Java CXF - jks - proper configuration

Hi Experts,

I'm currently configuring an example from the following link for CXF and WS-Security:
http://domagojtechtips.blogspot.com/2007/08/cxf-spring-and-ws-security-putting-it.html

What I need to know is the following:
1. Is the jks file creation process below correct.
2. How the fields are set in the code section to reflect the jks parameters.

I would greatly appreciate any help.  It would be great to have a CXF specialist as a reference for a project and i'm willing to pay some $.  oliver@drachmatech.com

I used the following commands to create the jks files:
keytool -genkey -alias myAlias -keypass myAliasPassword -keystore client_keystore.jks -storepass keyStorePassword -dname "cn=ws-client" -keyalg RSA
keytool -selfcert -alias myAlias -keystore client_keystore.jks -storepass keyStorePassword -keypass myAliasPassword
keytool -export -alias myAlias -file key.rsa -keystore client_keystore.jks -storepass keyStorePassword
keytool -import -alias myAlias  -file key.rsa -keystore server_publicstore.jks -storepass keyStorePassword
The following is the service code:
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
   WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
   logger.debug("identifier: " + pc.getIdentifer());
   if (pc.getIdentifer().equals("ws-client")) {
      // set the password on the callback. This will later be compared to the
      // password which was sent from the client.
      pc.setPassword("password");
   }
}
 
The following is the client code:
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
 
  for (int i=0; i< callbacks.length; i++) {
   WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
 
   int usage = pc.getUsage();
   
   System.out.println("identifier: " + pc.getIdentifer());
   System.out.println("usage: " + pc.getUsage());
   
   if (usage == WSPasswordCallback.USERNAME_TOKEN) {
	   // username token pwd...
    pc.setPassword("password");
   } else if (usage == WSPasswordCallback.SIGNATURE) {
    // set the password for client's keystore.keyPassword
	   System.out.println("[5]");
    pc.setPassword("keyPassword");
   }
  }
 }
 
I get the following error:
Nov 18, 2008 10:21:37 AM org.apache.cxf.phase.PhaseInterceptorChain doIntercept
INFO: Interceptor has thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: Security processing failed.
	at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:234)
	at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:107)
	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:220)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:466)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:299)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:251)
	at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
	at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
	at $Proxy43.returnUploadResume(Unknown Source)
	at com.thea.client.Client.main(Client.java:46)
Caused by: org.apache.ws.security.WSSecurityException: WSHandler: Signature: error during message processingorg.apache.ws.security.WSSecurityException: General security error (Unexpected number of X509Data: for Signature)
	at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57)
	at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:197)
	at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:47)
	at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:219)
	... 9 more
Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: Security processing failed.
	at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:145)
	at $Proxy43.returnUploadResume(Unknown Source)
	at com.thea.client.Client.main(Client.java:46)
Caused by: org.apache.cxf.binding.soap.SoapFault: Security processing failed.
	at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:234)
	at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:107)
	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:220)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:466)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:299)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:251)
	at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
	at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
	... 2 more
Caused by: org.apache.ws.security.WSSecurityException: WSHandler: Signature: error during message processingorg.apache.ws.security.WSSecurityException: General security error (Unexpected number of X509Data: for Signature)
	at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57)
	at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:197)
	at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:47)
	at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:219)
	... 9 more

Open in new window

olivergwaldAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

olivergwaldAuthor Commented:
through the cxf.apache.org mailing list i got a solution:
the example was out dated.
check these examples out:
http://www.jroller.com/gmazza/entry/using_cxf_and_wss4j_to
http://www.jroller.com/gmazza/entry/implementing_ws_security_with_the
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
pfmgCommented:
the link of the accepted solution doesn´t work.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Web Languages and Standards

From novice to tech pro — start learning today.