When I have the policy pasted below I see a NullPointer Exception.
When I debug the server I see that in the PolicyBasedWSS4JInInterceptor, in
the method computeAction there is only an action computed with the values:
"UsernameToken Timestamp " and without 'Signature'.
I believe hat this causes the crypto object not to be found and throwing a
NullPointerException because its null:
This happens in the X509Security.loadCertificate in the line cachedCert =
crypto.loadCertificate(in);
The crypto is null and there is a NullPointerEception.
Are my assumptions correct ???? Is this policy possible to execute ?
My wsdlis, my client and my server are pasted below:
1. client.xml
<jaxws:client id="careReceiverInsurabilityWSClient"
serviceClass="be.cin.mycarenet.esb.insurability.InsurabilityPortType"
address="https://localhost:8443/jbossWsCxfClientWithWSSecurityPolicyHttps-1/CareReceiverInsurabilityWebserviceImpl";
wsdlLocation="wsdl/MyCarenet-Insurability.wsdl"
endpointName="s:InsurabilityPort"
serviceName="s:CareReceiverInsurability"
xmlns:s="urn:be:cin:mycarenet:esb:insurability">
<jaxws:properties>
<entry key="ws-security.username" value="ovione"/>
<entry key="ws-security.callback-handler"
value="poc.samples.jboss.cxf.ejb.sync.security.policy.webservice.callbackHandlers.client.UsernameTokenCallbackHandlerClient"/>
<entry key="ws-security.signature.properties"
value="security/clientSign.properties"/>
<entry key="ws-security.signature.username"
value="pairclient"/>
</jaxws:properties>
</jaxws:client>
2. server.xml
<jaxws:endpoint
id="careReceiverInsurabilityWSServer"
implementor="poc.samples.jboss.cxf.ejb.sync.security.policy.webservice.CareReceiverInsurabilityWebserviceImpl"
address="https://localhost:8443/jbossWsCxfClientWithWSSecurityPolicyHttps-1/CareReceiverInsurabilityWebserviceImpl";
wsdlLocation="wsdl/MyCarenet-Insurability.wsdl"
endpointName="s:InsurabilityPort"
serviceName="s:CareReceiverInsurability"
xmlns:s="urn:be:cin:mycarenet:esb:insurability">
<jaxws:properties>
<entry key="ws-security.callback-handler"
value="poc.samples.jboss.cxf.ejb.sync.security.policy.webservice.callbackHandlers.server.UsernameTokenCallbackHandlerServer"/>
<entry key="ws-security.signature.properties"
value="security/serverSignVerify.properties"/>
<entry key="ws-security.signature.username"
value="clienttrusted"/>
</jaxws:properties>
</jaxws:endpoint>
3. policy in the wsdl
<wsp:Policy wsu:Id="BasicSecurityPolicy">
<wsp:ExactlyOne>
<wsp:All>
<sp:TransportBinding>
<wsp:Policy>
<sp:TransportToken>
<wsp:Policy>
<sp:HttpsToken
RequireClientCertificate="false" />
</wsp:Policy>
</sp:TransportToken>
<sp:Layout>
<wsp:Policy>
<sp:Lax />
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp />
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:Basic128 />
</wsp:Policy>
</sp:AlgorithmSuite>
</wsp:Policy>
</sp:TransportBinding>
<sp:EndorsingSupportingTokens>
<wsp:Policy>
<sp:X509Token
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
<wsp:Policy>
<sp:WssX509V3Token10 />
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:EndorsingSupportingTokens>
<sp:SignedSupportingTokens>
<wsp:Policy>
<sp:UsernameToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";>
<wsp:Policy>
<sp:WssUsernameToken10 />
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SignedSupportingTokens>
--
View this message in context:
http://cxf.547215.n5.nabble.com/EndorsingSupportingTokens-and-SignedSupportingTokens-throing-a-Nullpointer-exception-tp4689469p4689469.html
Sent from the cxf-dev mailing list archive at Nabble.com.
