Hi Joan,
What is the Rampart version you are using ? Can send the full
stack-trace ?
Best Regards,
Nandana
On Wed, Jul 7, 2010 at 8:54 PM, Joan Bellver Faus <[email protected]>wrote:
> Hello,
>
> I implementing a new web services with Rampart, the policy is singn and
> encryption.
> When i using the certificates createds in keytool command, the services
> works correctly, but when i using Spanish National ID Card (
> http://www.dnielectronico.es/) the web services returned this error:
>
> org.apache.axis2.AxisFault: General security error (WSSecurityEngine:
> Callback supplied no password for: null)
>
> This error is because the rampart can not access to the public key??
>
> The settings.xml is:
>
>
> <module ref="rampart" />
> <wsp:Policy wsu:Id="SignEncr"
> xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> "
> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";>
> <wsp:ExactlyOne>
> <wsp:All>
> <sp:AsymmetricBinding
> xmlns:sp="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
> <wsp:Policy>
> <sp:InitiatorToken>
> <wsp:Policy>
>
> <sp:X509Token
>
> sp:IncludeToken="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient";
> />
> </wsp:Policy>
> </sp:InitiatorToken>
> <sp:RecipientToken>
> <wsp:Policy>
>
> <sp:X509Token
>
> sp:IncludeToken="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never
> ">
>
> <wsp:Policy>
>
> <sp:RequireThumbprintReference />
>
> </wsp:Policy>
> </sp:X509Token>
> </wsp:Policy>
> </sp:RecipientToken>
> <sp:AlgorithmSuite>
> <wsp:Policy>
> <sp:TripleDesRsa15 />
> </wsp:Policy>
> </sp:AlgorithmSuite>
> <sp:Layout>
> <wsp:Policy>
> <sp:Strict />
> </wsp:Policy>
> </sp:Layout>
> <sp:IncludeTimestamp />
>
> <sp:OnlySignEntireHeadersAndBody />
> </wsp:Policy>
> </sp:AsymmetricBinding>
> <sp:SignedParts
> xmlns:sp="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
> <sp:Body />
> </sp:SignedParts>
>
> <sp:EncryptedParts
> xmlns:sp="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";>
> <sp:Body />
> </sp:EncryptedParts>
>
> <ramp:RampartConfig xmlns:ramp="
> http://ws.apache.org/rampart/policy";>
> <ramp:user>mms</ramp:user>
>
> <ramp:encryptionUser>useReqSigCert</ramp:encryptionUser>
>
>
> <ramp:passwordCallbackClass>es.upv.dsic.gti_ia.MMService.PWCBHandler</ramp:passwordCallbackClass>
> <ramp:signatureCrypto>
> <ramp:crypto
> provider="org.apache.ws.security.components.crypto.Merlin">
> <ramp:property
>
> name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
>
>
> <ramp:property
> name="org.apache.ws.security.crypto.merlin.file">/home/joabelfa/Escritorio/pruebas_seguridad/qpidd/security/MMSkeystore.jks</ramp:property>
> <ramp:property
>
>
> name="org.apache.ws.security.crypto.merlin.keystore.password">password_mmskeystore</ramp:property>
>
> </ramp:crypto>
> </ramp:signatureCrypto>
> </ramp:RampartConfig>
>
> </wsp:All>
> </wsp:ExactlyOne>
> </wsp:Policy>
>
> </service>
>
>
>
> ----------------------------------------------------------------
> This message was sent using IMP, the Internet Messaging Program.
>
>
