You are viewing a plain text version of this content. The canonical link for it is here.
Posted to issues@cxf.apache.org by "Charles Moulliard (JIRA)" <ji...@apache.org> on 2016/04/08 12:03:25 UTC
[jira] [Created] (CXF-6864) STS Demo - Invalid Key
Charles Moulliard created CXF-6864:
--------------------------------------
Summary: STS Demo - Invalid Key
Key: CXF-6864
URL: https://issues.apache.org/jira/browse/CXF-6864
Project: CXF
Issue Type: Bug
Affects Versions: 3.0.9
Reporter: Charles Moulliard
The STS Demo packaged within the distribution of CXF 3.0.9 doesn't work
When the client issues the request to get the token from the STS server, the following error is reported
Server
{code}
Apr 08, 2016 11:57:04 AM org.eclipse.jetty.server.AbstractConnector doStart
INFO: Started SelectChannelConnector@localhost:8080
Server ready...
Apr 08, 2016 11:57:42 AM org.apache.cxf.services.SecurityTokenService.UT_Port.STS
INFO: Inbound Message
----------------------------
ID: 1
Address: http://localhost:8080/SecurityTokenService/UT?wsdl
Http-Method: GET
Content-Type:
Headers: {Accept=[*/*], Cache-Control=[no-cache], connection=[keep-alive], Content-Type=[null], Host=[localhost:8080], Pragma=[no-cache], User-Agent=[Apache CXF 3.0.9]}
--------------------------------------
{code}
Client
{code}
WARNING: Interceptor for {http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService#{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Issue has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: Illegal key size
at org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:388)
at org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.handleBinding(SymmetricBindingHandler.java:124)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessageInternal(PolicyBasedWSS4JOutInterceptor.java:210)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:115)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:102)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
at org.apache.cxf.ws.security.trust.AbstractSTSClient.issue(AbstractSTSClient.java:849)
at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:61)
at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:55)
at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:51)
at org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.getTokenFromSTS(IssuedTokenInterceptorProvider.java:397)
at org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.issueToken(IssuedTokenInterceptorProvider.java:531)
at org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.handleMessage(IssuedTokenInterceptorProvider.java:165)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138)
at com.sun.proxy.$Proxy49.greetMe(Unknown Source)
at demo.wssec.client.Client.main(Client.java:77)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.codehaus.mojo.exec.ExecJavaMojo$1.run(ExecJavaMojo.java:291)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.cxf.ws.policy.PolicyException: Illegal key size
at org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractCommonBindingHandler.policyNotAsserted(AbstractCommonBindingHandler.java:117)
at org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryptionDerived(SymmetricBindingHandler.java:492)
at org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryption(SymmetricBindingHandler.java:509)
at org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:381)
... 31 more
Caused by: org.apache.wss4j.common.ext.WSSecurityException: Illegal key size
Original Exception was org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size
Original Exception was java.security.InvalidKeyException: Illegal key size
at org.apache.wss4j.dom.message.WSSecEncrypt.encryptElement(WSSecEncrypt.java:704)
at org.apache.wss4j.dom.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:446)
at org.apache.wss4j.dom.message.WSSecDKEncrypt.encryptForExternalRef(WSSecDKEncrypt.java:137)
at org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryptionDerived(SymmetricBindingHandler.java:485)
... 33 more
Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size
Original Exception was java.security.InvalidKeyException: Illegal key size
at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1183)
at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1128)
at org.apache.xml.security.encryption.XMLCipher.encryptElementContent(XMLCipher.java:901)
at org.apache.xml.security.encryption.XMLCipher.doFinal(XMLCipher.java:1032)
at org.apache.wss4j.dom.message.WSSecEncrypt.encryptElement(WSSecEncrypt.java:701)
... 36 more
Caused by: java.security.InvalidKeyException: Illegal key size
at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
at javax.crypto.Cipher.implInit(Cipher.java:805)
at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
at javax.crypto.Cipher.init(Cipher.java:1396)
at javax.crypto.Cipher.init(Cipher.java:1327)
at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1181)
... 40 more
Apr 08, 2016 11:57:42 AM org.apache.cxf.phase.PhaseInterceptorChain doDefaultLogging
WARNING: Interceptor for {http://apache.org/hello_world_soap_http}SOAPService#{http://apache.org/hello_world_soap_http}greetMe has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: Illegal key size
at org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:388)
at org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.handleBinding(SymmetricBindingHandler.java:124)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessageInternal(PolicyBasedWSS4JOutInterceptor.java:210)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:115)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:102)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
at org.apache.cxf.ws.security.trust.AbstractSTSClient.issue(AbstractSTSClient.java:849)
at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:61)
at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:55)
at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:51)
at org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.getTokenFromSTS(IssuedTokenInterceptorProvider.java:397)
at org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.issueToken(IssuedTokenInterceptorProvider.java:531)
at org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.handleMessage(IssuedTokenInterceptorProvider.java:165)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138)
at com.sun.proxy.$Proxy49.greetMe(Unknown Source)
at demo.wssec.client.Client.main(Client.java:77)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at org.codehaus.mojo.exec.ExecJavaMojo$1.run(ExecJavaMojo.java:291)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.cxf.ws.policy.PolicyException: Illegal key size
at org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractCommonBindingHandler.policyNotAsserted(AbstractCommonBindingHandler.java:117)
at org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryptionDerived(SymmetricBindingHandler.java:492)
at org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryption(SymmetricBindingHandler.java:509)
at org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:381)
... 31 more
Caused by: org.apache.wss4j.common.ext.WSSecurityException: Illegal key size
Original Exception was org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size
Original Exception was java.security.InvalidKeyException: Illegal key size
at org.apache.wss4j.dom.message.WSSecEncrypt.encryptElement(WSSecEncrypt.java:704)
at org.apache.wss4j.dom.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:446)
at org.apache.wss4j.dom.message.WSSecDKEncrypt.encryptForExternalRef(WSSecDKEncrypt.java:137)
at org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryptionDerived(SymmetricBindingHandler.java:485)
... 33 more
Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size
Original Exception was java.security.InvalidKeyException: Illegal key size
at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1183)
at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1128)
at org.apache.xml.security.encryption.XMLCipher.encryptElementContent(XMLCipher.java:901)
at org.apache.xml.security.encryption.XMLCipher.doFinal(XMLCipher.java:1032)
at org.apache.wss4j.dom.message.WSSecEncrypt.encryptElement(WSSecEncrypt.java:701)
... 36 more
Caused by: java.security.InvalidKeyException: Illegal key size
at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
at javax.crypto.Cipher.implInit(Cipher.java:805)
at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
at javax.crypto.Cipher.init(Cipher.java:1396)
at javax.crypto.Cipher.init(Cipher.java:1327)
at org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1181)
... 40 more
{code}
--
This message was sent by Atlassian JIRA
(v6.3.4#6332)