olivergwald
asked on
Java CXF - jks - proper configuration
Hi Experts,
I'm currently configuring an example from the following link for CXF and WS-Security:
http://domagojtechtips.blogspot.com/2007/08/cxf-spring-and-ws-security-putting-it.html
What I need to know is the following:
1. Is the jks file creation process below correct.
2. How the fields are set in the code section to reflect the jks parameters.
I would greatly appreciate any help. It would be great to have a CXF specialist as a reference for a project and i'm willing to pay some $. oliver@drachmatech.com
I used the following commands to create the jks files:
keytool -genkey -alias myAlias -keypass myAliasPassword -keystore client_keystore.jks -storepass keyStorePassword -dname "cn=ws-client" -keyalg RSA
keytool -selfcert -alias myAlias -keystore client_keystore.jks -storepass keyStorePassword -keypass myAliasPassword
keytool -export -alias myAlias -file key.rsa -keystore client_keystore.jks -storepass keyStorePassword
keytool -import -alias myAlias -file key.rsa -keystore server_publicstore.jks -storepass keyStorePassword
I'm currently configuring an example from the following link for CXF and WS-Security:
http://domagojtechtips.blogspot.com/2007/08/cxf-spring-and-ws-security-putting-it.html
What I need to know is the following:
1. Is the jks file creation process below correct.
2. How the fields are set in the code section to reflect the jks parameters.
I would greatly appreciate any help. It would be great to have a CXF specialist as a reference for a project and i'm willing to pay some $. oliver@drachmatech.com
I used the following commands to create the jks files:
keytool -genkey -alias myAlias -keypass myAliasPassword -keystore client_keystore.jks -storepass keyStorePassword -dname "cn=ws-client" -keyalg RSA
keytool -selfcert -alias myAlias -keystore client_keystore.jks -storepass keyStorePassword -keypass myAliasPassword
keytool -export -alias myAlias -file key.rsa -keystore client_keystore.jks -storepass keyStorePassword
keytool -import -alias myAlias -file key.rsa -keystore server_publicstore.jks -storepass keyStorePassword
The following is the service code:
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
logger.debug("identifier: " + pc.getIdentifer());
if (pc.getIdentifer().equals("ws-client")) {
// set the password on the callback. This will later be compared to the
// password which was sent from the client.
pc.setPassword("password");
}
}
The following is the client code:
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
for (int i=0; i< callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
int usage = pc.getUsage();
System.out.println("identifier: " + pc.getIdentifer());
System.out.println("usage: " + pc.getUsage());
if (usage == WSPasswordCallback.USERNAME_TOKEN) {
// username token pwd...
pc.setPassword("password");
} else if (usage == WSPasswordCallback.SIGNATURE) {
// set the password for client's keystore.keyPassword
System.out.println("[5]");
pc.setPassword("keyPassword");
}
}
}
I get the following error:
Nov 18, 2008 10:21:37 AM org.apache.cxf.phase.PhaseInterceptorChain doIntercept
INFO: Interceptor has thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: Security processing failed.
at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:234)
at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:107)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:220)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:466)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:299)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:251)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
at $Proxy43.returnUploadResume(Unknown Source)
at com.thea.client.Client.main(Client.java:46)
Caused by: org.apache.ws.security.WSSecurityException: WSHandler: Signature: error during message processingorg.apache.ws.security.WSSecurityException: General security error (Unexpected number of X509Data: for Signature)
at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57)
at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:197)
at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:47)
at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:219)
... 9 more
Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: Security processing failed.
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:145)
at $Proxy43.returnUploadResume(Unknown Source)
at com.thea.client.Client.main(Client.java:46)
Caused by: org.apache.cxf.binding.soap.SoapFault: Security processing failed.
at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:234)
at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:107)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:220)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:466)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:299)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:251)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
... 2 more
Caused by: org.apache.ws.security.WSSecurityException: WSHandler: Signature: error during message processingorg.apache.ws.security.WSSecurityException: General security error (Unexpected number of X509Data: for Signature)
at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57)
at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:197)
at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:47)
at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:219)
... 9 more
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
the link of the accepted solution doesn´t work.