I'm working on migrating some legacy code I've been stuck with from CXF 2.3/WSS4J 1.5 up to CXF 2.7/WSS4J 1.6, and I'm having some troubles. The latest issue is something that I'm sure is obvious and I'm just not seeing ... I am getting this exception when I run one of my tests:
org.apache.cxf.binding.soap.SoapFault: Security processing failed. at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:280) at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:141) .... Caused by: org.apache.ws.security.WSSecurityException: Error during Signature: at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:122) at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:232) at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:52) at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:265) ... 47 more Caused by: org.apache.ws.security.WSSecurityException: General security error (WSSecurityEngine: No crypto property file supplied to verify signature) at org.apache.ws.security.message.WSSecSignature.getSigningCerts(WSSecSignature.java:789) at org.apache.ws.security.message.WSSecSignature.prepare(WSSecSignature.java:169) at org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:71) ... 50 more I've shortened the stack trace a bit but that should be the most important parts. Now the exception itself I think is clear - there's a problem with the crypto properties. It's the exact problem that eludes me. In my Spring configuration, the original developers referenced a Crypto bean rather than using an external file. This is the bean configuration: <bean id="wss4jOutInterceptor" class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"> <constructor-arg> <map> <entry key="action" value="Timestamp Signature" /> <entry key="user" value="test-user (test ca 1)" /> <entry key="timeToLive" value="60" /> <entry key="signatureUser" value="test-user (test ca 1)" /> <entry key="signatureKeyIdentifier" value="DirectReference" /> <entry key="SignaturePropRefId" value="signatureProperties" /> <entry key="signatureProperties" value-ref="cryptoProperties" /> <entry key="signatureParts" value="{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body; {Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp" /> <entry key="signatureAlgorithm" value="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/> <entry key="signatureDigestAlgorithm" value="http://www.w3.org/2001/04/xmlenc#sha256"/> <entry key="passwordCallbackRef" value-ref="pwCallback" /> </map> </constructor-arg> </bean> <bean id="wss4jInInterceptor" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"> <constructor-arg> <map> <entry key="action" value="Signature Timestamp Encrypt" /> <entry key="SignaturePropRefId" value="cryptoProperties" /> <entry key="decryptionPropRefId" value="cryptoProperties" /> <entry key="cryptoProperties" value-ref="cryptoProperties" /> <entry key="passwordCallbackRef" value-ref="pwCallback" /> </map> </constructor-arg> </bean> <util:properties id="cryptoProperties"> <prop key="org.apache.ws.security.crypto.provider">org.apache.ws.security.components.crypto.Merlin</prop> <prop key="org.apache.ws.security.crypto.merlin.keystore.file">test-user.jks</prop> <prop key="org.apache.ws.security.crypto.merlin.keystore.type">jks</prop> <prop key="org.apache.ws.security.crypto.merlin.keystore.provider"></prop> --> <prop key="org.apache.ws.security.crypto.merlin.keystore.password">xxxxx</prop> <prop key="org.apache.ws.security.crypto.merlin.load.cacerts">false</prop> </util:properties> Does anyone have any ideas on what may be off here? Thanx, Stephen W. Chappell