Hi Chris,
Can you try running this against a SNAPSHOT version of trunk? I updated the exception propagation in SignatureAction to throw the exception, rather than just the message, so it might give you more information than what you're seeing. Why not just write your own crypto implementation rather than use Merlin btw? Colm. ________________________________ From: Chris Long [mailto:[EMAIL PROTECTED] Sent: 25 November 2008 20:03 To: [email protected] Subject: Help needed in manually loading a certificate using WSHandler Hello: I'm currently running into some issues while attempting to manually load a certificate to sign a SOAP message with instead of using a certificate loaded in a keystore. Currently I am attempting to do the following: 1) create a Crypto object by using: Crypto crypt = CryptoFactory.getInstance("D:/crypto-testclient.properties"); Where the crypto-testclient.properties file looks like this: org.apache.ws.security.crypto.provider=org.apache.ws.security.components .crypto.Merlin org.apache.ws.security.crypto.merlin.keystore.type=jks org.apache.ws.security.crypto.merlin.keystore.password=test org.apache.ws.security.crypto.merlin.file=D://testclient-keystore 2) load the certificate into the Crypto object: String filePath = "D:\\chris-testclient.crt"; FileInputStream fis = new FileInputStream(filePath); crypt.loadCertificate(fis); 3) set the following: RequestData reqData = new RequestData(); reqData.setMsgContext(msgContext); reqData.getSignatureParts().removeAllElements(); reqData.getEncryptParts().removeAllElements(); reqData.setNoSerialization(false); reqData.setUsername("chris-testclient"); int doAction = WSSecurityUtil.decodeAction("Signature", actions); 4) Create a Document object and store the SOAP envelope in it. 5) At this point I've overloaded the doSenderAction to pass my Crypto object along. Since the only action I care about is the Signature I've modified if ((doAction & WSConstants.SIGN) == WSConstants.SIGN) {...} block to the following: if ((doAction & WSConstants.SIGN) == WSConstants.SIGN) { Crypto crypto = (Crypto) cryptos.get(sigPropFile); if (crypto == null) { try { String filePath = "D:\\chris-testclient.crt"; FileInputStream fis = new FileInputStream(filePath); crypto = CryptoFactory.getInstance("D://crypto-testclient.properties", this.getClassLoader(reqData.getMsgContext())); crypto.loadCertificate(fis); cryptos.put(sigPropFile, crypto); } catch (Exception e) {System.out.println("Exception in doAction");} } reqData.setSigCrypto(crypto); decodeSignatureParameter(reqData); } Once doSenderAction gets to: wssConfig.getAction(actionToDo).execute(this, actionToDo, doc, reqData); I get the following error: Caused by: org.apache.ws.security.WSSecurityException: WSHandler: Signature: error during message procesingorg.apache.ws.security.WSSecurityException: General security error (Unexpected number of X509Data: for Signature) at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.ja va:57) Can anyone tell me what I'm doing wrong? Or if I need to provide more information to get an answer? Thanks, Christopher Long
