You are viewing a plain text version of this content. The canonical link for it is here.
Posted to java-user@axis.apache.org by "Donnison, Louise" <lo...@eds.com> on 2006/09/20 04:16:00 UTC
FW: Security
> ______________________________________________
> From: Donnison, Louise
> Sent: Wednesday, 20 September 2006 1:50 p.m.
> To: 'axis-user@ws.apache.org'
> Subject: Security
>
> Hi
> I am trying to work on an example for two levels of secuirty in the
> scenario of a purchase order which has credit card details.
> I wish to have the credit card details encrypted differently to the
> main part of the message as i wish to pass the credit card details
> onto another
> web service that of a creditcard checking.
> What is the best approach to accomplish this?
>
>
> I have tried initially to follow the secuirty example for having 2
> actions in an outflowsecurity element
> (I am using the sec.proprties that comes with the example)
> 1. However if I set the following:
>
> <parameter name="OutflowSecurity">
> <action>
> <items>Signature NoSerialization</items>
> <user>alice</user>
>
> <passwordCallbackClass>com.eds.jcoe.webservices.security.PasswordCallb
> ackHandler</passwordCallbackClass>
> <signaturePropFile>sec.properties</signaturePropFile>
>
> <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
>
> <encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
> <encryptionUser>bob</encryptionUser>
>
> <signatureParts>{Element}{http://service.webservices.jcoe.com/xsd}numb
> er</signatureParts>
>
> <optimizeParts>//xenc:EncryptedData/xenc:CipherData/xenc:CipherValue</
> optimizeParts>
> </action>
> <action>
> <items>Timestamp SignatureEncrypt</items>
> <user>bob</user>
>
> <passwordCallbackClass>com.eds.jcoe.webservices.security.CreditCardPas
> swordCallbackHandler</passwordCallbackClass>
> <encryptionUser>bob</encryptionUser>
> <signaturePropFile>sec.properties</signaturePropFile>
>
> <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
>
> <encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
> <encryptionUser>bob</encryptionUser>
>
> <signatureParts>{Element}{http://service.webservices.jcoe.com/xsd}ship
> pingAddress</signatureParts>
>
> <optimizeParts>//xenc:EncryptedData/xenc:CipherData/xenc:CipherValue</
> optimizeParts>
> </action>
>
> I get a null pointer exception
>
> 2006-09-20 13:28:03,314 INFO
> [org.apache.axis2.deployment.DeploymentEngine] - no services directory
> found , new one created
> 2006-09-20 13:28:03,384 INFO
> [org.apache.axis2.deployment.DeploymentEngine] - Deploying module :
> addressing-1.0
> 2006-09-20 13:28:04,456 INFO
> [org.apache.axis2.deployment.DeploymentEngine] - Deploying module :
> rampart-1.0
> Error is java.lang.NullPointerException
>
>
> 2. If I set:
>
> <parameter name="OutflowSecurity">
> <action>
> <items>Signature Timestamp</items>
> <user>alice</user>
>
> <passwordCallbackClass>com.eds.jcoe.webservices.security.PasswordCallb
> ackHandler</passwordCallbackClass>
> <signaturePropFile>sec.properties</signaturePropFile>
>
> <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
>
> <encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
> <encryptionUser>bob</encryptionUser>
>
> <signatureParts>{Element}{http://service.webservices.jcoe.com/xsd}numb
> er</signatureParts>
>
> <optimizeParts>//xenc:EncryptedData/xenc:CipherData/xenc:CipherValue</
> optimizeParts>
> </action>
> <action>
> <items>Timestamp Signature Encrypt</items>
> <user>bob</user>
>
> <passwordCallbackClass>com.eds.jcoe.webservices.security.PasswordCallb
> ackHandler</passwordCallbackClass>
> <encryptionUser>bob</encryptionUser>
> <signaturePropFile>sec.properties</signaturePropFile>
>
> <signatureKeyIdentifier>SKIKeyIdentifier</signatureKeyIdentifier>
>
> <encryptionKeyIdentifier>SKIKeyIdentifier</encryptionKeyIdentifier>
> <encryptionUser>bob</encryptionUser>
>
> <signatureParts>{Element}{http://service.webservices.jcoe.com/xsd}expi
> ry</signatureParts>
>
> <optimizeParts>//xenc:EncryptedData/xenc:CipherData/xenc:CipherValue</
> optimizeParts>
> </action>
>
>
>
> Does the Service.xml have to have 2 action elements too??
>
>
> <parameter name="InflowSecurity">
> <action>
> <items>Signature Timestamp</items>
>
> <passwordCallbackClass>com.jcoe.webservices.security.PasswordCallbackH
> andler</passwordCallbackClass>
> <signaturePropFile>sec.properties</signaturePropFile>
> </action>
> <action>
> <items>Timestamp Signature Encrypt</items>
>
> <passwordCallbackClass>com.jcoe.webservices.security.PasswordCallbackH
> andler</passwordCallbackClass>
> <signaturePropFile>sec.properties</signaturePropFile>
> </action>
> </parameter>
>
> I get this error
>
> WSDoAllReceiver: security processing failed; nested exception is:
> org.apache.ws.security.WSSecurityException: General security
> error (WSSecurityEngine: No crypto propery file supplied for
> decryption)
>
>
>
>
>
>