I also noticed, if the same password check fails in PWCBHandler of client side ..rampart throwing appropriate error message.
org.apache.axis2.AxisFault: WSDoAllReceiver: security processing failed at org.apache.rampart.handler.WSDoAllReceiver.processBasic( WSDoAllReceiver.java:216) at org.apache.rampart.handler.WSDoAllReceiver.processMessage( WSDoAllReceiver.java:86) at org.apache.rampart.handler.WSDoAllHandler.invoke( WSDoAllHandler.java:72) at org.apache.axis2.engine.Phase.invoke(Phase.java:292) at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:212) at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:132) at org.apache.axis2.description.OutInAxisOperationClient.handleResponse( OutInAxisOperation.java:336) at org.apache.axis2.description.OutInAxisOperationClient.send( OutInAxisOperation.java:389) at org.apache.axis2.description.OutInAxisOperationClient.executeImpl( OutInAxisOperation.java:211) at org.apache.axis2.client.OperationClient.execute( OperationClient.java:163) at com.nfn.wsclients.AsrsPolicyServiceStub.getStatuses( AsrsPolicyServiceStub.java:153) at com.nfn.wsclients.AsrPolicyServiceClient.printAccountStatuses( AsrPolicyServiceClient.java:35) at com.nfn.wsclients.AsrPolicyServiceClient.main( AsrPolicyServiceClient.java:23) Caused by: org.apache.ws.security.WSSecurityException: General security error (WSSecurityEngine: Callback supplied no password for: client) at org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey( EncryptedKeyProcessor.java:279) at org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey( EncryptedKeyProcessor.java:87) at org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken( EncryptedKeyProcessor.java:76) at org.apache.ws.security.WSSecurityEngine.processSecurityHeader( WSSecurityEngine.java:284) at org.apache.ws.security.WSSecurityEngine.processSecurityHeader( WSSecurityEngine.java:206) at org.apache.rampart.handler.WSDoAllReceiver.processBasic( WSDoAllReceiver.java:213) ... 12 more Martin Gainty <[EMAIL PROTECTED] From mail.com> Martin Gainty <[EMAIL PROTECTED]> To <[EMAIL PROTECTED]> cc Subject 02/18/2008 RE: WSDoAllReceiver: security 06:31 PM processing failed error you found a Rampart bug! First we need to look at javax.security.aith.callback.CallbackHandler http://www.docjar.com/docs/api/javax/security/auth/callback/CallbackHandler . html handle method throws java.io.IOException, UnsupportedCallbackException consequent implementations carry the signature forward properly.. org.apache.rampart.samples.policy.sample05; public class PWCBHandler implements CallbackHandler { public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException { //good! take a look at private static Parameter getInflowConfiguration() { InflowConfiguration ifc = new InflowConfiguration(); ifc.setActionItems("Timestamp Signature Encrypt"); //how do we carry these throw IOException and UnsupportedCalbackException forward ? ifc.setPasswordCallbackClass("org.apache.rampart.samples.sample11.PWCBHandle r"); ... InflowConfiguration.java contains this method.. /** * Sets the password callback class name. * @param passwordCallbackClass */ public void setPasswordCallbackClass(String passwordCallbackClass) { //save the passwordCallbackClass into the Action this.action.put(WSHandlerConstants.PW_CALLBACK_CLASS,passwordCallbackClass); } later on org.apache.rampart.conversation public class Util { //notice this method throws Exception and NOT IOException and UnsupportedCallbackException!!! public static void processRSTR(OMElement rstr, ConversationConfiguration config) throws Exception { EncryptedKeyProcessor processor = new EncryptedKeyProcessor(); processor.handleToken((Element) elem, null, Util.getCryptoInstace(config), getCallbackHandlerInstance(config), //No IOException or UnsupportedCallbackException null, new Vector(), null); //notice this method throws Exception and NOT IOException and UnsupportedCallbackException!!! private static CallbackHandler getCallbackHandlerInstance( ConversationConfiguration config) throws Exception { if (config.getPasswordCallbackRef() != null) { return config.getPasswordCallbackRef(); } else if (config.getPasswordCallbackClass() != null) { if (config.getClassLoader() != null) { Class clazz = Loader.loadClass(config.getClassLoader(), config .getPasswordCallbackClass()); return (CallbackHandler) clazz.newInstance(); } else { Class clazz = Loader.loadClass(config .getPasswordCallbackClass()); return (CallbackHandler) clazz.newInstance(); } } else { throw new RampartException("noInfoForCBhandler"); } } ..brief look at public class ConversationConfiguration.. /** * @return Returns the passwordCallbackClass. */ public String getPasswordCallbackClass() { return passwordCallbackClass; //returns the name of the callback without instantiation } How to go forward? Martin Gainty ______________________________________________ Disclaimer and confidentiality note Everything in this e-mail and any attachments relates to the official business of Sender. This transmission is of a confidential nature and Sender does not endorse distribution to any party other than intended recipient. Sender does not necessarily endorse content contained within this transmission. > Subject: Re: WSDoAllReceiver: security processing failed error > To: axis-user@ws.apache.org > From: [EMAIL PROTECTED] > Date: Mon, 18 Feb 2008 17:34:05 -0500 > > I guess in server side..when PWCBHandler does not find proper password for > given id. then AXIS/Rampart not throwing appropriate error message ..that's > why it was very difficult for me to figure out the problem. > > i believe there is a bug in AXIS/Rampart in exception handling in sever > side..anyone had this issue? > > > > > Mustaqali > Jafarali/HOM > /NWP From > Mustaqali Jafarali/HOM/NWP > To > axis-user@ws.apache.org > cc > > Subject > 02/18/2008 Re: WSDoAllReceiver: security > 05:02 PM processing failed error(Document > link: Mustaqali Jafarali) > > > > > > > > > > Guys..nevermind..found the problem.. > > i was using wrong PWCBHandler class (one from sample02) ....i replaced with > right class from sample05...now its working fine > > > > > [EMAIL PROTECTED] > onwideprovid > ent.com From > [EMAIL PROTECTED] > To > axis-user@ws.apache.org > cc > > Subject > 02/18/2008 Re: WSDoAllReceiver: security > 04:35 PM processing failed error > Please > respond to > [EMAIL PROTECTED] > .apache.org > > > > > > > I am still having this issue..don't whats wrong..there is no exception > thrown in server side..i managed to get request and response from TCP/IP > monitor.. > is there anything can i check?..need help > > > REQUEST > <?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope > xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope" > xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><soapenv:Header> > <wsse:Security > xmlns:wsse=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd > " > soapenv:mustUnderstand="true"><xenc:EncryptedKey Id="EncKeyId-1537969"> > <xenc:EncryptionMethod Algorithm=" http://www.w3.org/2001/04/xmlenc#rsa-1_5" > /> > <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> > <wsse:SecurityTokenReference><ds:X509Data> > <ds:X509IssuerSerial> > <ds:X509IssuerName>CN=Sample > Service,OU=Rampart,O=Apache,L=Colombo,ST=Western,C=LK</ds:X509IssuerName> > > <ds:X509SerialNumber>1187603713</ds:X509SerialNumber> > </ds:X509IssuerSerial> > </ds:X509Data></wsse:SecurityTokenReference> > </ds:KeyInfo> > <xenc:CipherData><xenc:CipherValue>AgW4QfemEYfw3Yl1T+1AKootX5MPH2FHNy08e0FKUhb/tXEdRQK7Gmu+1IvrdOwDoMkHE/rPgFAXaUw47YNMVoFQ1vaMNPyZ7Qt+95wtZDXx4QSMdfpM+sSS9WycKZoTMQu3HvJ/7Oras4ZbhtN7oLMoYOWg/gXj85tRTPPwoLI=</xenc:CipherValue></xenc:CipherData> > > <xenc:ReferenceList><xenc:DataReference URI="#EncDataId-28970806" > /></xenc:ReferenceList></xenc:EncryptedKey></wsse:Security></soapenv:Header><soapenv:Body><xenc:EncryptedData > > Id="EncDataId-28970806" > Type="http://www.w3.org/2001/04/xmlenc#Content"><xenc:EncryptionMethod > Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc" /><ds:KeyInfo > xmlns:ds="http://www.w3.org/2000/09/xmldsig#"> > <wsse:SecurityTokenReference > xmlns:wsse=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd > "><wsse:Reference > URI="#EncKeyId-1537969" /></wsse:SecurityTokenReference> > </ds:KeyInfo><xenc:CipherData><xenc:CipherValue>+MwjW32MnuzGFUqTyne0rvRXzjVeq+D8MmUe1PnW3aXxxZzufQHtVfusHyKkZu598d4jZjyu2sv2 > > +wheFX8sYywhjf9xmqBaiQ5xcueSgkBa6UIWMVvnHjcdF17fMGAXdl41hMqHpKPfATGpiX+C/OJ2 > > /zSVQ0KzX4xd5XevGicd8aiHvXc/1yig7ttZqO2Symj+aiIkpBrvfrEaaij5XmnG9aJf8G2jLbLl > > He2yH3NptlsLZPGPrhIAHYqHNs6Sy4wTqSZzohTlj8vCOkgrLbC6SvUB1tQUUJNmBt7k73s=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></soapenv:Body></soapenv:Envelope> > > 0 > > > RESPONSE > > 197 > <?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope > xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope > "><soapenv:Body><soapenv:Fault><soapenv:Code><soapenv:Value>soapenv:Receiver</soapenv:Value></soapenv:Code><soapenv:Reason><soapenv:Text > > xml:lang="en-US">WSDoAllReceiver: security processing > failed</soapenv:Text></soapenv:Reason><soapenv:Detail > /></soapenv:Fault></soapenv:Body></soapenv:Envelope> > > > > > > > Mustaqali > Jafarali/HOM > /NWP From > Mustaqali Jafarali/HOM/NWP > To > axis-user@ws.apache.org > cc > > Subject > 02/14/2008 Re: WSDoAllReceiver: security > 02:09 PM processing failed error(Document > link: Mustaqali Jafarali) > > > > > > > > > > yes..i believe keystore files(service.jks and service.properties) are in > classpath..otherwise i getting different merlin exception. > > in this email i attached debug log from server side for more info.. can you > please check the debug log and let me know if u find anythign wrong. > > > > > > > "Nandana Mihindukulasooriya" <[EMAIL PROTECTED]> wrote on 02/14/2008 > 12:40:33 PM: > > > axis-user@ws.apache.org > > > > Hi, > > looking at the stack trace, it seems something goes wrong in > > WSDoAllReciever > > in the server side. Does the soap response contian the stack trace of > > the original > > exception ? > > Are key store files in the correct place ? > > > > thanks, > > /nandana > > > > On Thu, Feb 14, 2008 at 10:36 PM, <[EMAIL PROTECTED]> > wrote: > > > I am not using "UsernameToken" but just trying "Encrypt" Feature only > as in > > > sample05 ,.. > > > > > > > > > > > > here is snippet from my client axis.xml > > > > > > <module ref="rampart" /> > > > > > > <parameter name="InflowSecurity"> > > > <action> > > > <items>Encrypt</items> > > > <passwordCallbackClass>com.nfn.wsclients.PWCBHandler</ > > > passwordCallbackClass> > > > <decryptionPropFile>client.properties</decryptionPropFile> > > > </action> > > > </parameter> > > > > > > <parameter name="OutflowSecurity"> > > > <action> > > > <items>Encrypt</items> > > > <encryptionUser>service</encryptionUser> > > > <encryptionPropFile>client.properties</encryptionPropFile> > > > </action> > > > </parameter> > > > > > > > > > here is snippet from my services.xml > > > > > > <module ref="rampart" /> > > > > > > <parameter name="InflowSecurity"> > > > <action> > > > <items>Encrypt</items> > > > <passwordCallbackClass>com.nfn.ws.PWCBHandler</ > > > passwordCallbackClass> > > > <decryptionPropFile>service.properties</decryptionPropFile> > > > </action> > > > </parameter> > > > > > > <parameter name="OutflowSecurity"> > > > <action> > > > <items>Encrypt</items> > > > <encryptionUser>client</encryptionUser> > > > <encryptionPropFile>service.properties</encryptionPropFile> > > > </action> > > > </parameter> > > > > > > > > > > > > > > > > > > > > > "Martin > > > Gainty" > > > <[EMAIL PROTECTED] > From > > > mail.com> "Martin Gainty" > > > <[EMAIL PROTECTED]> > > > > To > > > <axis-user@ws.apache.org>, > > > > <[EMAIL PROTECTED]> > > > > cc > > > > > > 02/14/2008 > Subject > > > 11:18 AM Re: WSDoAllReceiver: security > > > Please processing failed error > > > respond to > > > > > > > > > [EMAIL PROTECTED] > > > .apache.org > > > > > > > > > > > > > > > > > > > > > > > > Did you configure username/password/Nonce/Created as suggested in the > ws02 > > > tutorial located at > > > http://wso2.org/library/240 > > > Did you look at the OutflowSecurity parameter spec from rampart 1.3 > > > s2.client.axis2.xml ? > > > > > > Martin- > > > ----- Original Message ----- > > > From: <[EMAIL PROTECTED]> > > > To: <axis-user@ws.apache.org> > > > Sent: Thursday, February 14, 2008 10:33 AM > > > Subject: WSDoAllReceiver: security processing failed error > > > > > > > > > > > > > > I am using Axis2 1.3 with rampart in websphere 5.1 (running on ibm > jdk > > > > 1.4.2). And my client is running on jdk 1.5. > > > > > > > > I am testing sample05 code(Encryption) ..but i am getting exception, > in > > > > client side. > > > > > > > > org.apache.axis2.AxisFault: WSDoAllReceiver: security processing > failed > > > > at > org.apache.axis2.util.Utils.getInboundFaultFromMessageContext( > > > > Utils.java:486) > > > > at > > > > > org.apache.axis2.description.OutInAxisOperationClient.handleResponse( > > > > OutInAxisOperation.java:343) > > > > at org.apache.axis2.description.OutInAxisOperationClient.send( > > > > OutInAxisOperation.java:389) > > > > at > > > org.apache.axis2.description.OutInAxisOperationClient.executeImpl( > > > > OutInAxisOperation.java:211) > > > > at org.apache.axis2.client.OperationClient.execute( > > > > OperationClient.java:163) > > > > at com.nfn.wsclients.AsrsPolicyServiceStub.getStatuses( > > > > AsrsPolicyServiceStub.java:153) > > > > at > com.nfn.wsclients.AsrPolicyServiceClient.printAccountStatuses( > > > > AsrPolicyServiceClient.java:35) > > > > at com.nfn.wsclients.AsrPolicyServiceClient.main( > > > > AsrPolicyServiceClient.java:23) > > > > > > > > > > > > before this i tested sample 02 (usertoekn authentication) which > worked > > > > fine. > > > > when idid google on "WSDoAllReceiver: security processing failed" i > am > > > > seeing lot of posting related to action mismath problem. > > > > but if u see the above exception message, i am not getting "action > > > > mismatch" problem..but just WSDoAllReceiver: security processing > failed > > > > > > > > Any idea? > > > > > > > > Thanks in adavnce. > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > > > > > > --------------------------------------------------------------------- > > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > > > > > --------------------------------------------------------------------- > > To unsubscribe, e-mail: [EMAIL PROTECTED] > > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > Attachment(s) have been removed by Mustaqali Jafarali > debug.log > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > > > > > > --------------------------------------------------------------------- > To unsubscribe, e-mail: [EMAIL PROTECTED] > For additional commands, e-mail: [EMAIL PROTECTED] > Shed those extra pounds with MSN and The Biggest Loser! Learn more. --------------------------------------------------------------------- To unsubscribe, e-mail: [EMAIL PROTECTED] For additional commands, e-mail: [EMAIL PROTECTED]