You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by Dittmann Werner <we...@siemens.com> on 2004/09/23 08:49:58 UTC
AW: AW: Problem with Signatures: Unexpected number of X509Data: f
or S ignature
Guiseppe,
after looking at your answer mail to Jake I've some
more questions/hints for you :-) :
- your Axis client deployment descriptor does not contain
a user name nor a password callback class. The crypto
implementation does not use (since a long time) the
alias name and alias password inside the crypto.properties
anymore because of security reasons. If no username is
specified then the crypto instance (Merlin) cannot locate
a certificate.
- Does your client application sets a username for the
the call? If so then this usesname takes precedence over
a username set in the deployment descriptor.
- Pls refer to the org\apache\ws\axis\security\package.html
documentation and the documentation of the Axis parts
inside WSS4J to get information about the interworking
of username, password callback etc.
Regards,
Werner
> -----Ursprüngliche Nachricht-----
> Von: Giuseppe Milicia [mailto:g_milicia@yahoo.it]
> Gesendet: Donnerstag, 23. September 2004 01:16
> An: fx-dev@ws.apache.org
> Betreff: Re: AW: Problem with Signatures: Unexpected number
> of X509Data: for S ignature
>
>
> Hi,
>
> Thanks for the tip. However it does not seem to be the
> problem here...
>
> Just to make sure I used your default
> crypto.properties:
>
> org.apache.ws.security.crypto.provider=org.apache.ws.security.
> components.crypto.
> Merlin
> org.apache.ws.security.crypto.merlin.keystore.type=pkcs12
> org.apache.ws.security.crypto.merlin.keystore.password=security
> org.apache.ws.security.crypto.merlin.keystore.alias=16c73ab6-b
> 892-458f-abf5-2f87
> 5f74882e
> org.apache.ws.security.crypto.merlin.alias.password=security
> org.apache.ws.security.crypto.merlin.file=keys/x509.PFX.MSFT
>
> with the corresponding keystore keys\x509.PFX.MSFT
> I got the same result, I suppose it should have worked
> with that keystore?
>
> I'm probably gonna debug the code tomorrow to see
> exactly what is going amiss...
>
> Thanks
>
> -- Giuseppe
>
>
> > Guiseppe,
> >
> > this means that the Signature method is not able to
> > get
> > a certificate from the certificate store. Either
> > there
> > is no certificate at all, or no certificate for the
> > user.
> >
> > Regards,
> > Werner
> >
> > > -----Ursprüngliche Nachricht-----
> > > Von: Giuseppe Milicia [mailto:g_milicia@yahoo.it]
> > > Gesendet: Dienstag, 21. September 2004 21:41
> > > An: fx-dev@ws.apache.org
> > > Betreff: Problem with Signatures: Unexpected
> > number of
> > > X509Data: for Signature
> > >
> > >
> > > Hi guys,
> > >
> > > I'm trying to use the WSS4J handlers to sign
> > messages
> > > from client to web service.
> > >
> > > I think I configured everything all right, however
> > I
> > > get an exception at the client (way before sending
> > the
> > > SOAP request):
> > >
> > > INFO: Using Crypto Engine
> > > [org.apache.ws.security.components.crypto.Merlin]
> > > AxisFault
> > > faultCode:
> > >
> >
> {http://schemas.xmlsoap.org/soap/envelope/}Server.generalException
> > > faultSubcode:
> > > faultString: WSDoAllSender: Signature: error
> > during
> > > message procesingorg.apache
> > > .ws.security.WSSecurityException: General security
> > > error (Unexpected number of X
> > > 509Data: for Signature)
> > > faultActor:
> > > faultNode:
> > > faultDetail:
> > >
> > >
> >
> {http://xml.apache.org/axis/}stackTrace:WSDoAllSender:
> > > Signature: error
> > > during message
> > >
> > procesingorg.apache.ws.security.WSSecurityException:
> > > General secu
> > > rity error (Unexpected number of X509Data: for
> > > Signature)
> > > at
> > >
> >
> org.apache.ws.axis.security.WSDoAllSender.performSIGNAction(WSDoAllSe
> > > nder.java:364)
> > > at
> > >
> >
> org.apache.ws.axis.security.WSDoAllSender.invoke(WSDoAllSender.java:2
> > > 81)
> > > at
> > >
> >
> org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrateg
> > > y.java:32)
> > > at
> > >
> >
> org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
> > > at
> > >
> >
> org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
> > > at
> > >
> >
> org.apache.axis.client.AxisClient.invoke(AxisClient.java:128)
> > > at
> > >
> >
> org.apache.axis.client.Call.invokeEngine(Call.java:2735)
> > >
> > >
> > > For completeness my configuration is Axis 1.2
> > beta3,
> > > WSS4J from CVS, Tomcat 5.0.28, java 1.4.0-b92 on
> > > Windows XP
> > >
> > > My handler are configured adding to the service
> > the
> > > request flow:
> > > <requestFlow>
> > > <handler
> > >
> >
> type="java:org.apache.ws.axis.security.WSDoAllReceiver"
> > > >
> > > <parameter name="action"
> > > value="Signature"/>
> > > <parameter name="signaturePropFile"
> > > value="mycrypto.properties" />
> > > </handler>
> > > </requestFlow>
> > >
> > > And similar at the client. I do have the Axis
> > generate
> > > client-config.wsdd in the classpath.
> > >
> > > My keystore is JKS with the appropriate keys,
> > however
> > > I get the same problem with the standard WSS4J
> > > crypto.properties and associated keystore.
> > >
> > > Any ideas or clues would be very much appreciated!
> > >
> > > -- Giuseppe
> > >
> > >
> > >
> > >
> > >
> > >
> > > ___________________________________
> > > Scopri Mister Yahoo! - il fantatorneo sul calcio
> > di Yahoo! Sport
> > > http://it.seriea.fantasysports.yahoo.com/
> > >
> >
>
>
>
> ___________________________________
> Scopri Mister Yahoo! - il fantatorneo sul calcio di Yahoo! Sport
> http://it.seriea.fantasysports.yahoo.com/
>