You are viewing a plain text version of this content. The canonical link for it is here.

Posted to java-dev@axis.apache.org by Tor-Erik Steinsland <te...@gmail.com> on 2011/11/26 20:24:27 UTC

[Axis2 ]Rampart signature error.

Hello,

I am developing a chain of web services, a client calls a web service,
WS_A,, which calls another web service, WS_B. On the first call, I am using
rampart and username authentication, but on the other link I am trying to
use rampart and signing using public and private key pairs. I have followed
this tutorial: http://wso2.org/library/3415 . I am using Apache tomcat 7,
axis2 1.60, rampart 1.60 and the latest version of eclipse.

My problem is occurring between WS_A and WS_B. It works on occation, but
hardly more than two times in a row. When it fails I get the following
error message:

java.lang.reflect.InvocationTargetException
 at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
...
...
Caused by: java.lang.NullPointerException
 at
org.apache.rampart.builder.BindingBuilder.getSignatureBuilder(BindingBuilder.java:281)
        at
org.apache.rampart.builder.BindingBuilder.getSignatureBuilder(BindingBuilder.java:255)
 at
org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:717)
...

My services.xml, at WS_B,  and both password callback handlers are
identical with the code from the tutorial mentioned above. As for the
rampart invocation at WS_A, see the following:


RampartConfig rampartConfig = new RampartConfig();
rampartConfig.setUser("user");
 rampartConfig.setPwCbClass("main.PWCBHandler");
  CryptoConfig sigCrypto = new CryptoConfig();

sigCrypto.setProvider("org.apache.ws.security.components.crypto.Merlin");

Properties props = new Properties();
props.setProperty("org.apache.ws.security.crypto.merlin.keystore.type",
"JKS");
 props.setProperty("org.apache.ws.security.crypto.merlin.file",keyLocation);
props.setProperty("org.apache.ws.security.crypto.merlin.keystore.password",
"pass123");

sigCrypto.setProp(props);

rampartConfig.setSigCryptoConfig(sigCrypto);

Policy policy = new Policy();
policy.addAssertion(rampartConfig);

client.getAxisService().getPolicySubject().attachPolicy(rampartConfig);

I have as well added the following to WS_A's axis2.xml:

<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
<wsp:Policy>
 <sp:MustSupportRefKeyIdentifier />
<sp:MustSupportRefIssuerSerial />
 </wsp:Policy>
</sp:Wss10>

I have added the following jars to WebContent/Web-INF/conf,
"JAVA_HOME"/lib/endorsed and "TOMCAT_HOME" / common/endorsed:

serializer-2.7.1.jar
xalan-2.7.1.jar
xercesImpl-2.9.1.jar
xml-apis-1.3.03

I am using tcpmon to see the SOAP messages sent and received, and I notice
that when my program is working, the "state" field in tcpmon corresponding
to the transmission still has value "active" (after a while it switches to
"Req"), but never changes to "done" before I kill the server application. I
have a theory that somehow the application doesn't finish, even though the
SOAP response is sucessfully sent from WS_B.

Can anybody see anything wrong?

Best regards,
Tor-Erik Steinsland

Re: [Axis2 ]Rampart signature error.

Posted by suresh attanayake <su...@gmail.com>.

Hi Erik,
Can you please send the full stack trace ?

On Sun, Nov 27, 2011 at 12:54 AM, Tor-Erik Steinsland <
te.steinsland@gmail.com> wrote:

> Hello,
>
> I am developing a chain of web services, a client calls a web service,
> WS_A,, which calls another web service, WS_B. On the first call, I am using
> rampart and username authentication, but on the other link I am trying to
> use rampart and signing using public and private key pairs. I have followed
> this tutorial: http://wso2.org/library/3415 . I am using Apache tomcat 7,
> axis2 1.60, rampart 1.60 and the latest version of eclipse.
>
> My problem is occurring between WS_A and WS_B. It works on occation, but
> hardly more than two times in a row. When it fails I get the following
> error message:
>
> java.lang.reflect.InvocationTargetException
>  at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> ...
> ...
> Caused by: java.lang.NullPointerException
>  at
> org.apache.rampart.builder.BindingBuilder.getSignatureBuilder(BindingBuilder.java:281)
>         at
> org.apache.rampart.builder.BindingBuilder.getSignatureBuilder(BindingBuilder.java:255)
>  at
> org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:717)
> ...
>
> My services.xml, at WS_B,  and both password callback handlers are
> identical with the code from the tutorial mentioned above. As for the
> rampart invocation at WS_A, see the following:
>
>
> RampartConfig rampartConfig = new RampartConfig();
> rampartConfig.setUser("user");
>  rampartConfig.setPwCbClass("main.PWCBHandler");
>   CryptoConfig sigCrypto = new CryptoConfig();
>
> sigCrypto.setProvider("org.apache.ws.security.components.crypto.Merlin");
>
> Properties props = new Properties();
> props.setProperty("org.apache.ws.security.crypto.merlin.keystore.type",
> "JKS");
>
> props.setProperty("org.apache.ws.security.crypto.merlin.file",keyLocation);
> props.setProperty("org.apache.ws.security.crypto.merlin.keystore.password",
> "pass123");
>
> sigCrypto.setProp(props);
>
> rampartConfig.setSigCryptoConfig(sigCrypto);
>
> Policy policy = new Policy();
> policy.addAssertion(rampartConfig);
>
> client.getAxisService().getPolicySubject().attachPolicy(rampartConfig);
>
> I have as well added the following to WS_A's axis2.xml:
>
> <sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
> <wsp:Policy>
>  <sp:MustSupportRefKeyIdentifier />
> <sp:MustSupportRefIssuerSerial />
>  </wsp:Policy>
> </sp:Wss10>
>
> I have added the following jars to WebContent/Web-INF/conf,
> "JAVA_HOME"/lib/endorsed and "TOMCAT_HOME" / common/endorsed:
>
> serializer-2.7.1.jar
> xalan-2.7.1.jar
> xercesImpl-2.9.1.jar
> xml-apis-1.3.03
>
> I am using tcpmon to see the SOAP messages sent and received, and I notice
> that when my program is working, the "state" field in tcpmon corresponding
> to the transmission still has value "active" (after a while it switches to
> "Req"), but never changes to "done" before I kill the server application. I
> have a theory that somehow the application doesn't finish, even though the
> SOAP response is sucessfully sent from WS_B.
>
> Can anybody see anything wrong?
>
> Best regards,
> Tor-Erik Steinsland
>
>



-- 
Suresh Attanayake

Blog : http://sureshatt.blogspot.com/
LinkedIn : http://www.linkedin.com/pub/suresh-attanayake/16/165/181
Twitter : http://twitter.com/sureshatt