You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by "Berner, Nicolas" <Be...@secaron.de> on 2009/01/12 14:21:32 UTC
Rampart: Encryption - Alias is null
Hi!
My Client ist trying to decrypt an encrypted message. It doesn´t work because the result of (PasswordCallbackHandler) pc.getIdentifier() is null. You can see this in the stacktrace.
org.apache.axis2.AxisFault: WSDoAllReceiver: security processing failed
at org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:214)
at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:86)
at org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72)
at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163)
at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:363)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:416)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
at test.flex.client.FlexSimpleStub.getStudent(FlexSimpleStub.java:202)
at test.flex.client.ServiceClient.holeStudent(ServiceClient.java:65)
at test.flex.client.ServiceClient.main(ServiceClient.java:20)
Caused by: org.apache.ws.security.WSSecurityException: The signature or decryption was invalid; nested exception is:
java.lang.Exception: alias is null
at org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:292)
at org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:92)
at org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:80)
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:311)
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:228)
at org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:211)
... 12 more
Caused by: java.lang.Exception: alias is null
at org.apache.ws.security.components.crypto.CryptoBase.getPrivateKey(CryptoBase.java:137)
at org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:290)
... 17 more
I can´t find anything in the Internet. Does anybody know what the problem is?
Here is the configuration for Rampart: (I´m using Axis1.41 with Rampart 1.4)
---------------------------
For the client:
<parameter name="InflowSecurity">
<action>
<items>Encrypt</items>
<decryptionPropFile>client.properties</decryptionPropFile>
<passwordCallbackClass>test.flex.client.ClientPWCallback</passwordCallbackClass>
</action>
</parameter>
And the service:
<parameter name="OutflowSecurity">
<action>
<items>Encrypt</items>
<encryptionUser>client</encryptionUser>
<encryptionPropFile>crypto.properties</encryptionPropFile>
</action>
</parameter>
------------------------------
Best regards,
Nicolas Berner
Secaron AG
Ludwigstr. 45
85399 Hallbergmoos
Tel. +49 811 9594 - 170
Fax +49 811 9594 - 220
__________________________________
Secaron AG, Hallbergmoos - Amtsgericht München - HRB130366
Aufsichtsratsvorsitzender: Jochen Speek - Vorstand: Michael Spreng (Vorsitzender), Herbert Pröll
RE: Rampart: Encryption - Alias is null
Posted by Martin Gainty <mg...@hotmail.com>.
possibly a WSS4j Configuration issue
first you will need to the consistent use of the same Provider for server and client e.g.
protected WSSConfig()
{
org.apache.xml.security.Init.init();
/*
* The last provider added has precedence, that is if JuiCE can be add
* then WSS4J uses this provider.
*/
addJceProvider("BC",
"org.bouncycastle.jce.provider.BouncyCastleProvider");
//this is usually sufficient to make it the provider du jour
}
also you would need to tell WSS4J Security Encryption to either encrypt.setAlias(NonNullValidAlias)
OR
setUseThisCert(encCert);
e.g.
Utils.trace(this.getClass(), "WSS Encrypting SOAP Envelope");
WSSecEncrypt encrypt = new WSSecEncrypt();
encrypt.setEncCanonicalization(encCanonAlgo);
encrypt.setKeyEncAlgo(encKeyAlgo);
encrypt.setSymmetricEncAlgorithm(encSymAlgo);
if (encCert != null)
{
Utils.trace(this.getClass(), "Encrypting with Configuration provided Certificate");
encrypt.setUseThisCert(encCert);
}
else
{
Utils.trace(this.getClass(), "Encrypting with Keystore provided Certificate");
encrypt.setUserInfo(encryptAlias);
}
if (!signalMessage) {
encrypt.setParts(getEncryptionParts(pMode, event));
} else {
encrypt.setParts(getSignalParts());
}
encrypt.prepare(doc, crypto);
encrypt.prependToHeader(secHeader);
doc = encrypt.build(doc, crypto, secHeader);
Utils.trace(this.getClass(), "WSS Encrypted SOAP Envelope");
http://osdir.com/ml/wss4j-dev-ws.apache.org/2009-02/msg00043.html
Mit Freundlichen Gruben
Martin Gainty
______________________________________________
Verzicht und Vertraulichkeitanmerkung
Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen.
> Date: Thu, 9 Jul 2009 12:49:31 -0700
> From: jchappelle@4redi.com
> To: axis-user@ws.apache.org
> Subject: Re: Rampart: Encryption - Alias is null
>
>
> I am also having this problem. Can someone please respond?
>
> Thanks,
>
> Josh
>
>
> Berner, Nicolas wrote:
> >
> > Hi!
> >
> >
> >
> > My Client ist trying to decrypt an encrypted message. It doesn´t work
> > because the result of (PasswordCallbackHandler) pc.getIdentifier() is
> > null. You can see this in the stacktrace.
> >
> >
> >
> > org.apache.axis2.AxisFault: WSDoAllReceiver: security processing failed
> >
> > at
> > org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:214)
> >
> > at
> > org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:86)
> >
> > at
> > org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72)
> >
> > at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
> >
> > at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
> >
> > at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163)
> >
> > at
> > org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:363)
> >
> > at
> > org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:416)
> >
> > at
> > org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228)
> >
> > at
> > org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
> >
> > at
> > test.flex.client.FlexSimpleStub.getStudent(FlexSimpleStub.java:202)
> >
> > at test.flex.client.ServiceClient.holeStudent(ServiceClient.java:65)
> >
> > at test.flex.client.ServiceClient.main(ServiceClient.java:20)
> >
> > Caused by: org.apache.ws.security.WSSecurityException: The signature or
> > decryption was invalid; nested exception is:
> >
> > java.lang.Exception: alias is null
> >
> > at
> > org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:292)
> >
> > at
> > org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:92)
> >
> > at
> > org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:80)
> >
> > at
> > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:311)
> >
> > at
> > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:228)
> >
> > at
> > org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:211)
> >
> > ... 12 more
> >
> > Caused by: java.lang.Exception: alias is null
> >
> > at
> > org.apache.ws.security.components.crypto.CryptoBase.getPrivateKey(CryptoBase.java:137)
> >
> > at
> > org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:290)
> >
> > ... 17 more
> >
> >
> >
> >
> >
> > I can´t find anything in the Internet. Does anybody know what the problem
> > is?
> >
> > Here is the configuration for Rampart: (I´m using Axis1.41 with Rampart
> > 1.4)
> >
> > ---------------------------
> >
> > For the client:
> >
> > <parameter name="InflowSecurity">
> >
> > <action>
> >
> > <items>Encrypt</items>
> >
> > <decryptionPropFile>client.properties</decryptionPropFile>
> >
> >
> > <passwordCallbackClass>test.flex.client.ClientPWCallback</passwordCallbackClass>
> >
> > </action>
> >
> > </parameter>
> >
> > And the service:
> >
> > <parameter name="OutflowSecurity">
> >
> > <action>
> >
> > <items>Encrypt</items>
> >
> > <encryptionUser>client</encryptionUser>
> >
> > <encryptionPropFile>crypto.properties</encryptionPropFile>
> >
> > </action>
> >
> > </parameter>
> >
> > ------------------------------
> >
> >
> >
> > Best regards,
> > Nicolas Berner
> >
> >
> > Secaron AG
> > Ludwigstr. 45
> > 85399 Hallbergmoos
> > Tel. +49 811 9594 - 170
> >
> > Fax +49 811 9594 - 220
> > __________________________________
> >
> > Secaron AG, Hallbergmoos - Amtsgericht München - HRB130366
> > Aufsichtsratsvorsitzender: Jochen Speek - Vorstand: Michael Spreng
> > (Vorsitzender), Herbert Pröll
> >
> >
> >
> >
> >
>
> --
> View this message in context: http://www.nabble.com/Rampart%3A-Encryption---Alias-is-null-tp21414315p24416686.html
> Sent from the Axis - User mailing list archive at Nabble.com.
>
_________________________________________________________________
Insert movie times and more without leaving Hotmail®.
http://windowslive.com/Tutorial/Hotmail/QuickAdd?ocid=TXT_TAGLM_WL_HM_Tutorial_QuickAdd_062009
Re: Rampart: Encryption - Alias is null
Posted by Lars Ericsson <la...@yahoo.com>.
Humm,
do you know how WS is working?
it is not very easy if you haven't had all required fiels and xml-s.
a tips can be read more about how the authentication works.
For example you can look at this link http://keithelder.net/blog/archive/2007/01/06/Securing-Web-Services-With-Username-and-Password.aspx
________________________________
From: jchappelle <jc...@4redi.com>
To: axis-user@ws.apache.org
Sent: Thursday, July 9, 2009 9:49:31 PM
Subject: Re: Rampart: Encryption - Alias is null
I am also having this problem. Can someone please respond?
Thanks,
Josh
Berner, Nicolas wrote:
>
> Hi!
>
>
>
> My Client ist trying to decrypt an encrypted message. It doesn´t work
> because the result of (PasswordCallbackHandler) pc.getIdentifier() is
> null. You can see this in the stacktrace.
>
>
>
> org.apache.axis2.AxisFault: WSDoAllReceiver: security processing failed
>
> at
> org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:214)
>
> at
> org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:86)
>
> at
> org..apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72)
>
> at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
>
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
>
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163)
>
> at
> org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:363)
>
> at
> org..apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:416)
>
> at
> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228)
>
> at
> org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
>
> at
> test.flex.client.FlexSimpleStub.getStudent(FlexSimpleStub.java:202)
>
> at test.flex.client.ServiceClient.holeStudent(ServiceClient.java:65)
>
> at test.flex.client.ServiceClient.main(ServiceClient.java:20)
>
> Caused by: org.apache.ws.security.WSSecurityException: The signature or
> decryption was invalid; nested exception is:
>
> java.lang.Exception: alias is null
>
> at
> org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:292)
>
> at
> org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor..java:92)
>
> at
> org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:80)
>
> at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:311)
>
> at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:228)
>
> at
> org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:211)
>
> ... 12 more
>
> Caused by: java.lang.Exception: alias is null
>
> at
> org.apache.ws.security.components.crypto..CryptoBase.getPrivateKey(CryptoBase.java:137)
>
> at
> org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:290)
>
> ... 17 more
>
>
>
>
>
> I can´t find anything in the Internet. Does anybody know what the problem
> is?
>
> Here is the configuration for Rampart: (I´m using Axis1.41 with Rampart
> 1.4)
>
> ---------------------------
>
> For the client:
>
> <parameter name="InflowSecurity">
>
> <action>
>
> <items>Encrypt</items>
>
> <decryptionPropFile>client.properties</decryptionPropFile>
>
>
> <passwordCallbackClass>test.flex.client.ClientPWCallback</passwordCallbackClass>
>
> </action>
>
> </parameter>
>
> And the service:
>
> <parameter name="OutflowSecurity">
>
> <action>
>
> <items>Encrypt</items>
>
> <encryptionUser>client</encryptionUser>
>
> <encryptionPropFile>crypto.properties</encryptionPropFile>
>
> </action>
>
> </parameter>
>
> ------------------------------
>
>
>
> Best regards,
> Nicolas Berner
>
>
> Secaron AG
> Ludwigstr. 45
> 85399 Hallbergmoos
> Tel. +49 811 9594 - 170
>
> Fax +49 811 9594 - 220
> __________________________________
>
> Secaron AG, Hallbergmoos - Amtsgericht München - HRB130366
> Aufsichtsratsvorsitzender: Jochen Speek - Vorstand: Michael Spreng
> (Vorsitzender), Herbert Pröll
>
>
>
>
>
--
View this message in context: http://www.nabble.com/Rampart%3A-Encryption---Alias-is-null-tp21414315p24416686.html
Sent from the Axis - User mailing list archive at Nabble.com.
Re: Rampart: Encryption - Alias is null
Posted by jchappelle <jc...@4redi.com>.
I am also having this problem. Can someone please respond?
Thanks,
Josh
Berner, Nicolas wrote:
>
> Hi!
>
>
>
> My Client ist trying to decrypt an encrypted message. It doesn´t work
> because the result of (PasswordCallbackHandler) pc.getIdentifier() is
> null. You can see this in the stacktrace.
>
>
>
> org.apache.axis2.AxisFault: WSDoAllReceiver: security processing failed
>
> at
> org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:214)
>
> at
> org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:86)
>
> at
> org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72)
>
> at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
>
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
>
> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163)
>
> at
> org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:363)
>
> at
> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:416)
>
> at
> org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228)
>
> at
> org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
>
> at
> test.flex.client.FlexSimpleStub.getStudent(FlexSimpleStub.java:202)
>
> at test.flex.client.ServiceClient.holeStudent(ServiceClient.java:65)
>
> at test.flex.client.ServiceClient.main(ServiceClient.java:20)
>
> Caused by: org.apache.ws.security.WSSecurityException: The signature or
> decryption was invalid; nested exception is:
>
> java.lang.Exception: alias is null
>
> at
> org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:292)
>
> at
> org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:92)
>
> at
> org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:80)
>
> at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:311)
>
> at
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:228)
>
> at
> org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:211)
>
> ... 12 more
>
> Caused by: java.lang.Exception: alias is null
>
> at
> org.apache.ws.security.components.crypto.CryptoBase.getPrivateKey(CryptoBase.java:137)
>
> at
> org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:290)
>
> ... 17 more
>
>
>
>
>
> I can´t find anything in the Internet. Does anybody know what the problem
> is?
>
> Here is the configuration for Rampart: (I´m using Axis1.41 with Rampart
> 1.4)
>
> ---------------------------
>
> For the client:
>
> <parameter name="InflowSecurity">
>
> <action>
>
> <items>Encrypt</items>
>
> <decryptionPropFile>client.properties</decryptionPropFile>
>
>
> <passwordCallbackClass>test.flex.client.ClientPWCallback</passwordCallbackClass>
>
> </action>
>
> </parameter>
>
> And the service:
>
> <parameter name="OutflowSecurity">
>
> <action>
>
> <items>Encrypt</items>
>
> <encryptionUser>client</encryptionUser>
>
> <encryptionPropFile>crypto.properties</encryptionPropFile>
>
> </action>
>
> </parameter>
>
> ------------------------------
>
>
>
> Best regards,
> Nicolas Berner
>
>
> Secaron AG
> Ludwigstr. 45
> 85399 Hallbergmoos
> Tel. +49 811 9594 - 170
>
> Fax +49 811 9594 - 220
> __________________________________
>
> Secaron AG, Hallbergmoos - Amtsgericht München - HRB130366
> Aufsichtsratsvorsitzender: Jochen Speek - Vorstand: Michael Spreng
> (Vorsitzender), Herbert Pröll
>
>
>
>
>
--
View this message in context: http://www.nabble.com/Rampart%3A-Encryption---Alias-is-null-tp21414315p24416686.html
Sent from the Axis - User mailing list archive at Nabble.com.