• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 1319
  • Last Modified:

Java CXF - jks - proper configuration

Hi Experts,

I'm currently configuring an example from the following link for CXF and WS-Security:
http://domagojtechtips.blogspot.com/2007/08/cxf-spring-and-ws-security-putting-it.html

What I need to know is the following:
1. Is the jks file creation process below correct.
2. How the fields are set in the code section to reflect the jks parameters.

I would greatly appreciate any help.  It would be great to have a CXF specialist as a reference for a project and i'm willing to pay some $.  oliver@drachmatech.com

I used the following commands to create the jks files:
keytool -genkey -alias myAlias -keypass myAliasPassword -keystore client_keystore.jks -storepass keyStorePassword -dname "cn=ws-client" -keyalg RSA
keytool -selfcert -alias myAlias -keystore client_keystore.jks -storepass keyStorePassword -keypass myAliasPassword
keytool -export -alias myAlias -file key.rsa -keystore client_keystore.jks -storepass keyStorePassword
keytool -import -alias myAlias  -file key.rsa -keystore server_publicstore.jks -storepass keyStorePassword
The following is the service code:
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
   WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
   logger.debug("identifier: " + pc.getIdentifer());
   if (pc.getIdentifer().equals("ws-client")) {
      // set the password on the callback. This will later be compared to the
      // password which was sent from the client.
      pc.setPassword("password");
   }
}
 
The following is the client code:
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
 
  for (int i=0; i< callbacks.length; i++) {
   WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
 
   int usage = pc.getUsage();
   
   System.out.println("identifier: " + pc.getIdentifer());
   System.out.println("usage: " + pc.getUsage());
   
   if (usage == WSPasswordCallback.USERNAME_TOKEN) {
	   // username token pwd...
    pc.setPassword("password");
   } else if (usage == WSPasswordCallback.SIGNATURE) {
    // set the password for client's keystore.keyPassword
	   System.out.println("[5]");
    pc.setPassword("keyPassword");
   }
  }
 }
 
I get the following error:
Nov 18, 2008 10:21:37 AM org.apache.cxf.phase.PhaseInterceptorChain doIntercept
INFO: Interceptor has thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: Security processing failed.
	at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:234)
	at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:107)
	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:220)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:466)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:299)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:251)
	at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
	at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
	at $Proxy43.returnUploadResume(Unknown Source)
	at com.thea.client.Client.main(Client.java:46)
Caused by: org.apache.ws.security.WSSecurityException: WSHandler: Signature: error during message processingorg.apache.ws.security.WSSecurityException: General security error (Unexpected number of X509Data: for Signature)
	at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57)
	at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:197)
	at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:47)
	at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:219)
	... 9 more
Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: Security processing failed.
	at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:145)
	at $Proxy43.returnUploadResume(Unknown Source)
	at com.thea.client.Client.main(Client.java:46)
Caused by: org.apache.cxf.binding.soap.SoapFault: Security processing failed.
	at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:234)
	at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:107)
	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:220)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:466)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:299)
	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:251)
	at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
	at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
	... 2 more
Caused by: org.apache.ws.security.WSSecurityException: WSHandler: Signature: error during message processingorg.apache.ws.security.WSSecurityException: General security error (Unexpected number of X509Data: for Signature)
	at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57)
	at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:197)
	at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:47)
	at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:219)
	... 9 more

Open in new window

0
olivergwald
Asked:
olivergwald
1 Solution
 
olivergwaldAuthor Commented:
through the cxf.apache.org mailing list i got a solution:
the example was out dated.
check these examples out:
http://www.jroller.com/gmazza/entry/using_cxf_and_wss4j_to
http://www.jroller.com/gmazza/entry/implementing_ws_security_with_the
0
 
pfmgCommented:
the link of the accepted solution doesn´t work.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now