You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by Nuno Guerreiro <nv...@yahoo.com> on 2002/06/20 12:08:03 UTC

Problem with Axis security sample

Hi,

I'm having problems running the sample security
provided with Axis.

The client is able to make the XML signature and issue
the SOAP call, but Tomcat replies with a Canonicalizer
exception. First, it seems Tomcat cannot find the
canonicalization algorithm the client is issuing.
Second, it cannot find the error message in a resource
bundle file (but in fact it is in the xmlsec.jar
file).

NOTE: I'm using XML Security version 1.0.2, since the
latest version (1.0.3) changed a method signature and
I was unable to compile the axis sample\security
directory.

Following is the whole client request and respective
server response:



POST /webservices/services/ HTTP/1.0

Content-Length: 2887

Host: golduck

Content-Type: text/xml; charset=utf-8

SOAPAction: ""



<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope SOAP-ENV:actor="some-uri"
SOAP-ENV:mustUnderstand="1"
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:SOAP-SEC="http://schemas.xmlsoap.org/soap/security/2000-12"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
 <SOAP-ENV:Header><SOAP-SEC:Signature><ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>
<ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>
<ds:Reference URI="#Body">
<ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>2jmj7l5rSw0yVb/vlWAYkK/YBwk=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>VuJriLiaNtLk9ZW0lWawIFozyfA4NpzKwTwXqgqsUqls1T3xY6Brjg==</ds:SignatureValue>
<ds:KeyInfo>
<ds:X509Data>
<ds:X509Certificate>
MIIC9jCCArQCBDruqiowCwYHKoZIzjgEAwUAMGExCzAJBgNVBAYTAkRFMR0wGwYDVQQKExRVbml2
ZXJzaXR5IG9mIFNpZWdlbjEQMA4GA1UECxMHRkIxMk5VRTEhMB8GA1UEAxMYQ2hyaXN0aWFuIEdl
dWVyLVBvbGxtYW5uMB4XDTAxMDUwMTEyMjA1OFoXDTA2MTAyMjEyMjA1OFowYTELMAkGA1UEBhMC
REUxHTAbBgNVBAoTFFVuaXZlcnNpdHkgb2YgU2llZ2VuMRAwDgYDVQQLEwdGQjEyTlVFMSEwHwYD
VQQDExhDaHJpc3RpYW4gR2V1ZXItUG9sbG1hbm4wggG3MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9T
gR11EilS30qcLuzk5/YRt1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv
8mZgt2uZUKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOuK2HX
Ku/yIgMZndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QKBgQD34aCF1ps93su8q1w2uFe5eZSv
u/o66oL5V0wLPQeCZ1FZV4661FlP5nEHEIGAtEkWcSPoTCgWE7fPCTKMyKbhPBZ6i1R8jSjgo64e
K7OmdZFuo38L+iE1YvH7YnoBJDvMpPG+qFGQiaiD3+Fa5Z8GkotmXoB7VSVkAUw7/s9JKgOBhAAC
gYASWfn+G1k/nWntj9jX7Nk5JKaiLZ9BLR16eJJxqff33THLfdGs98Xmh2oRWZVh9PMV8oTP3hpR
cRipjZUZVEIqsBlOGTVLCg4H5TJ81JWOiprh+mkhClNqUr8l5Hu7FBSvQB6inryeva7j0aKNiIvK
8vfHTiUZpnyNRhkveBlM0jALBgcqhkjOOAQDBQADLwAwLAIUPDd/UmB9GeHqvGjny30Bvjt0AkUC
FA9ab72kKuB5geYGeckbBrcgPnZk
</ds:X509Certificate>
</ds:X509Data>
<ds:KeyValue>
<ds:DSAKeyValue>
<ds:P>
/X9TgR11EilS30qcLuzk5/YRt1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuA
HTRv8mZgt2uZUKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu
K2HXKu/yIgMZndFIAcc=
</ds:P>
<ds:Q>l2BQjxUjC8yykrmCouuEC/BYHPU=</ds:Q>
<ds:G>
9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3
zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKL
Zl6Ae1UlZAFMO/7PSSo=
</ds:G>
<ds:Y>
Eln5/htZP51p7Y/Y1+zZOSSmoi2fQS0deniScan3990xy33RrPfF5odqEVmVYfTzFfKEz94aUXEY
qY2VGVRCKrAZThk1SwoOB+UyfNSVjoqa4fppIQpTalK/JeR7uxQUr0Aeop68nr2u49GijYiLyvL3
x04lGaZ8jUYZL3gZTNI=
</ds:Y>
</ds:DSAKeyValue>
</ds:KeyValue>
</ds:KeyInfo>
</ds:Signature></SOAP-SEC:Signature>
</SOAP-ENV:Header>
 <SOAP-ENV:Body><ns1:testMethod
xmlns:ns1="http://localhost:8080/LogTestService"/>
</SOAP-ENV:Body>
</SOAP-ENV:Envelope>

----------------------------------------------------
HTTP/1.1 500 Internal Server Error

Content-Type: text/xml; charset=utf-8

Content-Length: 7284

Date: Thu, 20 Jun 2002 09:52:14 GMT

Server: Apache Tomcat/4.0.1 (HTTP/1.1 Connector)



<?xml version="1.0" encoding="UTF-8"?>
<SOAP-ENV:Envelope
xmlns:SOAP-ENV="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:SOAP-SEC="http://schemas.xmlsoap.org/soap/security/2000-12"
xmlns:xsd="http://www.w3.org/2001/XMLSchema"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
 <SOAP-ENV:Header>
  <SOAP-SEC:Signature>
   <ds:Signature
xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
   <ds:SignedInfo>
   <ds:CanonicalizationMethod
Algorithm="http://www.w3.org/TR/2001/REC-xml-c14n-20010315"/>

   <ds:SignatureMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#dsa-sha1"/>

   <ds:Reference URI="#Body">
   <ds:DigestMethod
Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>

  
<ds:DigestValue>2jmj7l5rSw0yVb/vlWAYkK/YBwk=</ds:DigestValue>

</ds:Reference>

</ds:SignedInfo>

  
<ds:SignatureValue>VuJriLiaNtLk9ZW0lWawIFozyfA4NpzKwTwXqgqsUqls1T3xY6Brjg==</ds:SignatureValue>

   <ds:KeyInfo>
   <ds:X509Data>
   <ds:X509Certificate>
MIIC9jCCArQCBDruqiowCwYHKoZIzjgEAwUAMGExCzAJBgNVBAYTAkRFMR0wGwYDVQQKExRVbml2
ZXJzaXR5IG9mIFNpZWdlbjEQMA4GA1UECxMHRkIxMk5VRTEhMB8GA1UEAxMYQ2hyaXN0aWFuIEdl
dWVyLVBvbGxtYW5uMB4XDTAxMDUwMTEyMjA1OFoXDTA2MTAyMjEyMjA1OFowYTELMAkGA1UEBhMC
REUxHTAbBgNVBAoTFFVuaXZlcnNpdHkgb2YgU2llZ2VuMRAwDgYDVQQLEwdGQjEyTlVFMSEwHwYD
VQQDExhDaHJpc3RpYW4gR2V1ZXItUG9sbG1hbm4wggG3MIIBLAYHKoZIzjgEATCCAR8CgYEA/X9T
gR11EilS30qcLuzk5/YRt1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuAHTRv
8mZgt2uZUKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOuK2HX
Ku/yIgMZndFIAccCFQCXYFCPFSMLzLKSuYKi64QL8Fgc9QKBgQD34aCF1ps93su8q1w2uFe5eZSv
u/o66oL5V0wLPQeCZ1FZV4661FlP5nEHEIGAtEkWcSPoTCgWE7fPCTKMyKbhPBZ6i1R8jSjgo64e
K7OmdZFuo38L+iE1YvH7YnoBJDvMpPG+qFGQiaiD3+Fa5Z8GkotmXoB7VSVkAUw7/s9JKgOBhAAC
gYASWfn+G1k/nWntj9jX7Nk5JKaiLZ9BLR16eJJxqff33THLfdGs98Xmh2oRWZVh9PMV8oTP3hpR
cRipjZUZVEIqsBlOGTVLCg4H5TJ81JWOiprh+mkhClNqUr8l5Hu7FBSvQB6inryeva7j0aKNiIvK
8vfHTiUZpnyNRhkveBlM0jALBgcqhkjOOAQDBQADLwAwLAIUPDd/UmB9GeHqvGjny30Bvjt0AkUC
FA9ab72kKuB5geYGeckbBrcgPnZk
</ds:X509Certificate>

</ds:X509Data>

   <ds:KeyValue>
   <ds:DSAKeyValue>
   <ds:P>
/X9TgR11EilS30qcLuzk5/YRt1I870QAwx4/gLZRJmlFXUAiUftZPY1Y+r/F9bow9subVWzXgTuA
HTRv8mZgt2uZUKWkn5/oBHsQIsJPu6nX/rfGG/g7V+fGqKYVDwT7g/bTxR7DAjVUE1oWkTL2dfOu
K2HXKu/yIgMZndFIAcc=
</ds:P>

   <ds:Q>l2BQjxUjC8yykrmCouuEC/BYHPU=</ds:Q>

   <ds:G>
9+GghdabPd7LvKtcNrhXuXmUr7v6OuqC+VdMCz0HgmdRWVeOutRZT+ZxBxCBgLRJFnEj6EwoFhO3
zwkyjMim4TwWeotUfI0o4KOuHiuzpnWRbqN/C/ohNWLx+2J6ASQ7zKTxvqhRkImog9/hWuWfBpKL
Zl6Ae1UlZAFMO/7PSSo=
</ds:G>

   <ds:Y>
Eln5/htZP51p7Y/Y1+zZOSSmoi2fQS0deniScan3990xy33RrPfF5odqEVmVYfTzFfKEz94aUXEY
qY2VGVRCKrAZThk1SwoOB+UyfNSVjoqa4fppIQpTalK/JeR7uxQUr0Aeop68nr2u49GijYiLyvL3
x04lGaZ8jUYZL3gZTNI=
</ds:Y>

</ds:DSAKeyValue>

</ds:KeyValue>

</ds:KeyInfo>

</ds:Signature>
  </SOAP-SEC:Signature>
 </SOAP-ENV:Header>
 <SOAP-ENV:Body>
  <SOAP-ENV:Fault>
   <faultcode
xmlns:ns1="http://xml.apache.org/axis/">ns1:Server.userException</faultcode>
  
<faultstring>org.apache.xml.security.c14n.InvalidCanonicalizerException:
No message with ID
&quot;signature.Canonicalizer.UnknownCanonicalizer&quot;
found in resource bundle
&quot;org/apache/xml/security/resource/xmlsecurity&quot;</faultstring>
   <detail>
    <ns2:stackTrace
xmlns:ns2="http://xml.apache.org/axis/">org.apache.xml.security.c14n.InvalidCanonicalizerException:
No message with ID
&quot;signature.Canonicalizer.UnknownCanonicalizer&quot;
found in resource bundle
&quot;org/apache/xml/security/resource/xmlsecurity&quot;&#xd;
	at
org.apache.xml.security.c14n.Canonicalizer.&lt;init&gt;(Unknown
Source)&#xd;
	at
org.apache.xml.security.c14n.Canonicalizer.getInstance(Unknown
Source)&#xd;
	at
org.apache.xml.security.signature.SignedInfo.&lt;init&gt;(Unknown
Source)&#xd;
	at
org.apache.xml.security.signature.XMLSignature.&lt;init&gt;(Unknown
Source)&#xd;
	at
samples.security.LogHandler.invoke(LogHandler.java:104)&#xd;
	at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:71)&#xd;
	at
org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:154)&#xd;
	at
org.apache.axis.SimpleChain.invoke(SimpleChain.java:121)&#xd;
	at
org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:71)&#xd;
	at
org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:154)&#xd;
	at
org.apache.axis.SimpleChain.invoke(SimpleChain.java:121)&#xd;
	at
org.apache.axis.server.AxisServer.invoke(AxisServer.java:288)&#xd;
	at
org.apache.axis.transport.http.AxisServlet.doPost(AxisServlet.java:576)&#xd;
	at
javax.servlet.http.HttpServlet.service(HttpServlet.java:760)&#xd;
	at
javax.servlet.http.HttpServlet.service(HttpServlet.java:853)&#xd;
	at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:247)&#xd;
	at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:193)&#xd;
	at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:243)&#xd;
	at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566)&#xd;
	at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)&#xd;
	at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)&#xd;
	at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:201)&#xd;
	at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566)&#xd;
	at
org.apache.catalina.valves.CertificatesValve.invoke(CertificatesValve.java:246)&#xd;
	at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)&#xd;
	at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)&#xd;
	at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)&#xd;
	at
org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2344)&#xd;
	at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:164)&#xd;
	at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566)&#xd;
	at
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:170)&#xd;
	at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)&#xd;
	at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:170)&#xd;
	at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)&#xd;
	at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:462)&#xd;
	at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:564)&#xd;
	at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)&#xd;
	at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)&#xd;
	at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:163)&#xd;
	at
org.apache.catalina.core.StandardPipeline.invokeNext(StandardPipeline.java:566)&#xd;
	at
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:472)&#xd;
	at
org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:943)&#xd;
	at
org.apache.catalina.connector.http.HttpProcessor.process(HttpProcessor.java:1011)&#xd;
	at
org.apache.catalina.connector.http.HttpProcessor.run(HttpProcessor.java:1106)&#xd;
	at java.lang.Thread.run(Thread.java:484)&#xd;
</ns2:stackTrace>
   </detail>
  </SOAP-ENV:Fault>
 </SOAP-ENV:Body>
</SOAP-ENV:Envelope>

__________________________________________________
Do You Yahoo!?
Yahoo! - Official partner of 2002 FIFA World Cup
http://fifaworldcup.yahoo.com