Yep ... everything looks fine ... However I'm wondering whether you
have any other client_crypto.properties file in your classpath that
causes the wrong keystore to be picked where there's no key with alias
test123.
Therefore can you please rename the keystore file and the .properties
file and check.
Thanks,
Ruchith
On Dec 5, 2007 5:50 AM, Rachel Primrose <[EMAIL PROTECTED]> wrote:
> Hello,
>
> I've been having trouble signing my messages as they go out, and the
> usual "is the alias the right one" solution I've been reading about
> does not work!
>
> Here is my keystore:
>
> Keystore type: PKCS12
> Keystore provider: SunJSSE
>
> Your keystore contains 1 entry
>
> Alias name: test123
> Creation date: 5/12/2007
> Entry type: PrivateKeyEntry
> Certificate chain length: 3
> Certificate[1]:
>
> Here is my axis2.xml security outflow:
>
> <parameter name="OutflowSecurity">
> <action>
> <items>Timestamp Signature</items>
> <user>test123</user>
> <passwordCallbackClass>test.oot.PWCallback</passwordCallbackClass>
> <signaturePropFile>client_crypto.properties</signaturePropFile>
> <signatureKeyIdentifier>DirectReference</signatureKeyIdentifier>
> <parameter name="referencePropertyNames"
> value="{Element}{http://schemas.xmlsoap.org/ws/2004/03/addressing}Action;{Element}{http://schemas.xmlsoap.org/ws/2004/03/addressing}MessageID;{Element}{http://schemas.xmlsoap.org/ws/2004/03/addressing}ReplyTo;{Element}{http://schemas.xmlsoap.org/ws/2004/03/addressing}To";
> />
> <parameter name="signatureParts" value="
>
> {Element}{http://schemas.xmlsoap.org/soap/envelope/}Body;
>
> {Element}{http://schemas.xmlsoap.org/ws/2004/03/addressing}Action;
>
> {Element}{http://schemas.xmlsoap.org/ws/2004/03/addressing}MessageID;
>
> {Element}{http://schemas.xmlsoap.org/ws/2004/03/addressing}To;
>
> {Element}{http://schemas.xmlsoap.org/ws/2004/03/addressing}From;
>
> {Element}{http://schemas.xmlsoap.org/ws/2004/03/addressing}ReplyTo;
>
> {Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp";
> />
> </action>
> </parameter>
>
> Here is my client_crypto.properties file:
>
> org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
> org.apache.ws.security.crypto.merlin.keystore.type=pkcs12
> org.apache.ws.security.crypto.merlin.keystore.password=test
> org.apache.ws.security.crypto.merlin.keystore.alias=test123
> org.apache.ws.security.crypto.merlin.file=oot-stage.p12
>
> And my pwcallback class:
>
> pc.setPassword("test");
>
> The error I get is:
>
> org.apache.axis2.AxisFault: WSHandler: Signature: error during message
> procesingorg.apache.ws.security.WSSecurityException: General security
> error (Unexpected number of X509Data: for Signature); nested exception
> is:
> org.apache.ws.security.WSSecurityException: WSHandler: Signature:
> error during message
> procesingorg.apache.ws.security.WSSecurityException: General security
> error (Unexpected number of X509Data: for Signature)
> at
> org.apache.rampart.handler.WSDoAllSender.processMessage(WSDoAllSender.java:92)
> at
> org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:74)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:382)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:522)
> at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:655)
> at
> org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:237)
> at
> org.apache.axis2.description.OutInAxisOperationClient.execute(OutInAxisOperation.java:202)
> Caused by: org.apache.ws.security.WSSecurityException: WSHandler:
> Signature: error during message
> procesingorg.apache.ws.security.WSSecurityException: General security
> error (Unexpected number of X509Data: for Signature)
> at
> org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57)
> at
> org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:192)
> at
> org.apache.rampart.handler.WSDoAllSender.processBasic(WSDoAllSender.java:254)
> at
> org.apache.rampart.handler.WSDoAllSender.processMessage(WSDoAllSender.java:86)
> ... 8 more
>
> And when I set level=DEBUG in my log4j.properties:
>
> 985 [main] DEBUG org.apache.ws.security.util.Loader - Trying to find
> [client_crypto.properties] using
> [EMAIL PROTECTED] class loader.
> 1000 [main] DEBUG
> org.apache.ws.security.components.crypto.CryptoFactory - Using Crypto
> Engine [org.apache.ws.security.components.crypto.Merlin]
> 1000 [main] DEBUG org.apache.ws.security.util.Loader - Trying to find
> [oot-stage.p12] using [EMAIL PROTECTED] class
> loader.
> 1000 [main] DEBUG org.apache.ws.security.util.Loader - Trying to find
> [oot-stage.p12] using [EMAIL PROTECTED] class
> loader.
> 1000 [main] DEBUG org.apache.ws.security.util.Loader - Trying to find
> [oot-stage.p12] using ClassLoader.getSystemResource().
> 1563 [main] DEBUG org.apache.ws.security.handler.WSHandler -
> Performing Action: 32
> 1563 [main] DEBUG org.apache.ws.security.message.WSSecTimestamp -
> Begin add timestamp...
> 1578 [main] DEBUG org.apache.ws.security.handler.WSHandler -
> Performing Action: 2
> 1578 [main] DEBUG org.apache.ws.security.message.WSSecSignature -
> Beginning signing...
>
>
> As you can see, all matches up, but the actual signing fails!
>
> Any help would be greatly appreciated.
>
> Thanks.
>
>
> Kind regards,
>
> Rachel Primrose
> E: [EMAIL PROTECTED]
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
--
http://blog.ruchith.org
http://wso2.org
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
