You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-dev@axis.apache.org by Jim Brockman <ja...@idt.net> on 2012/01/28 19:03:38 UTC

Rampart NPE Obtaining a Security Token

Hi,

I'm using Axis2/Sandesha/Rampart, all version 1.6.0, with Java 1.5.0_06-b05
on Solaris,
to implement a WS client with both WS-RM and WS-Security.  The client is
stand-alone, it
is not running under Tomcat/Axis2, etc server.  I've consulted these
articles to build my client:
  sample05 packaged with Rampart 1.6.0.
  http://axis.apache.org/axis2/java/rampart/rampartconfig-guide.html
  http://wso2.org/library/1027
  http://wso2.org/library/3190
  http://wso2.org/library/3415

http://www.coderanch.com/t/484465/Web-Services/java/Axis-Rampart-client-configuration

When I do not engage the rampart module, all works as expected, without
security (signature and encryption).
That is WS-RM works very well.  The server (a third party) is implemented
with .NET.

Once I engage rampart, I receive a NullPointerException trying to obtain a
security token.   This occurs whether
I explicitly setup the security token programmatically in my application or
not.

I ran "snoop" to examine packets sent to the client, and nothing is ever
sent. I expect a request for a security token
(RST) message, since the security policy calls for a
SecureConversationToken.  While the RST XML is printed in logs,
it appears the NPE occurs before the RST is actually transmitted.

My security policy, with embedded Rampart Configuration, is attached.  I'm
using the same policy for both the
general Rampart security policy, and the STS policy. NPE stack trace and
setup code is below.

I have also installed bouncy castle, and updated my JVM security policy to
enable bouncy castle as a service
provider.   I also edited META-INF/module.xml within sandesha2-1.6.0.mar to
add a parameter for
"propertiesToCopyFromReferenceMessage" to ensure rampart intercepts the
proper messages.

Thanks in advance,

Regards,
Jim

org.apache.rahas.TrustException: Error in obtaining token from : "
http://www.voilacomcel.com/VoilaWS/VoilaComcelWS.svc/ms"
        at
org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:159)
        at net.idt.voila.VoilaClient.setup(VoilaClient.java:379)
        at net.idt.voila.VoilaClient.topUpAsync(VoilaClient.java:679)
        at net.idt.voila.VoilaClient.topUp(VoilaClient.java:627)
        at
net.idt.voila.VoilaClient.testUsingProperties(VoilaClient.java:954)
        at net.idt.voila.VoilaClient.main(VoilaClient.java:978)
Caused by: org.apache.axis2.AxisFault: Error in obtaining a token
        at
org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:76)
        at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
        at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
        at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:262)
        at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:427)
        at
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:406)
        at
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
        at
org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
        at
org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:555)
        at
org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:150)
        ... 5 more
Caused by: org.apache.rampart.RampartException: Error in obtaining a token
        at
org.apache.rampart.util.RampartUtil.getToken(RampartUtil.java:779)
        at
org.apache.rampart.util.RampartUtil.getSecConvToken(RampartUtil.java:633)
        at
org.apache.rampart.builder.SymmetricBindingBuilder.initializeTokens(SymmetricBindingBuilder.java:878)
        at
org.apache.rampart.builder.SymmetricBindingBuilder.build(SymmetricBindingBuilder.java:78)
        at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:144)
        at
org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:65)
        ... 14 more
Caused by: java.lang.NullPointerException
        at
org.apache.rampart.builder.SymmetricBindingBuilder.initializeTokens(SymmetricBindingBuilder.java:889)
        at
org.apache.rampart.builder.SymmetricBindingBuilder.build(SymmetricBindingBuilder.java:78)
        at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:144)
        at
org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:65)
        at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
        at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
        at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:262)
        at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:427)
        at
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:406)
        at
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
        at
org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
        at
org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:555)
        at
org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:150)
        at
org.apache.rampart.util.RampartUtil.getToken(RampartUtil.java:766)


Code to setup security policy and obtain security token:

       configContext.setProperty(HTTPConstants.CACHED_HTTP_CLIENT,
httpClient);

        // Setup URL we're sending requests to.
        clientOptions.setTo(new EndpointReference(urlStr));
        clientOptions.setProperty(SandeshaClientConstants.RM_SPEC_VERSION,
Sandesha2Constants.SPEC_VERSIONS.v1_0);

        SandeshaPolicyBean policy =
SandeshaUtil.getPropertyBean(serviceClient.getAxisConfiguration());
        policy.setEnableRMAnonURI(true);

        clientOptions.setProperty(Constants.Configuration.ENABLE_MTOM,
Constants.VALUE_TRUE);
        clientOptions.setProperty(SandeshaClientConstants.AcksTo, "
http://www.w3.org/2005/08/addressing/anonymous");
        clientOptions.setProperty(Constants.Configuration.CONTENT_TYPE,
"multipart/related;type=\"application/xop+xml\";start-in$


clientOptions.setProperty(SandeshaClientConstants.SANDESHA_LISTENER, new
VoilaSandeshaListener());

clientOptions.setProperty(SandeshaClientConstants.SEQUENCE_KEY,uuid);

clientOptions.setProperty(SandeshaClientConstants.OFFERED_SEQUENCE_ID,
uuid);

        Policy rampartPolicy = loadPolicy(this.rampartPolicyPath);
        clientOptions.setProperty(RampartMessageData.KEY_RAMPART_POLICY,
rampartPolicy);

         // Code to obtain security token myself.   NPE occurs whether or
not this code is here.

         STSClient stsClient = new STSClient(configContext);

         stsClient.setRstTemplate(getRSTTemplate());
         stsClient.setVersion(RahasConstants.VERSION_05_12);
         String action =
TrustUtil.getActionValue(RahasConstants.VERSION_05_02,
RahasConstants.RST_ACTION_ISSUE);
         stsClient.setAction(action);

         //Obtain the security token ourselves
         stsPolicyPath = rampartPolicyPath;
         Token responseToken =
stsClient.requestSecurityToken(rampartPolicy, urlStr,
loadPolicy(stsPolicyPath), urlStr);

         TokenStorage store = TrustUtil.getTokenStore(configContext);
         store.add(responseToken);


 clientOptions.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN,
responseToken.getId());
         clientOptions.setProperty(SandeshaClientConstants.LAST_MESSAGE,
"true");

         serviceClient.engageModule("sandesha2");
         serviceClient.engageModule("addressing");
         serviceClient.engageModule("mtompolicy");
         serviceClient.engageModule("rampart");
         serviceClient.setOptions(clientOptions);

I also receive this exception but based on blogs it seems it can be ignored: