For some reason, the path prefix of /WEB-INF/classes/ had to be removed, so the path starts with "cxf/...". Both in the constants below and in the .properties file.
Why I have no idea. -----Original Message----- From: Morein, Arnie [mailto:[email protected]] Sent: Thursday, February 23, 2017 12:04 PM To: [email protected]; [email protected] Subject: [EXTERNAL] CXF API cannot find the properties file CXF: 3.1.10 WAR project with key store file and properties file in /WEB-INF/classes/cxf folder in WAR project. The following code is in effect: private static final String KEYSTORE_FILE = "/WEB-INF/classes/cfx/clientKeyStore.jks"; private static final String KEYSTORE_PASSWORD = "***"; public static final String KEYSTORE_KEY_ALIAS = "key-alias"; public static final String KEYSTORE_KEY_PASSWORD = "***; private static final String WSS4J_PROPERTIES = "/WEB-INF/classes/cfx/client-crypto.properties"; // configure ws-security Properties crytoProperties = new Properties(); crytoProperties.put(SecurityConstants.TIMESTAMP_FUTURE_TTL, "120"); crytoProperties.put(SecurityConstants.SIGNATURE_PROPERTIES, WSS4J_PROPERTIES); crytoProperties.put(SecurityConstants.SIGNATURE_USERNAME, KEYSTORE_KEY_ALIAS); crytoProperties.put(SecurityConstants.ENCRYPT_PROPERTIES, WSS4J_PROPERTIES); crytoProperties.put(SecurityConstants.ENCRYPT_USERNAME, KEYSTORE_KEY_ALIAS); crytoProperties.put(SecurityConstants.CALLBACK_HANDLER, txdps.dl.bpr.common.business.VlsCxfUserPasswordCallback.class.getName()); Map<String, Object> ctx = ((BindingProvider) port).getRequestContext(); Enumeration e = crytoProperties.propertyNames(); while (e.hasMoreElements()) { String key = (String) e.nextElement(); ctx.put(key, crytoProperties.get(key)); } Bus bus = BusFactory.newInstance().createBus(); STSClient stsClient = new STSClient(bus); Map<String, Object> stsProps = stsClient.getProperties(); stsProps.put(SecurityConstants.ENCRYPT_PROPERTIES, WSS4J_PROPERTIES); stsProps.put(SecurityConstants.ENCRYPT_USERNAME, KEYSTORE_KEY_ALIAS); stsProps.put(SecurityConstants.SIGNATURE_PROPERTIES, WSS4J_PROPERTIES); stsProps.put(SecurityConstants.SIGNATURE_USERNAME, KEYSTORE_KEY_ALIAS); stsProps.put(SecurityConstants.STS_TOKEN_USERNAME, KEYSTORE_KEY_ALIAS); stsProps.put(SecurityConstants.STS_TOKEN_PROPERTIES, WSS4J_PROPERTIES); stsProps.put(SecurityConstants.STS_TOKEN_USE_CERT_FOR_KEYINFO, "true"); ctx.put(SecurityConstants.STS_CLIENT, stsClient); But at method invocation time, I keep getting: Feb23 11:28:53.064 WARN [PhaseInterceptorChain ][::] - Interceptor for {http://schemas.xmlsoap.org/ws/2005/02/trust/wsdl}SecurityTokenService#{http://schemas.xmlsoap.org/ws/2005/02/trust/wsdl}RequestSecurityToken has thrown exception, unwinding now org.apache.cxf.interceptor.Fault: No crypto property file supplied for signature at org.apache.cxf.ws.security.wss4j.policyhandlers.TransportBindingHandler.handleBinding(TransportBindingHandler.java:172) ~[cxf-rt-ws-security-3.1.10.jar:3.1.10] at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessageInternal(PolicyBasedWSS4JOutInterceptor.java:185) ~[cxf-rt-ws-security-3.1.10.jar:3.1.10] at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:109) ~[cxf-rt-ws-security-3.1.10.jar:3.1.10] at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:96) ~[cxf-rt-ws-security-3.1.10.jar:3.1.10] at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308) [cxf-core-3.1.10.jar:3.1.10] at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:514) [cxf-core-3.1.10.jar:3.1.10] at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:423) [cxf-core-3.1.10.jar:3.1.10] at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:324) [cxf-core-3.1.10.jar:3.1.10] at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:277) [cxf-core-3.1.10.jar:3.1.10] at org.apache.cxf.ws.security.trust.AbstractSTSClient.issue(AbstractSTSClient.java:861) [cxf-rt-ws-security-3.1.10.jar:3.1.10] at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:61) [cxf-rt-ws-security-3.1.10.jar:3.1.10] at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:55) [cxf-rt-ws-security-3.1.10.jar:3.1.10] at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:51) [cxf-rt-ws-security-3.1.10.jar:3.1.10] at org.apache.cxf.ws.security.policy.interceptors.SecureConversationOutInterceptor.issueToken(SecureConversationOutInterceptor.java:198) [cxf-rt-ws-security-3.1.10.jar:3.1.10] at org.apache.cxf.ws.security.policy.interceptors.SecureConversationOutInterceptor.handleMessage(SecureConversationOutInterceptor.java:81) [cxf-rt-ws-security-3.1.10.jar:3.1.10] at org.apache.cxf.ws.security.policy.interceptors.SecureConversationOutInterceptor.handleMessage(SecureConversationOutInterceptor.java:50) [cxf-rt-ws-security-3.1.10.jar:3.1.10] at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308) [cxf-core-3.1.10.jar:3.1.10] at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:514) [cxf-core-3.1.10.jar:3.1.10] at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:423) [cxf-core-3.1.10.jar:3.1.10] at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:324) [cxf-core-3.1.10.jar:3.1.10] at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:277) [cxf-core-3.1.10.jar:3.1.10] at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96) [cxf-rt-frontend-simple-3.1.10.jar:3.1.10] at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:139) [cxf-rt-frontend-jaxws-3.1.10.jar:3.1.10] at com.sun.proxy.$Proxy55.authenticate(Unknown Source) [na:na] Which property am I still missing?
