You are viewing a plain text version of this content. The canonical link for it is here.
Posted to wss4j-dev@ws.apache.org by pa cowan <pa...@gmail.com> on 2006/09/13 21:58:07 UTC
WsDoAllSender loading key but not Signing request using Axis
I am having trouble signing my soap request. To confound matters, everything
is running smoothly, there are no errors, or exceptions being thrown; the
Request is just not being signed. I have javax.net.debug turned on, and I
can see the key being loaded, the password being retrieved and the details
of my certificate chain.
My configuration is very straightforward. I am running my webapps with
tomcat 5.5.17 on Debian 2.6.15-8, using axis 1.4, and wss4j 1.5 to generate
and sign my SOAP request. A WsDoAllSender handler is configured in a
client-config.wsdd, which is located in WEB-INF, to sign the request, and
the request is sent over an SSL connection with mutual authentication.
I have a request logger which correctly logs the request, before the
Signature, to my
console (catalina.out in this case). when i place it after the
WsDoAllSender handler
in the requestFlow, it does not log anything, but I have verified from the
server side
that the request is being received unsigned.
I am basically out of ideas at this point. I have made sure there are no
other client-config.wsdd anywhere in my classpath. Is it possible that
there is a dependency issue? or some other library is interfering with this
request? Is there anyway to get more debugging information from WSS4J
itself? Any suggestions would be greatly appreciated, below is relevant
configuration and app info.
here is my client-config.wsdd located in WEB-INF
------------------------------------
<?xml version="1.0" encoding="UTF-8"?>
<deployment xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java="
http://xml.apache.org/axis/wsdd/providers/java">
<globalConfiguration>
<requestFlow>
<handler type= "java:MySOAPRequestLogger"></handler>
</requestFlow>
<requestFlow>
<handler type="java:org.apache.ws.axis.security.WSDoAllSender">
<parameter name="action" value="Signature"/>
<parameter name="user" value="myAlias"/>
<parameter name="passwordCallbackClass" value="
org.justgive.clients.security.MyPWCallback"/>
<parameter name="signaturePropFile" value="crypto.properties"/>
<parameter name="signatureKeyIdentifier" value="DirectReference"/>
</handler>
</requestFlow>
</globalConfiguration>
<transport name="local" pivot="java:
org.apache.axis.transport.local.LocalSender"/>
<transport name="http" pivot="java:
org.apache.axis.transport.http.HTTPSender"/>
<transport name="java" pivot="java:
org.apache.axis.transport.java.JavaSender"/>
</deployment>
------------------------------------
i get the same result--no signature--with or without the request logger,
before
of after the WsDoAllSender handler.
here is my crypto.properties, also located in WEB-INF
------------------------------------
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.file=/path/to/my.keystore
org.apache.ws.security.crypto.merlin.keystore.password=myPasswd
------------------------------------
I use system properties to create an ssl connection for mutual
authentication,
which is successful
------------------------------------
System.setProperty("javax.net.ssl.trustStore", "path/to/trustStore}
System.setProperty("javax.net.ssl.trustStorePassword", "trustPassword
System.setProperty("javax.net.ssl.keyStoreType", "pkcs12
System.setProperty("javax.net.ssl.keyStore", "path/to/keystore.p12
System.setProperty("javax.net.ssl.keyStorePassword", "keyPassword
------------------------------------
this is the very straightforward web service call
------------------------------------
import com.myurl.mywebservice.MRClaimWebServiceService;
import com.myurl.mywebservice.MRClaimWebServiceServiceLocator;
import com.myurl.mywebservice.MRClaimWebService;
import com.myurl.mywebservice.MRClaimServiceRequest;
import com.myurl.mywebservice.MRClaimServiceResponse;
//MyWebService extends java.rmi.Remote
//MyWebServiceService extends javax.xml.rpc.Service
//MyWebServiceServiceLocator extends org.apache.axis.client.Service
MyWebServiceResponse myResponse = null;
MyWebServiceService service = new MyWebServiceServiceLocator();
MyWebService port = (MyWebService)service.getPort(MyWebService.class);
MyWebServiceRequest myRequest = new MyWebServiceRequest();
myRequest.setProperties(myProperties);
myResponse = port.getMyWebSevice(myRequest);
------------------------------------
here is my WEB-INF/lib contents:
------------------------------------
addressing-1.0.jar
axis-1.4.jar
axis-ant-1.4.jar
axis-jaxrpc-1.4.jar
axis-saaj-1.4.jar
axis-tasks.properties
axis-test-tasks.properties
bcprov-jdk13-132.jar
bcprov-jdk15-132.jar
castor-1.0M1.jar
castor-1.0M1-srcgen-ant-task.jar
castor-1.0M1-xml.jar
commons-codec-1.3.jar
commons-discovery-0.2.jar
commons-httpclient-3.0-rc2.jar
commons-logging-1.0.4.jar
junit-3.8.1.jar
opensaml-1.0.1.jar
policy.jar
serializer-2.7.0.jar
soap-sec.jar
wsdl4j-1.5.1.jar
wss4j-1.5.0.jar
xalan-2.7.0.jar
xmldoc.jar
xmlsec-1.3.0.jar
xss4j.jar
------------------------------------
thanks,
-peter