You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by mp...@s-und-n.de on 2006/05/19 15:24:31 UTC
Cannot sign before encryption
Hi,
I am trying to invoke rampart with Axis2 and it worked so far.
If I try to first sign the message and then encrypt it, the client
behaviour seems to be correct.
But the service is unable to handle the message and sends the following
exception as response:
java.lang.NullPointerException
java.lang.StringBuffer.<init>(StringBuffer.java:104)
org.apache.axiom.om.impl.dom.CharacterImpl.<init>(CharacterImpl.java:43)
org.apache.axiom.om.impl.dom.TextImpl.<init>(TextImpl.java:148)
org.apache.axiom.om.impl.dom.AttrImpl.<init>(AttrImpl.java:82)
org.apache.axiom.om.impl.dom.ElementImpl.getAttributes(ElementImpl.java:1285)
org.apache.xml.security.c14n.implementations.Canonicalizer20010315Excl.handleAttributesSubtree(Unknown
Source)
org.apache.xml.security.c14n.implementations.CanonicalizerBase.canonicalizeSubTree(Unknown
Source)
org.apache.xml.security.c14n.implementations.CanonicalizerBase.engineCanonicalizeSubTree(Unknown
Source)
org.apache.xml.security.c14n.implementations.CanonicalizerBase.engineCanonicalize(Unknown
Source)
org.apache.xml.security.c14n.implementations.Canonicalizer20010315Excl.engineCanonicalize(Unknown
Source)
org.apache.xml.security.transforms.implementations.TransformC14NExclusive.enginePerformTransform(Unknown
Source)
org.apache.xml.security.transforms.Transform.performTransform(Unknown
Source)
org.apache.xml.security.transforms.Transforms.performTransforms(Unknown
Source)
org.apache.xml.security.signature.Reference.getContentsAfterTransformation(Unknown
Source)
org.apache.xml.security.signature.Reference.dereferenceURIandPerformTransforms(Unknown
Source)
org.apache.xml.security.signature.Reference.calculateDigest(Unknown
Source)
org.apache.xml.security.signature.Reference.verify(Unknown Source)
org.apache.xml.security.signature.Manifest.verifyReferences(Unknown
Source)
org.apache.xml.security.signature.SignedInfo.verify(Unknown Source)
org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Unknown
Source)
org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Unknown
Source)
org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:264)
org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:79)
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:269)
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:191)
org.apache.axis2.security.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:180)
org.apache.axis2.security.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:82)
org.apache.axis2.engine.Phase.invoke(Phase.java:381)
org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:473)
org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:445)
org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:284)
org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:136)
javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
Tomcat logs the following Exception:
java.lang.IllegalStateException: getOutputStream() has already been called
for this response
at
org.apache.catalina.connector.Response.getWriter(Response.java:606)
at
org.apache.catalina.connector.ResponseFacade.getWriter(ResponseFacade.java:195)
at
org.apache.jasper.runtime.JspWriterImpl.initOut(JspWriterImpl.java:124)
at
org.apache.jasper.runtime.JspWriterImpl.flushBuffer(JspWriterImpl.java:117)
at
org.apache.jasper.runtime.PageContextImpl.release(PageContextImpl.java:191)
at
org.apache.jasper.runtime.JspFactoryImpl.internalReleasePageContext(JspFactoryImpl.java:115)
at
org.apache.jasper.runtime.JspFactoryImpl.releasePageContext(JspFactoryImpl.java:75)
at
org.apache.jsp.axis2_002dweb.Error.error500_jsp._jspService(org.apache.jsp.axis2_002dweb.Error.error500_jsp:97)
at
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:322)
at
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)
at
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
at
org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672)
at
org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:465)
at
org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:398)
at
org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:301)
at
org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java:363)
at
org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java:284)
at
org.apache.catalina.core.StandardHostValve.throwable(StandardHostValve.java:228)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:134)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:868)
at
org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:663)
at
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
at
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
at java.lang.Thread.run(Thread.java:595)
My client configuration:
<parameter name="OutflowSecurity">
<action>
<items>Signature Encrypt</items>
<user>mp_client</user>
<encryptionUser>mp_server</encryptionUser>
<passwordCallbackClass>reverseTest.PWCallback</passwordCallbackClass>
<signaturePropFile>reverseTest1ClientSecurity.properties</signaturePropFile>
<encryptionPropFile>reverseTest1ClientSecurity.properties</encryptionPropFile>
</action>
</parameter>
My service configuration:
<parameter name="InflowSecurity">
<action>
<!--
not working:
<items>UsernameToken Timestamp Signature Encrypt
Signature</items>
<items>UsernameToken Timestamp Signature Encrypt</items>
<items>Signature Encrypt</items>
working:
<items>UsernameToken Timestamp Encrypt Signature</items>
-->
<items>Signature Encrypt</items>
<passwordCallbackClass>reverseTest.PWCallback</passwordCallbackClass>
<signaturePropFile>reverseTest1ServerSecurity.properties</signaturePropFile>
<decryptionPropFile>reverseTest1ServerSecurity.properties</decryptionPropFile>
</action>
</parameter>
As I commented in the service config, it is no problem if I first encrypt
it and then sign the message.
I worked with WSS4J 1.1.0 and Axis 1.3 earlier and had no problems with
the order of the configured items.
Regards,
Michael
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Cannot sign before encryption
Posted by Ruchith Fernando <ru...@gmail.com>.
Hi Michael,
This is a bug in the AXIOM-DOM implementation.
This issue is already fixed in the latest AXIOM svn.
Please use the axiom jars from here [1] and replace all axiom-*-1.0 jars.
Thanks,
Ruchith
[1] http://people.apache.org/~ruchithf/axiom/
On 5/19/06, mpollmeier@s-und-n.de <mp...@s-und-n.de> wrote:
> Hi,
>
> I am trying to invoke rampart with Axis2 and it worked so far.
> If I try to first sign the message and then encrypt it, the client
> behaviour seems to be correct.
> But the service is unable to handle the message and sends the following
> exception as response:
>
> java.lang.NullPointerException
> java.lang.StringBuffer.<init>(StringBuffer.java:104)
> org.apache.axiom.om.impl.dom.CharacterImpl.<init>(CharacterImpl.java:43)
> org.apache.axiom.om.impl.dom.TextImpl.<init>(TextImpl.java:148)
> org.apache.axiom.om.impl.dom.AttrImpl.<init>(AttrImpl.java:82)
>
> org.apache.axiom.om.impl.dom.ElementImpl.getAttributes(ElementImpl.java:1285)
>
> org.apache.xml.security.c14n.implementations.Canonicalizer20010315Excl.handleAttributesSubtree(Unknown
> Source)
>
> org.apache.xml.security.c14n.implementations.CanonicalizerBase.canonicalizeSubTree(Unknown
> Source)
>
> org.apache.xml.security.c14n.implementations.CanonicalizerBase.engineCanonicalizeSubTree(Unknown
> Source)
>
> org.apache.xml.security.c14n.implementations.CanonicalizerBase.engineCanonicalize(Unknown
> Source)
>
> org.apache.xml.security.c14n.implementations.Canonicalizer20010315Excl.engineCanonicalize(Unknown
> Source)
>
> org.apache.xml.security.transforms.implementations.TransformC14NExclusive.enginePerformTransform(Unknown
> Source)
> org.apache.xml.security.transforms.Transform.performTransform(Unknown
> Source)
> org.apache.xml.security.transforms.Transforms.performTransforms(Unknown
> Source)
>
> org.apache.xml.security.signature.Reference.getContentsAfterTransformation(Unknown
> Source)
>
> org.apache.xml.security.signature.Reference.dereferenceURIandPerformTransforms(Unknown
> Source)
> org.apache.xml.security.signature.Reference.calculateDigest(Unknown
> Source)
> org.apache.xml.security.signature.Reference.verify(Unknown Source)
> org.apache.xml.security.signature.Manifest.verifyReferences(Unknown
> Source)
> org.apache.xml.security.signature.SignedInfo.verify(Unknown Source)
>
> org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Unknown
> Source)
>
> org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Unknown
> Source)
>
> org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:264)
>
> org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:79)
>
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:269)
>
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:191)
>
> org.apache.axis2.security.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:180)
>
> org.apache.axis2.security.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:82)
> org.apache.axis2.engine.Phase.invoke(Phase.java:381)
> org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:473)
> org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:445)
>
> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:284)
> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:136)
> javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
> javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
>
>
>
> Tomcat logs the following Exception:
> java.lang.IllegalStateException: getOutputStream() has already been called
> for this response
> at
> org.apache.catalina.connector.Response.getWriter(Response.java:606)
> at
> org.apache.catalina.connector.ResponseFacade.getWriter(ResponseFacade.java:195)
> at
> org.apache.jasper.runtime.JspWriterImpl.initOut(JspWriterImpl.java:124)
> at
> org.apache.jasper.runtime.JspWriterImpl.flushBuffer(JspWriterImpl.java:117)
> at
> org.apache.jasper.runtime.PageContextImpl.release(PageContextImpl.java:191)
> at
> org.apache.jasper.runtime.JspFactoryImpl.internalReleasePageContext(JspFactoryImpl.java:115)
> at
> org.apache.jasper.runtime.JspFactoryImpl.releasePageContext(JspFactoryImpl.java:75)
> at
> org.apache.jsp.axis2_002dweb.Error.error500_jsp._jspService(org.apache.jsp.axis2_002dweb.Error.error500_jsp:97)
> at
> org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
> at
> org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:322)
> at
> org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)
> at
> org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
> at
> org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672)
> at
> org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:465)
> at
> org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:398)
> at
> org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:301)
> at
> org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java:363)
> at
> org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java:284)
> at
> org.apache.catalina.core.StandardHostValve.throwable(StandardHostValve.java:228)
> at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:134)
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
> at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
> at
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:868)
> at
> org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:663)
> at
> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
> at
> org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
> at
> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
> at java.lang.Thread.run(Thread.java:595)
>
>
> My client configuration:
> <parameter name="OutflowSecurity">
> <action>
> <items>Signature Encrypt</items>
> <user>mp_client</user>
> <encryptionUser>mp_server</encryptionUser>
> <passwordCallbackClass>reverseTest.PWCallback</passwordCallbackClass>
> <signaturePropFile>reverseTest1ClientSecurity.properties</signaturePropFile>
> <encryptionPropFile>reverseTest1ClientSecurity.properties</encryptionPropFile>
> </action>
> </parameter>
>
> My service configuration:
> <parameter name="InflowSecurity">
> <action>
> <!--
> not working:
> <items>UsernameToken Timestamp Signature Encrypt
> Signature</items>
> <items>UsernameToken Timestamp Signature Encrypt</items>
> <items>Signature Encrypt</items>
>
> working:
> <items>UsernameToken Timestamp Encrypt Signature</items>
>
> -->
> <items>Signature Encrypt</items>
> <passwordCallbackClass>reverseTest.PWCallback</passwordCallbackClass>
> <signaturePropFile>reverseTest1ServerSecurity.properties</signaturePropFile>
> <decryptionPropFile>reverseTest1ServerSecurity.properties</decryptionPropFile>
> </action>
> </parameter>
>
>
> As I commented in the service config, it is no problem if I first encrypt
> it and then sign the message.
> I worked with WSS4J 1.1.0 and Axis 1.3 earlier and had no problems with
> the order of the configured items.
>
>
> Regards,
> Michael
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org
Re: Cannot sign before encryption
Posted by Ruchith Fernando <ru...@gmail.com>.
Hi Michael,
This is a bug in the AXIOM-DOM implementation.
This issue is already fixed in the latest AXIOM svn.
Please use the axiom jars from here [1] and replace all axiom-*-1.0 jars.
Thanks,
Ruchith
[1] http://people.apache.org/~ruchithf/axiom/
On 5/19/06, mpollmeier@s-und-n.de <mp...@s-und-n.de> wrote:
> Hi,
>
> I am trying to invoke rampart with Axis2 and it worked so far.
> If I try to first sign the message and then encrypt it, the client
> behaviour seems to be correct.
> But the service is unable to handle the message and sends the following
> exception as response:
>
> java.lang.NullPointerException
> java.lang.StringBuffer.<init>(StringBuffer.java:104)
> org.apache.axiom.om.impl.dom.CharacterImpl.<init>(CharacterImpl.java:43)
> org.apache.axiom.om.impl.dom.TextImpl.<init>(TextImpl.java:148)
> org.apache.axiom.om.impl.dom.AttrImpl.<init>(AttrImpl.java:82)
>
> org.apache.axiom.om.impl.dom.ElementImpl.getAttributes(ElementImpl.java:1285)
>
> org.apache.xml.security.c14n.implementations.Canonicalizer20010315Excl.handleAttributesSubtree(Unknown
> Source)
>
> org.apache.xml.security.c14n.implementations.CanonicalizerBase.canonicalizeSubTree(Unknown
> Source)
>
> org.apache.xml.security.c14n.implementations.CanonicalizerBase.engineCanonicalizeSubTree(Unknown
> Source)
>
> org.apache.xml.security.c14n.implementations.CanonicalizerBase.engineCanonicalize(Unknown
> Source)
>
> org.apache.xml.security.c14n.implementations.Canonicalizer20010315Excl.engineCanonicalize(Unknown
> Source)
>
> org.apache.xml.security.transforms.implementations.TransformC14NExclusive.enginePerformTransform(Unknown
> Source)
> org.apache.xml.security.transforms.Transform.performTransform(Unknown
> Source)
> org.apache.xml.security.transforms.Transforms.performTransforms(Unknown
> Source)
>
> org.apache.xml.security.signature.Reference.getContentsAfterTransformation(Unknown
> Source)
>
> org.apache.xml.security.signature.Reference.dereferenceURIandPerformTransforms(Unknown
> Source)
> org.apache.xml.security.signature.Reference.calculateDigest(Unknown
> Source)
> org.apache.xml.security.signature.Reference.verify(Unknown Source)
> org.apache.xml.security.signature.Manifest.verifyReferences(Unknown
> Source)
> org.apache.xml.security.signature.SignedInfo.verify(Unknown Source)
>
> org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Unknown
> Source)
>
> org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Unknown
> Source)
>
> org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:264)
>
> org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:79)
>
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:269)
>
> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:191)
>
> org.apache.axis2.security.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:180)
>
> org.apache.axis2.security.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:82)
> org.apache.axis2.engine.Phase.invoke(Phase.java:381)
> org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:473)
> org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:445)
>
> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:284)
> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:136)
> javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
> javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
>
>
>
> Tomcat logs the following Exception:
> java.lang.IllegalStateException: getOutputStream() has already been called
> for this response
> at
> org.apache.catalina.connector.Response.getWriter(Response.java:606)
> at
> org.apache.catalina.connector.ResponseFacade.getWriter(ResponseFacade.java:195)
> at
> org.apache.jasper.runtime.JspWriterImpl.initOut(JspWriterImpl.java:124)
> at
> org.apache.jasper.runtime.JspWriterImpl.flushBuffer(JspWriterImpl.java:117)
> at
> org.apache.jasper.runtime.PageContextImpl.release(PageContextImpl.java:191)
> at
> org.apache.jasper.runtime.JspFactoryImpl.internalReleasePageContext(JspFactoryImpl.java:115)
> at
> org.apache.jasper.runtime.JspFactoryImpl.releasePageContext(JspFactoryImpl.java:75)
> at
> org.apache.jsp.axis2_002dweb.Error.error500_jsp._jspService(org.apache.jsp.axis2_002dweb.Error.error500_jsp:97)
> at
> org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
> at
> org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:322)
> at
> org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314)
> at
> org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173)
> at
> org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672)
> at
> org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:465)
> at
> org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:398)
> at
> org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:301)
> at
> org.apache.catalina.core.StandardHostValve.custom(StandardHostValve.java:363)
> at
> org.apache.catalina.core.StandardHostValve.status(StandardHostValve.java:284)
> at
> org.apache.catalina.core.StandardHostValve.throwable(StandardHostValve.java:228)
> at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:134)
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105)
> at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107)
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148)
> at
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:868)
> at
> org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:663)
> at
> org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527)
> at
> org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:80)
> at
> org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:684)
> at java.lang.Thread.run(Thread.java:595)
>
>
> My client configuration:
> <parameter name="OutflowSecurity">
> <action>
> <items>Signature Encrypt</items>
> <user>mp_client</user>
> <encryptionUser>mp_server</encryptionUser>
> <passwordCallbackClass>reverseTest.PWCallback</passwordCallbackClass>
> <signaturePropFile>reverseTest1ClientSecurity.properties</signaturePropFile>
> <encryptionPropFile>reverseTest1ClientSecurity.properties</encryptionPropFile>
> </action>
> </parameter>
>
> My service configuration:
> <parameter name="InflowSecurity">
> <action>
> <!--
> not working:
> <items>UsernameToken Timestamp Signature Encrypt
> Signature</items>
> <items>UsernameToken Timestamp Signature Encrypt</items>
> <items>Signature Encrypt</items>
>
> working:
> <items>UsernameToken Timestamp Encrypt Signature</items>
>
> -->
> <items>Signature Encrypt</items>
> <passwordCallbackClass>reverseTest.PWCallback</passwordCallbackClass>
> <signaturePropFile>reverseTest1ServerSecurity.properties</signaturePropFile>
> <decryptionPropFile>reverseTest1ServerSecurity.properties</decryptionPropFile>
> </action>
> </parameter>
>
>
> As I commented in the service config, it is no problem if I first encrypt
> it and then sign the message.
> I worked with WSS4J 1.1.0 and Axis 1.3 earlier and had no problems with
> the order of the configured items.
>
>
> Regards,
> Michael
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
> For additional commands, e-mail: wss4j-dev-help@ws.apache.org
>
>
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org