Dear all, I suppose this a question already addressed before. However, even with the help of former responses I couldn't achieve an answer to my problem.
I have a web service. I want to sign any call to this web service. For this I provided a keystore from where public and private keys should be gathered. In fact, I tried to follow the guidelines from this tutorial: http://www.devx.com/Java/Article/28816/1954?pf=true. I've been receiving constantly the following exception: org.apache.ws.security.WSSecurityException: Error during Signature: ; nested exception is: org.apache.ws.security.WSSecurityException: General security error (No certificates for user privkey were found for signature)nothing at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:60) at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:201) at org.apache.ws.axis.security.WSDoAllSender.invoke(WSDoAllSender.java:168) at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32) at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118) at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83) at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127) at org.apache.axis.client.Call.invokeEngine(Call.java:2784) at org.apache.axis.client.Call.invoke(Call.java:2767) at org.apache.axis.client.Call.invoke(Call.java:2443) at org.apache.axis.client.Call.invoke(Call.java:2366) at org.apache.axis.client.Call.invoke(Call.java:1812) at wss.client.PubCertClient.main(PubCertClient.java:57) Caused by: org.apache.ws.security.WSSecurityException: General security error (No certificates for user privkey were found for signature) at org.apache.ws.security.message.WSSecSignature.prepare(WSSecSignature.java:311) at org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:748) at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57) ... 12 more In order to clarify, my client deployment is guided by the following: <deployment name="ClientConfig" xmlns="http://xml.apache.org/axis/wsdd/"; xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> <transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender"/> <globalConfiguration > <requestFlow> <handler type="java:org.apache.ws.axis.security.WSDoAllSender" > <parameter name="user" value="privkey"/> <parameter name="passwordCallbackClass" value="wss.client.PWCallback"/> <parameter name="action" value="Signature Encrypt"/> <parameter name="signaturePropFile" value="crypto.properties" /> </handler> </requestFlow> </globalConfiguration > </deployment> and the server deployment descriptor is the following: <deployment xmlns="http://xml.apache.org/axis/wsdd/"; xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";> <!-- Services from SignService WSDL service --> <service name="wss_service" provider="java:RPC" style="rpc" use="encoded"> <requestFlow> <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver"> <parameter name="passwordCallbackClass" value="wss.server.PWCallback"/> <parameter name="action" value="Signature Encrypt"/> <parameter name="signaturePropFile" value="crypto.properties" /> </handler> </requestFlow> <parameter name="wsdlTargetNamespace" value="urn:wss"/> <parameter name="wsdlServiceElement" value="SignService"/> <parameter name="wsdlServicePort" value="wss_service"/> <parameter name="className" value="wss.ws.Wss_serviceSoapBindingImpl"/> <parameter name="wsdlPortType" value="Sign"/> <parameter name="typeMappingVersion" value="1.2"/> <operation name="getPubCert" qname="operNS:getPubCert" xmlns:operNS="urn:wss" returnQName="getPubCertReturn" returnType="rtns:string" xmlns:rtns=" http://schemas.xmlsoap.org/soap/encoding/"; soapAction="" > </operation> <parameter name="allowedMethods" value="getPubCert"/> <parameter name="scope" value="Session"/> </service> </deployment> And my crypto.properties file: org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin org.apache.ws.security.crypto.merlin.keystore.type=jks org.apache.ws.security.crypto.merlin.keystore.password=foobar org.apache.ws.security.crypto.merlin.alias.password=foobar org.apache.ws.security.crypto.merlin.keystore.alias=privkey org.apache.ws.security.crypto.merlin.keystore.file=privkeystore My latter attempts to bypass these exceptions: 1) privkeystore path is on classpath 2) there is a callback that returns the password for the alias privkey (foobar) 3) the crypto.properties is also on classpath Thanks for any clue on what could be happening. Best regards, Alex -- Alexandre Veloso de Matos Phd Student - Informatics Engineering Department University of Coimbra - Coimbra, Portugal
