You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by David Torres <Da...@robotica.uv.es> on 2008/04/08 13:00:38 UTC
rampart problem with oc4j server
Hello everyone,
I'm working on a application composed by serveral java beans. On of this
beans works as a client of a web service which has username and plain
text password access control. I'm using rampart version 1.3 in order to
provide these credentials. This request to the web service works fine
but after this request takes place I found the following problems:
1. When I try to engage a bean the java lookup function fails showing
the following error message:
javax.naming.CommunicationException: <no
message>oracle.oc4j.security.ExchangingEncryptor.getEncryptedValue(ExchangingEncryptor.java:161)
com.evermind.server.rmi.RMIProtocol$SecureCredentials.send(RMIProtocol.java:246)
com.evermind.server.rmi.RMIProtocol.sendCredentials(RMIProtocol.java:95)
oracle.oc4j.rmi.ClientRmiTransport.connectToServer(ClientRmiTransport.java:91)
oracle.oc4j.rmi.ClientSocketRmiTransport.connectToServer(ClientSocketRmiTransport.java:68)
com.evermind.server.rmi.RMIClientConnection.connect(RMIClientConnection.java:646)
com.evermind.server.rmi.RMIClientConnection.sendLookupRequest(RMIClientConnection.java:190)
com.evermind.server.rmi.RMIClientConnection.lookup(RMIClientConnection.java:174)
com.evermind.server.rmi.RMIClient.lookup(RMIClient.java:283)
com.evermind.server.rmi.RMIClientContext.lookup(RMIClientContext.java:51)
javax.naming.InitialContext.lookup(InitialContext.java:351)
es.uv.lisitt.dtx2.integrador.ejb.IntegradorBean.enlazarModulos(IntegradorBean.java:326)
es.uv.lisitt.dtx2.integrador.ejb.IntegradorBean.ejbCreate(IntegradorBean.java:163)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
com.evermind.server.ejb.interceptor.joinpoint.EJBJoinPointImpl.invoke(EJBJoinPointImpl.java:35)
com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
com.evermind.server.ejb.interceptor.system.DMSInterceptor.invoke(DMSInterceptor.java:52)
com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
com.evermind.server.ejb.interceptor.system.SetContextActionInterceptor.invoke(SetContextActionInterceptor.java:44)
com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
com.evermind.server.ejb.InvocationContextPool.invoke(InvocationContextPool.java:55)
com.evermind.server.ejb.LifecycleManager.invokeLifecycleMethod(LifecycleManager.java:262)
com.evermind.server.ejb.LifecycleManager.invokeLifecycleMethod(LifecycleManager.java:252)
com.evermind.server.ejb.LifecycleManager.postConstruct(LifecycleManager.java:113)
com.evermind.server.ejb.StatelessSessionBeanPool.createContextImpl(StatelessSessionBeanPool.java:40)
com.evermind.server.ejb.BeanPool.createContext(BeanPool.java:418)
com.evermind.server.ejb.BeanPool.allocateContext(BeanPool.java:244)
com.evermind.server.ejb.StatelessSessionEJBHome.getContextInstance(StatelessSessionEJBHome.java:25)
com.evermind.server.ejb.StatelessSessionEJBObject.OC4J_invokeMethod(StatelessSessionEJBObject.java:86)
Integrador_RemoteProxy_ji2f64.integrarXML(Unknown Source)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
com.evermind.server.rmi.RmiMethodCall.run(RmiMethodCall.java:53)
com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
java.lang.Thread.run(Thread.java:595)
caused by: Illegal key size or default parameters [Root exception is
oracle.oc4j.security.ExchangingEncryptor$EncryptionException]
11:57:42,932 (RMICallHandler-14) FATAL [IntegradorBean] -
com.evermind.server.rmi.RMIClient.lookup(RMIClient.java:292)
com.evermind.server.rmi.RMIClientContext.lookup(RMIClientContext.java:51)
javax.naming.InitialContext.lookup(InitialContext.java:351)
es.uv.lisitt.dtx2.integrador.ejb.IntegradorBean.enlazarModulos(IntegradorBean.java:326)
es.uv.lisitt.dtx2.integrador.ejb.IntegradorBean.ejbCreate(IntegradorBean.java:163)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
com.evermind.server.ejb.interceptor.joinpoint.EJBJoinPointImpl.invoke(EJBJoinPointImpl.java:35)
com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
com.evermind.server.ejb.interceptor.system.DMSInterceptor.invoke(DMSInterceptor.java:52)
com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
com.evermind.server.ejb.interceptor.system.SetContextActionInterceptor.invoke(SetContextActionInterceptor.java:44)
com.evermind.server.ejb.interceptor.InvocationContextImpl.proceed(InvocationContextImpl.java:119)
com.evermind.server.ejb.InvocationContextPool.invoke(InvocationContextPool.java:55)
com.evermind.server.ejb.LifecycleManager.invokeLifecycleMethod(LifecycleManager.java:262)
com.evermind.server.ejb.StatelessSessionBeanPool.createContextImpl(StatelessSessionBeanPool.java:40)
com.evermind.server.ejb.BeanPool.createContext(BeanPool.java:418)
com.evermind.server.ejb.BeanPool.allocateContext(BeanPool.java:244)
com.evermind.server.ejb.StatelessSessionEJBHome.getContextInstance(StatelessSessionEJBHome.java:25)
com.evermind.server.ejb.StatelessSessionEJBObject.OC4J_invokeMethod(StatelessSessionEJBObject.java:86)
Integrador_RemoteProxy_ji2f64.integrarXML(Unknown Source)
sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
java.lang.reflect.Method.invoke(Method.java:585)
com.evermind.server.rmi.RmiMethodCall.run(RmiMethodCall.java:53)
com.evermind.util.ReleasableResourcePooledExecutor$MyWorker.run(ReleasableResourcePooledExecutor.java:303)
java.lang.Thread.run(Thread.java:595)
caused by: Illegal key size or default parameters [Root exception is
oracle.oc4j.security.ExchangingEncryptor$EncryptionException]
The client.axis2.xml configuration file is the following:
<?xml version="1.0" encoding="UTF-8"?>
<axisconfig name="AxisJava2.0">
<!-- engage rampart -->
<module ref="rampart"/>
<!-- ws-security parameters: UsernameToken and PasswordText -->
<parameter name="OutflowSecurity">
<action>
<items>UsernameToken Timestamp</items>
<user>dgtmadrid</user>
<passwordCallbackClass>es.uv.lisitt.dtx2.pullcliente.PullClienteSW.PWCBHandler</passwordCallbackClass>
<passwordType>PasswordText</passwordType>
</action>
</parameter>
<!-- ================================================= -->
<!-- Parameters -->
<!-- ================================================= -->
<parameter name="hotdeployment">true</parameter>
<parameter name="hotupdate">false</parameter>
<parameter name="enableMTOM">false</parameter>
<parameter name="enableSwA">false</parameter>
<!--Uncomment if you want to enable file caching for attachments -->
<!--parameter name="cacheAttachments">true</parameter>
<parameter name="attachmentDIR"></parameter>
<parameter name="sizeThreshold">4000</parameter-->
<!--This will give out the timout of the configuration contexts, in
seconds-->
<parameter name="ConfigContextTimeoutInterval">30</parameter>
<!--During a fault, stacktrace can be sent with the fault message. The
following flag will control -->
<!--that behaviour.-->
<parameter name="sendStacktraceDetailsWithFaults">false</parameter>
<parameter name="DrillDownToRootCauseForFaultReason">false</parameter>
<parameter name="userName">admin</parameter>
<parameter name="password">axis2</parameter>
<!--Set the flag to true if you want to enable transport level session
mangment-->
<parameter name="manageTransportSession">false</parameter>
<!-- Following parameter will completely disable REST handling in Axis2-->
<parameter name="disableREST" locked="true">false</parameter>
<!-- ================================================= -->
<!-- Message Receivers -->
<!-- ================================================= -->
<!--This is the Deafult Message Receiver for the system , if you want to
have MessageReceivers for -->
<!--all the other MEP implement it and add the correct entry to here ,
so that you can refer from-->
<!--any operation -->
<!--Note : You can ovride this for particular service by adding the same
element with your requirement-->
<messageReceivers>
<messageReceiver mep="http://www.w3.org/2004/08/wsdl/in-only"
class="org.apache.axis2.receivers.RawXMLINOnlyMessageReceiver"/>
<messageReceiver mep="http://www.w3.org/2004/08/wsdl/in-out"
class="org.apache.axis2.receivers.RawXMLINOutMessageReceiver"/>
</messageReceivers>
<!-- ================================================= -->
<!-- Message Formatter -->
<!-- ================================================= -->
<!--Following content type to message formatter mapping can be used to
implement support for different message -->
<!--format serialization in Axis2. These message formats are expected to
be resolved based on the content type. -->
<messageFormatters>
<messageFormatter contentType="application/x-www-form-urlencoded"
class="org.apache.axis2.transport.http.XFormURLEncodedFormatter"/>
<messageFormatter contentType="application/xml"
class="org.apache.axis2.transport.http.ApplicationXMLFormatter"/>
<messageFormatter contentType="text/xml"
class="org.apache.axis2.transport.http.ApplicationXMLFormatter"/>
<messageFormatter contentType="application/echo+xml"
class="org.apache.axis2.transport.http.ApplicationXMLFormatter"/>
</messageFormatters>
<!-- ================================================= -->
<!-- Transport Ins -->
<!-- ================================================= -->
<transportReceiver name="http"
class="org.apache.axis2.transport.http.SimpleHTTPServer">
<parameter name="port">6060</parameter>
</transportReceiver>
<!--Uncomment this and configure as appropriate for JMS transport
support, after setting up your JMS environment (e.g. ActiveMQ)
<transportReceiver name="jms"
class="org.apache.axis2.transport.jms.JMSListener">
<parameter name="myTopicConnectionFactory">
<parameter
name="java.naming.factory.initial">org.apache.activemq.jndi.ActiveMQInitialContextFactory</parameter>
<parameter
name="java.naming.provider.url">tcp://localhost:61616</parameter>
<parameter
name="transport.jms.ConnectionFactoryJNDIName">TopicConnectionFactory</parameter>
</parameter>
<parameter name="myQueueConnectionFactory">
<parameter
name="java.naming.factory.initial">org.apache.activemq.jndi.ActiveMQInitialContextFactory</parameter>
<parameter
name="java.naming.provider.url">tcp://localhost:61616</parameter>
<parameter
name="transport.jms.ConnectionFactoryJNDIName">QueueConnectionFactory</parameter>
</parameter>
<parameter name="default">
<parameter
name="java.naming.factory.initial">org.apache.activemq.jndi.ActiveMQInitialContextFactory</parameter>
<parameter
name="java.naming.provider.url">tcp://localhost:61616</parameter>
<parameter
name="transport.jms.ConnectionFactoryJNDIName">QueueConnectionFactory</parameter>
</parameter>
</transportReceiver>-->
<!-- ================================================= -->
<!-- Transport Outs -->
<!-- ================================================= -->
<!--<transportSender name="tcp"
class="org.apache.axis2.transport.tcp.TCPTransportSender"/>-->
<!--<transportSender name="local"
class="org.apache.axis2.transport.local.LocalTransportSender"/>-->
<transportSender name="http"
class="org.apache.axis2.transport.http.CommonsHTTPTransportSender">
<parameter name="PROTOCOL">HTTP/1.1</parameter>
<parameter name="Transfer-Encoding">chunked</parameter>
<!-- If following is set to 'true', optional action part of the
Content-Type will not be added to the SOAP 1.2 messages -->
<!-- <parameter name="OmitSOAP12Action">true</parameter> -->
</transportSender>
<!-- <transportSender name="https"
class="org.apache.axis2.transport.http.CommonsHTTPTransportSender">
<parameter name="PROTOCOL">HTTP/1.1</parameter>
<parameter name="Transfer-Encoding">chunked</parameter>
</transportSender>-->
<!-- ================================================= -->p
<!-- Global Modules -->
<!-- ================================================= -->
<!-- Comment this to disable Addressing -->
<module ref="addressing"/>
<!--Configuring module , providing parameters for modules whether they
refer or not-->
<!--<moduleConfig name="addressing">-->
<!--<parameter name="addressingPara">N/A</parameter>-->
<!--</moduleConfig>-->
<!-- ================================================= -->
<!-- Clustering -->
<!-- ================================================= -->
<!-- Configure and uncomment following for preparing Axis2 to a
clustered environment -->
<!--
<cluster class="org.apache.axis2.cluster.tribes.TribesClusterManager">
<parameter name="param1">value1</parameter>
</cluster>
-->
<!-- ================================================= -->
<!-- Phases -->
<!-- ================================================= -->
<phaseOrder type="InFlow">
<!-- System predefined phases -->
<!--<phase name="Transport">
<handler name="RequestURIBasedDispatcher"
class="org.apache.axis2.dispatchers.RequestURIBasedDispatcher">
<order phase="Transport"/>
</handler>
<handler name="SOAPActionBasedDispatcher"
class="org.apache.axis2.dispatchers.SOAPActionBasedDispatcher">
<order phase="Transport"/>
</handler>
</phase>-->
<phase name="Addressing">
<handler name="AddressingBasedDispatcher"
class="org.apache.axis2.dispatchers.AddressingBasedDispatcher">
<order phase="Addressing"/>
</handler>
</phase>
<phase name="Security"/>
<phase name="PreDispatch"/>
<phase name="Dispatch" class="org.apache.axis2.engine.DispatchPhase">
<handler name="RequestURIBasedDispatcher"
class="org.apache.axis2.dispatchers.RequestURIBasedDispatcher"/>
<handler name="SOAPActionBasedDispatcher"
class="org.apache.axis2.dispatchers.SOAPActionBasedDispatcher"/>
<handler name="RequestURIOperationDispatcher"
class="org.apache.axis2.dispatchers.RequestURIOperationDispatcher"/>
<handler name="SOAPMessageBodyBasedDispatcher"
class="org.apache.axis2.dispatchers.SOAPMessageBodyBasedDispatcher"/>
<handler name="HTTPLocationBasedDispatcher"
class="org.apache.axis2.dispatchers.HTTPLocationBasedDispatcher"/>
</phase>
<phase name="RMPhase"/>
<!-- System predefined phases -->
<!-- After Postdispatch phase module author or service author can add
any phase he want -->
<phase name="OperationInPhase"/>
<phase name="soapmonitorPhase"/>
</phaseOrder>
<phaseOrder type="OutFlow">
<!-- user can add his own phases to this area -->
<phase name="soapmonitorPhase"/>
<phase name="OperationOutPhase"/>
<!--system predefined phase-->
<!--these phase will run irrespective of the service-->
<phase name="RMPhase"/>
<phase name="PolicyDetermination"/>
<phase name="MessageOut"/>
<phase name="Security"/>
</phaseOrder>
<phaseOrder type="InFaultFlow">
<phase name="Addressing">
<handler name="AddressingBasedDispatcher"
class="org.apache.axis2.dispatchers.AddressingBasedDispatcher">
<order phase="Addressing"/>
</handler>
</phase>
<phase name="Security"/>
<phase name="PreDispatch"/>
<phase name="Dispatch" class="org.apache.axis2.engine.DispatchPhase">
<handler name="RequestURIBasedDispatcher"
class="org.apache.axis2.dispatchers.RequestURIBasedDispatcher"/>
<handler name="SOAPActionBasedDispatcher"
class="org.apache.axis2.dispatchers.SOAPActionBasedDispatcher"/>
<handler name="RequestURIOperationDispatcher"
class="org.apache.axis2.dispatchers.RequestURIOperationDispatcher"/>
<handler name="SOAPMessageBodyBasedDispatcher"
class="org.apache.axis2.dispatchers.SOAPMessageBodyBasedDispatcher"/>
<handler name="HTTPLocationBasedDispatcher"
class="org.apache.axis2.dispatchers.HTTPLocationBasedDispatcher"/>
</phase>
<phase name="RMPhase"/>
<!-- user can add his own phases to this area -->
<phase name="OperationInFaultPhase"/>
<phase name="soapmonitorPhase"/>
</phaseOrder>
<phaseOrder type="OutFaultFlow">
<!-- user can add his own phases to this area -->
<phase name="soapmonitorPhase"/>
<phase name="OperationOutFaultPhase"/>
<phase name="RMPhase"/>
<phase name="PolicyDetermination"/>
<phase name="MessageOut"/>
</phaseOrder>
</axisconfig>
2.It is not possible to get in to the oc4j Enterpise Manger
NOTE: When the request is made to a web service without access control
everything works fine
NOTE2: The appliction doesn't have any web service it only has a web
service client
I will really appreciate any help.
Thanks in advance.