You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@synapse.apache.org by Laurent CHARTIER <ex...@agora.msa.fr> on 2008/03/03 13:46:28 UTC

RE : Java Security problem

I don't think my certificate is wrong...:
The jar I am using is used by other products in the same AIX environment and
don't have this exception when using it.
Besides, my packaging of Synapse is working well in a Windows environment.

Other ideas??...

I'm going to check it nevertheless ;-)


-----Message d'origine-----
De : Ruwan Linton [mailto:ruwan.linton@gmail.com] 
Envoyé : lundi 3 mars 2008 13:31
À : user@synapse.apache.org
Objet : Re: Java Security problem


Hi Laurent,

I think it is a certificate issue, because you can see "Public key presented
not for certificate signature" in the stack trace. Can you recheck whether
you are using the right public key?

Thanks,
Ruwan

On Mon, Mar 3, 2008 at 5:37 PM, Laurent CHARTIER <
ext_chartier.laurent@agora.msa.fr> wrote:

> Hi all,
> I'm using Synapse to run a front server that add a cookie in the 
> request before sending it to another element. This cookie contains son 
> ciphered and signed informations. When I'm running this front server 
> (I.E. Synapse) on a Windows environment (Using SUN) there's no 
> problems. When I'm running this front server on an AIX environment 
> (Using IBM) I've got the following error:
> (I can see Bouncy Castle in second position in the list of the security
> providers)
>
>
> Starting Synapse/Java ...
> Using FRONTAL_HOME:    /SOFT/Frontal-F-SOAP
> Using JAVA_HOME:       /usr/java5
> Using SYNAPSE_XML: 
> -Dsynapse.xml=/SOFT/Frontal-F-SOAP/repository/conf/synapse.xml
> 0) IBMJSSE2 version 1.5
> 1) BC version 1.32
> 2) IBMJCE version 1.2
> 3) IBMJGSSProvider version 1.5
> 4) IBMCertPath version 1.1
> 5) IBMSASL version 1.5
> Exception in thread "HttpServerWorker-1" 
> java.lang.ExceptionInInitializerError
>        at java.lang.J9VMInternals.initialize(J9VMInternals.java:195)
>        at javax.crypto.SecretKeyFactory.getInstance(Unknown Source)
>        at 
> fr.msa.agora.security.tickets.api.XStreamTicket.cipherAndCode(Unknown
> Source)
>        at 
> fr.msa.agora.security.tickets.api.XStreamTicket.getRepresentation(Unkn
> own
> Source)
>        at
> fr.msa.agora.security.tickets.api.SignedXStreamTicket.getRepresentation
> (Unkn
> own Source)
>        at
> fr.msa.agora.synapse.mediator.ia.IAMediator.mediate(IAMediator.java:183)
>        at
> org.apache.synapse.mediators.spring.SpringMediator.mediate(
> SpringMediator.ja
> va:90)
>        at
> org.apache.synapse.mediators.AbstractListMediator.mediate
> (AbstractListMediat
> or.java:60)
>        at
> org.apache.synapse.mediators.base.SequenceMediator.mediate
> (SequenceMediator.
> java:122)
>        at
> org.apache.synapse.core.axis2.ProxyServiceMessageReceiver.receive
> (ProxyServi
> ceMessageReceiver.java:131)
>        at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:145)
>        at
> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest
> (HT
> TPTransportUtils.java:275)
>        at
> org.apache.synapse.transport.nhttp.ServerWorker.processPost(
> ServerWorker.jav
> a:218)
>        at
> org.apache.synapse.transport.nhttp.ServerWorker.run(ServerWorker.java:182)
>        at
> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(
> ThreadPoolExecutor.ja
> va:665)
>        at
> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java
> :6
> 90)
>        at java.lang.Thread.run(Thread.java:799)
> Caused by: java.lang.SecurityException: Cannot set up certs for trusted
> CAs
>        at javax.crypto.b.<clinit>(Unknown Source)
>        at java.lang.J9VMInternals.initializeImpl(Native Method)
>        at java.lang.J9VMInternals.initialize(J9VMInternals.java:177)
>        ... 16 more
> Caused by: java.security.PrivilegedActionException:
> java.security.InvalidKeyException: Public key presented not for
> certificate
> signature
>        at
> java.security.AccessController.doPrivileged(AccessController.java:246)
>        ... 19 more
> Caused by: java.security.InvalidKeyException: Public key presented not for
> certificate signature
>        at
> org.bouncycastle.jce.provider.X509CertificateObject.checkSignature(Unknown
> Source)
>        at
> org.bouncycastle.jce.provider.X509CertificateObject.verify(Unknown Source)
>        at javax.crypto.b.a(Unknown Source)
>        at javax.crypto.b.access$500(Unknown Source)
>        at javax.crypto.b$0.run(Unknown Source)
>        at
> java.security.AccessController.doPrivileged(AccessController.java:242)
>        ... 19 more
>
>
> Can someone help me with this problem?
>
> Thanks,
>
> Laurent CHARTIER
> MiddleWare - Pôle Gestion des flux
> AGORA Montauban - Tél. :05.63.68.46.24
>
>
>
> Ce message est protégé par les règles relatives au secret des 
> correspondances. Il est donc établi à destination exclusive de son 
> destinataire. Celui-ci peut donc contenir des informations 
> confidentielles. La divulgation de ces informations est à ce titre 
> rigoureusement interdite. Si vous avez reçu ce message par erreur, 
> merci de le renvoyer à l'expéditeur dont l'adresse e-mail figure 
> ci-dessus et de détruire le message ainsi que toute pièce jointe.
>
> This message is protected by the secrecy of correspondence rules. 
> Therefore, this message is intended solely for the attention of the 
> addressee. This message may contain privileged or confidential 
> information, as such the disclosure of these informations is strictly 
> forbidden. If, by mistake, you have received this message, please 
> return this message to the addressser whose e-mail address is written 
> above and destroy this message and all files attached.
>
>
>


-- 
Ruwan Linton
http://www.wso2.org - "Oxygenating the Web Services Platform"




Ce message est protégé par les règles relatives au secret des correspondances. Il est donc établi à destination exclusive de son destinataire. Celui-ci peut donc contenir des informations confidentielles. La divulgation de ces informations est à ce titre rigoureusement interdite. Si vous avez reçu ce message par erreur, merci de le renvoyer à l'expéditeur dont l'adresse e-mail figure ci-dessus et de détruire le message ainsi que toute pièce jointe.

This message is protected by the secrecy of correspondence rules. Therefore, this message is intended solely for the attention of the addressee. This message may contain privileged or confidential information, as such the disclosure of these informations is strictly forbidden. If, by mistake, you have received this message, please return this message to the addressser whose e-mail address is written above and destroy this message and all files attached.