Re: error sending S/MIME
Thx Martin Gainty wrote: Illegal interception and manipulation costs businesses millions of dollars in lost revenue here AXIS Security is handled by Rampart Rampart doc states these steps for implementing BC 1.) Download bouncycastle according to your java version. You can download bouncycastle from the following link. http://www.bouncycastle.org/latest_releases.html 2.) Add the bcprov-jdkXX-139.jar to your service's / client's classpath. 3.) Add the following line to java.security file which can be found in JRE's lib/security directory as the last line. security.provider.X=org.bouncycastle.jce.provider.BouncyCastleProvider I put $JAVA_HOME/jre/lib/ext/bcprov-jdk15-143.jar and in java.securety I add BouncyCastle provider. Before you try any of the samples makesure you 1.) Have the Axis2 standard binary distribution downloaded and extracted. 2.) Set the AXIS2_HOME environment variable 3.) Run ant from the samples directory to copy the required libraries and modules to relevant directories in AXIS2_HOME. add both rahas-1.4.mar and rampart-1.4.mar modules to /WEB-INF/modules/modules.list rahas-1.4.mar rampart-1.4.mar I have this modul, I use rampart, but also have smtpfault.mar. /WEB-INF/conf/axis2.xml would contain this global reference module ref=rampart/ then configure inflow and outflow security parameters e.g: module ref=rampart / !-- sample-10 : MTOM optimize encrypted content -- parameter name=OutflowSecurity action itemsTimestamp Signature Encrypt/items userclient/user !-- your customised Callback Handler class goes here -- passwordCallbackClassorg.apache.rampart.samples.sample10.PWCBHandler/passwordCallbackClass signaturePropFileclient.properties/signaturePropFile signatureKeyIdentifierDirectReference/signatureKeyIdentifier encryptionKeyIdentifierDirectReference/encryptionKeyIdentifier encryptionUserservice/encryptionUser /action /parameter parameter name=InflowSecurity action itemsTimestamp Signature Encrypt/items !-- your customised Callback Handler class goes here -- passwordCallbackClassorg.apache.rampart.samples.sample10.PWCBHandler/passwordCallbackClass signaturePropFileclient.properties/signaturePropFile /action /parameter I have my Callback Handler and it work fine. The problem is somewhere in axis2, because as standalone web application, this is working fine(sending S/MIME mail). So what are you saying, that the problem is rampart modul? client.properties would contain: org.apache.ws.security.crypto.provider=org.bouncycastle.jce.provider.BouncyCastleProvider org.apache.ws.security.crypto.merlin.keystore.type=jks org.apache.ws.security.crypto.merlin.keystore.password=PasswordUsedTOCreateKeyStoreFile.jks org.apache.ws.security.crypto.merlin.file=client.jks Martin Gainty __ Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen. Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni. Date: Wed, 12 Aug 2009 15:31:39 +0200 From: tomaz.majerh...@arnes.si To: axis-user@ws.apache.org Subject: error sending S/MIME Env: OS: Win XP Tomcat: 6.0.18 java: 1.6.0_10-b33 axis2: 1.4.1 I have tomcat web application which use crypto and bouncy castle for signing the mail and it work well. But when I'm using same class in my soap service(axis2) I get error: javax.mail.MessagingException: IOException while sending message; nested exception is: javax.activation.UnsupportedDataTypeException: no object DCH for MIME type application/pkcs7-signature; name=smime.p7s; smime-type=signed-data Do any body know what is problem. Regards Windows Live™: Keep your life in sync. Check it out. http://windowslive.com/explore?ocid=PID23384::T:WLMTAGL:ON:WL:en-US:NF_BR_sync:082009 begin:vcard fn:Tomaz Majerhold n:Majerhold;Tomaz org:ARNES, Slovenian NREN;Development
Re: error sending S/MIME
This may be caused by conflicting versions of some JAR (like activation or javamail). See [1]. [1] http://people.apache.org/~veithen/axiom/userguide/ch04.html#d0e719 On Thu, Aug 13, 2009 at 11:41, TomazMtomaz.majerh...@arnes.si wrote: When I'm using axis2 1.5 and S/MIME(I have Boncy Castle provider in JVM java.security) I get error: java.security.NoSuchProviderException: No provider configured for S/MIME But the same program(sending S/MIME mail) as web application in the same Tomcat(where axis2 is installed) it work fine. There is problem in axis2 jars, it is so strange, it take me two days and no solution.
Re: error sending S/MIME
I could be I changed this jars and still problem. Scenario: For singing a mail I use: bcmail-jdk16-143.jar, javamail-crypto_060622.jar, javamail-crypto-bouncycastle-smime_060622.jar, bcprov-jdk16-143 and they ware in my_service/lib folder -- I was getting error: java.security.NoSuchProviderException: No provider configured for S/MIME Solution: I put this jars in axis2 lib (webapps\axis2\WEB-INF\lib) and iit work fine. Best regards, T Andreas Veithen wrote: This may be caused by conflicting versions of some JAR (like activation or javamail). See [1]. [1] http://people.apache.org/~veithen/axiom/userguide/ch04.html#d0e719 On Thu, Aug 13, 2009 at 11:41, TomazMtomaz.majerh...@arnes.si wrote: When I'm using axis2 1.5 and S/MIME(I have Boncy Castle provider in JVM java.security) I get error: java.security.NoSuchProviderException: No provider configured for S/MIME But the same program(sending S/MIME mail) as web application in the same Tomcat(where axis2 is installed) it work fine. There is problem in axis2 jars, it is so strange, it take me two days and no solution. begin:vcard fn:Tomaz Majerhold n:Majerhold;Tomaz org:ARNES, Slovenian NREN;Development team adr:;;Jamova 39;Ljubljana;Ljubljana;1000;Slovenia title:Developer tel;work:+386 14798930 tel;fax:+386 1 479 88 99 tel;home:+386 1425 38 01 tel;cell:+386 40757229 x-mozilla-html:FALSE url:http://www.arnes.si/ version:2.1 end:vcard
RE: error sending S/MIME
Illegal interception and manipulation costs businesses millions of dollars in lost revenue here AXIS Security is handled by Rampart Rampart doc states these steps for implementing BC 1.) Download bouncycastle according to your java version. You can download bouncycastle from the following link. http://www.bouncycastle.org/latest_releases.html 2.) Add the bcprov-jdkXX-139.jar to your service's / client's classpath. 3.) Add the following line to java.security file which can be found in JRE's lib/security directory as the last line. security.provider.X=org.bouncycastle.jce.provider.BouncyCastleProvider Before you try any of the samples makesure you 1.) Have the Axis2 standard binary distribution downloaded and extracted. 2.) Set the AXIS2_HOME environment variable 3.) Run ant from the samples directory to copy the required libraries and modules to relevant directories in AXIS2_HOME. add both rahas-1.4.mar and rampart-1.4.mar modules to /WEB-INF/modules/modules.list rahas-1.4.mar rampart-1.4.mar /WEB-INF/conf/axis2.xml would contain this global reference module ref=rampart/ then configure inflow and outflow security parameters e.g: module ref=rampart / !-- sample-10 : MTOM optimize encrypted content -- parameter name=OutflowSecurity action itemsTimestamp Signature Encrypt/items userclient/user !-- your customised Callback Handler class goes here -- passwordCallbackClassorg.apache.rampart.samples.sample10.PWCBHandler/passwordCallbackClass signaturePropFileclient.properties/signaturePropFile signatureKeyIdentifierDirectReference/signatureKeyIdentifier encryptionKeyIdentifierDirectReference/encryptionKeyIdentifier encryptionUserservice/encryptionUser /action /parameter parameter name=InflowSecurity action itemsTimestamp Signature Encrypt/items !-- your customised Callback Handler class goes here -- passwordCallbackClassorg.apache.rampart.samples.sample10.PWCBHandler/passwordCallbackClass signaturePropFileclient.properties/signaturePropFile /action /parameter client.properties would contain: org.apache.ws.security.crypto.provider=org.bouncycastle.jce.provider.BouncyCastleProvider org.apache.ws.security.crypto.merlin.keystore.type=jks org.apache.ws.security.crypto.merlin.keystore.password=PasswordUsedTOCreateKeyStoreFile.jks org.apache.ws.security.crypto.merlin.file=client.jks Martin Gainty __ Verzicht und Vertraulichkeitanmerkung/Note de déni et de confidentialité Diese Nachricht ist vertraulich. Sollten Sie nicht der vorgesehene Empfaenger sein, so bitten wir hoeflich um eine Mitteilung. Jede unbefugte Weiterleitung oder Fertigung einer Kopie ist unzulaessig. Diese Nachricht dient lediglich dem Austausch von Informationen und entfaltet keine rechtliche Bindungswirkung. Aufgrund der leichten Manipulierbarkeit von E-Mails koennen wir keine Haftung fuer den Inhalt uebernehmen. Ce message est confidentiel et peut être privilégié. Si vous n'êtes pas le destinataire prévu, nous te demandons avec bonté que pour satisfaire informez l'expéditeur. N'importe quelle diffusion non autorisée ou la copie de ceci est interdite. Ce message sert à l'information seulement et n'aura pas n'importe quel effet légalement obligatoire. Étant donné que les email peuvent facilement être sujets à la manipulation, nous ne pouvons accepter aucune responsabilité pour le contenu fourni. Date: Wed, 12 Aug 2009 15:31:39 +0200 From: tomaz.majerh...@arnes.si To: axis-user@ws.apache.org Subject: error sending S/MIME Env: OS: Win XP Tomcat: 6.0.18 java: 1.6.0_10-b33 axis2: 1.4.1 I have tomcat web application which use crypto and bouncy castle for signing the mail and it work well. But when I'm using same class in my soap service(axis2) I get error: javax.mail.MessagingException: IOException while sending message; nested exception is: javax.activation.UnsupportedDataTypeException: no object DCH for MIME type application/pkcs7-signature; name=smime.p7s; smime-type=signed-data Do any body know what is problem. Regards _ Windows Live™: Keep your life in sync. http://windowslive.com/explore?ocid=PID23384::T:WLMTAGL:ON:WL:en-US:NF_BR_sync:082009
Re: error sending S/MIME
Tomaz, I think you need to give a bit more context/background. Andreas On Wed, Aug 12, 2009 at 15:31, TomazMtomaz.majerh...@arnes.si wrote: Env: OS: Win XP Tomcat: 6.0.18 java: 1.6.0_10-b33 axis2: 1.4.1 I have tomcat web application which use crypto and bouncy castle for signing the mail and it work well. But when I'm using same class in my soap service(axis2) I get error: javax.mail.MessagingException: IOException while sending message; nested exception is: javax.activation.UnsupportedDataTypeException: no object DCH for MIME type application/pkcs7-signature; name=smime.p7s; smime-type=signed-data Do any body know what is problem. Regards
