http://xml.apache.org/axis/wsdd/"; >>> >> xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> >>> >> <transport name="http" >>> >> pivot="java:org.apache.axis.transport.http.HTTPSender"/> >>> >> <globalConfiguration > >>> >> <requestFlow > >>> >> <handler type="java:org.apache.ws.axis.security.WSDoAllSender" >>> > >>> >> <parameter name="action" value="Signature Encrypt"/> >>> >> <parameter name="user" value="privatekey"/> >>> >> <parameter name="passwordCallbackClass" >>> >> value="eteaching.webservice.security.WSMainPasswordCallback"/> >>> >> <parameter name="signaturePropFile" value="crypto.properties" >>> /> >>> >> </handler> >>> >> </requestFlow> >>> >> </globalConfiguration> >>> >> </deployment> >>> >> >>> >> I use the xml like this into axis : >>> >> EngineConfiguration config = new >>> >> FileProvider("mainclientconfig.wsdd"); MoodleETeachingService >>> service = new MoodleETeachingServiceLocator(config, url); >>> >> >>> >> My crypto.properties : >>> >> org.apache.ws.security.crypto.provider=org.apache.ws.security.comp >>> onents.crypto.Merlin >>> org.apache.ws.security.crypto.merlin.keystore.type=jks >>> >> org.apache.ws.security.crypto.merlin.keystore.password=security >>> org.apache.ws.security.crypto.merlin.keystore.alias=privatekey >>> org.apache.ws.security.crypto.merlin.alias.password=security >>> >> org.apache.ws.security.crypto.merlin.file=privateKeyStore >>> >> >>> >> and also my keys into the privateKeyStore : >>> >> Type keystore : jks >>> >> Fournisseur keystore : SUN >>> >> >>> >> publickey, 14 fév. 2006, trustedCertEntry, Emprunte du certificat >>> (MD5) : ..... >>> >> privateky, 14 fév. 2004, keyEntry, Emprunte du certificat (MD5) : >>> ..... >>> >> >>> >> SERVER >>> >> ------ >>> >> >>> >> I also put the same crypto.properties with this deployment file : >>> <deployment xmlns="http://xml.apache.org/axis/wsdd/"; >>> >> xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> >>> >> >>> >> <service name="MoodleETeaching" provider="java:RPC"> >>> >> >>> >> <requestFlow> >>> >> <handler >>> type="java:org.apache.ws.axis.security.WSDoAllReceiver"> >>> >> <parameter name="passwordCallbackClass" >>> >> value="eteaching.webservice.security.WSMoodlePasswordCallback"/> >>> >> <parameter name="action" value="Signature Encrypt"/> >>> >> <parameter name="signaturePropFile" value="crypto.properties" >>> /> >>> >> </handler> >>> >> </requestFlow> >>> >> >>> >> <parameter name="scope" value="Session" /> >>> >> <parameter name="className" >>> >> value="eteaching.webservice.MoodleETeaching"/> >>> >> <parameter name="allowedMethods" value="*"/> >>> >> >>> >> </service> >>> >> </deployment> >>> >> >>> >> I think I've got a problem understanding the using of the >>> certificates into wss4j (how to say : encrypt with his public key, >>> decrypt with my private key ?)... >>> >> >>> >> Thank you for the help :) >>> >> >>> >> Best regards >>> >> >>> >> Tabin Cédric >>> >> >>> >> >>> >> >>> >> ------------------------------------------------------------------ >>> --- >>> To unsubscribe, e-mail: [EMAIL PROTECTED] >>> >> For additional commands, e-mail: [EMAIL PROTECTED] >>> >>> >>> >>> >>> --------------------------------------------------------------------- >>> To unsubscribe, e-mail: [EMAIL PROTECTED] >>> For additional commands, e-mail: [EMAIL PROTECTED] > > > > > --------------------------------------------------------------------- To > unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]
