Home.... | log in.... | Pub my question! | Sign-up....
Java-index >> Security >> Cryptography

WSS4J XML Encryption and D. Signature

Good Morning, I'm a student and I'm trying to use wss4j features to secure SOAP messages. The Problem is that I follow step by step the tutorial http://ws.apache.org/wss4j/package.html but there are some problems about the XML Encyption and D.Signature.

I Follow the tutorial but when i run the client with this config file:

<deployment xmlns=" http://xml.apache.org/axis/wsdd/" xmlns:java="http://xml.apache.org/axis/wsdd/providers/java ">

<transport name="http" pivot="java:org.apache.axis.transport.http.HTTPSender"/>

<globalConfiguration >

<requestFlow>

<handler type="java: org.apache.ws.axis.security.WSDoAllSender" >

<parameter name="user" value="16c73ab6-b892-458f-abf5-2f875f74882e"/>

<parameter name="passwordCallbackClass" value="org.apache.ws.axis.oasis.PWCallback"/>

<parameter name="action" value="Signature Encrypt"/>

<parameter name="signaturePropFile" value=" crypto.properties" />

</handler>

</requestFlow>

</globalConfiguration >

</deployment>

There is this excepion:

AxisFault

faultCode: {

http://schemas.xmlsoap.org/soap/envelope/}Server.userException

faultSubcode:

faultString:

java.lang.RuntimeException : CryptoFactory: Cannot load properties: crypto.properties

faultActor:

faultNode:

faultDetail:

{

http://xml.apache.org/axis/}stackTrace:java.lang.RuntimeException : CryptoFactory: Cannot load properties: crypto.properties

at org.apache.ws.security.components.crypto.CryptoFactory.getProperties(

CryptoFactory.java :185)

at org.apache.ws.security.components.crypto.CryptoFactory.getInstance(

CryptoFactory.java:110 )

at org.apache.ws.security.handler.WSHandler.loadSignatureCrypto(

WSHandler.java:337)

at org.apache.ws.security.handler.WSHandler.doSenderAction (

WSHandler.java:123)

at org.apache.ws.axis.security.WSDoAllSender.invoke(

WSDoAllSender.java :170)

at org.apache.axis.strategies.InvocationStrategy.visit(

InvocationStrategy.java:32 )

at org.apache.axis.SimpleChain.doVisiting(

SimpleChain.java:118)

at org.apache.axis.SimpleChain.invoke(

SimpleChain.java:83)

at org.apache.axis.client.AxisClient.invoke(

AxisClient.java:127 )

at org.apache.axis.client.Call.invokeEngine(

Call.java:2784)

at org.apache.axis.client.Call.invoke (

Call.java:2767)

at org.apache.axis.client.Call.invoke(

Call.java:2443)

at org.apache.axis.client.Call.invoke(

Call.java:2366)

at org.apache.axis.client.Call.invoke(

Call.java:1812)

at prova2.client.Saluto2SoapBindingStub.saluto (

Saluto2SoapBindingStub.java:106)

at prova2.client.ClientSaluto.main(

ClientSaluto.java :49)

{ http://xml.apache.org/axis/}hostname:Chianti

java.lang.RuntimeException

: CryptoFactory: Cannot load properties: crypto.properties

at org.apache.axis.AxisFault.makeFault(

AxisFault.java:101)

at org.apache.axis.client.AxisClient.invoke(

AxisClient.java:216)

at org.apache.axis.client.Call.invokeEngine(

Call.java:2784)

at org.apache.axis.client.Call.invoke(

Call.java:2767)

at org.apache.axis.client.Call.invoke (

Call.java:2443)

at org.apache.axis.client.Call.invoke(

Call.java:2366 )

at org.apache.axis.client.Call.invoke(

Call.java:1812)

at prova2.client.Saluto2SoapBindingStub.saluto(

Saluto2SoapBindingStub.java:106)

at prova2.client.ClientSaluto.main(

ClientSaluto.java:49 )

Caused by:

java.lang.RuntimeException: CryptoFactory: Cannot load properties: crypto.properties

at org.apache.ws.security.components.crypto.CryptoFactory.getProperties (

CryptoFactory.java:185)

at org.apache.ws.security.components.crypto.CryptoFactory.getInstance(

CryptoFactory.java:110)

at org.apache.ws.security.handler.WSHandler.loadSignatureCrypto(

WSHandler.java:337 )

at org.apache.ws.security.handler.WSHandler.doSenderAction(

WSHandler.java:123)

at org.apache.ws.axis.security.WSDoAllSender.invoke (

WSDoAllSender.java:170)

at org.apache.axis.strategies.InvocationStrategy.visit(

InvocationStrategy.java:32)

at org.apache.axis.SimpleChain.doVisiting(

SimpleChain.java:118 )

at org.apache.axis.SimpleChain.invoke(

SimpleChain.java:83)

at org.apache.axis.client.AxisClient.invoke(

AxisClient.java:127)

... 7 more

the problem is in the crypto.properties files for the client and server, their location and the configuration...Sorry if I'm making easy questions but this is my first approach to the argument!

[5247 byte] By [trastevere123a] at [2007-10-3 4:21:32]
«« How to programmable transaction in a entity bean?
»» Problem with scriptlet
# 1

Hi everybody...newbie question are comeing :p

Target: I must sign and encrypt SOAP message.

I've created the client and the server keystore importing the both trusted identies...

keytool -genkey -alias SecureClient -keyalg RSA -keystore client_keystore -dname "cn=wss4j" -keypass changeit -storepass changeit

keytool -genkey -alias SecureServer -keyalg RSA -keystore server_keystore -dname "cn=SecureServer" -keypass changeit -storepass changeit

keytool -selfcert -alias SecureClient -keystore client_keystore -keypass changeit -storepass changeit

keytool -selfcert -alias SecureServer -keystore server_keystore -keypass changeit -storepass changeit

keytool -export -alias SecureClient -file client_cert -keystore client_keystore -storepass changeit

keytool -export -alias SecureServer -file server_cert -keystore server_keystore -storepass changeit

keytool -import -alias SecureClient -file client_cert -keystore server_keystore -storepass changeit

keytool -import -alias SecureServer -file server_cert -keystore client_keystore -storepass changeit

Now the both keystores contain the 2 entries

I've created the stub for the client by wsdl2java command and there is the client

package prova2.client;

import java.rmi.RemoteException;

import javax.xml.rpc.ServiceException;

import org.apache.axis.EngineConfiguration;

import org.apache.axis.configuration.FileProvider;

public class ClientSaluto {

_/**

* @param args

*/

public static void main(String[] args) {

SalutoService locator = new SalutoServiceLocator();

Saluto service;

try {

service = locator.getSaluto2();

String reply;

reply = service.saluto("Nicola");

System.out.println("IL WEB SERVICE HA RISPOSTO: " + reply);

} catch (RemoteException e) {

// TODO Auto-generated catch block

e.printStackTrace();

} catch (ServiceException e) {

// TODO Auto-generated catch block

e.printStackTrace();

}

}

}

There is the file by which I've deployed the service:

<deployment xmlns="http://xml.apache.org/axis/wsdd/" xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">

<service name="Saluto2" provider="java:RPC" style="rpc" use="literal">

<requestFlow>

<handler type="java:org.apache.ws.axis.security.WSDoAllReceiver">

<parameter name="passwordCallbackClass" value="org.apache.ws.axis.oasis.PWCallback"/>

<parameter name="action" value="Signature Encrypt"/>

<parameter name="signaturePropFile" value="crypto.properties" />

</handler>

</requestFlow>

<parameter name="className" value="prova.Saluto" />

<parameter name="allowedMethods" value="saluto" />

<parameter name="scope" value="Request" />

</service>

</deployment>

but I think that this is the wsdd to encrypt and sign only Username Token.

How is the correct wsdd?

then I'll copy the server_keystore into <TomcatHome>/webapps/axis/WEB-INF/classes

but then how the cripto.properties files (for the client and the server) have to be built in relation with my scenario?

Thanks for the reply...

Luca

trastevere123a at 2007-7-14 22:23:40 > top of Java-index,Security,Cryptography...
Security
Cryptography

Security New Topic

Security Hot Topic

Security

All Classified