You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Juan Pablo Pizarro <ju...@gmail.com> on 2010/12/09 21:27:16 UTC
No signature username found.
Hello everybody, I'm trying to use X509 certificate to sign/encrypt a
request. I have JDK6 (of Oracle/Sun), Eclipse helios, LInux Ubuntu 9.4 and
CXF 2.4 SNAPSHOT.
My config is:
SpringBusFactory bf = new SpringBusFactory();
URL busFile = Client.class.getResource("wssec.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
Map<String,Object> outProps = new HashMap<String,Object>();
outProps.put("action", "Timestamp Signature Encrypt");
outProps.put("user", "DNAWSSCliente");
outProps.put("signaturePropFile", "Client_Sign.properties");
outProps.put("signatureKeyIdentifier", "DirectReference");
outProps.put("passwordCallbackClass",
com.casa.wss.demo.UTPasswordCallback.class.getName());
outProps.put("signatureParts", "{Element}{
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body
");
outProps.put("encryptionPropFile", "Client_Sign.properties");
outProps.put("encryptionUser", "DNAWSSCliente");
outProps.put("signatureUser", "DNAWSS");
outProps.put("encryptionParts", "{Element}{
http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body
");
outProps.put("encryptionSymAlgorithm", "
http://www.w3.org/2001/04/xmlenc#tripledes-cbc");
outProps.put("encryptionKeyTransportAlgorithm", "
http://www.w3.org/2001/04/xmlenc#rsa-1_5");
WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
//request
bus.getInInterceptors().add(wssOut);
bus.getInInterceptors().add(new SAAJOutInterceptor());
Map<String,Object> inProps= new HashMap<String,Object>();
inProps.put("action", "Timestamp Signature Encrypt");
inProps.put("signaturePropFile", "Client_Sign.properties");
inProps.put("passwordCallbackClass",
com.casa.wss.demo.UTPasswordCallback.class.getName());
inProps.put("decryptionPropFile", "Client_Sign.properties");
WSS4JInInterceptor wssIn = new WSS4JInInterceptor(inProps);
//response
bus.getInInterceptors().add(wssIn);
bus.getInInterceptors().add(new SAAJInInterceptor());
The signature parts are not the correct, but the error is previus (in other
test I put the correct parts).
My properties file:
org.apache.ws.security.crypto.merlin.keystore.type=JKS
org.apache.ws.security.crypto.merlin.keystore.password=dnawsscliente2
org.apache.ws.security.crypto.merlin.keystore.alias=dnawss
org.apache.ws.security.crypto.merlin.file=DNAWSSCliente.jks
The public and private key is into the same file.
I google and up to now, i didn't found a solution.
And the error:
log4j:WARN No appenders could be found for logger
(org.apache.cxf.bus.spring.BusApplicationContext).
log4j:WARN Please initialize the log4j system properly.
Dec 9, 2010 5:51:39 PM org.apache.cxf.bus.spring.BusApplicationContext
getConfigResources
INFO: Loaded configuration file
file:/home/jpp/JAVA/workspace/pruebaDNA8/build/classes/com/casa/wss/demo/wssec.xml.
Dec 9, 2010 5:55:39 PM
org.apache.cxf.service.factory.ReflectionServiceFactoryBean
buildServiceFromWSDL
INFO: Creating Service {http://tempuri.org/}MenStock from WSDL:
http://wss.aduanas.gub.uy/LuciaWsSecurity/Stock.svc?wsdl
Dec 9, 2010 5:55:41 PM
org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler
doSignBeforeEncrypt
WARNING: Sign before encryption failed due to : No signature username found.
Dec 9, 2010 5:55:41 PM org.apache.cxf.phase.PhaseInterceptorChain
doDefaultLogging
WARNING: Interceptor for {
http://tempuri.org/}MenStock#{http://tempuri.org/}MensajeStock has thrown
exception, unwinding now
org.apache.cxf.interceptor.Fault: No signature username found.
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:145)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:90)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:139)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:77)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
at $Proxy43.mensajeStock(Unknown Source)
at com.casa.wss.demo.Client.main(Client.java:177)
Caused by: org.apache.cxf.ws.policy.PolicyException: No signature username
found.
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:283)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.getSignatureBuider(AbstractBindingBuilder.java:1349)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignature(AsymmetricBindingHandler.java:395)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:107)
... 11 more
javax.xml.ws.soap.SOAPFaultException: No signature username found.
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:146)
at $Proxy43.mensajeStock(Unknown Source)
at com.casa.wss.demo.Client.main(Client.java:177)
Caused by: org.apache.cxf.ws.policy.PolicyException: No signature username
found.
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:283)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.getSignatureBuider(AbstractBindingBuilder.java:1349)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignature(AsymmetricBindingHandler.java:395)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:107)
at
org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:90)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:139)
at
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:77)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
... 2 more
Re: No signature username found.
Posted by Juan Pablo Pizarro <ju...@gmail.com>.
I used the alias name and create the skeleton with a beta snapshot in that
moment.
Regards,
JP
2011/7/25 Vivek Alampally <vi...@gmail.com>
> Hi Devajyoti, Am I the intended recipient of the message?
>
> On Mon, Jul 25, 2011 at 2:10 PM, Dev <de...@gmail.com> wrote:
>
> > So what was the final resolution to this issue? How did you manage to get
> > things
> > going.
> >
> >
>
Re: No signature username found.
Posted by Vivek Alampally <vi...@gmail.com>.
Hi Devajyoti, Am I the intended recipient of the message?
On Mon, Jul 25, 2011 at 2:10 PM, Dev <de...@gmail.com> wrote:
> So what was the final resolution to this issue? How did you manage to get
> things
> going.
>
>
Re: No signature username found.
Posted by Dev <de...@gmail.com>.
So what was the final resolution to this issue? How did you manage to get things
going.
Re: No signature username found.
Posted by Juan Pablo Pizarro <ju...@gmail.com>.
I send you the result. I tried to use the alias
"le-60dca1be-5393-48b3-bbc3-0dfb1ab40d25" before, but nothing (same
exception).
I change to:
outProps.put("user", "le-60dca1be-5393-48b3-bbc3-0dfb1ab40d25");
outProps.put("signatureUser",
"le-60dca1be-5393-48b3-bbc3-0dfb1ab40d25");
Thanks.
The command result.
jpp@server-lnx:~/JAVA/workspace/pruebaDNA8/src$ keytool -list -keystore
DNAWSSCliente.pfx -storetype pkcs12 -v
Enter keystore password:
Keystore type: PKCS12
Keystore provider: SunJSSE
Your keystore contains 1 entry
Alias name: le-60dca1be-5393-48b3-bbc3-0dfb1ab40d25
Creation date: Dec 13, 2010
Entry type: PrivateKeyEntry
Certificate chain length: 2
Certificate[1]:
Owner: CN=DNAWSSCliente, OU=Aborrar, DC=aduanas, DC=gub, DC=uy
Issuer: CN=Certificador, DC=aduanas, DC=gub, DC=uy
Serial number: 268661e500040000004e
Valid from: Fri Oct 22 15:44:04 ART 2010 until: Sat Oct 22 15:44:04 ART 2011
Certificate fingerprints:
MD5: 17:AC:06:FF:0A:4A:7E:00:A6:13:4F:BD:AC:CE:1D:51
SHA1: 33:6C:62:1A:E2:BF:46:F7:11:F1:6E:D5:39:6E:C7:66:6E:0D:D5:B7
Signature algorithm name: SHA1withRSA
Version: 3
Extensions:
#1: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_Encipherment
]
#2: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: 41 FF EB F8 9F 28 27 D1 47 D8 28 AD 7D BD 11 5A A....('.G.(....Z
0010: 91 0D C9 9E ....
]
]
#3: ObjectId: 1.2.840.113549.1.9.15 Criticality=false
#4: ObjectId: 1.3.6.1.4.1.311.20.2 Criticality=false
#5: ObjectId: 1.3.6.1.5.5.7.1.1 Criticality=false
AuthorityInfoAccess [
[
accessMethod: caIssuers
accessLocation: URIName:
ldap:///CN=Certificador,CN=AIA,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=aduanas,DC=gub,DC=uy?cACertificate?base?objectClass=certificationAuthority,
accessMethod: caIssuers
accessLocation: URIName:
http://monte016.aduanas.gub.uy/CertEnroll/Monte016.aduanas.gub.uy_Certificador(4).crt
]
]
#6: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName:
ldap:///CN=Certificador(4),CN=Monte016,CN=CDP,CN=Public%20Key%20Services,CN=Services,CN=Configuration,DC=aduanas,DC=gub,DC=uy?certificateRevocationList?base?objectClass=cRLDistributionPoint,
URIName: http://monte016.aduanas.gub.uy/CertEnroll/Certificador(4).crl]
]]
#7: ObjectId: 2.5.29.37 Criticality=false
ExtendedKeyUsages [
1.3.6.1.4.1.311.10.3.4
emailProtection
clientAuth
]
#8: ObjectId: 2.5.29.35 Criticality=false
AuthorityKeyIdentifier [
KeyIdentifier [
0000: D8 C4 FF AE F7 0C 61 89 70 6C 09 F3 33 63 F6 EA ......a.pl..3c..
0010: 36 D7 99 A9 6...
]
]
#9: ObjectId: 2.5.29.17 Criticality=false
SubjectAlternativeName [
Other-Name: Unrecognized ObjectIdentifier: 1.3.6.1.4.1.311.20.2.3
]
Certificate[2]:
Owner: CN=Certificador, DC=aduanas, DC=gub, DC=uy
Issuer: CN=Certificador, DC=aduanas, DC=gub, DC=uy
Serial number: 60d1458d0d7b590405962aeab092e11
Valid from: Mon Apr 12 16:32:27 ART 2010 until: Sun Apr 12 16:41:11 ART 2015
Certificate fingerprints:
MD5: A1:BC:FC:07:17:0A:AF:C6:0B:06:B7:8F:17:C1:40:BE
SHA1: C3:72:5F:CA:A8:49:22:FE:49:85:01:4A:A7:CB:15:48:ED:6E:63:7C
Signature algorithm name: SHA1withRSA
Version: 3
Extensions:
#1: ObjectId: 2.5.29.19 Criticality=true
BasicConstraints:[
CA:true
PathLen:2147483647
]
#2: ObjectId: 1.3.6.1.4.1.311.21.2 Criticality=false
#3: ObjectId: 2.5.29.15 Criticality=false
KeyUsage [
DigitalSignature
Key_CertSign
Crl_Sign
]
#4: ObjectId: 2.5.29.14 Criticality=false
SubjectKeyIdentifier [
KeyIdentifier [
0000: D8 C4 FF AE F7 0C 61 89 70 6C 08 F3 33 63 F6 EA ......a.pl..3c..
0010: 36 D7 99 A9 6...
]
]
#5: ObjectId: 1.3.6.1.4.1.311.21.1 Criticality=false
#6: ObjectId: 1.3.6.1.4.1.311.20.2 Criticality=false
#7: ObjectId: 2.5.29.31 Criticality=false
CRLDistributionPoints [
[DistributionPoint:
[URIName:
http://certificador.aduanas.gub.uy/CertEnroll/Certificador(3).crl]
]]
*******************************************
*******************************************
jpp@server-lnx:~/JAVA/workspace/pruebaDNA8/src$
2010/12/13 Colm O hEigeartaigh <co...@apache.org>
> It might be a problem with the pkcs12 keystore, in that the user name
> you're supplying does not correspond with the keystore alias. Some pfx
> files do not have the alias set properly, and hence the alias shows up
> in keytool as "1" or "2".
>
> Can you post the output from the following command?
>
> keytool -list -keystore DNAWSSCliente.pfx -storetype pkcs12 -v
>
> There is more information on this archived thread:
>
> http://www.opensubscriber.com/message/wss4j-dev@ws.apache.org/9523959.html
>
> Colm.
>
> On Fri, Dec 10, 2010 at 9:17 PM, Juan Pablo Pizarro
> <ju...@gmail.com> wrote:
> > Hello All, I've tried adapting the sample (client) and it doesn't work
> for
> > me. I use to test soapUI and the windows keystore (pfx) and it works.
> >
> > The exception is:
> >
> > Caused by: org.apache.ws.security.WSSecurityException: Error during
> > Signature: ; nested exception is:
> > org.apache.ws.security.WSSecurityException: General security error (No
> > certificates for user dnawsscliente were found for signature)
> > at
> >
> org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:67)
> > at
> >
> org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:205)
> > at
> >
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:50)
> > at
> >
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:257)
> > at
> >
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:134)
> > at
> >
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247)
> > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
> > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
> > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
> > at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
> > at
> > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
> > ... 2 more
> > Caused by: org.apache.ws.security.WSSecurityException: General security
> > error (No certificates for user dnawsscliente were found for signature)
> > at
> >
> org.apache.ws.security.message.WSSecSignature.prepare(WSSecSignature.java:316)
> > at
> >
> org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:760)
> > at
> >
> org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:64)
> > ... 12 more
> >
> >
> > My new code:
> >
> > SpringBusFactory bf = new SpringBusFactory();
> > URL busFile = Client.class.getResource("wssec.xml");
> > Bus bus = bf.createBus(busFile.toString());
> > SpringBusFactory.setDefaultBus(bus);
> >
> > Map<String, Object> outProps = new HashMap<String, Object>();
> > outProps.put("action", "Timestamp Signature");
> >
> > outProps.put("passwordType", "PasswordDigest");
> > outProps.put("user", "dnawsscliente");
> > outProps.put("signatureUser", "dnawsscliente");
> > outProps.put("passwordCallbackClass",
> > com.casa.wss.demo.UTPasswordCallback.class.getName());
> >
> > outProps.put("signaturePropFile", "Client_Sign.properties");
> > outProps.put("signatureKeyIdentifier", "DirectReference");
> > String signatureParts = "{}{
> >
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd%7DTimestamp>
> ;"
> > +
> > "{}{http://www.w3.org/2005/08/addressing}Action<http://www.w3.org/2005/08/addressing%7DAction>;"
> +
> > "{}{http://www.w3.org/2005/08/addressing}ReplyTo<http://www.w3.org/2005/08/addressing%7DReplyTo>;"
> +
> > "{}{http://www.w3.org/2005/08/addressing}MessageID<http://www.w3.org/2005/08/addressing%7DMessageID>;"
> +
> > "{}{http://www.w3.org/2005/08/addressing}To<http://www.w3.org/2005/08/addressing%7DTo>
> ";
> > outProps.put("signatureParts", signatureParts);
> >
> > bus.getOutInterceptors().add(new
> WSS4JOutInterceptor(outProps));
> >
> > final QName SERVICE_NAME = new QName("http://tempuri.org/",
> > "MenStock");
> > MenStock ss = new MenStock(MenStock.WSDL_LOCATION,
> > SERVICE_NAME);
> > IStock port = ss.getCustomBindingIStock();
> >
> > System.out.println("Invoking mensajeStock...");
> > org.datacontract.schemas._2004._07.wcf_stock.Stock stock = new
> > org.datacontract.schemas._2004._07.wcf_stock.Stock();
> >
> >
> >
> javax.xml.bind.JAXBElement<org.datacontract.schemas._2004._07.wcf_stock.ArrayOfStockEntrada>
> > stockEntradas = null;
> > stockEntradas = createArrayOfStockEntrada();
> > stock.setEntradas(stockEntradas);
> > Object response = port.mensajeStock(stock);
> > System.out.println("response: " + response + "\n");
> >
> > My properties:
> >
> >
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
> > org.apache.ws.security.crypto.merlin.file=DNAWSSCliente.pfx
> > org.apache.ws.security.crypto.merlin.keystore.type=PKCS12
> > org.apache.ws.security.crypto.merlin.keystore.password=dnawsscliente2
> > org.apache.ws.security.crypto.merlin.keystore.alias=DNAWSSCliente
> > #org.apache.ws.security.crypto.merlin.alias.password=XXXX
> >
> >
> > I'm not understand what I'm doing wrong in my code, could you use a PFX
> with
> > CXF and singning (not encrypting)?. Why it works with soapUI and not with
> > CXF?
> >
> > The service was constructed with C#.
> >
> > Thanks.
> >
> > JP
> >
> >
> >
> > 2010/12/9 Juan Pablo Pizarro <ju...@gmail.com>
> >
> >> Hello Freeman,
> >>
> >> Thanks for your advice, I'll check it out. I've the merlin line into the
> >> properties file and I play with the alias name (I show the aliases in my
> >> keystore and play with the alias names).
> >>
> >> I'll check the example.
> >>
> >> Thanks!
> >>
> >>
> >> 2010/12/9 Freeman Fang <fr...@gmail.com>
> >>
> >> Hi,
> >>>
> >>> We actually have a ws_security/sign_enc example shipped with kit which
> >>> should exactly match your scenario, you may need check that example to
> see
> >>> the difference with your code and figure out why your code doesn't
> work.
> >>> And my other comment inline.
> >>>
> >>> On 2010-12-10, at 上午4:27, Juan Pablo Pizarro wrote:
> >>>
> >>> Hello everybody, I'm trying to use X509 certificate to sign/encrypt a
> >>>> request. I have JDK6 (of Oracle/Sun), Eclipse helios, LInux Ubuntu 9.4
> >>>> and
> >>>> CXF 2.4 SNAPSHOT.
> >>>>
> >>>> My config is:
> >>>>
> >>>> SpringBusFactory bf = new SpringBusFactory();
> >>>> URL busFile = Client.class.getResource("wssec.xml");
> >>>> Bus bus = bf.createBus(busFile.toString());
> >>>> SpringBusFactory.setDefaultBus(bus);
> >>>>
> >>>> Map<String,Object> outProps = new HashMap<String,Object>();
> >>>> outProps.put("action", "Timestamp Signature Encrypt");
> >>>> outProps.put("user", "DNAWSSCliente");
> >>>> outProps.put("signaturePropFile", "Client_Sign.properties");
> >>>> outProps.put("signatureKeyIdentifier", "DirectReference");
> >>>> outProps.put("passwordCallbackClass",
> >>>> com.casa.wss.demo.UTPasswordCallback.class.getName());
> >>>> outProps.put("signatureParts", "{Element}{
> >>>>
> >>>>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd%7DTimestamp;%7BElement%7D%7Bhttp://schemas.xmlsoap.org/soap/envelope/%7DBody>
> <
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd%7DTimestamp%3B%7BElement%7D%7Bhttp://schemas.xmlsoap.org/soap/envelope/%7DBody
> >
> >>>> ");
> >>>> outProps.put("encryptionPropFile",
> "Client_Sign.properties");
> >>>> outProps.put("encryptionUser", "DNAWSSCliente");
> >>>> outProps.put("signatureUser", "DNAWSS");
> >>>> outProps.put("encryptionParts", "{Element}{
> >>>>
> >>>>
> http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body<http://www.w3.org/2000/09/xmldsig#%7DSignature;%7BContent%7D%7Bhttp://schemas.xmlsoap.org/soap/envelope/%7DBody>
> <
> http://www.w3.org/2000/09/xmldsig#%7DSignature%3B%7BContent%7D%7Bhttp://schemas.xmlsoap.org/soap/envelope/%7DBody
> >
> >>>> ");
> >>>> outProps.put("encryptionSymAlgorithm", "
> >>>> http://www.w3.org/2001/04/xmlenc#tripledes-cbc");
> >>>> outProps.put("encryptionKeyTransportAlgorithm", "
> >>>> http://www.w3.org/2001/04/xmlenc#rsa-1_5");
> >>>> WSS4JOutInterceptor wssOut = new
> WSS4JOutInterceptor(outProps);
> >>>> //request
> >>>> bus.getInInterceptors().add(wssOut);
> >>>> bus.getInInterceptors().add(new SAAJOutInterceptor());
> >>>>
> >>>> Map<String,Object> inProps= new HashMap<String,Object>();
> >>>> inProps.put("action", "Timestamp Signature Encrypt");
> >>>> inProps.put("signaturePropFile", "Client_Sign.properties");
> >>>> inProps.put("passwordCallbackClass",
> >>>> com.casa.wss.demo.UTPasswordCallback.class.getName());
> >>>> inProps.put("decryptionPropFile", "Client_Sign.properties");
> >>>> WSS4JInInterceptor wssIn = new WSS4JInInterceptor(inProps);
> >>>> //response
> >>>> bus.getInInterceptors().add(wssIn);
> >>>> bus.getInInterceptors().add(new SAAJInInterceptor());
> >>>>
> >>>> The signature parts are not the correct, but the error is previus (in
> >>>> other
> >>>> test I put the correct parts).
> >>>>
> >>>> My properties file:
> >>>>
> >>> I think here you miss
> >>>
> >>>
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
> >>>
> >>>
> >>>
> >>>> org.apache.ws.security.crypto.merlin.keystore.type=JKS
> >>>> org.apache.ws.security.crypto.merlin.keystore.password=dnawsscliente2
> >>>> org.apache.ws.security.crypto.merlin.keystore.alias=dnawss
> >>>>
> >>>
> >>> and how about change to
> >>> org.apache.ws.security.crypto.merlin.keystore.alias= DNAWSSCliente
> >>>
> >>> Freeman
> >>>
> >>>
> >>> org.apache.ws.security.crypto.merlin.file=DNAWSSCliente.jks
> >>>>
> >>>> The public and private key is into the same file.
> >>>>
> >>>> I google and up to now, i didn't found a solution.
> >>>>
> >>>> And the error:
> >>>>
> >>>> log4j:WARN No appenders could be found for logger
> >>>> (org.apache.cxf.bus.spring.BusApplicationContext).
> >>>> log4j:WARN Please initialize the log4j system properly.
> >>>> Dec 9, 2010 5:51:39 PM org.apache.cxf.bus.spring.BusApplicationContext
> >>>> getConfigResources
> >>>> INFO: Loaded configuration file
> >>>>
> >>>>
> file:/home/jpp/JAVA/workspace/pruebaDNA8/build/classes/com/casa/wss/demo/wssec.xml.
> >>>> Dec 9, 2010 5:55:39 PM
> >>>> org.apache.cxf.service.factory.ReflectionServiceFactoryBean
> >>>> buildServiceFromWSDL
> >>>> INFO: Creating Service {http://tempuri.org/}MenStock<http://tempuri.org/%7DMenStock>
> <http://tempuri.org/%7DMenStock>from WSDL:
> >>>> http://wss.aduanas.gub.uy/LuciaWsSecurity/Stock.svc?wsdl
> >>>> Dec 9, 2010 5:55:41 PM
> >>>>
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler
> >>>> doSignBeforeEncrypt
> >>>> WARNING: Sign before encryption failed due to : No signature username
> >>>> found.
> >>>> Dec 9, 2010 5:55:41 PM org.apache.cxf.phase.PhaseInterceptorChain
> >>>> doDefaultLogging
> >>>> WARNING: Interceptor for {
> >>>> http://tempuri.org/}MenStock#{http://tempuri.org/}MensajeStock<http://tempuri.org/%7DMenStock#%7Bhttp://tempuri.org/%7DMensajeStock>
> <http://tempuri.org/%7DMenStock#%7Bhttp://tempuri.org/%7DMensajeStock>has
> thrown
> >>>> exception, unwinding now
> >>>> org.apache.cxf.interceptor.Fault: No signature username found.
> >>>> at
> >>>>
> >>>>
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:145)
> >>>> at
> >>>>
> >>>>
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:90)
> >>>> at
> >>>>
> >>>>
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:139)
> >>>> at
> >>>>
> >>>>
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:77)
> >>>> at
> >>>>
> >>>>
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247)
> >>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
> >>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
> >>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
> >>>> at
> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
> >>>> at
> >>>>
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
> >>>> at $Proxy43.mensajeStock(Unknown Source)
> >>>> at com.casa.wss.demo.Client.main(Client.java:177)
> >>>> Caused by: org.apache.cxf.ws.policy.PolicyException: No signature
> >>>> username
> >>>> found.
> >>>> at
> >>>>
> >>>>
> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:283)
> >>>> at
> >>>>
> >>>>
> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.getSignatureBuider(AbstractBindingBuilder.java:1349)
> >>>> at
> >>>>
> >>>>
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignature(AsymmetricBindingHandler.java:395)
> >>>> at
> >>>>
> >>>>
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:107)
> >>>> ... 11 more
> >>>> javax.xml.ws.soap.SOAPFaultException: No signature username found.
> >>>> at
> >>>>
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:146)
> >>>> at $Proxy43.mensajeStock(Unknown Source)
> >>>> at com.casa.wss.demo.Client.main(Client.java:177)
> >>>> Caused by: org.apache.cxf.ws.policy.PolicyException: No signature
> >>>> username
> >>>> found.
> >>>> at
> >>>>
> >>>>
> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:283)
> >>>> at
> >>>>
> >>>>
> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.getSignatureBuider(AbstractBindingBuilder.java:1349)
> >>>> at
> >>>>
> >>>>
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignature(AsymmetricBindingHandler.java:395)
> >>>> at
> >>>>
> >>>>
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:107)
> >>>> at
> >>>>
> >>>>
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:90)
> >>>> at
> >>>>
> >>>>
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:139)
> >>>> at
> >>>>
> >>>>
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:77)
> >>>> at
> >>>>
> >>>>
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247)
> >>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
> >>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
> >>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
> >>>> at
> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
> >>>> at
> >>>>
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
> >>>> ... 2 more
> >>>>
> >>>
> >>>
> >>> --
> >>> Freeman Fang
> >>>
> >>> ------------------------
> >>>
> >>> FuseSource: http://fusesource.com
> >>> blog: http://freemanfang.blogspot.com
> >>> twitter: http://twitter.com/freemanfang
> >>> Apache Servicemix:http://servicemix.apache.org
> >>> Apache Cxf: http://cxf.apache.org
> >>> Apache Karaf: http://karaf.apache.org
> >>> Apache Felix: http://felix.apache.org
> >>>
> >>>
> >>
> >
>
Re: No signature username found.
Posted by Colm O hEigeartaigh <co...@apache.org>.
It might be a problem with the pkcs12 keystore, in that the user name
you're supplying does not correspond with the keystore alias. Some pfx
files do not have the alias set properly, and hence the alias shows up
in keytool as "1" or "2".
Can you post the output from the following command?
keytool -list -keystore DNAWSSCliente.pfx -storetype pkcs12 -v
There is more information on this archived thread:
http://www.opensubscriber.com/message/wss4j-dev@ws.apache.org/9523959.html
Colm.
On Fri, Dec 10, 2010 at 9:17 PM, Juan Pablo Pizarro
<ju...@gmail.com> wrote:
> Hello All, I've tried adapting the sample (client) and it doesn't work for
> me. I use to test soapUI and the windows keystore (pfx) and it works.
>
> The exception is:
>
> Caused by: org.apache.ws.security.WSSecurityException: Error during
> Signature: ; nested exception is:
> org.apache.ws.security.WSSecurityException: General security error (No
> certificates for user dnawsscliente were found for signature)
> at
> org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:67)
> at
> org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:205)
> at
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:50)
> at
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:257)
> at
> org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:134)
> at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
> at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
> at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
> ... 2 more
> Caused by: org.apache.ws.security.WSSecurityException: General security
> error (No certificates for user dnawsscliente were found for signature)
> at
> org.apache.ws.security.message.WSSecSignature.prepare(WSSecSignature.java:316)
> at
> org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:760)
> at
> org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:64)
> ... 12 more
>
>
> My new code:
>
> SpringBusFactory bf = new SpringBusFactory();
> URL busFile = Client.class.getResource("wssec.xml");
> Bus bus = bf.createBus(busFile.toString());
> SpringBusFactory.setDefaultBus(bus);
>
> Map<String, Object> outProps = new HashMap<String, Object>();
> outProps.put("action", "Timestamp Signature");
>
> outProps.put("passwordType", "PasswordDigest");
> outProps.put("user", "dnawsscliente");
> outProps.put("signatureUser", "dnawsscliente");
> outProps.put("passwordCallbackClass",
> com.casa.wss.demo.UTPasswordCallback.class.getName());
>
> outProps.put("signaturePropFile", "Client_Sign.properties");
> outProps.put("signatureKeyIdentifier", "DirectReference");
> String signatureParts = "{}{
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;"
> +
> "{}{http://www.w3.org/2005/08/addressing}Action;" +
> "{}{http://www.w3.org/2005/08/addressing}ReplyTo;" +
> "{}{http://www.w3.org/2005/08/addressing}MessageID;" +
> "{}{http://www.w3.org/2005/08/addressing}To";
> outProps.put("signatureParts", signatureParts);
>
> bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
>
> final QName SERVICE_NAME = new QName("http://tempuri.org/",
> "MenStock");
> MenStock ss = new MenStock(MenStock.WSDL_LOCATION,
> SERVICE_NAME);
> IStock port = ss.getCustomBindingIStock();
>
> System.out.println("Invoking mensajeStock...");
> org.datacontract.schemas._2004._07.wcf_stock.Stock stock = new
> org.datacontract.schemas._2004._07.wcf_stock.Stock();
>
>
> javax.xml.bind.JAXBElement<org.datacontract.schemas._2004._07.wcf_stock.ArrayOfStockEntrada>
> stockEntradas = null;
> stockEntradas = createArrayOfStockEntrada();
> stock.setEntradas(stockEntradas);
> Object response = port.mensajeStock(stock);
> System.out.println("response: " + response + "\n");
>
> My properties:
>
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
> org.apache.ws.security.crypto.merlin.file=DNAWSSCliente.pfx
> org.apache.ws.security.crypto.merlin.keystore.type=PKCS12
> org.apache.ws.security.crypto.merlin.keystore.password=dnawsscliente2
> org.apache.ws.security.crypto.merlin.keystore.alias=DNAWSSCliente
> #org.apache.ws.security.crypto.merlin.alias.password=XXXX
>
>
> I'm not understand what I'm doing wrong in my code, could you use a PFX with
> CXF and singning (not encrypting)?. Why it works with soapUI and not with
> CXF?
>
> The service was constructed with C#.
>
> Thanks.
>
> JP
>
>
>
> 2010/12/9 Juan Pablo Pizarro <ju...@gmail.com>
>
>> Hello Freeman,
>>
>> Thanks for your advice, I'll check it out. I've the merlin line into the
>> properties file and I play with the alias name (I show the aliases in my
>> keystore and play with the alias names).
>>
>> I'll check the example.
>>
>> Thanks!
>>
>>
>> 2010/12/9 Freeman Fang <fr...@gmail.com>
>>
>> Hi,
>>>
>>> We actually have a ws_security/sign_enc example shipped with kit which
>>> should exactly match your scenario, you may need check that example to see
>>> the difference with your code and figure out why your code doesn't work.
>>> And my other comment inline.
>>>
>>> On 2010-12-10, at 上午4:27, Juan Pablo Pizarro wrote:
>>>
>>> Hello everybody, I'm trying to use X509 certificate to sign/encrypt a
>>>> request. I have JDK6 (of Oracle/Sun), Eclipse helios, LInux Ubuntu 9.4
>>>> and
>>>> CXF 2.4 SNAPSHOT.
>>>>
>>>> My config is:
>>>>
>>>> SpringBusFactory bf = new SpringBusFactory();
>>>> URL busFile = Client.class.getResource("wssec.xml");
>>>> Bus bus = bf.createBus(busFile.toString());
>>>> SpringBusFactory.setDefaultBus(bus);
>>>>
>>>> Map<String,Object> outProps = new HashMap<String,Object>();
>>>> outProps.put("action", "Timestamp Signature Encrypt");
>>>> outProps.put("user", "DNAWSSCliente");
>>>> outProps.put("signaturePropFile", "Client_Sign.properties");
>>>> outProps.put("signatureKeyIdentifier", "DirectReference");
>>>> outProps.put("passwordCallbackClass",
>>>> com.casa.wss.demo.UTPasswordCallback.class.getName());
>>>> outProps.put("signatureParts", "{Element}{
>>>>
>>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd%7DTimestamp%3B%7BElement%7D%7Bhttp://schemas.xmlsoap.org/soap/envelope/%7DBody>
>>>> ");
>>>> outProps.put("encryptionPropFile", "Client_Sign.properties");
>>>> outProps.put("encryptionUser", "DNAWSSCliente");
>>>> outProps.put("signatureUser", "DNAWSS");
>>>> outProps.put("encryptionParts", "{Element}{
>>>>
>>>> http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body<http://www.w3.org/2000/09/xmldsig#%7DSignature%3B%7BContent%7D%7Bhttp://schemas.xmlsoap.org/soap/envelope/%7DBody>
>>>> ");
>>>> outProps.put("encryptionSymAlgorithm", "
>>>> http://www.w3.org/2001/04/xmlenc#tripledes-cbc");
>>>> outProps.put("encryptionKeyTransportAlgorithm", "
>>>> http://www.w3.org/2001/04/xmlenc#rsa-1_5");
>>>> WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
>>>> //request
>>>> bus.getInInterceptors().add(wssOut);
>>>> bus.getInInterceptors().add(new SAAJOutInterceptor());
>>>>
>>>> Map<String,Object> inProps= new HashMap<String,Object>();
>>>> inProps.put("action", "Timestamp Signature Encrypt");
>>>> inProps.put("signaturePropFile", "Client_Sign.properties");
>>>> inProps.put("passwordCallbackClass",
>>>> com.casa.wss.demo.UTPasswordCallback.class.getName());
>>>> inProps.put("decryptionPropFile", "Client_Sign.properties");
>>>> WSS4JInInterceptor wssIn = new WSS4JInInterceptor(inProps);
>>>> //response
>>>> bus.getInInterceptors().add(wssIn);
>>>> bus.getInInterceptors().add(new SAAJInInterceptor());
>>>>
>>>> The signature parts are not the correct, but the error is previus (in
>>>> other
>>>> test I put the correct parts).
>>>>
>>>> My properties file:
>>>>
>>> I think here you miss
>>>
>>> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
>>>
>>>
>>>
>>>> org.apache.ws.security.crypto.merlin.keystore.type=JKS
>>>> org.apache.ws.security.crypto.merlin.keystore.password=dnawsscliente2
>>>> org.apache.ws.security.crypto.merlin.keystore.alias=dnawss
>>>>
>>>
>>> and how about change to
>>> org.apache.ws.security.crypto.merlin.keystore.alias= DNAWSSCliente
>>>
>>> Freeman
>>>
>>>
>>> org.apache.ws.security.crypto.merlin.file=DNAWSSCliente.jks
>>>>
>>>> The public and private key is into the same file.
>>>>
>>>> I google and up to now, i didn't found a solution.
>>>>
>>>> And the error:
>>>>
>>>> log4j:WARN No appenders could be found for logger
>>>> (org.apache.cxf.bus.spring.BusApplicationContext).
>>>> log4j:WARN Please initialize the log4j system properly.
>>>> Dec 9, 2010 5:51:39 PM org.apache.cxf.bus.spring.BusApplicationContext
>>>> getConfigResources
>>>> INFO: Loaded configuration file
>>>>
>>>> file:/home/jpp/JAVA/workspace/pruebaDNA8/build/classes/com/casa/wss/demo/wssec.xml.
>>>> Dec 9, 2010 5:55:39 PM
>>>> org.apache.cxf.service.factory.ReflectionServiceFactoryBean
>>>> buildServiceFromWSDL
>>>> INFO: Creating Service {http://tempuri.org/}MenStock<http://tempuri.org/%7DMenStock>from WSDL:
>>>> http://wss.aduanas.gub.uy/LuciaWsSecurity/Stock.svc?wsdl
>>>> Dec 9, 2010 5:55:41 PM
>>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler
>>>> doSignBeforeEncrypt
>>>> WARNING: Sign before encryption failed due to : No signature username
>>>> found.
>>>> Dec 9, 2010 5:55:41 PM org.apache.cxf.phase.PhaseInterceptorChain
>>>> doDefaultLogging
>>>> WARNING: Interceptor for {
>>>> http://tempuri.org/}MenStock#{http://tempuri.org/}MensajeStock<http://tempuri.org/%7DMenStock#%7Bhttp://tempuri.org/%7DMensajeStock>has thrown
>>>> exception, unwinding now
>>>> org.apache.cxf.interceptor.Fault: No signature username found.
>>>> at
>>>>
>>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:145)
>>>> at
>>>>
>>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:90)
>>>> at
>>>>
>>>> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:139)
>>>> at
>>>>
>>>> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:77)
>>>> at
>>>>
>>>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247)
>>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
>>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
>>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
>>>> at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
>>>> at
>>>> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
>>>> at $Proxy43.mensajeStock(Unknown Source)
>>>> at com.casa.wss.demo.Client.main(Client.java:177)
>>>> Caused by: org.apache.cxf.ws.policy.PolicyException: No signature
>>>> username
>>>> found.
>>>> at
>>>>
>>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:283)
>>>> at
>>>>
>>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.getSignatureBuider(AbstractBindingBuilder.java:1349)
>>>> at
>>>>
>>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignature(AsymmetricBindingHandler.java:395)
>>>> at
>>>>
>>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:107)
>>>> ... 11 more
>>>> javax.xml.ws.soap.SOAPFaultException: No signature username found.
>>>> at
>>>> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:146)
>>>> at $Proxy43.mensajeStock(Unknown Source)
>>>> at com.casa.wss.demo.Client.main(Client.java:177)
>>>> Caused by: org.apache.cxf.ws.policy.PolicyException: No signature
>>>> username
>>>> found.
>>>> at
>>>>
>>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:283)
>>>> at
>>>>
>>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.getSignatureBuider(AbstractBindingBuilder.java:1349)
>>>> at
>>>>
>>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignature(AsymmetricBindingHandler.java:395)
>>>> at
>>>>
>>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:107)
>>>> at
>>>>
>>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:90)
>>>> at
>>>>
>>>> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:139)
>>>> at
>>>>
>>>> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:77)
>>>> at
>>>>
>>>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247)
>>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
>>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
>>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
>>>> at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
>>>> at
>>>> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
>>>> ... 2 more
>>>>
>>>
>>>
>>> --
>>> Freeman Fang
>>>
>>> ------------------------
>>>
>>> FuseSource: http://fusesource.com
>>> blog: http://freemanfang.blogspot.com
>>> twitter: http://twitter.com/freemanfang
>>> Apache Servicemix:http://servicemix.apache.org
>>> Apache Cxf: http://cxf.apache.org
>>> Apache Karaf: http://karaf.apache.org
>>> Apache Felix: http://felix.apache.org
>>>
>>>
>>
>
Re: No signature username found.
Posted by Juan Pablo Pizarro <ju...@gmail.com>.
Hello All, I've tried adapting the sample (client) and it doesn't work for
me. I use to test soapUI and the windows keystore (pfx) and it works.
The exception is:
Caused by: org.apache.ws.security.WSSecurityException: Error during
Signature: ; nested exception is:
org.apache.ws.security.WSSecurityException: General security error (No
certificates for user dnawsscliente were found for signature)
at
org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:67)
at
org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:205)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:50)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:257)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:134)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
... 2 more
Caused by: org.apache.ws.security.WSSecurityException: General security
error (No certificates for user dnawsscliente were found for signature)
at
org.apache.ws.security.message.WSSecSignature.prepare(WSSecSignature.java:316)
at
org.apache.ws.security.message.WSSecSignature.build(WSSecSignature.java:760)
at
org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:64)
... 12 more
My new code:
SpringBusFactory bf = new SpringBusFactory();
URL busFile = Client.class.getResource("wssec.xml");
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
Map<String, Object> outProps = new HashMap<String, Object>();
outProps.put("action", "Timestamp Signature");
outProps.put("passwordType", "PasswordDigest");
outProps.put("user", "dnawsscliente");
outProps.put("signatureUser", "dnawsscliente");
outProps.put("passwordCallbackClass",
com.casa.wss.demo.UTPasswordCallback.class.getName());
outProps.put("signaturePropFile", "Client_Sign.properties");
outProps.put("signatureKeyIdentifier", "DirectReference");
String signatureParts = "{}{
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;"
+
"{}{http://www.w3.org/2005/08/addressing}Action;" +
"{}{http://www.w3.org/2005/08/addressing}ReplyTo;" +
"{}{http://www.w3.org/2005/08/addressing}MessageID;" +
"{}{http://www.w3.org/2005/08/addressing}To";
outProps.put("signatureParts", signatureParts);
bus.getOutInterceptors().add(new WSS4JOutInterceptor(outProps));
final QName SERVICE_NAME = new QName("http://tempuri.org/",
"MenStock");
MenStock ss = new MenStock(MenStock.WSDL_LOCATION,
SERVICE_NAME);
IStock port = ss.getCustomBindingIStock();
System.out.println("Invoking mensajeStock...");
org.datacontract.schemas._2004._07.wcf_stock.Stock stock = new
org.datacontract.schemas._2004._07.wcf_stock.Stock();
javax.xml.bind.JAXBElement<org.datacontract.schemas._2004._07.wcf_stock.ArrayOfStockEntrada>
stockEntradas = null;
stockEntradas = createArrayOfStockEntrada();
stock.setEntradas(stockEntradas);
Object response = port.mensajeStock(stock);
System.out.println("response: " + response + "\n");
My properties:
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.file=DNAWSSCliente.pfx
org.apache.ws.security.crypto.merlin.keystore.type=PKCS12
org.apache.ws.security.crypto.merlin.keystore.password=dnawsscliente2
org.apache.ws.security.crypto.merlin.keystore.alias=DNAWSSCliente
#org.apache.ws.security.crypto.merlin.alias.password=XXXX
I'm not understand what I'm doing wrong in my code, could you use a PFX with
CXF and singning (not encrypting)?. Why it works with soapUI and not with
CXF?
The service was constructed with C#.
Thanks.
JP
2010/12/9 Juan Pablo Pizarro <ju...@gmail.com>
> Hello Freeman,
>
> Thanks for your advice, I'll check it out. I've the merlin line into the
> properties file and I play with the alias name (I show the aliases in my
> keystore and play with the alias names).
>
> I'll check the example.
>
> Thanks!
>
>
> 2010/12/9 Freeman Fang <fr...@gmail.com>
>
> Hi,
>>
>> We actually have a ws_security/sign_enc example shipped with kit which
>> should exactly match your scenario, you may need check that example to see
>> the difference with your code and figure out why your code doesn't work.
>> And my other comment inline.
>>
>> On 2010-12-10, at 上午4:27, Juan Pablo Pizarro wrote:
>>
>> Hello everybody, I'm trying to use X509 certificate to sign/encrypt a
>>> request. I have JDK6 (of Oracle/Sun), Eclipse helios, LInux Ubuntu 9.4
>>> and
>>> CXF 2.4 SNAPSHOT.
>>>
>>> My config is:
>>>
>>> SpringBusFactory bf = new SpringBusFactory();
>>> URL busFile = Client.class.getResource("wssec.xml");
>>> Bus bus = bf.createBus(busFile.toString());
>>> SpringBusFactory.setDefaultBus(bus);
>>>
>>> Map<String,Object> outProps = new HashMap<String,Object>();
>>> outProps.put("action", "Timestamp Signature Encrypt");
>>> outProps.put("user", "DNAWSSCliente");
>>> outProps.put("signaturePropFile", "Client_Sign.properties");
>>> outProps.put("signatureKeyIdentifier", "DirectReference");
>>> outProps.put("passwordCallbackClass",
>>> com.casa.wss.demo.UTPasswordCallback.class.getName());
>>> outProps.put("signatureParts", "{Element}{
>>>
>>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd%7DTimestamp%3B%7BElement%7D%7Bhttp://schemas.xmlsoap.org/soap/envelope/%7DBody>
>>> ");
>>> outProps.put("encryptionPropFile", "Client_Sign.properties");
>>> outProps.put("encryptionUser", "DNAWSSCliente");
>>> outProps.put("signatureUser", "DNAWSS");
>>> outProps.put("encryptionParts", "{Element}{
>>>
>>> http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body<http://www.w3.org/2000/09/xmldsig#%7DSignature%3B%7BContent%7D%7Bhttp://schemas.xmlsoap.org/soap/envelope/%7DBody>
>>> ");
>>> outProps.put("encryptionSymAlgorithm", "
>>> http://www.w3.org/2001/04/xmlenc#tripledes-cbc");
>>> outProps.put("encryptionKeyTransportAlgorithm", "
>>> http://www.w3.org/2001/04/xmlenc#rsa-1_5");
>>> WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
>>> //request
>>> bus.getInInterceptors().add(wssOut);
>>> bus.getInInterceptors().add(new SAAJOutInterceptor());
>>>
>>> Map<String,Object> inProps= new HashMap<String,Object>();
>>> inProps.put("action", "Timestamp Signature Encrypt");
>>> inProps.put("signaturePropFile", "Client_Sign.properties");
>>> inProps.put("passwordCallbackClass",
>>> com.casa.wss.demo.UTPasswordCallback.class.getName());
>>> inProps.put("decryptionPropFile", "Client_Sign.properties");
>>> WSS4JInInterceptor wssIn = new WSS4JInInterceptor(inProps);
>>> //response
>>> bus.getInInterceptors().add(wssIn);
>>> bus.getInInterceptors().add(new SAAJInInterceptor());
>>>
>>> The signature parts are not the correct, but the error is previus (in
>>> other
>>> test I put the correct parts).
>>>
>>> My properties file:
>>>
>> I think here you miss
>>
>> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
>>
>>
>>
>>> org.apache.ws.security.crypto.merlin.keystore.type=JKS
>>> org.apache.ws.security.crypto.merlin.keystore.password=dnawsscliente2
>>> org.apache.ws.security.crypto.merlin.keystore.alias=dnawss
>>>
>>
>> and how about change to
>> org.apache.ws.security.crypto.merlin.keystore.alias= DNAWSSCliente
>>
>> Freeman
>>
>>
>> org.apache.ws.security.crypto.merlin.file=DNAWSSCliente.jks
>>>
>>> The public and private key is into the same file.
>>>
>>> I google and up to now, i didn't found a solution.
>>>
>>> And the error:
>>>
>>> log4j:WARN No appenders could be found for logger
>>> (org.apache.cxf.bus.spring.BusApplicationContext).
>>> log4j:WARN Please initialize the log4j system properly.
>>> Dec 9, 2010 5:51:39 PM org.apache.cxf.bus.spring.BusApplicationContext
>>> getConfigResources
>>> INFO: Loaded configuration file
>>>
>>> file:/home/jpp/JAVA/workspace/pruebaDNA8/build/classes/com/casa/wss/demo/wssec.xml.
>>> Dec 9, 2010 5:55:39 PM
>>> org.apache.cxf.service.factory.ReflectionServiceFactoryBean
>>> buildServiceFromWSDL
>>> INFO: Creating Service {http://tempuri.org/}MenStock<http://tempuri.org/%7DMenStock>from WSDL:
>>> http://wss.aduanas.gub.uy/LuciaWsSecurity/Stock.svc?wsdl
>>> Dec 9, 2010 5:55:41 PM
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler
>>> doSignBeforeEncrypt
>>> WARNING: Sign before encryption failed due to : No signature username
>>> found.
>>> Dec 9, 2010 5:55:41 PM org.apache.cxf.phase.PhaseInterceptorChain
>>> doDefaultLogging
>>> WARNING: Interceptor for {
>>> http://tempuri.org/}MenStock#{http://tempuri.org/}MensajeStock<http://tempuri.org/%7DMenStock#%7Bhttp://tempuri.org/%7DMensajeStock>has thrown
>>> exception, unwinding now
>>> org.apache.cxf.interceptor.Fault: No signature username found.
>>> at
>>>
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:145)
>>> at
>>>
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:90)
>>> at
>>>
>>> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:139)
>>> at
>>>
>>> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:77)
>>> at
>>>
>>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247)
>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
>>> at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
>>> at
>>> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
>>> at $Proxy43.mensajeStock(Unknown Source)
>>> at com.casa.wss.demo.Client.main(Client.java:177)
>>> Caused by: org.apache.cxf.ws.policy.PolicyException: No signature
>>> username
>>> found.
>>> at
>>>
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:283)
>>> at
>>>
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.getSignatureBuider(AbstractBindingBuilder.java:1349)
>>> at
>>>
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignature(AsymmetricBindingHandler.java:395)
>>> at
>>>
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:107)
>>> ... 11 more
>>> javax.xml.ws.soap.SOAPFaultException: No signature username found.
>>> at
>>> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:146)
>>> at $Proxy43.mensajeStock(Unknown Source)
>>> at com.casa.wss.demo.Client.main(Client.java:177)
>>> Caused by: org.apache.cxf.ws.policy.PolicyException: No signature
>>> username
>>> found.
>>> at
>>>
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:283)
>>> at
>>>
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.getSignatureBuider(AbstractBindingBuilder.java:1349)
>>> at
>>>
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignature(AsymmetricBindingHandler.java:395)
>>> at
>>>
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:107)
>>> at
>>>
>>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:90)
>>> at
>>>
>>> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:139)
>>> at
>>>
>>> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:77)
>>> at
>>>
>>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247)
>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
>>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
>>> at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
>>> at
>>> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
>>> ... 2 more
>>>
>>
>>
>> --
>> Freeman Fang
>>
>> ------------------------
>>
>> FuseSource: http://fusesource.com
>> blog: http://freemanfang.blogspot.com
>> twitter: http://twitter.com/freemanfang
>> Apache Servicemix:http://servicemix.apache.org
>> Apache Cxf: http://cxf.apache.org
>> Apache Karaf: http://karaf.apache.org
>> Apache Felix: http://felix.apache.org
>>
>>
>
Re: No signature username found.
Posted by Juan Pablo Pizarro <ju...@gmail.com>.
Hello Freeman,
Thanks for your advice, I'll check it out. I've the merlin line into the
properties file and I play with the alias name (I show the aliases in my
keystore and play with the alias names).
I'll check the example.
Thanks!
2010/12/9 Freeman Fang <fr...@gmail.com>
> Hi,
>
> We actually have a ws_security/sign_enc example shipped with kit which
> should exactly match your scenario, you may need check that example to see
> the difference with your code and figure out why your code doesn't work.
> And my other comment inline.
>
> On 2010-12-10, at 上午4:27, Juan Pablo Pizarro wrote:
>
> Hello everybody, I'm trying to use X509 certificate to sign/encrypt a
>> request. I have JDK6 (of Oracle/Sun), Eclipse helios, LInux Ubuntu 9.4 and
>> CXF 2.4 SNAPSHOT.
>>
>> My config is:
>>
>> SpringBusFactory bf = new SpringBusFactory();
>> URL busFile = Client.class.getResource("wssec.xml");
>> Bus bus = bf.createBus(busFile.toString());
>> SpringBusFactory.setDefaultBus(bus);
>>
>> Map<String,Object> outProps = new HashMap<String,Object>();
>> outProps.put("action", "Timestamp Signature Encrypt");
>> outProps.put("user", "DNAWSSCliente");
>> outProps.put("signaturePropFile", "Client_Sign.properties");
>> outProps.put("signatureKeyIdentifier", "DirectReference");
>> outProps.put("passwordCallbackClass",
>> com.casa.wss.demo.UTPasswordCallback.class.getName());
>> outProps.put("signatureParts", "{Element}{
>>
>> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd%7DTimestamp%3B%7BElement%7D%7Bhttp://schemas.xmlsoap.org/soap/envelope/%7DBody>
>> ");
>> outProps.put("encryptionPropFile", "Client_Sign.properties");
>> outProps.put("encryptionUser", "DNAWSSCliente");
>> outProps.put("signatureUser", "DNAWSS");
>> outProps.put("encryptionParts", "{Element}{
>>
>> http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body<http://www.w3.org/2000/09/xmldsig#%7DSignature%3B%7BContent%7D%7Bhttp://schemas.xmlsoap.org/soap/envelope/%7DBody>
>> ");
>> outProps.put("encryptionSymAlgorithm", "
>> http://www.w3.org/2001/04/xmlenc#tripledes-cbc");
>> outProps.put("encryptionKeyTransportAlgorithm", "
>> http://www.w3.org/2001/04/xmlenc#rsa-1_5");
>> WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
>> //request
>> bus.getInInterceptors().add(wssOut);
>> bus.getInInterceptors().add(new SAAJOutInterceptor());
>>
>> Map<String,Object> inProps= new HashMap<String,Object>();
>> inProps.put("action", "Timestamp Signature Encrypt");
>> inProps.put("signaturePropFile", "Client_Sign.properties");
>> inProps.put("passwordCallbackClass",
>> com.casa.wss.demo.UTPasswordCallback.class.getName());
>> inProps.put("decryptionPropFile", "Client_Sign.properties");
>> WSS4JInInterceptor wssIn = new WSS4JInInterceptor(inProps);
>> //response
>> bus.getInInterceptors().add(wssIn);
>> bus.getInInterceptors().add(new SAAJInInterceptor());
>>
>> The signature parts are not the correct, but the error is previus (in
>> other
>> test I put the correct parts).
>>
>> My properties file:
>>
> I think here you miss
>
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
>
>
>
>> org.apache.ws.security.crypto.merlin.keystore.type=JKS
>> org.apache.ws.security.crypto.merlin.keystore.password=dnawsscliente2
>> org.apache.ws.security.crypto.merlin.keystore.alias=dnawss
>>
>
> and how about change to
> org.apache.ws.security.crypto.merlin.keystore.alias= DNAWSSCliente
>
> Freeman
>
>
> org.apache.ws.security.crypto.merlin.file=DNAWSSCliente.jks
>>
>> The public and private key is into the same file.
>>
>> I google and up to now, i didn't found a solution.
>>
>> And the error:
>>
>> log4j:WARN No appenders could be found for logger
>> (org.apache.cxf.bus.spring.BusApplicationContext).
>> log4j:WARN Please initialize the log4j system properly.
>> Dec 9, 2010 5:51:39 PM org.apache.cxf.bus.spring.BusApplicationContext
>> getConfigResources
>> INFO: Loaded configuration file
>>
>> file:/home/jpp/JAVA/workspace/pruebaDNA8/build/classes/com/casa/wss/demo/wssec.xml.
>> Dec 9, 2010 5:55:39 PM
>> org.apache.cxf.service.factory.ReflectionServiceFactoryBean
>> buildServiceFromWSDL
>> INFO: Creating Service {http://tempuri.org/}MenStock<http://tempuri.org/%7DMenStock>from WSDL:
>> http://wss.aduanas.gub.uy/LuciaWsSecurity/Stock.svc?wsdl
>> Dec 9, 2010 5:55:41 PM
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler
>> doSignBeforeEncrypt
>> WARNING: Sign before encryption failed due to : No signature username
>> found.
>> Dec 9, 2010 5:55:41 PM org.apache.cxf.phase.PhaseInterceptorChain
>> doDefaultLogging
>> WARNING: Interceptor for {
>> http://tempuri.org/}MenStock#{http://tempuri.org/}MensajeStock<http://tempuri.org/%7DMenStock#%7Bhttp://tempuri.org/%7DMensajeStock>has thrown
>> exception, unwinding now
>> org.apache.cxf.interceptor.Fault: No signature username found.
>> at
>>
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:145)
>> at
>>
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:90)
>> at
>>
>> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:139)
>> at
>>
>> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:77)
>> at
>>
>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247)
>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
>> at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
>> at
>> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
>> at $Proxy43.mensajeStock(Unknown Source)
>> at com.casa.wss.demo.Client.main(Client.java:177)
>> Caused by: org.apache.cxf.ws.policy.PolicyException: No signature username
>> found.
>> at
>>
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:283)
>> at
>>
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.getSignatureBuider(AbstractBindingBuilder.java:1349)
>> at
>>
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignature(AsymmetricBindingHandler.java:395)
>> at
>>
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:107)
>> ... 11 more
>> javax.xml.ws.soap.SOAPFaultException: No signature username found.
>> at
>> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:146)
>> at $Proxy43.mensajeStock(Unknown Source)
>> at com.casa.wss.demo.Client.main(Client.java:177)
>> Caused by: org.apache.cxf.ws.policy.PolicyException: No signature username
>> found.
>> at
>>
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:283)
>> at
>>
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.getSignatureBuider(AbstractBindingBuilder.java:1349)
>> at
>>
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignature(AsymmetricBindingHandler.java:395)
>> at
>>
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:107)
>> at
>>
>> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:90)
>> at
>>
>> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:139)
>> at
>>
>> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:77)
>> at
>>
>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247)
>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
>> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
>> at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
>> at
>> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
>> ... 2 more
>>
>
>
> --
> Freeman Fang
>
> ------------------------
>
> FuseSource: http://fusesource.com
> blog: http://freemanfang.blogspot.com
> twitter: http://twitter.com/freemanfang
> Apache Servicemix:http://servicemix.apache.org
> Apache Cxf: http://cxf.apache.org
> Apache Karaf: http://karaf.apache.org
> Apache Felix: http://felix.apache.org
>
>
Re: No signature username found.
Posted by Freeman Fang <fr...@gmail.com>.
Hi,
We actually have a ws_security/sign_enc example shipped with kit which
should exactly match your scenario, you may need check that example to
see the difference with your code and figure out why your code doesn't
work.
And my other comment inline.
On 2010-12-10, at 上午4:27, Juan Pablo Pizarro wrote:
> Hello everybody, I'm trying to use X509 certificate to sign/encrypt a
> request. I have JDK6 (of Oracle/Sun), Eclipse helios, LInux Ubuntu
> 9.4 and
> CXF 2.4 SNAPSHOT.
>
> My config is:
>
> SpringBusFactory bf = new SpringBusFactory();
> URL busFile = Client.class.getResource("wssec.xml");
> Bus bus = bf.createBus(busFile.toString());
> SpringBusFactory.setDefaultBus(bus);
>
> Map<String,Object> outProps = new HashMap<String,Object>();
> outProps.put("action", "Timestamp Signature Encrypt");
> outProps.put("user", "DNAWSSCliente");
> outProps.put("signaturePropFile",
> "Client_Sign.properties");
> outProps.put("signatureKeyIdentifier", "DirectReference");
> outProps.put("passwordCallbackClass",
> com.casa.wss.demo.UTPasswordCallback.class.getName());
> outProps.put("signatureParts", "{Element}{
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> }Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body
> ");
> outProps.put("encryptionPropFile",
> "Client_Sign.properties");
> outProps.put("encryptionUser", "DNAWSSCliente");
> outProps.put("signatureUser", "DNAWSS");
> outProps.put("encryptionParts", "{Element}{
> http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas.xmlsoap.org/soap/envelope/
> }Body
> ");
> outProps.put("encryptionSymAlgorithm", "
> http://www.w3.org/2001/04/xmlenc#tripledes-cbc");
> outProps.put("encryptionKeyTransportAlgorithm", "
> http://www.w3.org/2001/04/xmlenc#rsa-1_5");
> WSS4JOutInterceptor wssOut = new
> WSS4JOutInterceptor(outProps);
> //request
> bus.getInInterceptors().add(wssOut);
> bus.getInInterceptors().add(new SAAJOutInterceptor());
>
> Map<String,Object> inProps= new HashMap<String,Object>();
> inProps.put("action", "Timestamp Signature Encrypt");
> inProps.put("signaturePropFile", "Client_Sign.properties");
> inProps.put("passwordCallbackClass",
> com.casa.wss.demo.UTPasswordCallback.class.getName());
> inProps.put("decryptionPropFile",
> "Client_Sign.properties");
> WSS4JInInterceptor wssIn = new WSS4JInInterceptor(inProps);
> //response
> bus.getInInterceptors().add(wssIn);
> bus.getInInterceptors().add(new SAAJInInterceptor());
>
> The signature parts are not the correct, but the error is previus
> (in other
> test I put the correct parts).
>
> My properties file:
I think here you miss
org
.apache
.ws
.security
.crypto.provider=org.apache.ws.security.components.crypto.Merlin
>
> org.apache.ws.security.crypto.merlin.keystore.type=JKS
> org.apache.ws.security.crypto.merlin.keystore.password=dnawsscliente2
> org.apache.ws.security.crypto.merlin.keystore.alias=dnawss
and how about change to
org.apache.ws.security.crypto.merlin.keystore.alias= DNAWSSCliente
Freeman
> org.apache.ws.security.crypto.merlin.file=DNAWSSCliente.jks
>
> The public and private key is into the same file.
>
> I google and up to now, i didn't found a solution.
>
> And the error:
>
> log4j:WARN No appenders could be found for logger
> (org.apache.cxf.bus.spring.BusApplicationContext).
> log4j:WARN Please initialize the log4j system properly.
> Dec 9, 2010 5:51:39 PM org.apache.cxf.bus.spring.BusApplicationContext
> getConfigResources
> INFO: Loaded configuration file
> file:/home/jpp/JAVA/workspace/pruebaDNA8/build/classes/com/casa/wss/
> demo/wssec.xml.
> Dec 9, 2010 5:55:39 PM
> org.apache.cxf.service.factory.ReflectionServiceFactoryBean
> buildServiceFromWSDL
> INFO: Creating Service {http://tempuri.org/}MenStock from WSDL:
> http://wss.aduanas.gub.uy/LuciaWsSecurity/Stock.svc?wsdl
> Dec 9, 2010 5:55:41 PM
> org
> .apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler
> doSignBeforeEncrypt
> WARNING: Sign before encryption failed due to : No signature
> username found.
> Dec 9, 2010 5:55:41 PM org.apache.cxf.phase.PhaseInterceptorChain
> doDefaultLogging
> WARNING: Interceptor for {
> http://tempuri.org/}MenStock#{http://tempuri.org/}MensajeStock has
> thrown
> exception, unwinding now
> org.apache.cxf.interceptor.Fault: No signature username found.
> at
> org
> .apache
> .cxf
> .ws
> .security
> .wss4j
> .policyhandlers
> .AsymmetricBindingHandler
> .doSignBeforeEncrypt(AsymmetricBindingHandler.java:145)
> at
> org
> .apache
> .cxf
> .ws
> .security
> .wss4j
> .policyhandlers
> .AsymmetricBindingHandler
> .handleBinding(AsymmetricBindingHandler.java:90)
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor
> $
> PolicyBasedWSS4JOutInterceptorInternal
> .handleMessage(PolicyBasedWSS4JOutInterceptor.java:139)
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor
> $
> PolicyBasedWSS4JOutInterceptorInternal
> .handleMessage(PolicyBasedWSS4JOutInterceptor.java:77)
> at
> org
> .apache
> .cxf
> .phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:
> 247)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
> at
> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
> at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:
> 124)
> at $Proxy43.mensajeStock(Unknown Source)
> at com.casa.wss.demo.Client.main(Client.java:177)
> Caused by: org.apache.cxf.ws.policy.PolicyException: No signature
> username
> found.
> at
> org
> .apache
> .cxf
> .ws
> .security
> .wss4j
> .policyhandlers
> .AbstractBindingBuilder
> .policyNotAsserted(AbstractBindingBuilder.java:283)
> at
> org
> .apache
> .cxf
> .ws
> .security
> .wss4j
> .policyhandlers
> .AbstractBindingBuilder
> .getSignatureBuider(AbstractBindingBuilder.java:1349)
> at
> org
> .apache
> .cxf
> .ws
> .security
> .wss4j
> .policyhandlers
> .AsymmetricBindingHandler.doSignature(AsymmetricBindingHandler.java:
> 395)
> at
> org
> .apache
> .cxf
> .ws
> .security
> .wss4j
> .policyhandlers
> .AsymmetricBindingHandler
> .doSignBeforeEncrypt(AsymmetricBindingHandler.java:107)
> ... 11 more
> javax.xml.ws.soap.SOAPFaultException: No signature username found.
> at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:
> 146)
> at $Proxy43.mensajeStock(Unknown Source)
> at com.casa.wss.demo.Client.main(Client.java:177)
> Caused by: org.apache.cxf.ws.policy.PolicyException: No signature
> username
> found.
> at
> org
> .apache
> .cxf
> .ws
> .security
> .wss4j
> .policyhandlers
> .AbstractBindingBuilder
> .policyNotAsserted(AbstractBindingBuilder.java:283)
> at
> org
> .apache
> .cxf
> .ws
> .security
> .wss4j
> .policyhandlers
> .AbstractBindingBuilder
> .getSignatureBuider(AbstractBindingBuilder.java:1349)
> at
> org
> .apache
> .cxf
> .ws
> .security
> .wss4j
> .policyhandlers
> .AsymmetricBindingHandler.doSignature(AsymmetricBindingHandler.java:
> 395)
> at
> org
> .apache
> .cxf
> .ws
> .security
> .wss4j
> .policyhandlers
> .AsymmetricBindingHandler
> .doSignBeforeEncrypt(AsymmetricBindingHandler.java:107)
> at
> org
> .apache
> .cxf
> .ws
> .security
> .wss4j
> .policyhandlers
> .AsymmetricBindingHandler
> .handleBinding(AsymmetricBindingHandler.java:90)
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor
> $
> PolicyBasedWSS4JOutInterceptorInternal
> .handleMessage(PolicyBasedWSS4JOutInterceptor.java:139)
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor
> $
> PolicyBasedWSS4JOutInterceptorInternal
> .handleMessage(PolicyBasedWSS4JOutInterceptor.java:77)
> at
> org
> .apache
> .cxf
> .phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:
> 247)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
> at
> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
> at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:
> 124)
> ... 2 more
--
Freeman Fang
------------------------
FuseSource: http://fusesource.com
blog: http://freemanfang.blogspot.com
twitter: http://twitter.com/freemanfang
Apache Servicemix:http://servicemix.apache.org
Apache Cxf: http://cxf.apache.org
Apache Karaf: http://karaf.apache.org
Apache Felix: http://felix.apache.org
Re: No signature username found.
Posted by Juan Pablo Pizarro <ju...@gmail.com>.
I've change to JDK 1.5 and no news..
2010/12/9 Juan Pablo Pizarro <ju...@gmail.com>
> Hello everybody, I'm trying to use X509 certificate to sign/encrypt a
> request. I have JDK6 (of Oracle/Sun), Eclipse helios, LInux Ubuntu 9.4 and
> CXF 2.4 SNAPSHOT.
>
> My config is:
>
> SpringBusFactory bf = new SpringBusFactory();
> URL busFile = Client.class.getResource("wssec.xml");
> Bus bus = bf.createBus(busFile.toString());
> SpringBusFactory.setDefaultBus(bus);
>
> Map<String,Object> outProps = new HashMap<String,Object>();
> outProps.put("action", "Timestamp Signature Encrypt");
> outProps.put("user", "DNAWSSCliente");
> outProps.put("signaturePropFile", "Client_Sign.properties");
> outProps.put("signatureKeyIdentifier", "DirectReference");
> outProps.put("passwordCallbackClass",
> com.casa.wss.demo.UTPasswordCallback.class.getName());
> outProps.put("signatureParts", "{Element}{
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body<http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd%7DTimestamp%3B%7BElement%7D%7Bhttp://schemas.xmlsoap.org/soap/envelope/%7DBody>
> ");
> outProps.put("encryptionPropFile", "Client_Sign.properties");
> outProps.put("encryptionUser", "DNAWSSCliente");
> outProps.put("signatureUser", "DNAWSS");
> outProps.put("encryptionParts", "{Element}{
> http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body<http://www.w3.org/2000/09/xmldsig#%7DSignature%3B%7BContent%7D%7Bhttp://schemas.xmlsoap.org/soap/envelope/%7DBody>
> ");
> outProps.put("encryptionSymAlgorithm", "
> http://www.w3.org/2001/04/xmlenc#tripledes-cbc");
> outProps.put("encryptionKeyTransportAlgorithm", "
> http://www.w3.org/2001/04/xmlenc#rsa-1_5");
> WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
> //request
> bus.getInInterceptors().add(wssOut);
> bus.getInInterceptors().add(new SAAJOutInterceptor());
>
> Map<String,Object> inProps= new HashMap<String,Object>();
> inProps.put("action", "Timestamp Signature Encrypt");
> inProps.put("signaturePropFile", "Client_Sign.properties");
> inProps.put("passwordCallbackClass",
> com.casa.wss.demo.UTPasswordCallback.class.getName());
> inProps.put("decryptionPropFile", "Client_Sign.properties");
> WSS4JInInterceptor wssIn = new WSS4JInInterceptor(inProps);
> //response
> bus.getInInterceptors().add(wssIn);
> bus.getInInterceptors().add(new SAAJInInterceptor());
>
> The signature parts are not the correct, but the error is previus (in other
> test I put the correct parts).
>
> My properties file:
>
> org.apache.ws.security.crypto.merlin.keystore.type=JKS
> org.apache.ws.security.crypto.merlin.keystore.password=dnawsscliente2
> org.apache.ws.security.crypto.merlin.keystore.alias=dnawss
> org.apache.ws.security.crypto.merlin.file=DNAWSSCliente.jks
>
> The public and private key is into the same file.
>
> I google and up to now, i didn't found a solution.
>
> And the error:
>
> log4j:WARN No appenders could be found for logger
> (org.apache.cxf.bus.spring.BusApplicationContext).
> log4j:WARN Please initialize the log4j system properly.
> Dec 9, 2010 5:51:39 PM org.apache.cxf.bus.spring.BusApplicationContext
> getConfigResources
> INFO: Loaded configuration file
> file:/home/jpp/JAVA/workspace/pruebaDNA8/build/classes/com/casa/wss/demo/wssec.xml.
> Dec 9, 2010 5:55:39 PM
> org.apache.cxf.service.factory.ReflectionServiceFactoryBean
> buildServiceFromWSDL
> INFO: Creating Service {http://tempuri.org/}MenStock<http://tempuri.org/%7DMenStock>from WSDL:
> http://wss.aduanas.gub.uy/LuciaWsSecurity/Stock.svc?wsdl
> Dec 9, 2010 5:55:41 PM
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler
> doSignBeforeEncrypt
> WARNING: Sign before encryption failed due to : No signature username
> found.
> Dec 9, 2010 5:55:41 PM org.apache.cxf.phase.PhaseInterceptorChain
> doDefaultLogging
> WARNING: Interceptor for {
> http://tempuri.org/}MenStock#{http://tempuri.org/}MensajeStock<http://tempuri.org/%7DMenStock#%7Bhttp://tempuri.org/%7DMensajeStock>has thrown exception, unwinding now
> org.apache.cxf.interceptor.Fault: No signature username found.
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:145)
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:90)
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:139)
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:77)
> at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
> at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
> at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
> at $Proxy43.mensajeStock(Unknown Source)
> at com.casa.wss.demo.Client.main(Client.java:177)
> Caused by: org.apache.cxf.ws.policy.PolicyException: No signature username
> found.
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:283)
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.getSignatureBuider(AbstractBindingBuilder.java:1349)
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignature(AsymmetricBindingHandler.java:395)
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:107)
> ... 11 more
> javax.xml.ws.soap.SOAPFaultException: No signature username found.
> at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:146)
> at $Proxy43.mensajeStock(Unknown Source)
> at com.casa.wss.demo.Client.main(Client.java:177)
> Caused by: org.apache.cxf.ws.policy.PolicyException: No signature username
> found.
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.policyNotAsserted(AbstractBindingBuilder.java:283)
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractBindingBuilder.getSignatureBuider(AbstractBindingBuilder.java:1349)
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignature(AsymmetricBindingHandler.java:395)
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.doSignBeforeEncrypt(AsymmetricBindingHandler.java:107)
> at
> org.apache.cxf.ws.security.wss4j.policyhandlers.AsymmetricBindingHandler.handleBinding(AsymmetricBindingHandler.java:90)
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:139)
> at
> org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:77)
> at
> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
> at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
> at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
> at
> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
> ... 2 more
>
>