You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by Stefan Schmidt <sc...@gmail.com> on 2005/08/30 06:03:57 UTC
Signature Encrypt NPE
Hi,
I managed to get an example going as follows:
Axis client --> (UsernameToken Encrypt) --> JAXRPC server (this works
perfectly)
Now I am trying to sign and encrypt the server response:
JAXRPC server --> (Signature Encrypt) --> Axis client (the server sends
the encrypted and signed SOAP message but the client throws a NPE)
Here are my settings for scenario 2:
server: webservices.xml
<handler>
<handler-name>Outbound Security Handler</handler-name>
<handler-class>org.apache.ws.security.handler.WSS4JHandler</handler-class>
<init-param>
<param-name>deployment</param-name>
<param-value>server</param-value>
</init-param>
<init-param>
<param-name>action</param-name>
<param-value>Signature Encrypt</param-value>
</init-param>
<init-param>
<param-name>passwordCallbackClass</param-name>
<param-value>com.ibm.dw.bookshop.handlers.PWCallbackHandler</param-value>
</init-param>
<init-param>
<param-name>flow</param-name>
<param-value>response-only</param-value>
</init-param>
<init-param>
<param-name>user</param-name>
<param-value>16c73ab6-b892-458f-abf5-2f875f74882e</param-value>
</init-param>
<init-param>
<param-name>signaturePropFile</param-name>
<param-value>crypto.properties</param-value>
</init-param>
</handler>
client: axis-client.wsdd
<responseFlow >
<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="passwordCallbackClass"
value="com.ibm.dw.bookshop.j2seclient.handlers.PWCallbackHandler"/>
<parameter name="action" value="Signature Encrypt"/>
<parameter name="signaturePropFile" value="crypto.properties"
/>
</handler>
</responseFlow >
The callbackhandlers have the PWCallback1 contents.
In the TCPMon I can see that the server sends the encrypted msg properly.
At the client I get the following NPE (the stubs were generated without
security in place - I figure this doesn't matter because the wsdl
doesn't change - right?):
{http://xml.apache.org/axis/}stackTrace:java.lang.NullPointerException
[java] at
org.apache.crimson.tree.ElementNode2.getAttributeNodeNS(Unknown Source)
[java] at
org.apache.crimson.tree.ElementNode2.hasAttributeNS(Unknown Source)
[java] at
org.apache.ws.security.util.WSSecurityUtil.findElementById(WSSecurityUtil.java:363)
[java] at
org.apache.ws.security.util.WSSecurityUtil.getElementByWsuId(WSSecurityUtil.java:547)
[java] at
org.apache.ws.security.WSSecurityEngine.decryptDataRef(WSSecurityEngine.java:1211)
[java] at
org.apache.ws.security.WSSecurityEngine.handleEncryptedKey(WSSecurityEngine.java:1188)
[java] at
org.apache.ws.security.WSSecurityEngine.handleEncryptedKey(WSSecurityEngine.java:943)
[java] at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:363)
[java] at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:259)
[java] at
org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:183)
[java] at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
[java] at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
[java] at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
[java] at org.apache.axis.client.AxisClient.invoke(AxisClient.java:190)
[java] at org.apache.axis.client.Call.invokeEngine(Call.java:2765)
[java] at org.apache.axis.client.Call.invoke(Call.java:2748)
[java] at org.apache.axis.client.Call.invoke(Call.java:2424)
[java] at org.apache.axis.client.Call.invoke(Call.java:2347)
[java] at org.apache.axis.client.Call.invoke(Call.java:1804)
[java] at
com.ibm.dw.bookshop.j2seclient.jse.generated.XMethodsNamesSEIBindingStub.getXMethodsWebServiceNames(XMethodsNamesSEIBindingStub.java:159)
[java] at
com.ibm.dw.bookshop.j2seclient.BookShopClientFrame.invokeServletSEI(BookShopClientFrame.java:247)
[java] at
com.ibm.dw.bookshop.j2seclient.BookShopClientFrame.access$200(BookShopClientFrame.java:54)
[java] at
com.ibm.dw.bookshop.j2seclient.BookShopClientFrame$3.run(BookShopClientFrame.java:177)
[java] at java.awt.event.InvocationEvent.dispatch(Unknown Source)
[java] at java.awt.EventQueue.dispatchEvent(Unknown Source)
[java] at
java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
[java] at
java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
[java] at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
[java] at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
[java] at java.awt.EventDispatchThread.run(Unknown Source)
[java] {http://xml.apache.org/axis/}hostname:stefan
[java] java.lang.NullPointerException
[java] at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
[java] at org.apache.axis.client.AxisClient.invoke(AxisClient.java:216)
[java] at org.apache.axis.client.Call.invokeEngine(Call.java:2765)
[java] at org.apache.axis.client.Call.invoke(Call.java:2748)
[java] at org.apache.axis.client.Call.invoke(Call.java:2424)
[java] at org.apache.axis.client.Call.invoke(Call.java:2347)
[java] at org.apache.axis.client.Call.invoke(Call.java:1804)
[java] at
com.ibm.dw.bookshop.j2seclient.jse.generated.XMethodsNamesSEIBindingStub.getXMethodsWebServiceNames(XMethodsNamesSEIBindingStub.java:159)
[java] at
com.ibm.dw.bookshop.j2seclient.BookShopClientFrame.invokeServletSEI(BookShopClientFrame.java:247)
[java] at
com.ibm.dw.bookshop.j2seclient.BookShopClientFrame.access$200(BookShopClientFrame.java:54)
[java] at
com.ibm.dw.bookshop.j2seclient.BookShopClientFrame$3.run(BookShopClientFrame.java:177)
[java] at java.awt.event.InvocationEvent.dispatch(Unknown Source)
[java] at java.awt.EventQueue.dispatchEvent(Unknown Source)
[java] at
java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
[java] at
java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
[java] at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
[java] at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
[java] at java.awt.EventDispatchThread.run(Unknown Source)
[java] Caused by: java.lang.NullPointerException
[java] at
org.apache.crimson.tree.ElementNode2.getAttributeNodeNS(Unknown Source)
[java] at
org.apache.crimson.tree.ElementNode2.hasAttributeNS(Unknown Source)
[java] at
org.apache.ws.security.util.WSSecurityUtil.findElementById(WSSecurityUtil.java:363)
[java] at
org.apache.ws.security.util.WSSecurityUtil.getElementByWsuId(WSSecurityUtil.java:547)
[java] at
org.apache.ws.security.WSSecurityEngine.decryptDataRef(WSSecurityEngine.java:1211)
[java] at
org.apache.ws.security.WSSecurityEngine.handleEncryptedKey(WSSecurityEngine.java:1188)
[java] at
org.apache.ws.security.WSSecurityEngine.handleEncryptedKey(WSSecurityEngine.java:943)
[java] at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:363)
[java] at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:259)
[java] at
org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:183)
[java] at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
[java] at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
[java] at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
[java] at org.apache.axis.client.AxisClient.invoke(AxisClient.java:190)
[java] ... 16 more
Thanks for your help!
Regards,
Stefan
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Signature Encrypt NPE
Posted by Werner Dittmann <We...@t-online.de>.
Stefan,
at least the WSDoAllReceiver hands over the correct output to Axis.
I could trace that the array values are available up to the end of
the log file in some deserializer traces.
Don't know what happens here.
Regards,
Werner
Stefan Schmidt wrote:
> Werner,
>
> I have attached the axis.log file since it is quite extensive for
> pasting into this email.
>
> I hope this helps.
>
> Regards,
> Stefan
>
> Werner Dittmann wrote:
>
>> Stefan,
>>
>> at the first look I can't see a problem. To get more info
>> can you pls enable debugging at the client side (WSDoAllReceiver)
>> an monitor it?
>>
>> There is a log4j.proteries file in the src directory, just enable
>> the correct line and put the file in your classpath.
>>
>> Thanks,
>> Werner
>> Stefan Schmidt wrote:
>>
>>
> ------------------------------------------------------------------------
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Signature Encrypt NPE
Posted by Werner Dittmann <We...@t-online.de>.
Stefan,
at least the WSDoAllReceiver hands over the correct output to Axis.
I could trace that the array values are available up to the end of
the log file in some deserializer traces.
Don't know what happens here.
Regards,
Werner
Stefan Schmidt wrote:
> Werner,
>
> I have attached the axis.log file since it is quite extensive for
> pasting into this email.
>
> I hope this helps.
>
> Regards,
> Stefan
>
> Werner Dittmann wrote:
>
>> Stefan,
>>
>> at the first look I can't see a problem. To get more info
>> can you pls enable debugging at the client side (WSDoAllReceiver)
>> an monitor it?
>>
>> There is a log4j.proteries file in the src directory, just enable
>> the correct line and put the file in your classpath.
>>
>> Thanks,
>> Werner
>> Stefan Schmidt wrote:
>>
>>
> ------------------------------------------------------------------------
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Signature Encrypt NPE
Posted by Stefan Schmidt <sc...@gmail.com>.
Werner,
I have attached the axis.log file since it is quite extensive for
pasting into this email.
I hope this helps.
Regards,
Stefan
Werner Dittmann wrote:
>Stefan,
>
>at the first look I can't see a problem. To get more info
>can you pls enable debugging at the client side (WSDoAllReceiver)
>an monitor it?
>
>There is a log4j.proteries file in the src directory, just enable
>the correct line and put the file in your classpath.
>
>Thanks,
>Werner
>Stefan Schmidt wrote:
>
>
>>Werner,
>>
>>At the client-side I am using Axis and the WSS4J Axis Handlers:
>>
>><responseFlow >
>> <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
>> <parameter name="passwordCallbackClass"
>>value="com.ibm.dw.bookshop.j2seclient.handlers.PWCallbackHandler"/>
>> <parameter name="action" value="Signature"/>
>> <parameter name="signaturePropFile" value="crypto.properties" />
>> </handler>
>></responseFlow >
>>At the server-side I am using a JAXRPC Web service running on Geronimo
>>(which uses Axis for its JAXRPC functionality):
>><handler>
>> <handler-name>Outbound Security Handler</handler-name>
>>
>><handler-class>org.apache.ws.security.handler.WSS4JHandler</handler-class>
>> <init-param>
>> <param-name>deployment</param-name>
>> <param-value>server</param-value>
>> </init-param>
>> <init-param>
>> <param-name>action</param-name>
>> <param-value>Signature</param-value>
>> </init-param>
>> <init-param>
>> <param-name>passwordCallbackClass</param-name>
>>
>><param-value>com.ibm.dw.bookshop.handlers.PWCallbackHandler</param-value>
>> </init-param>
>> <init-param>
>> <param-name>flow</param-name>
>> <param-value>response-only</param-value>
>> </init-param>
>> <init-param>
>> <param-name>user</param-name>
>>
>><param-value>16c73ab6-b892-458f-abf5-2f875f74882e</param-value>
>> </init-param>
>> <init-param>
>> <param-name>signaturePropFile</param-name>
>> <param-value>crypto.properties</param-value>
>> </init-param>
>></handler>
>>
>>There is no Handler after this one so I assume the message is not
>>altered after the signing process.
>>
>>Here is my TCPMonitor log:
>>
>>Request:
>>------------------------------------------------------------------
>>POST /DWBookShop/XMethodsNames HTTP/1.0
>>Content-Type: text/xml; charset=utf-8
>>Accept: application/soap+xml, application/dime, multipart/related, text/*
>>User-Agent: Axis/1.2.1
>>Host: localhost:1235
>>Cache-Control: no-cache
>>Pragma: no-cache
>>SOAPAction:
>>"http://ibm.com.dw.bookshop.webservice/getXMethodsWebServiceNames"
>>Content-Length: 336
>>
>><?xml version="1.0" encoding="UTF-8"?>
>><soapenv:Envelope
>>xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
>> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
>><soapenv:Body>
>><getXMethodsWebServiceNames xmlns="http://ibm.com.dw.bookshop.webservice"/>
>></soapenv:Body>
>></soapenv:Envelope>
>>---------------------------------------------------------------------
>>
>>
>>Response:
>>----------------------------------------------------------------------
>>
>>HTTP/1.1 200 OK
>>Date: Wed, 31 Aug 2005 03:00:21 GMT
>>Server: Jetty/5.1.5rc0 (Windows XP/5.1 x86 java/1.4.2_09
>>Content-Type: text/xml; charset=utf-8
>>Connection: close
>>
>>
>>
>><?xml version="1.0" encoding="UTF-8"?>
>><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
>> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
>><soapenv:Header>
>><wsse:Security
>>xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
>> soapenv:mustUnderstand="1">
>><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
>><ds:SignedInfo>
>><ds:CanonicalizationMethod
>>Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
>>
>><ds:SignatureMethod
>>Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
>>
>><ds:Reference URI="#id-12249901">
>><ds:Transforms>
>><ds:Transform
>>Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
>></ds:Transforms>
>><ds:DigestMethod
>>Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
>><ds:DigestValue>QqWmAQmtL4ZaZb7/TOcYkg4E8c0=</ds:DigestValue>
>></ds:Reference>
>></ds:SignedInfo>
>><ds:SignatureValue>
>>FQNJiw+lvL7NTSyif9N/Y5PNGeeSsJRf9jIgcfUTpwUsg+R8x4fLoIufT659OSvzQZNnOT1s/UeJ
>>
>>iQSgf+ODzQ==
>></ds:SignatureValue>
>><ds:KeyInfo Id="KeyId-3882268">
>><wsse:SecurityTokenReference
>>xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>wsu:Id="STRId-22729241"><ds:X509IssuerSerial>
>><ds:X509IssuerName>CN=dims</ds:X509IssuerName>
>>
>><ds:X509SerialNumber>44369778256217224370984914847992022613</ds:X509SerialNumber>
>>
>></ds:X509IssuerSerial></wsse:SecurityTokenReference>
>></ds:KeyInfo>
>></ds:Signature></wsse:Security></soapenv:Header>
>><soapenv:Body
>>xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>wsu:Id="id-12249901">
>> <getXMethodsWebServiceNamesResponse
>>xmlns="http://ibm.com.dw.bookshop.webservice">
>> <result xmlns="" xmlns:ns1="http://arrays/java/lang"
>>xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
>>soapenc:arrayType="ns1:StringArray[5]" xsi:type="soapenc:Array">
>> <result xsi:type="xsd:string">XSpace</result>
>> <result xsi:type="xsd:string">XMethods Query Service</result>
>> <result xsi:type="xsd:string">Dummy replacement for Weather -
>>Temperature</result>
>> <result xsi:type="xsd:string">Currency Exchange Rate</result>
>> <result xsi:type="xsd:string">Delayed Stock Quote</result>
>> </result>
>> </getXMethodsWebServiceNamesResponse>
>></soapenv:Body>
>></soapenv:Envelope>
>>
>>Now in my client I should see a list like this:
>>XSpace
>>XMethods Query Service
>>Dummy replacement for Weather - Temperature
>>Currency Exchange Rate
>>Delayed Stock Quote
>>
>>instead I see this:
>>null
>>null
>>null
>>null
>>null
>>
>>I can prepare a dummy war file if you would like to test it on Geronimo
>>yourself.
>>
>>I hope this helps.
>>
>>Regards,
>>Stefan
>>
>>Werner Dittmann wrote:
>>
>>
>>
>>>Stefna,
>>>
>>>do you use the Axis handlers and Axis as your SOAP subsystem?
>>>If yes then it should work - otherwise pls try to get a
>>>dump of the request (tcpmon) and send it along.
>>>
>>>If you don't use the xis handler (and Axis) then make sure
>>>theat you SOAP system does not modify the request after signature
>>>processing.
>>>
>>>Regards,
>>>Werner
>>>
>>>Stefan Schmidt wrote:
>>>
>>>
>>>
>>>
>>>>Werner,
>>>>
>>>>Thanks for this remark - I wan't aware of the Crimson namespace problem.
>>>>Now I got one step further. Unfortunately there is still something
>>>>wrong. I am sending a SOAP array and when I sign the msg I cannot
>>>>retrieve the string values from this array. Instead I simply get 'null'
>>>>for each array item. tcpmon shows that the signed msg with the correct
>>>>array values is send but the client seems to have a problem. There is no
>>>>error message. Running the WS without security everything works fine.
>>>>
>>>>Ideas?
>>>>
>>>>Regards,
>>>>Stefan
>>>>
>>>>Werner Dittmann wrote:
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>>Stefan,
>>>>>
>>>>>acording to the stack printout you use the crimson parser
>>>>>at the client side. Crimson does _not_ support namespaces
>>>>>fully (only partial support). Pls make sure you have a
>>>>>fully namespace aware parser first in your classpath, e.g.
>>>>>xerces.
>>>>>
>>>>>AFAIK Crimson is the standard parser for JDK 1.4.x, but I'm
>>>>>not sure if Crimson is supported by Apache anymore.
>>>>>
>>>>>Regards,
>>>>>Werner
>>>>>
>>>>>
>>>>>Stefan Schmidt wrote:
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>><SNIP> ..... <SNAP>
>>>
>>>
>>>
>>>
>>>>---------------------------------------------------------------------
>>>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>---------------------------------------------------------------------
>>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
>
>
Re: Signature Encrypt NPE
Posted by Stefan Schmidt <sc...@gmail.com>.
Werner,
I have attached the axis.log file since it is quite extensive for
pasting into this email.
I hope this helps.
Regards,
Stefan
Werner Dittmann wrote:
>Stefan,
>
>at the first look I can't see a problem. To get more info
>can you pls enable debugging at the client side (WSDoAllReceiver)
>an monitor it?
>
>There is a log4j.proteries file in the src directory, just enable
>the correct line and put the file in your classpath.
>
>Thanks,
>Werner
>Stefan Schmidt wrote:
>
>
>>Werner,
>>
>>At the client-side I am using Axis and the WSS4J Axis Handlers:
>>
>><responseFlow >
>> <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
>> <parameter name="passwordCallbackClass"
>>value="com.ibm.dw.bookshop.j2seclient.handlers.PWCallbackHandler"/>
>> <parameter name="action" value="Signature"/>
>> <parameter name="signaturePropFile" value="crypto.properties" />
>> </handler>
>></responseFlow >
>>At the server-side I am using a JAXRPC Web service running on Geronimo
>>(which uses Axis for its JAXRPC functionality):
>><handler>
>> <handler-name>Outbound Security Handler</handler-name>
>>
>><handler-class>org.apache.ws.security.handler.WSS4JHandler</handler-class>
>> <init-param>
>> <param-name>deployment</param-name>
>> <param-value>server</param-value>
>> </init-param>
>> <init-param>
>> <param-name>action</param-name>
>> <param-value>Signature</param-value>
>> </init-param>
>> <init-param>
>> <param-name>passwordCallbackClass</param-name>
>>
>><param-value>com.ibm.dw.bookshop.handlers.PWCallbackHandler</param-value>
>> </init-param>
>> <init-param>
>> <param-name>flow</param-name>
>> <param-value>response-only</param-value>
>> </init-param>
>> <init-param>
>> <param-name>user</param-name>
>>
>><param-value>16c73ab6-b892-458f-abf5-2f875f74882e</param-value>
>> </init-param>
>> <init-param>
>> <param-name>signaturePropFile</param-name>
>> <param-value>crypto.properties</param-value>
>> </init-param>
>></handler>
>>
>>There is no Handler after this one so I assume the message is not
>>altered after the signing process.
>>
>>Here is my TCPMonitor log:
>>
>>Request:
>>------------------------------------------------------------------
>>POST /DWBookShop/XMethodsNames HTTP/1.0
>>Content-Type: text/xml; charset=utf-8
>>Accept: application/soap+xml, application/dime, multipart/related, text/*
>>User-Agent: Axis/1.2.1
>>Host: localhost:1235
>>Cache-Control: no-cache
>>Pragma: no-cache
>>SOAPAction:
>>"http://ibm.com.dw.bookshop.webservice/getXMethodsWebServiceNames"
>>Content-Length: 336
>>
>><?xml version="1.0" encoding="UTF-8"?>
>><soapenv:Envelope
>>xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
>> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
>><soapenv:Body>
>><getXMethodsWebServiceNames xmlns="http://ibm.com.dw.bookshop.webservice"/>
>></soapenv:Body>
>></soapenv:Envelope>
>>---------------------------------------------------------------------
>>
>>
>>Response:
>>----------------------------------------------------------------------
>>
>>HTTP/1.1 200 OK
>>Date: Wed, 31 Aug 2005 03:00:21 GMT
>>Server: Jetty/5.1.5rc0 (Windows XP/5.1 x86 java/1.4.2_09
>>Content-Type: text/xml; charset=utf-8
>>Connection: close
>>
>>
>>
>><?xml version="1.0" encoding="UTF-8"?>
>><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
>> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
>><soapenv:Header>
>><wsse:Security
>>xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
>> soapenv:mustUnderstand="1">
>><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
>><ds:SignedInfo>
>><ds:CanonicalizationMethod
>>Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
>>
>><ds:SignatureMethod
>>Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
>>
>><ds:Reference URI="#id-12249901">
>><ds:Transforms>
>><ds:Transform
>>Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
>></ds:Transforms>
>><ds:DigestMethod
>>Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
>><ds:DigestValue>QqWmAQmtL4ZaZb7/TOcYkg4E8c0=</ds:DigestValue>
>></ds:Reference>
>></ds:SignedInfo>
>><ds:SignatureValue>
>>FQNJiw+lvL7NTSyif9N/Y5PNGeeSsJRf9jIgcfUTpwUsg+R8x4fLoIufT659OSvzQZNnOT1s/UeJ
>>
>>iQSgf+ODzQ==
>></ds:SignatureValue>
>><ds:KeyInfo Id="KeyId-3882268">
>><wsse:SecurityTokenReference
>>xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>wsu:Id="STRId-22729241"><ds:X509IssuerSerial>
>><ds:X509IssuerName>CN=dims</ds:X509IssuerName>
>>
>><ds:X509SerialNumber>44369778256217224370984914847992022613</ds:X509SerialNumber>
>>
>></ds:X509IssuerSerial></wsse:SecurityTokenReference>
>></ds:KeyInfo>
>></ds:Signature></wsse:Security></soapenv:Header>
>><soapenv:Body
>>xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
>>wsu:Id="id-12249901">
>> <getXMethodsWebServiceNamesResponse
>>xmlns="http://ibm.com.dw.bookshop.webservice">
>> <result xmlns="" xmlns:ns1="http://arrays/java/lang"
>>xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
>>soapenc:arrayType="ns1:StringArray[5]" xsi:type="soapenc:Array">
>> <result xsi:type="xsd:string">XSpace</result>
>> <result xsi:type="xsd:string">XMethods Query Service</result>
>> <result xsi:type="xsd:string">Dummy replacement for Weather -
>>Temperature</result>
>> <result xsi:type="xsd:string">Currency Exchange Rate</result>
>> <result xsi:type="xsd:string">Delayed Stock Quote</result>
>> </result>
>> </getXMethodsWebServiceNamesResponse>
>></soapenv:Body>
>></soapenv:Envelope>
>>
>>Now in my client I should see a list like this:
>>XSpace
>>XMethods Query Service
>>Dummy replacement for Weather - Temperature
>>Currency Exchange Rate
>>Delayed Stock Quote
>>
>>instead I see this:
>>null
>>null
>>null
>>null
>>null
>>
>>I can prepare a dummy war file if you would like to test it on Geronimo
>>yourself.
>>
>>I hope this helps.
>>
>>Regards,
>>Stefan
>>
>>Werner Dittmann wrote:
>>
>>
>>
>>>Stefna,
>>>
>>>do you use the Axis handlers and Axis as your SOAP subsystem?
>>>If yes then it should work - otherwise pls try to get a
>>>dump of the request (tcpmon) and send it along.
>>>
>>>If you don't use the xis handler (and Axis) then make sure
>>>theat you SOAP system does not modify the request after signature
>>>processing.
>>>
>>>Regards,
>>>Werner
>>>
>>>Stefan Schmidt wrote:
>>>
>>>
>>>
>>>
>>>>Werner,
>>>>
>>>>Thanks for this remark - I wan't aware of the Crimson namespace problem.
>>>>Now I got one step further. Unfortunately there is still something
>>>>wrong. I am sending a SOAP array and when I sign the msg I cannot
>>>>retrieve the string values from this array. Instead I simply get 'null'
>>>>for each array item. tcpmon shows that the signed msg with the correct
>>>>array values is send but the client seems to have a problem. There is no
>>>>error message. Running the WS without security everything works fine.
>>>>
>>>>Ideas?
>>>>
>>>>Regards,
>>>>Stefan
>>>>
>>>>Werner Dittmann wrote:
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>>Stefan,
>>>>>
>>>>>acording to the stack printout you use the crimson parser
>>>>>at the client side. Crimson does _not_ support namespaces
>>>>>fully (only partial support). Pls make sure you have a
>>>>>fully namespace aware parser first in your classpath, e.g.
>>>>>xerces.
>>>>>
>>>>>AFAIK Crimson is the standard parser for JDK 1.4.x, but I'm
>>>>>not sure if Crimson is supported by Apache anymore.
>>>>>
>>>>>Regards,
>>>>>Werner
>>>>>
>>>>>
>>>>>Stefan Schmidt wrote:
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>><SNIP> ..... <SNAP>
>>>
>>>
>>>
>>>
>>>>---------------------------------------------------------------------
>>>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>>>
>>>>
>>>>
>>>>
>>>>
>>>
>>>---------------------------------------------------------------------
>>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>>
>>>
>>>
>>>
>>>
>>>
>>
>>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
>
>
Re: Signature Encrypt NPE
Posted by Werner Dittmann <We...@t-online.de>.
Stefan,
at the first look I can't see a problem. To get more info
can you pls enable debugging at the client side (WSDoAllReceiver)
an monitor it?
There is a log4j.proteries file in the src directory, just enable
the correct line and put the file in your classpath.
Thanks,
Werner
Stefan Schmidt wrote:
> Werner,
>
> At the client-side I am using Axis and the WSS4J Axis Handlers:
>
> <responseFlow >
> <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
> <parameter name="passwordCallbackClass"
> value="com.ibm.dw.bookshop.j2seclient.handlers.PWCallbackHandler"/>
> <parameter name="action" value="Signature"/>
> <parameter name="signaturePropFile" value="crypto.properties" />
> </handler>
> </responseFlow >
> At the server-side I am using a JAXRPC Web service running on Geronimo
> (which uses Axis for its JAXRPC functionality):
> <handler>
> <handler-name>Outbound Security Handler</handler-name>
>
> <handler-class>org.apache.ws.security.handler.WSS4JHandler</handler-class>
> <init-param>
> <param-name>deployment</param-name>
> <param-value>server</param-value>
> </init-param>
> <init-param>
> <param-name>action</param-name>
> <param-value>Signature</param-value>
> </init-param>
> <init-param>
> <param-name>passwordCallbackClass</param-name>
>
> <param-value>com.ibm.dw.bookshop.handlers.PWCallbackHandler</param-value>
> </init-param>
> <init-param>
> <param-name>flow</param-name>
> <param-value>response-only</param-value>
> </init-param>
> <init-param>
> <param-name>user</param-name>
>
> <param-value>16c73ab6-b892-458f-abf5-2f875f74882e</param-value>
> </init-param>
> <init-param>
> <param-name>signaturePropFile</param-name>
> <param-value>crypto.properties</param-value>
> </init-param>
> </handler>
>
> There is no Handler after this one so I assume the message is not
> altered after the signing process.
>
> Here is my TCPMonitor log:
>
> Request:
> ------------------------------------------------------------------
> POST /DWBookShop/XMethodsNames HTTP/1.0
> Content-Type: text/xml; charset=utf-8
> Accept: application/soap+xml, application/dime, multipart/related, text/*
> User-Agent: Axis/1.2.1
> Host: localhost:1235
> Cache-Control: no-cache
> Pragma: no-cache
> SOAPAction:
> "http://ibm.com.dw.bookshop.webservice/getXMethodsWebServiceNames"
> Content-Length: 336
>
> <?xml version="1.0" encoding="UTF-8"?>
> <soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> <soapenv:Body>
> <getXMethodsWebServiceNames xmlns="http://ibm.com.dw.bookshop.webservice"/>
> </soapenv:Body>
> </soapenv:Envelope>
> ---------------------------------------------------------------------
>
>
> Response:
> ----------------------------------------------------------------------
>
> HTTP/1.1 200 OK
> Date: Wed, 31 Aug 2005 03:00:21 GMT
> Server: Jetty/5.1.5rc0 (Windows XP/5.1 x86 java/1.4.2_09
> Content-Type: text/xml; charset=utf-8
> Connection: close
>
>
>
> <?xml version="1.0" encoding="UTF-8"?>
> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> <soapenv:Header>
> <wsse:Security
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
> soapenv:mustUnderstand="1">
> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> <ds:SignedInfo>
> <ds:CanonicalizationMethod
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
>
> <ds:SignatureMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
>
> <ds:Reference URI="#id-12249901">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
> <ds:DigestValue>QqWmAQmtL4ZaZb7/TOcYkg4E8c0=</ds:DigestValue>
> </ds:Reference>
> </ds:SignedInfo>
> <ds:SignatureValue>
> FQNJiw+lvL7NTSyif9N/Y5PNGeeSsJRf9jIgcfUTpwUsg+R8x4fLoIufT659OSvzQZNnOT1s/UeJ
>
> iQSgf+ODzQ==
> </ds:SignatureValue>
> <ds:KeyInfo Id="KeyId-3882268">
> <wsse:SecurityTokenReference
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="STRId-22729241"><ds:X509IssuerSerial>
> <ds:X509IssuerName>CN=dims</ds:X509IssuerName>
>
> <ds:X509SerialNumber>44369778256217224370984914847992022613</ds:X509SerialNumber>
>
> </ds:X509IssuerSerial></wsse:SecurityTokenReference>
> </ds:KeyInfo>
> </ds:Signature></wsse:Security></soapenv:Header>
> <soapenv:Body
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="id-12249901">
> <getXMethodsWebServiceNamesResponse
> xmlns="http://ibm.com.dw.bookshop.webservice">
> <result xmlns="" xmlns:ns1="http://arrays/java/lang"
> xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
> soapenc:arrayType="ns1:StringArray[5]" xsi:type="soapenc:Array">
> <result xsi:type="xsd:string">XSpace</result>
> <result xsi:type="xsd:string">XMethods Query Service</result>
> <result xsi:type="xsd:string">Dummy replacement for Weather -
> Temperature</result>
> <result xsi:type="xsd:string">Currency Exchange Rate</result>
> <result xsi:type="xsd:string">Delayed Stock Quote</result>
> </result>
> </getXMethodsWebServiceNamesResponse>
> </soapenv:Body>
> </soapenv:Envelope>
>
> Now in my client I should see a list like this:
> XSpace
> XMethods Query Service
> Dummy replacement for Weather - Temperature
> Currency Exchange Rate
> Delayed Stock Quote
>
> instead I see this:
> null
> null
> null
> null
> null
>
> I can prepare a dummy war file if you would like to test it on Geronimo
> yourself.
>
> I hope this helps.
>
> Regards,
> Stefan
>
> Werner Dittmann wrote:
>
>> Stefna,
>>
>> do you use the Axis handlers and Axis as your SOAP subsystem?
>> If yes then it should work - otherwise pls try to get a
>> dump of the request (tcpmon) and send it along.
>>
>> If you don't use the xis handler (and Axis) then make sure
>> theat you SOAP system does not modify the request after signature
>> processing.
>>
>> Regards,
>> Werner
>>
>> Stefan Schmidt wrote:
>>
>>
>>> Werner,
>>>
>>> Thanks for this remark - I wan't aware of the Crimson namespace problem.
>>> Now I got one step further. Unfortunately there is still something
>>> wrong. I am sending a SOAP array and when I sign the msg I cannot
>>> retrieve the string values from this array. Instead I simply get 'null'
>>> for each array item. tcpmon shows that the signed msg with the correct
>>> array values is send but the client seems to have a problem. There is no
>>> error message. Running the WS without security everything works fine.
>>>
>>> Ideas?
>>>
>>> Regards,
>>> Stefan
>>>
>>> Werner Dittmann wrote:
>>>
>>>
>>>
>>>> Stefan,
>>>>
>>>> acording to the stack printout you use the crimson parser
>>>> at the client side. Crimson does _not_ support namespaces
>>>> fully (only partial support). Pls make sure you have a
>>>> fully namespace aware parser first in your classpath, e.g.
>>>> xerces.
>>>>
>>>> AFAIK Crimson is the standard parser for JDK 1.4.x, but I'm
>>>> not sure if Crimson is supported by Apache anymore.
>>>>
>>>> Regards,
>>>> Werner
>>>>
>>>>
>>>> Stefan Schmidt wrote:
>>>>
>>>>
>>>>
>>
>> <SNIP> ..... <SNAP>
>>
>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>>
>>>
>>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>
>>
>>
>>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Signature Encrypt NPE
Posted by Werner Dittmann <We...@t-online.de>.
Stefan,
at the first look I can't see a problem. To get more info
can you pls enable debugging at the client side (WSDoAllReceiver)
an monitor it?
There is a log4j.proteries file in the src directory, just enable
the correct line and put the file in your classpath.
Thanks,
Werner
Stefan Schmidt wrote:
> Werner,
>
> At the client-side I am using Axis and the WSS4J Axis Handlers:
>
> <responseFlow >
> <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
> <parameter name="passwordCallbackClass"
> value="com.ibm.dw.bookshop.j2seclient.handlers.PWCallbackHandler"/>
> <parameter name="action" value="Signature"/>
> <parameter name="signaturePropFile" value="crypto.properties" />
> </handler>
> </responseFlow >
> At the server-side I am using a JAXRPC Web service running on Geronimo
> (which uses Axis for its JAXRPC functionality):
> <handler>
> <handler-name>Outbound Security Handler</handler-name>
>
> <handler-class>org.apache.ws.security.handler.WSS4JHandler</handler-class>
> <init-param>
> <param-name>deployment</param-name>
> <param-value>server</param-value>
> </init-param>
> <init-param>
> <param-name>action</param-name>
> <param-value>Signature</param-value>
> </init-param>
> <init-param>
> <param-name>passwordCallbackClass</param-name>
>
> <param-value>com.ibm.dw.bookshop.handlers.PWCallbackHandler</param-value>
> </init-param>
> <init-param>
> <param-name>flow</param-name>
> <param-value>response-only</param-value>
> </init-param>
> <init-param>
> <param-name>user</param-name>
>
> <param-value>16c73ab6-b892-458f-abf5-2f875f74882e</param-value>
> </init-param>
> <init-param>
> <param-name>signaturePropFile</param-name>
> <param-value>crypto.properties</param-value>
> </init-param>
> </handler>
>
> There is no Handler after this one so I assume the message is not
> altered after the signing process.
>
> Here is my TCPMonitor log:
>
> Request:
> ------------------------------------------------------------------
> POST /DWBookShop/XMethodsNames HTTP/1.0
> Content-Type: text/xml; charset=utf-8
> Accept: application/soap+xml, application/dime, multipart/related, text/*
> User-Agent: Axis/1.2.1
> Host: localhost:1235
> Cache-Control: no-cache
> Pragma: no-cache
> SOAPAction:
> "http://ibm.com.dw.bookshop.webservice/getXMethodsWebServiceNames"
> Content-Length: 336
>
> <?xml version="1.0" encoding="UTF-8"?>
> <soapenv:Envelope
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> <soapenv:Body>
> <getXMethodsWebServiceNames xmlns="http://ibm.com.dw.bookshop.webservice"/>
> </soapenv:Body>
> </soapenv:Envelope>
> ---------------------------------------------------------------------
>
>
> Response:
> ----------------------------------------------------------------------
>
> HTTP/1.1 200 OK
> Date: Wed, 31 Aug 2005 03:00:21 GMT
> Server: Jetty/5.1.5rc0 (Windows XP/5.1 x86 java/1.4.2_09
> Content-Type: text/xml; charset=utf-8
> Connection: close
>
>
>
> <?xml version="1.0" encoding="UTF-8"?>
> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
> xmlns:xsd="http://www.w3.org/2001/XMLSchema"
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
> <soapenv:Header>
> <wsse:Security
> xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
> soapenv:mustUnderstand="1">
> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
> <ds:SignedInfo>
> <ds:CanonicalizationMethod
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
>
> <ds:SignatureMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
>
> <ds:Reference URI="#id-12249901">
> <ds:Transforms>
> <ds:Transform
> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
> </ds:Transforms>
> <ds:DigestMethod
> Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
> <ds:DigestValue>QqWmAQmtL4ZaZb7/TOcYkg4E8c0=</ds:DigestValue>
> </ds:Reference>
> </ds:SignedInfo>
> <ds:SignatureValue>
> FQNJiw+lvL7NTSyif9N/Y5PNGeeSsJRf9jIgcfUTpwUsg+R8x4fLoIufT659OSvzQZNnOT1s/UeJ
>
> iQSgf+ODzQ==
> </ds:SignatureValue>
> <ds:KeyInfo Id="KeyId-3882268">
> <wsse:SecurityTokenReference
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="STRId-22729241"><ds:X509IssuerSerial>
> <ds:X509IssuerName>CN=dims</ds:X509IssuerName>
>
> <ds:X509SerialNumber>44369778256217224370984914847992022613</ds:X509SerialNumber>
>
> </ds:X509IssuerSerial></wsse:SecurityTokenReference>
> </ds:KeyInfo>
> </ds:Signature></wsse:Security></soapenv:Header>
> <soapenv:Body
> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
> wsu:Id="id-12249901">
> <getXMethodsWebServiceNamesResponse
> xmlns="http://ibm.com.dw.bookshop.webservice">
> <result xmlns="" xmlns:ns1="http://arrays/java/lang"
> xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
> soapenc:arrayType="ns1:StringArray[5]" xsi:type="soapenc:Array">
> <result xsi:type="xsd:string">XSpace</result>
> <result xsi:type="xsd:string">XMethods Query Service</result>
> <result xsi:type="xsd:string">Dummy replacement for Weather -
> Temperature</result>
> <result xsi:type="xsd:string">Currency Exchange Rate</result>
> <result xsi:type="xsd:string">Delayed Stock Quote</result>
> </result>
> </getXMethodsWebServiceNamesResponse>
> </soapenv:Body>
> </soapenv:Envelope>
>
> Now in my client I should see a list like this:
> XSpace
> XMethods Query Service
> Dummy replacement for Weather - Temperature
> Currency Exchange Rate
> Delayed Stock Quote
>
> instead I see this:
> null
> null
> null
> null
> null
>
> I can prepare a dummy war file if you would like to test it on Geronimo
> yourself.
>
> I hope this helps.
>
> Regards,
> Stefan
>
> Werner Dittmann wrote:
>
>> Stefna,
>>
>> do you use the Axis handlers and Axis as your SOAP subsystem?
>> If yes then it should work - otherwise pls try to get a
>> dump of the request (tcpmon) and send it along.
>>
>> If you don't use the xis handler (and Axis) then make sure
>> theat you SOAP system does not modify the request after signature
>> processing.
>>
>> Regards,
>> Werner
>>
>> Stefan Schmidt wrote:
>>
>>
>>> Werner,
>>>
>>> Thanks for this remark - I wan't aware of the Crimson namespace problem.
>>> Now I got one step further. Unfortunately there is still something
>>> wrong. I am sending a SOAP array and when I sign the msg I cannot
>>> retrieve the string values from this array. Instead I simply get 'null'
>>> for each array item. tcpmon shows that the signed msg with the correct
>>> array values is send but the client seems to have a problem. There is no
>>> error message. Running the WS without security everything works fine.
>>>
>>> Ideas?
>>>
>>> Regards,
>>> Stefan
>>>
>>> Werner Dittmann wrote:
>>>
>>>
>>>
>>>> Stefan,
>>>>
>>>> acording to the stack printout you use the crimson parser
>>>> at the client side. Crimson does _not_ support namespaces
>>>> fully (only partial support). Pls make sure you have a
>>>> fully namespace aware parser first in your classpath, e.g.
>>>> xerces.
>>>>
>>>> AFAIK Crimson is the standard parser for JDK 1.4.x, but I'm
>>>> not sure if Crimson is supported by Apache anymore.
>>>>
>>>> Regards,
>>>> Werner
>>>>
>>>>
>>>> Stefan Schmidt wrote:
>>>>
>>>>
>>>>
>>
>> <SNIP> ..... <SNAP>
>>
>>
>>> ---------------------------------------------------------------------
>>> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>>
>>>
>>>
>>
>>
>>
>> ---------------------------------------------------------------------
>> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>
>>
>>
>>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Signature Encrypt NPE
Posted by Stefan Schmidt <sc...@gmail.com>.
Werner,
At the client-side I am using Axis and the WSS4J Axis Handlers:
<responseFlow >
<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="passwordCallbackClass"
value="com.ibm.dw.bookshop.j2seclient.handlers.PWCallbackHandler"/>
<parameter name="action" value="Signature"/>
<parameter name="signaturePropFile" value="crypto.properties" />
</handler>
</responseFlow >
At the server-side I am using a JAXRPC Web service running on Geronimo (which uses Axis for its JAXRPC functionality):
<handler>
<handler-name>Outbound Security Handler</handler-name>
<handler-class>org.apache.ws.security.handler.WSS4JHandler</handler-class>
<init-param>
<param-name>deployment</param-name>
<param-value>server</param-value>
</init-param>
<init-param>
<param-name>action</param-name>
<param-value>Signature</param-value>
</init-param>
<init-param>
<param-name>passwordCallbackClass</param-name>
<param-value>com.ibm.dw.bookshop.handlers.PWCallbackHandler</param-value>
</init-param>
<init-param>
<param-name>flow</param-name>
<param-value>response-only</param-value>
</init-param>
<init-param>
<param-name>user</param-name>
<param-value>16c73ab6-b892-458f-abf5-2f875f74882e</param-value>
</init-param>
<init-param>
<param-name>signaturePropFile</param-name>
<param-value>crypto.properties</param-value>
</init-param>
</handler>
There is no Handler after this one so I assume the message is not altered after the signing process.
Here is my TCPMonitor log:
Request:
------------------------------------------------------------------
POST /DWBookShop/XMethodsNames HTTP/1.0
Content-Type: text/xml; charset=utf-8
Accept: application/soap+xml, application/dime, multipart/related, text/*
User-Agent: Axis/1.2.1
Host: localhost:1235
Cache-Control: no-cache
Pragma: no-cache
SOAPAction: "http://ibm.com.dw.bookshop.webservice/getXMethodsWebServiceNames"
Content-Length: 336
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Body>
<getXMethodsWebServiceNames xmlns="http://ibm.com.dw.bookshop.webservice"/>
</soapenv:Body>
</soapenv:Envelope>
---------------------------------------------------------------------
Response:
----------------------------------------------------------------------
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2005 03:00:21 GMT
Server: Jetty/5.1.5rc0 (Windows XP/5.1 x86 java/1.4.2_09
Content-Type: text/xml; charset=utf-8
Connection: close
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
soapenv:mustUnderstand="1">
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
<ds:Reference URI="#id-12249901">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>QqWmAQmtL4ZaZb7/TOcYkg4E8c0=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
FQNJiw+lvL7NTSyif9N/Y5PNGeeSsJRf9jIgcfUTpwUsg+R8x4fLoIufT659OSvzQZNnOT1s/UeJ
iQSgf+ODzQ==
</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-3882268">
<wsse:SecurityTokenReference
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="STRId-22729241"><ds:X509IssuerSerial>
<ds:X509IssuerName>CN=dims</ds:X509IssuerName>
<ds:X509SerialNumber>44369778256217224370984914847992022613</ds:X509SerialNumber>
</ds:X509IssuerSerial></wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature></wsse:Security></soapenv:Header>
<soapenv:Body
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="id-12249901">
<getXMethodsWebServiceNamesResponse
xmlns="http://ibm.com.dw.bookshop.webservice">
<result xmlns="" xmlns:ns1="http://arrays/java/lang"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
soapenc:arrayType="ns1:StringArray[5]" xsi:type="soapenc:Array">
<result xsi:type="xsd:string">XSpace</result>
<result xsi:type="xsd:string">XMethods Query Service</result>
<result xsi:type="xsd:string">Dummy replacement for Weather -
Temperature</result>
<result xsi:type="xsd:string">Currency Exchange Rate</result>
<result xsi:type="xsd:string">Delayed Stock Quote</result>
</result>
</getXMethodsWebServiceNamesResponse>
</soapenv:Body>
</soapenv:Envelope>
Now in my client I should see a list like this:
XSpace
XMethods Query Service
Dummy replacement for Weather - Temperature
Currency Exchange Rate
Delayed Stock Quote
instead I see this:
null
null
null
null
null
I can prepare a dummy war file if you would like to test it on Geronimo
yourself.
I hope this helps.
Regards,
Stefan
Werner Dittmann wrote:
>Stefna,
>
>do you use the Axis handlers and Axis as your SOAP subsystem?
>If yes then it should work - otherwise pls try to get a
>dump of the request (tcpmon) and send it along.
>
>If you don't use the xis handler (and Axis) then make sure
>theat you SOAP system does not modify the request after signature
>processing.
>
>Regards,
>Werner
>
>Stefan Schmidt wrote:
>
>
>>Werner,
>>
>>Thanks for this remark - I wan't aware of the Crimson namespace problem.
>>Now I got one step further. Unfortunately there is still something
>>wrong. I am sending a SOAP array and when I sign the msg I cannot
>>retrieve the string values from this array. Instead I simply get 'null'
>>for each array item. tcpmon shows that the signed msg with the correct
>>array values is send but the client seems to have a problem. There is no
>>error message. Running the WS without security everything works fine.
>>
>>Ideas?
>>
>>Regards,
>>Stefan
>>
>>Werner Dittmann wrote:
>>
>>
>>
>>>Stefan,
>>>
>>>acording to the stack printout you use the crimson parser
>>>at the client side. Crimson does _not_ support namespaces
>>>fully (only partial support). Pls make sure you have a
>>>fully namespace aware parser first in your classpath, e.g.
>>>xerces.
>>>
>>>AFAIK Crimson is the standard parser for JDK 1.4.x, but I'm
>>>not sure if Crimson is supported by Apache anymore.
>>>
>>>Regards,
>>>Werner
>>>
>>>
>>>Stefan Schmidt wrote:
>>>
>>>
>>>
>>>
><SNIP> ..... <SNAP>
>
>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>
>>
>>
>>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Signature Encrypt NPE
Posted by Stefan Schmidt <sc...@gmail.com>.
Werner,
At the client-side I am using Axis and the WSS4J Axis Handlers:
<responseFlow >
<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
<parameter name="passwordCallbackClass"
value="com.ibm.dw.bookshop.j2seclient.handlers.PWCallbackHandler"/>
<parameter name="action" value="Signature"/>
<parameter name="signaturePropFile" value="crypto.properties" />
</handler>
</responseFlow >
At the server-side I am using a JAXRPC Web service running on Geronimo (which uses Axis for its JAXRPC functionality):
<handler>
<handler-name>Outbound Security Handler</handler-name>
<handler-class>org.apache.ws.security.handler.WSS4JHandler</handler-class>
<init-param>
<param-name>deployment</param-name>
<param-value>server</param-value>
</init-param>
<init-param>
<param-name>action</param-name>
<param-value>Signature</param-value>
</init-param>
<init-param>
<param-name>passwordCallbackClass</param-name>
<param-value>com.ibm.dw.bookshop.handlers.PWCallbackHandler</param-value>
</init-param>
<init-param>
<param-name>flow</param-name>
<param-value>response-only</param-value>
</init-param>
<init-param>
<param-name>user</param-name>
<param-value>16c73ab6-b892-458f-abf5-2f875f74882e</param-value>
</init-param>
<init-param>
<param-name>signaturePropFile</param-name>
<param-value>crypto.properties</param-value>
</init-param>
</handler>
There is no Handler after this one so I assume the message is not altered after the signing process.
Here is my TCPMonitor log:
Request:
------------------------------------------------------------------
POST /DWBookShop/XMethodsNames HTTP/1.0
Content-Type: text/xml; charset=utf-8
Accept: application/soap+xml, application/dime, multipart/related, text/*
User-Agent: Axis/1.2.1
Host: localhost:1235
Cache-Control: no-cache
Pragma: no-cache
SOAPAction: "http://ibm.com.dw.bookshop.webservice/getXMethodsWebServiceNames"
Content-Length: 336
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Body>
<getXMethodsWebServiceNames xmlns="http://ibm.com.dw.bookshop.webservice"/>
</soapenv:Body>
</soapenv:Envelope>
---------------------------------------------------------------------
Response:
----------------------------------------------------------------------
HTTP/1.1 200 OK
Date: Wed, 31 Aug 2005 03:00:21 GMT
Server: Jetty/5.1.5rc0 (Windows XP/5.1 x86 java/1.4.2_09
Content-Type: text/xml; charset=utf-8
Connection: close
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
<soapenv:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"
soapenv:mustUnderstand="1">
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:CanonicalizationMethod>
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"></ds:SignatureMethod>
<ds:Reference URI="#id-12249901">
<ds:Transforms>
<ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></ds:Transform>
</ds:Transforms>
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"></ds:DigestMethod>
<ds:DigestValue>QqWmAQmtL4ZaZb7/TOcYkg4E8c0=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
FQNJiw+lvL7NTSyif9N/Y5PNGeeSsJRf9jIgcfUTpwUsg+R8x4fLoIufT659OSvzQZNnOT1s/UeJ
iQSgf+ODzQ==
</ds:SignatureValue>
<ds:KeyInfo Id="KeyId-3882268">
<wsse:SecurityTokenReference
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="STRId-22729241"><ds:X509IssuerSerial>
<ds:X509IssuerName>CN=dims</ds:X509IssuerName>
<ds:X509SerialNumber>44369778256217224370984914847992022613</ds:X509SerialNumber>
</ds:X509IssuerSerial></wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature></wsse:Security></soapenv:Header>
<soapenv:Body
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"
wsu:Id="id-12249901">
<getXMethodsWebServiceNamesResponse
xmlns="http://ibm.com.dw.bookshop.webservice">
<result xmlns="" xmlns:ns1="http://arrays/java/lang"
xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/"
soapenc:arrayType="ns1:StringArray[5]" xsi:type="soapenc:Array">
<result xsi:type="xsd:string">XSpace</result>
<result xsi:type="xsd:string">XMethods Query Service</result>
<result xsi:type="xsd:string">Dummy replacement for Weather -
Temperature</result>
<result xsi:type="xsd:string">Currency Exchange Rate</result>
<result xsi:type="xsd:string">Delayed Stock Quote</result>
</result>
</getXMethodsWebServiceNamesResponse>
</soapenv:Body>
</soapenv:Envelope>
Now in my client I should see a list like this:
XSpace
XMethods Query Service
Dummy replacement for Weather - Temperature
Currency Exchange Rate
Delayed Stock Quote
instead I see this:
null
null
null
null
null
I can prepare a dummy war file if you would like to test it on Geronimo
yourself.
I hope this helps.
Regards,
Stefan
Werner Dittmann wrote:
>Stefna,
>
>do you use the Axis handlers and Axis as your SOAP subsystem?
>If yes then it should work - otherwise pls try to get a
>dump of the request (tcpmon) and send it along.
>
>If you don't use the xis handler (and Axis) then make sure
>theat you SOAP system does not modify the request after signature
>processing.
>
>Regards,
>Werner
>
>Stefan Schmidt wrote:
>
>
>>Werner,
>>
>>Thanks for this remark - I wan't aware of the Crimson namespace problem.
>>Now I got one step further. Unfortunately there is still something
>>wrong. I am sending a SOAP array and when I sign the msg I cannot
>>retrieve the string values from this array. Instead I simply get 'null'
>>for each array item. tcpmon shows that the signed msg with the correct
>>array values is send but the client seems to have a problem. There is no
>>error message. Running the WS without security everything works fine.
>>
>>Ideas?
>>
>>Regards,
>>Stefan
>>
>>Werner Dittmann wrote:
>>
>>
>>
>>>Stefan,
>>>
>>>acording to the stack printout you use the crimson parser
>>>at the client side. Crimson does _not_ support namespaces
>>>fully (only partial support). Pls make sure you have a
>>>fully namespace aware parser first in your classpath, e.g.
>>>xerces.
>>>
>>>AFAIK Crimson is the standard parser for JDK 1.4.x, but I'm
>>>not sure if Crimson is supported by Apache anymore.
>>>
>>>Regards,
>>>Werner
>>>
>>>
>>>Stefan Schmidt wrote:
>>>
>>>
>>>
>>>
><SNIP> ..... <SNAP>
>
>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>
>>
>>
>>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Signature Encrypt NPE
Posted by Werner Dittmann <We...@t-online.de>.
Stefna,
do you use the Axis handlers and Axis as your SOAP subsystem?
If yes then it should work - otherwise pls try to get a
dump of the request (tcpmon) and send it along.
If you don't use the xis handler (and Axis) then make sure
theat you SOAP system does not modify the request after signature
processing.
Regards,
Werner
Stefan Schmidt wrote:
> Werner,
>
> Thanks for this remark - I wan't aware of the Crimson namespace problem.
> Now I got one step further. Unfortunately there is still something
> wrong. I am sending a SOAP array and when I sign the msg I cannot
> retrieve the string values from this array. Instead I simply get 'null'
> for each array item. tcpmon shows that the signed msg with the correct
> array values is send but the client seems to have a problem. There is no
> error message. Running the WS without security everything works fine.
>
> Ideas?
>
> Regards,
> Stefan
>
> Werner Dittmann wrote:
>
>> Stefan,
>>
>> acording to the stack printout you use the crimson parser
>> at the client side. Crimson does _not_ support namespaces
>> fully (only partial support). Pls make sure you have a
>> fully namespace aware parser first in your classpath, e.g.
>> xerces.
>>
>> AFAIK Crimson is the standard parser for JDK 1.4.x, but I'm
>> not sure if Crimson is supported by Apache anymore.
>>
>> Regards,
>> Werner
>>
>>
>> Stefan Schmidt wrote:
>>
>>
<SNIP> ..... <SNAP>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Signature Encrypt NPE
Posted by Werner Dittmann <We...@t-online.de>.
Stefna,
do you use the Axis handlers and Axis as your SOAP subsystem?
If yes then it should work - otherwise pls try to get a
dump of the request (tcpmon) and send it along.
If you don't use the xis handler (and Axis) then make sure
theat you SOAP system does not modify the request after signature
processing.
Regards,
Werner
Stefan Schmidt wrote:
> Werner,
>
> Thanks for this remark - I wan't aware of the Crimson namespace problem.
> Now I got one step further. Unfortunately there is still something
> wrong. I am sending a SOAP array and when I sign the msg I cannot
> retrieve the string values from this array. Instead I simply get 'null'
> for each array item. tcpmon shows that the signed msg with the correct
> array values is send but the client seems to have a problem. There is no
> error message. Running the WS without security everything works fine.
>
> Ideas?
>
> Regards,
> Stefan
>
> Werner Dittmann wrote:
>
>> Stefan,
>>
>> acording to the stack printout you use the crimson parser
>> at the client side. Crimson does _not_ support namespaces
>> fully (only partial support). Pls make sure you have a
>> fully namespace aware parser first in your classpath, e.g.
>> xerces.
>>
>> AFAIK Crimson is the standard parser for JDK 1.4.x, but I'm
>> not sure if Crimson is supported by Apache anymore.
>>
>> Regards,
>> Werner
>>
>>
>> Stefan Schmidt wrote:
>>
>>
<SNIP> ..... <SNAP>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Signature Encrypt NPE
Posted by Stefan Schmidt <sc...@gmail.com>.
Werner,
Thanks for this remark - I wan't aware of the Crimson namespace problem.
Now I got one step further. Unfortunately there is still something
wrong. I am sending a SOAP array and when I sign the msg I cannot
retrieve the string values from this array. Instead I simply get 'null'
for each array item. tcpmon shows that the signed msg with the correct
array values is send but the client seems to have a problem. There is no
error message. Running the WS without security everything works fine.
Ideas?
Regards,
Stefan
Werner Dittmann wrote:
>Stefan,
>
>acording to the stack printout you use the crimson parser
>at the client side. Crimson does _not_ support namespaces
>fully (only partial support). Pls make sure you have a
>fully namespace aware parser first in your classpath, e.g.
>xerces.
>
>AFAIK Crimson is the standard parser for JDK 1.4.x, but I'm
>not sure if Crimson is supported by Apache anymore.
>
>Regards,
>Werner
>
>
>Stefan Schmidt wrote:
>
>
>>Hi,
>>
>>I managed to get an example going as follows:
>>
>>Axis client --> (UsernameToken Encrypt) --> JAXRPC server (this works
>>perfectly)
>>
>>Now I am trying to sign and encrypt the server response:
>>
>>JAXRPC server --> (Signature Encrypt) --> Axis client (the server sends
>>the encrypted and signed SOAP message but the client throws a NPE)
>>
>>Here are my settings for scenario 2:
>>
>>server: webservices.xml
>><handler>
>> <handler-name>Outbound Security Handler</handler-name>
>>
>><handler-class>org.apache.ws.security.handler.WSS4JHandler</handler-class>
>> <init-param>
>> <param-name>deployment</param-name>
>> <param-value>server</param-value>
>> </init-param>
>> <init-param>
>> <param-name>action</param-name>
>> <param-value>Signature Encrypt</param-value>
>> </init-param>
>> <init-param>
>> <param-name>passwordCallbackClass</param-name>
>>
>><param-value>com.ibm.dw.bookshop.handlers.PWCallbackHandler</param-value>
>> </init-param>
>> <init-param>
>> <param-name>flow</param-name>
>> <param-value>response-only</param-value>
>> </init-param>
>> <init-param>
>> <param-name>user</param-name>
>>
>><param-value>16c73ab6-b892-458f-abf5-2f875f74882e</param-value>
>> </init-param>
>> <init-param>
>> <param-name>signaturePropFile</param-name>
>> <param-value>crypto.properties</param-value>
>> </init-param>
>> </handler>
>>
>>client: axis-client.wsdd
>><responseFlow >
>> <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
>> <parameter name="passwordCallbackClass"
>>
>>value="com.ibm.dw.bookshop.j2seclient.handlers.PWCallbackHandler"/>
>> <parameter name="action" value="Signature Encrypt"/>
>> <parameter name="signaturePropFile" value="crypto.properties"
>>/> </handler>
>></responseFlow >
>>
>>The callbackhandlers have the PWCallback1 contents.
>>
>>In the TCPMon I can see that the server sends the encrypted msg properly.
>>
>>At the client I get the following NPE (the stubs were generated without
>>security in place - I figure this doesn't matter because the wsdl
>>doesn't change - right?):
>>
>>{http://xml.apache.org/axis/}stackTrace:java.lang.NullPointerException
>> [java] at
>>org.apache.crimson.tree.ElementNode2.getAttributeNodeNS(Unknown Source)
>> [java] at
>>org.apache.crimson.tree.ElementNode2.hasAttributeNS(Unknown Source)
>> [java] at
>>org.apache.ws.security.util.WSSecurityUtil.findElementById(WSSecurityUtil.java:363)
>>
>> [java] at
>>org.apache.ws.security.util.WSSecurityUtil.getElementByWsuId(WSSecurityUtil.java:547)
>>
>> [java] at
>>org.apache.ws.security.WSSecurityEngine.decryptDataRef(WSSecurityEngine.java:1211)
>>
>> [java] at
>>org.apache.ws.security.WSSecurityEngine.handleEncryptedKey(WSSecurityEngine.java:1188)
>>
>> [java] at
>>org.apache.ws.security.WSSecurityEngine.handleEncryptedKey(WSSecurityEngine.java:943)
>>
>> [java] at
>>org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:363)
>>
>> [java] at
>>org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:259)
>>
>> [java] at
>>org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:183)
>>
>> [java] at
>>org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
>>
>> [java] at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
>> [java] at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
>> [java] at org.apache.axis.client.AxisClient.invoke(AxisClient.java:190)
>> [java] at org.apache.axis.client.Call.invokeEngine(Call.java:2765)
>> [java] at org.apache.axis.client.Call.invoke(Call.java:2748)
>> [java] at org.apache.axis.client.Call.invoke(Call.java:2424)
>> [java] at org.apache.axis.client.Call.invoke(Call.java:2347)
>> [java] at org.apache.axis.client.Call.invoke(Call.java:1804)
>> [java] at
>>com.ibm.dw.bookshop.j2seclient.jse.generated.XMethodsNamesSEIBindingStub.getXMethodsWebServiceNames(XMethodsNamesSEIBindingStub.java:159)
>>
>> [java] at
>>com.ibm.dw.bookshop.j2seclient.BookShopClientFrame.invokeServletSEI(BookShopClientFrame.java:247)
>>
>> [java] at
>>com.ibm.dw.bookshop.j2seclient.BookShopClientFrame.access$200(BookShopClientFrame.java:54)
>>
>> [java] at
>>com.ibm.dw.bookshop.j2seclient.BookShopClientFrame$3.run(BookShopClientFrame.java:177)
>>
>> [java] at java.awt.event.InvocationEvent.dispatch(Unknown Source)
>> [java] at java.awt.EventQueue.dispatchEvent(Unknown Source)
>> [java] at
>>java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
>> [java] at
>>java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
>> [java] at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
>> [java] at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
>> [java] at java.awt.EventDispatchThread.run(Unknown Source)
>> [java] {http://xml.apache.org/axis/}hostname:stefan
>> [java] java.lang.NullPointerException
>> [java] at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
>> [java] at org.apache.axis.client.AxisClient.invoke(AxisClient.java:216)
>> [java] at org.apache.axis.client.Call.invokeEngine(Call.java:2765)
>> [java] at org.apache.axis.client.Call.invoke(Call.java:2748)
>> [java] at org.apache.axis.client.Call.invoke(Call.java:2424)
>> [java] at org.apache.axis.client.Call.invoke(Call.java:2347)
>> [java] at org.apache.axis.client.Call.invoke(Call.java:1804)
>> [java] at
>>com.ibm.dw.bookshop.j2seclient.jse.generated.XMethodsNamesSEIBindingStub.getXMethodsWebServiceNames(XMethodsNamesSEIBindingStub.java:159)
>>
>> [java] at
>>com.ibm.dw.bookshop.j2seclient.BookShopClientFrame.invokeServletSEI(BookShopClientFrame.java:247)
>>
>> [java] at
>>com.ibm.dw.bookshop.j2seclient.BookShopClientFrame.access$200(BookShopClientFrame.java:54)
>>
>> [java] at
>>com.ibm.dw.bookshop.j2seclient.BookShopClientFrame$3.run(BookShopClientFrame.java:177)
>>
>> [java] at java.awt.event.InvocationEvent.dispatch(Unknown Source)
>> [java] at java.awt.EventQueue.dispatchEvent(Unknown Source)
>> [java] at
>>java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
>> [java] at
>>java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
>> [java] at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
>> [java] at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
>> [java] at java.awt.EventDispatchThread.run(Unknown Source)
>> [java] Caused by: java.lang.NullPointerException
>> [java] at
>>org.apache.crimson.tree.ElementNode2.getAttributeNodeNS(Unknown Source)
>> [java] at
>>org.apache.crimson.tree.ElementNode2.hasAttributeNS(Unknown Source)
>> [java] at
>>org.apache.ws.security.util.WSSecurityUtil.findElementById(WSSecurityUtil.java:363)
>>
>> [java] at
>>org.apache.ws.security.util.WSSecurityUtil.getElementByWsuId(WSSecurityUtil.java:547)
>>
>> [java] at
>>org.apache.ws.security.WSSecurityEngine.decryptDataRef(WSSecurityEngine.java:1211)
>>
>> [java] at
>>org.apache.ws.security.WSSecurityEngine.handleEncryptedKey(WSSecurityEngine.java:1188)
>>
>> [java] at
>>org.apache.ws.security.WSSecurityEngine.handleEncryptedKey(WSSecurityEngine.java:943)
>>
>> [java] at
>>org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:363)
>>
>> [java] at
>>org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:259)
>>
>> [java] at
>>org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:183)
>>
>> [java] at
>>org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
>>
>> [java] at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
>> [java] at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
>> [java] at org.apache.axis.client.AxisClient.invoke(AxisClient.java:190)
>> [java] ... 16 more
>>
>>Thanks for your help!
>>
>>Regards,
>>
>>Stefan
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>
>>
>>
>>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Signature Encrypt NPE
Posted by Stefan Schmidt <sc...@gmail.com>.
Werner,
Thanks for this remark - I wan't aware of the Crimson namespace problem.
Now I got one step further. Unfortunately there is still something
wrong. I am sending a SOAP array and when I sign the msg I cannot
retrieve the string values from this array. Instead I simply get 'null'
for each array item. tcpmon shows that the signed msg with the correct
array values is send but the client seems to have a problem. There is no
error message. Running the WS without security everything works fine.
Ideas?
Regards,
Stefan
Werner Dittmann wrote:
>Stefan,
>
>acording to the stack printout you use the crimson parser
>at the client side. Crimson does _not_ support namespaces
>fully (only partial support). Pls make sure you have a
>fully namespace aware parser first in your classpath, e.g.
>xerces.
>
>AFAIK Crimson is the standard parser for JDK 1.4.x, but I'm
>not sure if Crimson is supported by Apache anymore.
>
>Regards,
>Werner
>
>
>Stefan Schmidt wrote:
>
>
>>Hi,
>>
>>I managed to get an example going as follows:
>>
>>Axis client --> (UsernameToken Encrypt) --> JAXRPC server (this works
>>perfectly)
>>
>>Now I am trying to sign and encrypt the server response:
>>
>>JAXRPC server --> (Signature Encrypt) --> Axis client (the server sends
>>the encrypted and signed SOAP message but the client throws a NPE)
>>
>>Here are my settings for scenario 2:
>>
>>server: webservices.xml
>><handler>
>> <handler-name>Outbound Security Handler</handler-name>
>>
>><handler-class>org.apache.ws.security.handler.WSS4JHandler</handler-class>
>> <init-param>
>> <param-name>deployment</param-name>
>> <param-value>server</param-value>
>> </init-param>
>> <init-param>
>> <param-name>action</param-name>
>> <param-value>Signature Encrypt</param-value>
>> </init-param>
>> <init-param>
>> <param-name>passwordCallbackClass</param-name>
>>
>><param-value>com.ibm.dw.bookshop.handlers.PWCallbackHandler</param-value>
>> </init-param>
>> <init-param>
>> <param-name>flow</param-name>
>> <param-value>response-only</param-value>
>> </init-param>
>> <init-param>
>> <param-name>user</param-name>
>>
>><param-value>16c73ab6-b892-458f-abf5-2f875f74882e</param-value>
>> </init-param>
>> <init-param>
>> <param-name>signaturePropFile</param-name>
>> <param-value>crypto.properties</param-value>
>> </init-param>
>> </handler>
>>
>>client: axis-client.wsdd
>><responseFlow >
>> <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
>> <parameter name="passwordCallbackClass"
>>
>>value="com.ibm.dw.bookshop.j2seclient.handlers.PWCallbackHandler"/>
>> <parameter name="action" value="Signature Encrypt"/>
>> <parameter name="signaturePropFile" value="crypto.properties"
>>/> </handler>
>></responseFlow >
>>
>>The callbackhandlers have the PWCallback1 contents.
>>
>>In the TCPMon I can see that the server sends the encrypted msg properly.
>>
>>At the client I get the following NPE (the stubs were generated without
>>security in place - I figure this doesn't matter because the wsdl
>>doesn't change - right?):
>>
>>{http://xml.apache.org/axis/}stackTrace:java.lang.NullPointerException
>> [java] at
>>org.apache.crimson.tree.ElementNode2.getAttributeNodeNS(Unknown Source)
>> [java] at
>>org.apache.crimson.tree.ElementNode2.hasAttributeNS(Unknown Source)
>> [java] at
>>org.apache.ws.security.util.WSSecurityUtil.findElementById(WSSecurityUtil.java:363)
>>
>> [java] at
>>org.apache.ws.security.util.WSSecurityUtil.getElementByWsuId(WSSecurityUtil.java:547)
>>
>> [java] at
>>org.apache.ws.security.WSSecurityEngine.decryptDataRef(WSSecurityEngine.java:1211)
>>
>> [java] at
>>org.apache.ws.security.WSSecurityEngine.handleEncryptedKey(WSSecurityEngine.java:1188)
>>
>> [java] at
>>org.apache.ws.security.WSSecurityEngine.handleEncryptedKey(WSSecurityEngine.java:943)
>>
>> [java] at
>>org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:363)
>>
>> [java] at
>>org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:259)
>>
>> [java] at
>>org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:183)
>>
>> [java] at
>>org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
>>
>> [java] at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
>> [java] at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
>> [java] at org.apache.axis.client.AxisClient.invoke(AxisClient.java:190)
>> [java] at org.apache.axis.client.Call.invokeEngine(Call.java:2765)
>> [java] at org.apache.axis.client.Call.invoke(Call.java:2748)
>> [java] at org.apache.axis.client.Call.invoke(Call.java:2424)
>> [java] at org.apache.axis.client.Call.invoke(Call.java:2347)
>> [java] at org.apache.axis.client.Call.invoke(Call.java:1804)
>> [java] at
>>com.ibm.dw.bookshop.j2seclient.jse.generated.XMethodsNamesSEIBindingStub.getXMethodsWebServiceNames(XMethodsNamesSEIBindingStub.java:159)
>>
>> [java] at
>>com.ibm.dw.bookshop.j2seclient.BookShopClientFrame.invokeServletSEI(BookShopClientFrame.java:247)
>>
>> [java] at
>>com.ibm.dw.bookshop.j2seclient.BookShopClientFrame.access$200(BookShopClientFrame.java:54)
>>
>> [java] at
>>com.ibm.dw.bookshop.j2seclient.BookShopClientFrame$3.run(BookShopClientFrame.java:177)
>>
>> [java] at java.awt.event.InvocationEvent.dispatch(Unknown Source)
>> [java] at java.awt.EventQueue.dispatchEvent(Unknown Source)
>> [java] at
>>java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
>> [java] at
>>java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
>> [java] at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
>> [java] at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
>> [java] at java.awt.EventDispatchThread.run(Unknown Source)
>> [java] {http://xml.apache.org/axis/}hostname:stefan
>> [java] java.lang.NullPointerException
>> [java] at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
>> [java] at org.apache.axis.client.AxisClient.invoke(AxisClient.java:216)
>> [java] at org.apache.axis.client.Call.invokeEngine(Call.java:2765)
>> [java] at org.apache.axis.client.Call.invoke(Call.java:2748)
>> [java] at org.apache.axis.client.Call.invoke(Call.java:2424)
>> [java] at org.apache.axis.client.Call.invoke(Call.java:2347)
>> [java] at org.apache.axis.client.Call.invoke(Call.java:1804)
>> [java] at
>>com.ibm.dw.bookshop.j2seclient.jse.generated.XMethodsNamesSEIBindingStub.getXMethodsWebServiceNames(XMethodsNamesSEIBindingStub.java:159)
>>
>> [java] at
>>com.ibm.dw.bookshop.j2seclient.BookShopClientFrame.invokeServletSEI(BookShopClientFrame.java:247)
>>
>> [java] at
>>com.ibm.dw.bookshop.j2seclient.BookShopClientFrame.access$200(BookShopClientFrame.java:54)
>>
>> [java] at
>>com.ibm.dw.bookshop.j2seclient.BookShopClientFrame$3.run(BookShopClientFrame.java:177)
>>
>> [java] at java.awt.event.InvocationEvent.dispatch(Unknown Source)
>> [java] at java.awt.EventQueue.dispatchEvent(Unknown Source)
>> [java] at
>>java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
>> [java] at
>>java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
>> [java] at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
>> [java] at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
>> [java] at java.awt.EventDispatchThread.run(Unknown Source)
>> [java] Caused by: java.lang.NullPointerException
>> [java] at
>>org.apache.crimson.tree.ElementNode2.getAttributeNodeNS(Unknown Source)
>> [java] at
>>org.apache.crimson.tree.ElementNode2.hasAttributeNS(Unknown Source)
>> [java] at
>>org.apache.ws.security.util.WSSecurityUtil.findElementById(WSSecurityUtil.java:363)
>>
>> [java] at
>>org.apache.ws.security.util.WSSecurityUtil.getElementByWsuId(WSSecurityUtil.java:547)
>>
>> [java] at
>>org.apache.ws.security.WSSecurityEngine.decryptDataRef(WSSecurityEngine.java:1211)
>>
>> [java] at
>>org.apache.ws.security.WSSecurityEngine.handleEncryptedKey(WSSecurityEngine.java:1188)
>>
>> [java] at
>>org.apache.ws.security.WSSecurityEngine.handleEncryptedKey(WSSecurityEngine.java:943)
>>
>> [java] at
>>org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:363)
>>
>> [java] at
>>org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:259)
>>
>> [java] at
>>org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:183)
>>
>> [java] at
>>org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
>>
>> [java] at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
>> [java] at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
>> [java] at org.apache.axis.client.AxisClient.invoke(AxisClient.java:190)
>> [java] ... 16 more
>>
>>Thanks for your help!
>>
>>Regards,
>>
>>Stefan
>>
>>---------------------------------------------------------------------
>>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>>
>>
>>
>>
>
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
>For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Signature Encrypt NPE
Posted by Werner Dittmann <We...@t-online.de>.
Stefan,
acording to the stack printout you use the crimson parser
at the client side. Crimson does _not_ support namespaces
fully (only partial support). Pls make sure you have a
fully namespace aware parser first in your classpath, e.g.
xerces.
AFAIK Crimson is the standard parser for JDK 1.4.x, but I'm
not sure if Crimson is supported by Apache anymore.
Regards,
Werner
Stefan Schmidt wrote:
> Hi,
>
> I managed to get an example going as follows:
>
> Axis client --> (UsernameToken Encrypt) --> JAXRPC server (this works
> perfectly)
>
> Now I am trying to sign and encrypt the server response:
>
> JAXRPC server --> (Signature Encrypt) --> Axis client (the server sends
> the encrypted and signed SOAP message but the client throws a NPE)
>
> Here are my settings for scenario 2:
>
> server: webservices.xml
> <handler>
> <handler-name>Outbound Security Handler</handler-name>
>
> <handler-class>org.apache.ws.security.handler.WSS4JHandler</handler-class>
> <init-param>
> <param-name>deployment</param-name>
> <param-value>server</param-value>
> </init-param>
> <init-param>
> <param-name>action</param-name>
> <param-value>Signature Encrypt</param-value>
> </init-param>
> <init-param>
> <param-name>passwordCallbackClass</param-name>
>
> <param-value>com.ibm.dw.bookshop.handlers.PWCallbackHandler</param-value>
> </init-param>
> <init-param>
> <param-name>flow</param-name>
> <param-value>response-only</param-value>
> </init-param>
> <init-param>
> <param-name>user</param-name>
>
> <param-value>16c73ab6-b892-458f-abf5-2f875f74882e</param-value>
> </init-param>
> <init-param>
> <param-name>signaturePropFile</param-name>
> <param-value>crypto.properties</param-value>
> </init-param>
> </handler>
>
> client: axis-client.wsdd
> <responseFlow >
> <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
> <parameter name="passwordCallbackClass"
>
> value="com.ibm.dw.bookshop.j2seclient.handlers.PWCallbackHandler"/>
> <parameter name="action" value="Signature Encrypt"/>
> <parameter name="signaturePropFile" value="crypto.properties"
> /> </handler>
> </responseFlow >
>
> The callbackhandlers have the PWCallback1 contents.
>
> In the TCPMon I can see that the server sends the encrypted msg properly.
>
> At the client I get the following NPE (the stubs were generated without
> security in place - I figure this doesn't matter because the wsdl
> doesn't change - right?):
>
> {http://xml.apache.org/axis/}stackTrace:java.lang.NullPointerException
> [java] at
> org.apache.crimson.tree.ElementNode2.getAttributeNodeNS(Unknown Source)
> [java] at
> org.apache.crimson.tree.ElementNode2.hasAttributeNS(Unknown Source)
> [java] at
> org.apache.ws.security.util.WSSecurityUtil.findElementById(WSSecurityUtil.java:363)
>
> [java] at
> org.apache.ws.security.util.WSSecurityUtil.getElementByWsuId(WSSecurityUtil.java:547)
>
> [java] at
> org.apache.ws.security.WSSecurityEngine.decryptDataRef(WSSecurityEngine.java:1211)
>
> [java] at
> org.apache.ws.security.WSSecurityEngine.handleEncryptedKey(WSSecurityEngine.java:1188)
>
> [java] at
> org.apache.ws.security.WSSecurityEngine.handleEncryptedKey(WSSecurityEngine.java:943)
>
> [java] at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:363)
>
> [java] at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:259)
>
> [java] at
> org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:183)
>
> [java] at
> org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
>
> [java] at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
> [java] at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
> [java] at org.apache.axis.client.AxisClient.invoke(AxisClient.java:190)
> [java] at org.apache.axis.client.Call.invokeEngine(Call.java:2765)
> [java] at org.apache.axis.client.Call.invoke(Call.java:2748)
> [java] at org.apache.axis.client.Call.invoke(Call.java:2424)
> [java] at org.apache.axis.client.Call.invoke(Call.java:2347)
> [java] at org.apache.axis.client.Call.invoke(Call.java:1804)
> [java] at
> com.ibm.dw.bookshop.j2seclient.jse.generated.XMethodsNamesSEIBindingStub.getXMethodsWebServiceNames(XMethodsNamesSEIBindingStub.java:159)
>
> [java] at
> com.ibm.dw.bookshop.j2seclient.BookShopClientFrame.invokeServletSEI(BookShopClientFrame.java:247)
>
> [java] at
> com.ibm.dw.bookshop.j2seclient.BookShopClientFrame.access$200(BookShopClientFrame.java:54)
>
> [java] at
> com.ibm.dw.bookshop.j2seclient.BookShopClientFrame$3.run(BookShopClientFrame.java:177)
>
> [java] at java.awt.event.InvocationEvent.dispatch(Unknown Source)
> [java] at java.awt.EventQueue.dispatchEvent(Unknown Source)
> [java] at
> java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
> [java] at
> java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
> [java] at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
> [java] at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
> [java] at java.awt.EventDispatchThread.run(Unknown Source)
> [java] {http://xml.apache.org/axis/}hostname:stefan
> [java] java.lang.NullPointerException
> [java] at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
> [java] at org.apache.axis.client.AxisClient.invoke(AxisClient.java:216)
> [java] at org.apache.axis.client.Call.invokeEngine(Call.java:2765)
> [java] at org.apache.axis.client.Call.invoke(Call.java:2748)
> [java] at org.apache.axis.client.Call.invoke(Call.java:2424)
> [java] at org.apache.axis.client.Call.invoke(Call.java:2347)
> [java] at org.apache.axis.client.Call.invoke(Call.java:1804)
> [java] at
> com.ibm.dw.bookshop.j2seclient.jse.generated.XMethodsNamesSEIBindingStub.getXMethodsWebServiceNames(XMethodsNamesSEIBindingStub.java:159)
>
> [java] at
> com.ibm.dw.bookshop.j2seclient.BookShopClientFrame.invokeServletSEI(BookShopClientFrame.java:247)
>
> [java] at
> com.ibm.dw.bookshop.j2seclient.BookShopClientFrame.access$200(BookShopClientFrame.java:54)
>
> [java] at
> com.ibm.dw.bookshop.j2seclient.BookShopClientFrame$3.run(BookShopClientFrame.java:177)
>
> [java] at java.awt.event.InvocationEvent.dispatch(Unknown Source)
> [java] at java.awt.EventQueue.dispatchEvent(Unknown Source)
> [java] at
> java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
> [java] at
> java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
> [java] at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
> [java] at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
> [java] at java.awt.EventDispatchThread.run(Unknown Source)
> [java] Caused by: java.lang.NullPointerException
> [java] at
> org.apache.crimson.tree.ElementNode2.getAttributeNodeNS(Unknown Source)
> [java] at
> org.apache.crimson.tree.ElementNode2.hasAttributeNS(Unknown Source)
> [java] at
> org.apache.ws.security.util.WSSecurityUtil.findElementById(WSSecurityUtil.java:363)
>
> [java] at
> org.apache.ws.security.util.WSSecurityUtil.getElementByWsuId(WSSecurityUtil.java:547)
>
> [java] at
> org.apache.ws.security.WSSecurityEngine.decryptDataRef(WSSecurityEngine.java:1211)
>
> [java] at
> org.apache.ws.security.WSSecurityEngine.handleEncryptedKey(WSSecurityEngine.java:1188)
>
> [java] at
> org.apache.ws.security.WSSecurityEngine.handleEncryptedKey(WSSecurityEngine.java:943)
>
> [java] at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:363)
>
> [java] at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:259)
>
> [java] at
> org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:183)
>
> [java] at
> org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
>
> [java] at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
> [java] at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
> [java] at org.apache.axis.client.AxisClient.invoke(AxisClient.java:190)
> [java] ... 16 more
>
> Thanks for your help!
>
> Regards,
>
> Stefan
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Signature Encrypt NPE
Posted by Werner Dittmann <We...@t-online.de>.
Stefan,
acording to the stack printout you use the crimson parser
at the client side. Crimson does _not_ support namespaces
fully (only partial support). Pls make sure you have a
fully namespace aware parser first in your classpath, e.g.
xerces.
AFAIK Crimson is the standard parser for JDK 1.4.x, but I'm
not sure if Crimson is supported by Apache anymore.
Regards,
Werner
Stefan Schmidt wrote:
> Hi,
>
> I managed to get an example going as follows:
>
> Axis client --> (UsernameToken Encrypt) --> JAXRPC server (this works
> perfectly)
>
> Now I am trying to sign and encrypt the server response:
>
> JAXRPC server --> (Signature Encrypt) --> Axis client (the server sends
> the encrypted and signed SOAP message but the client throws a NPE)
>
> Here are my settings for scenario 2:
>
> server: webservices.xml
> <handler>
> <handler-name>Outbound Security Handler</handler-name>
>
> <handler-class>org.apache.ws.security.handler.WSS4JHandler</handler-class>
> <init-param>
> <param-name>deployment</param-name>
> <param-value>server</param-value>
> </init-param>
> <init-param>
> <param-name>action</param-name>
> <param-value>Signature Encrypt</param-value>
> </init-param>
> <init-param>
> <param-name>passwordCallbackClass</param-name>
>
> <param-value>com.ibm.dw.bookshop.handlers.PWCallbackHandler</param-value>
> </init-param>
> <init-param>
> <param-name>flow</param-name>
> <param-value>response-only</param-value>
> </init-param>
> <init-param>
> <param-name>user</param-name>
>
> <param-value>16c73ab6-b892-458f-abf5-2f875f74882e</param-value>
> </init-param>
> <init-param>
> <param-name>signaturePropFile</param-name>
> <param-value>crypto.properties</param-value>
> </init-param>
> </handler>
>
> client: axis-client.wsdd
> <responseFlow >
> <handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">
> <parameter name="passwordCallbackClass"
>
> value="com.ibm.dw.bookshop.j2seclient.handlers.PWCallbackHandler"/>
> <parameter name="action" value="Signature Encrypt"/>
> <parameter name="signaturePropFile" value="crypto.properties"
> /> </handler>
> </responseFlow >
>
> The callbackhandlers have the PWCallback1 contents.
>
> In the TCPMon I can see that the server sends the encrypted msg properly.
>
> At the client I get the following NPE (the stubs were generated without
> security in place - I figure this doesn't matter because the wsdl
> doesn't change - right?):
>
> {http://xml.apache.org/axis/}stackTrace:java.lang.NullPointerException
> [java] at
> org.apache.crimson.tree.ElementNode2.getAttributeNodeNS(Unknown Source)
> [java] at
> org.apache.crimson.tree.ElementNode2.hasAttributeNS(Unknown Source)
> [java] at
> org.apache.ws.security.util.WSSecurityUtil.findElementById(WSSecurityUtil.java:363)
>
> [java] at
> org.apache.ws.security.util.WSSecurityUtil.getElementByWsuId(WSSecurityUtil.java:547)
>
> [java] at
> org.apache.ws.security.WSSecurityEngine.decryptDataRef(WSSecurityEngine.java:1211)
>
> [java] at
> org.apache.ws.security.WSSecurityEngine.handleEncryptedKey(WSSecurityEngine.java:1188)
>
> [java] at
> org.apache.ws.security.WSSecurityEngine.handleEncryptedKey(WSSecurityEngine.java:943)
>
> [java] at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:363)
>
> [java] at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:259)
>
> [java] at
> org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:183)
>
> [java] at
> org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
>
> [java] at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
> [java] at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
> [java] at org.apache.axis.client.AxisClient.invoke(AxisClient.java:190)
> [java] at org.apache.axis.client.Call.invokeEngine(Call.java:2765)
> [java] at org.apache.axis.client.Call.invoke(Call.java:2748)
> [java] at org.apache.axis.client.Call.invoke(Call.java:2424)
> [java] at org.apache.axis.client.Call.invoke(Call.java:2347)
> [java] at org.apache.axis.client.Call.invoke(Call.java:1804)
> [java] at
> com.ibm.dw.bookshop.j2seclient.jse.generated.XMethodsNamesSEIBindingStub.getXMethodsWebServiceNames(XMethodsNamesSEIBindingStub.java:159)
>
> [java] at
> com.ibm.dw.bookshop.j2seclient.BookShopClientFrame.invokeServletSEI(BookShopClientFrame.java:247)
>
> [java] at
> com.ibm.dw.bookshop.j2seclient.BookShopClientFrame.access$200(BookShopClientFrame.java:54)
>
> [java] at
> com.ibm.dw.bookshop.j2seclient.BookShopClientFrame$3.run(BookShopClientFrame.java:177)
>
> [java] at java.awt.event.InvocationEvent.dispatch(Unknown Source)
> [java] at java.awt.EventQueue.dispatchEvent(Unknown Source)
> [java] at
> java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
> [java] at
> java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
> [java] at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
> [java] at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
> [java] at java.awt.EventDispatchThread.run(Unknown Source)
> [java] {http://xml.apache.org/axis/}hostname:stefan
> [java] java.lang.NullPointerException
> [java] at org.apache.axis.AxisFault.makeFault(AxisFault.java:101)
> [java] at org.apache.axis.client.AxisClient.invoke(AxisClient.java:216)
> [java] at org.apache.axis.client.Call.invokeEngine(Call.java:2765)
> [java] at org.apache.axis.client.Call.invoke(Call.java:2748)
> [java] at org.apache.axis.client.Call.invoke(Call.java:2424)
> [java] at org.apache.axis.client.Call.invoke(Call.java:2347)
> [java] at org.apache.axis.client.Call.invoke(Call.java:1804)
> [java] at
> com.ibm.dw.bookshop.j2seclient.jse.generated.XMethodsNamesSEIBindingStub.getXMethodsWebServiceNames(XMethodsNamesSEIBindingStub.java:159)
>
> [java] at
> com.ibm.dw.bookshop.j2seclient.BookShopClientFrame.invokeServletSEI(BookShopClientFrame.java:247)
>
> [java] at
> com.ibm.dw.bookshop.j2seclient.BookShopClientFrame.access$200(BookShopClientFrame.java:54)
>
> [java] at
> com.ibm.dw.bookshop.j2seclient.BookShopClientFrame$3.run(BookShopClientFrame.java:177)
>
> [java] at java.awt.event.InvocationEvent.dispatch(Unknown Source)
> [java] at java.awt.EventQueue.dispatchEvent(Unknown Source)
> [java] at
> java.awt.EventDispatchThread.pumpOneEventForHierarchy(Unknown Source)
> [java] at
> java.awt.EventDispatchThread.pumpEventsForHierarchy(Unknown Source)
> [java] at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
> [java] at java.awt.EventDispatchThread.pumpEvents(Unknown Source)
> [java] at java.awt.EventDispatchThread.run(Unknown Source)
> [java] Caused by: java.lang.NullPointerException
> [java] at
> org.apache.crimson.tree.ElementNode2.getAttributeNodeNS(Unknown Source)
> [java] at
> org.apache.crimson.tree.ElementNode2.hasAttributeNS(Unknown Source)
> [java] at
> org.apache.ws.security.util.WSSecurityUtil.findElementById(WSSecurityUtil.java:363)
>
> [java] at
> org.apache.ws.security.util.WSSecurityUtil.getElementByWsuId(WSSecurityUtil.java:547)
>
> [java] at
> org.apache.ws.security.WSSecurityEngine.decryptDataRef(WSSecurityEngine.java:1211)
>
> [java] at
> org.apache.ws.security.WSSecurityEngine.handleEncryptedKey(WSSecurityEngine.java:1188)
>
> [java] at
> org.apache.ws.security.WSSecurityEngine.handleEncryptedKey(WSSecurityEngine.java:943)
>
> [java] at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:363)
>
> [java] at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:259)
>
> [java] at
> org.apache.ws.axis.security.WSDoAllReceiver.invoke(WSDoAllReceiver.java:183)
>
> [java] at
> org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
>
> [java] at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
> [java] at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
> [java] at org.apache.axis.client.AxisClient.invoke(AxisClient.java:190)
> [java] ... 16 more
>
> Thanks for your help!
>
> Regards,
>
> Stefan
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org