I also noticed, if the same password check fails in PWCBHandler of client
side ..rampart throwing appropriate error message.
org.apache.axis2.AxisFault: WSDoAllReceiver: security processing failed
at org.apache.rampart.handler.WSDoAllReceiver.processBasic(
WSDoAllReceiver.java:216)
at org.apache.rampart.handler.WSDoAllReceiver.processMessage(
WSDoAllReceiver.java:86)
at org.apache.rampart.handler.WSDoAllHandler.invoke(
WSDoAllHandler.java:72)
at org.apache.axis2.engine.Phase.invoke(Phase.java:292)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:212)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:132)
at
org.apache.axis2.description.OutInAxisOperationClient.handleResponse(
OutInAxisOperation.java:336)
at org.apache.axis2.description.OutInAxisOperationClient.send(
OutInAxisOperation.java:389)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(
OutInAxisOperation.java:211)
at org.apache.axis2.client.OperationClient.execute(
OperationClient.java:163)
at com.nfn.wsclients.AsrsPolicyServiceStub.getStatuses(
AsrsPolicyServiceStub.java:153)
at com.nfn.wsclients.AsrPolicyServiceClient.printAccountStatuses(
AsrPolicyServiceClient.java:35)
at com.nfn.wsclients.AsrPolicyServiceClient.main(
AsrPolicyServiceClient.java:23)
Caused by: org.apache.ws.security.WSSecurityException: General security
error (WSSecurityEngine: Callback supplied no password for: client)
at
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(
EncryptedKeyProcessor.java:279)
at
org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(
EncryptedKeyProcessor.java:87)
at
org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(
EncryptedKeyProcessor.java:76)
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(
WSSecurityEngine.java:284)
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(
WSSecurityEngine.java:206)
at org.apache.rampart.handler.WSDoAllReceiver.processBasic(
WSDoAllReceiver.java:213)
... 12 more
Martin
Gainty
<[EMAIL PROTECTED]
From
mail.com> Martin Gainty
<[EMAIL PROTECTED]>
To
<[EMAIL PROTECTED]>
cc
Subject
02/18/2008 RE: WSDoAllReceiver: security
06:31 PM processing failed error
you found a Rampart bug!
First we need to look at javax.security.aith.callback.CallbackHandler
http://www.docjar.com/docs/api/javax/security/auth/callback/CallbackHandler
.
html
handle method throws java.io.IOException,
UnsupportedCallbackException
consequent implementations carry the signature forward properly..
org.apache.rampart.samples.policy.sample05;
public class PWCBHandler implements CallbackHandler {
public void handle(Callback[] callbacks)
throws IOException, UnsupportedCallbackException { //good!
take a look at
private static Parameter getInflowConfiguration() {
InflowConfiguration ifc = new InflowConfiguration();
ifc.setActionItems("Timestamp Signature Encrypt");
//how do we carry these throw IOException and UnsupportedCalbackException
forward ?
ifc.setPasswordCallbackClass("org.apache.rampart.samples.sample11.PWCBHandle
r");
...
InflowConfiguration.java contains this method..
/**
* Sets the password callback class name.
* @param passwordCallbackClass
*/
public void setPasswordCallbackClass(String passwordCallbackClass)
{ //save the passwordCallbackClass into the Action
this.action.put(WSHandlerConstants.PW_CALLBACK_CLASS,passwordCallbackClass);
}
later on
org.apache.rampart.conversation
public class Util {
//notice this method throws Exception and NOT IOException and
UnsupportedCallbackException!!!
public static void processRSTR(OMElement rstr, ConversationConfiguration
config) throws Exception
{
EncryptedKeyProcessor processor = new EncryptedKeyProcessor();
processor.handleToken((Element) elem, null,
Util.getCryptoInstace(config),
getCallbackHandlerInstance(config),
//No IOException or UnsupportedCallbackException
null, new Vector(),
null);
//notice this method throws Exception and NOT IOException and
UnsupportedCallbackException!!!
private static CallbackHandler getCallbackHandlerInstance(
ConversationConfiguration config) throws Exception
{
if (config.getPasswordCallbackRef() != null)
{
return config.getPasswordCallbackRef();
}
else if (config.getPasswordCallbackClass() != null)
{
if (config.getClassLoader() != null)
{
Class clazz = Loader.loadClass(config.getClassLoader(),
config
.getPasswordCallbackClass());
return (CallbackHandler) clazz.newInstance();
} else {
Class clazz = Loader.loadClass(config
.getPasswordCallbackClass());
return (CallbackHandler) clazz.newInstance();
}
} else {
throw new RampartException("noInfoForCBhandler");
}
}
..brief look at public class ConversationConfiguration..
/**
* @return Returns the passwordCallbackClass.
*/
public String getPasswordCallbackClass()
{
return passwordCallbackClass; //returns the name of the callback
without instantiation
}
How to go forward?
Martin Gainty
______________________________________________
Disclaimer and confidentiality note
Everything in this e-mail and any attachments relates to the official
business of Sender. This transmission is of a confidential nature and
Sender does not endorse distribution to any party other than intended
recipient. Sender does not necessarily endorse content contained within
this transmission.
> Subject: Re: WSDoAllReceiver: security processing failed error
> To: axis-user@ws.apache.org
> From: [EMAIL PROTECTED]
> Date: Mon, 18 Feb 2008 17:34:05 -0500
>
> I guess in server side..when PWCBHandler does not find proper password
for
> given id. then AXIS/Rampart not throwing appropriate error message
..that's
> why it was very difficult for me to figure out the problem.
>
> i believe there is a bug in AXIS/Rampart in exception handling in sever
> side..anyone had this issue?
>
>
>
>
> Mustaqali
> Jafarali/HOM
> /NWP From
> Mustaqali Jafarali/HOM/NWP
> To
> axis-user@ws.apache.org
> cc
>
> Subject
> 02/18/2008 Re: WSDoAllReceiver: security
> 05:02 PM processing failed error(Document
> link: Mustaqali Jafarali)
>
>
>
>
>
>
>
>
>
> Guys..nevermind..found the problem..
>
> i was using wrong PWCBHandler class (one from sample02) ....i replaced
with
> right class from sample05...now its working fine
>
>
>
>
> [EMAIL PROTECTED]
> onwideprovid
> ent.com From
> [EMAIL PROTECTED]
> To
> axis-user@ws.apache.org
> cc
>
> Subject
> 02/18/2008 Re: WSDoAllReceiver: security
> 04:35 PM processing failed error
> Please
> respond to
> [EMAIL PROTECTED]
> .apache.org
>
>
>
>
>
>
> I am still having this issue..don't whats wrong..there is no exception
> thrown in server side..i managed to get request and response from TCP/IP
> monitor..
> is there anything can i check?..need help
>
>
> REQUEST
> <?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope
> xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope";
> xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";><soapenv:Header>
> <wsse:Security
> xmlns:wsse="
>
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> "
> soapenv:mustUnderstand="true"><xenc:EncryptedKey Id="EncKeyId-1537969">
> <xenc:EncryptionMethod Algorithm="
http://www.w3.org/2001/04/xmlenc#rsa-1_5";
> />
> <ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
> <wsse:SecurityTokenReference><ds:X509Data>
> <ds:X509IssuerSerial>
> <ds:X509IssuerName>CN=Sample
> Service,OU=Rampart,O=Apache,L=Colombo,ST=Western,C=LK</ds:X509IssuerName>
>
> <ds:X509SerialNumber>1187603713</ds:X509SerialNumber>
> </ds:X509IssuerSerial>
> </ds:X509Data></wsse:SecurityTokenReference>
> </ds:KeyInfo>
>
<xenc:CipherData><xenc:CipherValue>AgW4QfemEYfw3Yl1T+1AKootX5MPH2FHNy08e0FKUhb/tXEdRQK7Gmu+1IvrdOwDoMkHE/rPgFAXaUw47YNMVoFQ1vaMNPyZ7Qt+95wtZDXx4QSMdfpM+sSS9WycKZoTMQu3HvJ/7Oras4ZbhtN7oLMoYOWg/gXj85tRTPPwoLI=</xenc:CipherValue></xenc:CipherData>
>
> <xenc:ReferenceList><xenc:DataReference URI="#EncDataId-28970806"
>
/></xenc:ReferenceList></xenc:EncryptedKey></wsse:Security></soapenv:Header><soapenv:Body><xenc:EncryptedData
>
> Id="EncDataId-28970806"
> Type="http://www.w3.org/2001/04/xmlenc#Content";><xenc:EncryptionMethod
> Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"; /><ds:KeyInfo
> xmlns:ds="http://www.w3.org/2000/09/xmldsig#";>
> <wsse:SecurityTokenReference
> xmlns:wsse="
>
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> "><wsse:Reference
> URI="#EncKeyId-1537969" /></wsse:SecurityTokenReference>
>
</ds:KeyInfo><xenc:CipherData><xenc:CipherValue>+MwjW32MnuzGFUqTyne0rvRXzjVeq+D8MmUe1PnW3aXxxZzufQHtVfusHyKkZu598d4jZjyu2sv2
>
>
+wheFX8sYywhjf9xmqBaiQ5xcueSgkBa6UIWMVvnHjcdF17fMGAXdl41hMqHpKPfATGpiX+C/OJ2
>
>
/zSVQ0KzX4xd5XevGicd8aiHvXc/1yig7ttZqO2Symj+aiIkpBrvfrEaaij5XmnG9aJf8G2jLbLl
>
>
He2yH3NptlsLZPGPrhIAHYqHNs6Sy4wTqSZzohTlj8vCOkgrLbC6SvUB1tQUUJNmBt7k73s=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></soapenv:Body></soapenv:Envelope>
>
> 0
>
>
> RESPONSE
>
> 197
> <?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope
> xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope
>
"><soapenv:Body><soapenv:Fault><soapenv:Code><soapenv:Value>soapenv:Receiver</soapenv:Value></soapenv:Code><soapenv:Reason><soapenv:Text
>
> xml:lang="en-US">WSDoAllReceiver: security processing
> failed</soapenv:Text></soapenv:Reason><soapenv:Detail
> /></soapenv:Fault></soapenv:Body></soapenv:Envelope>
>
>
>
>
>
>
> Mustaqali
> Jafarali/HOM
> /NWP From
> Mustaqali Jafarali/HOM/NWP
> To
> axis-user@ws.apache.org
> cc
>
> Subject
> 02/14/2008 Re: WSDoAllReceiver: security
> 02:09 PM processing failed error(Document
> link: Mustaqali Jafarali)
>
>
>
>
>
>
>
>
>
> yes..i believe keystore files(service.jks and service.properties) are in
> classpath..otherwise i getting different merlin exception.
>
> in this email i attached debug log from server side for more info.. can
you
> please check the debug log and let me know if u find anythign wrong.
>
>
>
>
>
>
> "Nandana Mihindukulasooriya" <[EMAIL PROTECTED]> wrote on 02/14/2008
> 12:40:33 PM:
>
> > axis-user@ws.apache.org
> >
> > Hi,
> > looking at the stack trace, it seems something goes wrong in
> > WSDoAllReciever
> > in the server side. Does the soap response contian the stack trace of
> > the original
> > exception ?
> > Are key store files in the correct place ?
> >
> > thanks,
> > /nandana
> >
> > On Thu, Feb 14, 2008 at 10:36 PM, <[EMAIL PROTECTED]>
> wrote:
> > > I am not using "UsernameToken" but just trying "Encrypt" Feature only
> as in
> > > sample05 ,..
> > >
> > >
> > >
> > > here is snippet from my client axis.xml
> > >
> > > <module ref="rampart" />
> > >
> > > <parameter name="InflowSecurity">
> > > <action>
> > > <items>Encrypt</items>
> > > <passwordCallbackClass>com.nfn.wsclients.PWCBHandler</
> > > passwordCallbackClass>
> > > <decryptionPropFile>client.properties</decryptionPropFile>
> > > </action>
> > > </parameter>
> > >
> > > <parameter name="OutflowSecurity">
> > > <action>
> > > <items>Encrypt</items>
> > > <encryptionUser>service</encryptionUser>
> > > <encryptionPropFile>client.properties</encryptionPropFile>
> > > </action>
> > > </parameter>
> > >
> > >
> > > here is snippet from my services.xml
> > >
> > > <module ref="rampart" />
> > >
> > > <parameter name="InflowSecurity">
> > > <action>
> > > <items>Encrypt</items>
> > > <passwordCallbackClass>com.nfn.ws.PWCBHandler</
> > > passwordCallbackClass>
> > > <decryptionPropFile>service.properties</decryptionPropFile>
> > > </action>
> > > </parameter>
> > >
> > > <parameter name="OutflowSecurity">
> > > <action>
> > > <items>Encrypt</items>
> > > <encryptionUser>client</encryptionUser>
> > > <encryptionPropFile>service.properties</encryptionPropFile>
> > > </action>
> > > </parameter>
> > >
> > >
> > >
> > >
> > >
> > >
> > > "Martin
> > > Gainty"
> > > <[EMAIL PROTECTED]
> From
> > > mail.com> "Martin Gainty"
> > > <[EMAIL PROTECTED]>
> > >
> To
> > > <axis-user@ws.apache.org>,
> > >
> <[EMAIL PROTECTED]>
> > >
> cc
> > >
> > > 02/14/2008
> Subject
> > > 11:18 AM Re: WSDoAllReceiver: security
> > > Please processing failed error
> > > respond to
> > >
> > >
> > > [EMAIL PROTECTED]
> > > .apache.org
> > >
> > >
> > >
> > >
> > >
> > >
> > >
> > > Did you configure username/password/Nonce/Created as suggested in the
> ws02
> > > tutorial located at
> > > http://wso2.org/library/240
> > > Did you look at the OutflowSecurity parameter spec from rampart 1.3
> > > s2.client.axis2.xml ?
> > >
> > > Martin-
> > > ----- Original Message -----
> > > From: <[EMAIL PROTECTED]>
> > > To: <axis-user@ws.apache.org>
> > > Sent: Thursday, February 14, 2008 10:33 AM
> > > Subject: WSDoAllReceiver: security processing failed error
> > >
> > >
> > > >
> > > > I am using Axis2 1.3 with rampart in websphere 5.1 (running on ibm
> jdk
> > > > 1.4.2). And my client is running on jdk 1.5.
> > > >
> > > > I am testing sample05 code(Encryption) ..but i am getting
exception,
> in
> > > > client side.
> > > >
> > > > org.apache.axis2.AxisFault: WSDoAllReceiver: security processing
> failed
> > > > at
> org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(
> > > > Utils.java:486)
> > > > at
> > > >
> org.apache.axis2.description.OutInAxisOperationClient.handleResponse(
> > > > OutInAxisOperation.java:343)
> > > > at org.apache.axis2.description.OutInAxisOperationClient.send(
> > > > OutInAxisOperation.java:389)
> > > > at
> > > org.apache.axis2.description.OutInAxisOperationClient.executeImpl(
> > > > OutInAxisOperation.java:211)
> > > > at org.apache.axis2.client.OperationClient.execute(
> > > > OperationClient.java:163)
> > > > at com.nfn.wsclients.AsrsPolicyServiceStub.getStatuses(
> > > > AsrsPolicyServiceStub.java:153)
> > > > at
> com.nfn.wsclients.AsrPolicyServiceClient.printAccountStatuses(
> > > > AsrPolicyServiceClient.java:35)
> > > > at com.nfn.wsclients.AsrPolicyServiceClient.main(
> > > > AsrPolicyServiceClient.java:23)
> > > >
> > > >
> > > > before this i tested sample 02 (usertoekn authentication) which
> worked
> > > > fine.
> > > > when idid google on "WSDoAllReceiver: security processing failed" i
> am
> > > > seeing lot of posting related to action mismath problem.
> > > > but if u see the above exception message, i am not getting "action
> > > > mismatch" problem..but just WSDoAllReceiver: security processing
> failed
> > > >
> > > > Any idea?
> > > >
> > > > Thanks in adavnce.
> > > >
> > > >
> > > >
> > > >
> ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > > For additional commands, e-mail: [EMAIL PROTECTED]
> > > >
> > > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > For additional commands, e-mail: [EMAIL PROTECTED]
> > >
> > >
> > >
> > >
> > > ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > > For additional commands, e-mail: [EMAIL PROTECTED]
> > >
> > >
> >
> > ---------------------------------------------------------------------
> > To unsubscribe, e-mail: [EMAIL PROTECTED]
> > For additional commands, e-mail: [EMAIL PROTECTED]
> >
>
>
>
> Attachment(s) have been removed by Mustaqali Jafarali
> debug.log
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
>
>
>
>
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: [EMAIL PROTECTED]
> For additional commands, e-mail: [EMAIL PROTECTED]
>
Shed those extra pounds with MSN and The Biggest Loser! Learn more.
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
