[xfire-user] Combining signatures & encryption

Tue, 09 Jan 2007 03:43:51 -0800 

Hi,

I have a problem where the client creates an signed and encrypted message.
On the server I get the following error message:

2007-01-09 12:15:06,609 ERROR
[org.codehaus.xfire.handler.DefaultFaultHandler] -
 Fault occurred!
java.lang.NullPointerException
        at
org.apache.ws.security.message.token.SecurityTokenReference.getX509IssuerSer
ialAlias(SecurityTokenReference.java:410)
        at
org.apache.ws.security.message.token.SecurityTokenReference.getX509IssuerSer
ial(SecurityTokenReference.java:388)
        at
org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(Signa
tureProcessor.java:223)
        at
org.apache.ws.security.processor.SignatureProcessor.handleToken(SignaturePro
cessor.java:79)
        at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngi
ne.java:269)
        at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngi
ne.java:191)
        at
org.codehaus.xfire.security.wss4j.WSS4JInHandler.invoke(WSS4JInHandler.java:
139)
        at
org.codehaus.xfire.handler.HandlerPipeline.invoke(HandlerPipeline.java:131)
        at
org.codehaus.xfire.transport.DefaultEndpoint.onReceive(DefaultEndpoint.java:
64)
        at
org.codehaus.xfire.transport.AbstractChannel.receive(AbstractChannel.java:38
)
        at
org.codehaus.xfire.transport.http.XFireServletController.invoke(XFireServlet
Controller.java:301)
        at
org.codehaus.xfire.transport.http.XFireServletController.doService(XFireServ
letController.java:130)
        at
org.codehaus.xfire.transport.http.XFireServlet.doPost(XFireServlet.java:116)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)

If I only use signature or encryption it all works fine, when combining them
I get this problem. I was wondering if I did anything wrong within my spring
config file?
Here is the relevant snippet:


   <bean id="bookServiceWSS4JEnc"
class="org.codehaus.xfire.spring.remoting.XFireExporter">
         <property name="serviceBean" ref="RegistrationBeanTarget"/>
        <property name="serviceClass"
value="highview.borrowandfly.services.registration.Registration"/>
       
        <property name="inHandlers">
            <list>
                <ref bean="domInHandler"/>

                   <ref bean="wss4jInHandlerSign"/>
                   <ref bean="wss4jInHandlerEnc"/>

            </list>

        </property>
    </bean>

If I disable one of the defined handlers it will work when sending the
appropriate message combing these two creates the error message described
above.
Does anyone have any idea? The client performs first the encryption and then
the signature in its handlers.

With regards,
Ronald

Reply via email to