Re: Newbie question

Mon, 17 Aug 2009 07:38:31 -0700

Try copying your keystore and cryptp.properties to your WEB-INF/classes folder.
Other thing to check out is your privkey should also have certificates in keystore apart from private key. 

HTH,
Nitin


Alexandre Veloso de Matos wrote:

Dear all,


I suppose this a question already addressed before. However, even with 
the help of former responses I couldn't achieve an answer to my problem.



I have a web service. I want to sign any call to this web service. For 
this I provided a keystore from where public and private keys should 
be gathered. In fact, I tried to follow the guidelines from this 
tutorial: http://www.devx.com/Java/Article/28816/1954?pf=true.


I've been receiving constantly the following exception:


org.apache.ws.security.WSSecurityException: Error during Signature: ; 
nested exception is:
    org.apache.ws.security.WSSecurityException: General security error 
(No certificates for user privkey were found for signature)nothing
    at 
org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:60)
    at 
org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:201)
    at 
org.apache.ws.axis.security.WSDoAllSender.invoke(WSDoAllSender.java:168)
    at 
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)

    at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
    at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
    at org.apache.axis.client.AxisClient.invoke(AxisClient.java:127)
    at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
    at org.apache.axis.client.Call.invoke(Call.java:2767)
    at org.apache.axis.client.Call.invoke(Call.java:2443)
    at org.apache.axis.client.Call.invoke(Call.java:2366)
    at org.apache.axis.client.Call.invoke(Call.java:1812)
    at wss.client.PubCertClient.main(PubCertClient.java:57)

Caused by: org.apache.ws.security.WSSecurityException: General 
security error (No certificates for user privkey were found for signature)
    at 
org.apache.ws.security.message.WSSecSignature.prepare(WSSecSignature.java:311)
    at 
org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:748)
    at 
org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57)

    ... 12 more

In order to clarify, my client deployment is guided by the following:


<deployment name="ClientConfig" 
xmlns="http://xml.apache.org/axis/wsdd/"; 
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";>
 <transport name="http" 
pivot="java:org.apache.axis.transport.http.HTTPSender"/>

  <globalConfiguration >
    <requestFlow>
      <handler type="java:org.apache.ws.axis.security.WSDoAllSender" >
        <parameter name="user" value="privkey"/>

        <parameter name="passwordCallbackClass" 
value="wss.client.PWCallback"/>

        <parameter name="action" value="Signature Encrypt"/>
        <parameter name="signaturePropFile" value="crypto.properties" />
      </handler>
    </requestFlow>
  </globalConfiguration >
</deployment>

and the server deployment descriptor is the following:

<deployment
    xmlns="http://xml.apache.org/axis/wsdd/";
    xmlns:java="http://xml.apache.org/axis/wsdd/providers/java";>

  <!-- Services from SignService WSDL service -->


  <service name="wss_service" provider="java:RPC" style="rpc" 
use="encoded">

    <requestFlow>
      <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">

        <parameter name="passwordCallbackClass" 
value="wss.server.PWCallback"/>

        <parameter name="action" value="Signature Encrypt"/>
        <parameter name="signaturePropFile" value="crypto.properties" />
      </handler>

    </requestFlow> 
      <parameter name="wsdlTargetNamespace" value="urn:wss"/>

      <parameter name="wsdlServiceElement" value="SignService"/>
      <parameter name="wsdlServicePort" value="wss_service"/>

      <parameter name="className" 
value="wss.ws.Wss_serviceSoapBindingImpl"/>

      <parameter name="wsdlPortType" value="Sign"/>
      <parameter name="typeMappingVersion" value="1.2"/>

      <operation name="getPubCert" qname="operNS:getPubCert" 
xmlns:operNS="urn:wss" returnQName="getPubCertReturn" 
returnType="rtns:string" 
xmlns:rtns="http://schemas.xmlsoap.org/soap/encoding/"; soapAction="" >

      </operation>
      <parameter name="allowedMethods" value="getPubCert"/>
      <parameter name="scope" value="Session"/>

  </service>
</deployment>

And my crypto.properties file:
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=foobar
org.apache.ws.security.crypto.merlin.alias.password=foobar
org.apache.ws.security.crypto.merlin.keystore.alias=privkey
org.apache.ws.security.crypto.merlin.keystore.file=privkeystore

My latter attempts to bypass these exceptions:
1) privkeystore path is on classpath

2) there is a callback that returns the password for the alias privkey 
(foobar)

3) the crypto.properties is also on classpath

Thanks for any clue on what could be happening.

Best regards,

Alex


--
Alexandre Veloso de Matos
Phd Student - Informatics Engineering Department
University of Coimbra - Coimbra, Portugal



---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscr...@ws.apache.org
For additional commands, e-mail: wss4j-dev-h...@ws.apache.org























					Reply via email to