Hello no, i have found what was the cause. It was the wrong path to jks file. But now I am having different problem. Callback is now called but I get error:
<soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope";> <soap:Body> <soap:Fault> <soap:Code> <soap:Value>soap:Sender</soap:Value> </soap:Code> <soap:Reason> <soap:Text xml:lang="en">Error reading XMLStreamReader: org.apache.wss4j.common.ext.WSSecurityException: A security error was encountered when verifying the message</soap:Text> </soap:Reason> <soap:Detail> <stackTrace xmlns="http://cxf.apache.org/fault";>Caused by: javax.xml.stream.XMLStreamException: org.apache.wss4j.common.ext.WSSecurityException: A security error was encountered when verifying the message #*#org.apache.wss4j.stax.impl.WSSecurityStreamReader!next!WSSecurityStreamReader.java!56#*#org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor!handleMessage!StartBodyInterceptor.java!60#*#org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor!handleMessage!StartBodyInterceptor.java!38#*#org.apache.cxf.phase.PhaseInterceptorChain!doIntercept!PhaseInterceptorChain.java!308#*#org.apache.cxf.transport.ChainInitiationObserver!onMessage!ChainInitiationObserver.java!121#*#org.apache.cxf.transport.http.AbstractHTTPDestination!invoke!AbstractHTTPDestination.java!267#*#org.apache.cxf.transport.servlet.ServletController!invokeDestination!ServletController.java!234#*#org.apache.cxf.transport.servlet.ServletController!invoke!ServletController.java!208#*#org.apache.cxf.transport.servlet.ServletController!invoke!ServletController.java!160#*#org.apache.cxf.transport.servlet.CXFNonSpringServlet!invoke!CXFNonSpringServlet.java!225#*#org.apache.cxf.transport.servlet.AbstractHTTPServlet!h andleRequest!AbstractHTTPServlet.java!296#*#org.apache.cxf.transport.servlet.AbstractHTTPServlet!doPost!AbstractHTTPServlet.java!215#*#javax.servlet.http.HttpServlet!service!HttpServlet.java!652#*#org.apache.cxf.transport.servlet.AbstractHTTPServlet!service!AbstractHTTPServlet.java!271#*#org.apache.catalina.core.ApplicationFilterChain!internalDoFilter!ApplicationFilterChain.java!231#*#org.apache.catalina.core.ApplicationFilterChain!doFilter!ApplicationFilterChain.java!166#*#org.apache.tomcat.websocket.server.WsFilter!doFilter!WsFilter.java!53#*#org.apache.catalina.core.ApplicationFilterChain!internalDoFilter!ApplicationFilterChain.java!193#*#org.apache.catalina.core.ApplicationFilterChain!doFilter!ApplicationFilterChain.java!166#*#org.springframework.web.filter.RequestContextFilter!doFilterInternal!RequestContextFilter.java!100#*#org.springframework.web.filter.OncePerRequestFilter!doFilter!OncePerRequestFilter.java!119#*#org.apache.catalina.core.ApplicationFilterChain!internalDoFilt er!ApplicationFilterChain.java!193#*#org.apache.catalina.core.ApplicationFilterChain!doFilter!ApplicationFilterChain.java!166#*#org.springframework.web.filter.FormContentFilter!doFilterInternal!FormContentFilter.java!93#*#org.springframework.web.filter.OncePerRequestFilter!doFilter!OncePerRequestFilter.java!119#*#org.apache.catalina.core.ApplicationFilterChain!internalDoFilter!ApplicationFilterChain.java!193#*#org.apache.catalina.core.ApplicationFilterChain!doFilter!ApplicationFilterChain.java!166#*#org.springframework.web.filter.CharacterEncodingFilter!doFilterInternal!CharacterEncodingFilter.java!201#*#org.springframework.web.filter.OncePerRequestFilter!doFilter!OncePerRequestFilter.java!119#*#org.apache.catalina.core.ApplicationFilterChain!internalDoFilter!ApplicationFilterChain.java!193#*#org.apache.catalina.core.ApplicationFilterChain!doFilter!ApplicationFilterChain.java!166#*#org.apache.catalina.core.StandardWrapperValve!invoke!StandardWrapperValve.java!202#*#org.apache.catali na.core.StandardContextValve!invoke!StandardContextValve.java!97#*#org.apache.catalina.authenticator.AuthenticatorBase!invoke!AuthenticatorBase.java!541#*#org.apache.catalina.core.StandardHostValve!invoke!StandardHostValve.java!143#*#org.apache.catalina.valves.ErrorReportValve!invoke!ErrorReportValve.java!92#*#org.apache.catalina.core.StandardEngineValve!invoke!StandardEngineValve.java!78#*#org.apache.catalina.connector.CoyoteAdapter!service!CoyoteAdapter.java!343#*#org.apache.coyote.http11.Http11Processor!service!Http11Processor.java!374#*#org.apache.coyote.AbstractProcessorLight!process!AbstractProcessorLight.java!65#*#org.apache.coyote.AbstractProtocol$ConnectionHandler!process!AbstractProtocol.java!868#*#org.apache.tomcat.util.net.NioEndpoint$SocketProcessor!doRun!NioEndpoint.java!1590#*#org.apache.tomcat.util.net.SocketProcessorBase!run!SocketProcessorBase.java!49#*#java.util.concurrent.ThreadPoolExecutor!runWorker!ThreadPoolExecutor.java!1128#*#java.util.concurrent.ThreadPoolE xecutor$Worker!run!ThreadPoolExecutor.java!628#*#org.apache.tomcat.util.threads.TaskThread$WrappingRunnable!run!TaskThread.java!61#*#java.lang.Thread!run!Thread.java!834#*#Caused by: org.apache.wss4j.common.ext.WSSecurityException : A security error was encountered when verifying the message#*#org.apache.wss4j.stax.impl.WSSecurityStreamReader!next!WSSecurityStreamReader.java!56#*#org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor!handleMessage!StartBodyInterceptor.java!60#*#org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor!handleMessage!StartBodyInterceptor.java!38#*#org.apache.cxf.phase.PhaseInterceptorChain!doIntercept!PhaseInterceptorChain.java!308#*#org.apache.cxf.transport.ChainInitiationObserver!onMessage!ChainInitiationObserver.java!121#*#org.apache.cxf.transport.http.AbstractHTTPDestination!invoke!AbstractHTTPDestination.java!267#*#org.apache.cxf.transport.servlet.ServletController!invokeDestination!ServletController.java!234#*#org.apache.cxf.transport.s ervlet.ServletController!invoke!ServletController.java!208#*#org.apache.cxf.transport.servlet.ServletController!invoke!ServletController.java!160#*#org.apache.cxf.transport.servlet.CXFNonSpringServlet!invoke!CXFNonSpringServlet.java!225#*#org.apache.cxf.transport.servlet.AbstractHTTPServlet!handleRequest!AbstractHTTPServlet.java!296#*#org.apache.cxf.transport.servlet.AbstractHTTPServlet!doPost!AbstractHTTPServlet.java!215#*#javax.servlet.http.HttpServlet!service!HttpServlet.java!652#*#org.apache.cxf.transport.servlet.AbstractHTTPServlet!service!AbstractHTTPServlet.java!271#*#org.apache.catalina.core.ApplicationFilterChain!internalDoFilter!ApplicationFilterChain.java!231#*#org.apache.catalina.core.ApplicationFilterChain!doFilter!ApplicationFilterChain.java!166#*#org.apache.tomcat.websocket.server.WsFilter!doFilter!WsFilter.java!53#*#org.apache.catalina.core.ApplicationFilterChain!internalDoFilter!ApplicationFilterChain.java!193#*#org.apache.catalina.core.ApplicationFilterChain!doFilt er!ApplicationFilterChain.java!166#*#org.springframework.web.filter.RequestContextFilter!doFilterInternal!RequestContextFilter.java!100#*#org.springframework.web.filter.OncePerRequestFilter!doFilter!OncePerRequestFilter.java!119#*#org.apache.catalina.core.ApplicationFilterChain!internalDoFilter!ApplicationFilterChain.java!193#*#org.apache.catalina.core.ApplicationFilterChain!doFilter!ApplicationFilterChain.java!166#*#org.springframework.web.filter.FormContentFilter!doFilterInternal!FormContentFilter.java!93#*#org.springframework.web.filter.OncePerRequestFilter!doFilter!OncePerRequestFilter.java!119#*#org.apache.catalina.core.ApplicationFilterChain!internalDoFilter!ApplicationFilterChain.java!193#*#org.apache.catalina.core.ApplicationFilterChain!doFilter!ApplicationFilterChain.java!166#*#org.springframework.web.filter.CharacterEncodingFilter!doFilterInternal!CharacterEncodingFilter.java!201#*#org.springframework.web.filter.OncePerRequestFilter!doFilter!OncePerRequestFilter.java!119#* #org.apache.catalina.core.ApplicationFilterChain!internalDoFilter!ApplicationFilterChain.java!193#*#org.apache.catalina.core.ApplicationFilterChain!doFilter!ApplicationFilterChain.java!166#*#org.apache.catalina.core.StandardWrapperValve!invoke!StandardWrapperValve.java!202#*#org.apache.catalina.core.StandardContextValve!invoke!StandardContextValve.java!97#*#org.apache.catalina.authenticator.AuthenticatorBase!invoke!AuthenticatorBase.java!541#*#org.apache.catalina.core.StandardHostValve!invoke!StandardHostValve.java!143#*#org.apache.catalina.valves.ErrorReportValve!invoke!ErrorReportValve.java!92#*#org.apache.catalina.core.StandardEngineValve!invoke!StandardEngineValve.java!78#*#org.apache.catalina.connector.CoyoteAdapter!service!CoyoteAdapter.java!343#*#org.apache.coyote.http11.Http11Processor!service!Http11Processor.java!374#*#org.apache.coyote.AbstractProcessorLight!process!AbstractProcessorLight.java!65#*#org.apache.coyote.AbstractProtocol$ConnectionHandler!process!AbstractProtoc ol.java!868#*#org.apache.tomcat.util.net.NioEndpoint$SocketProcessor!doRun!NioEndpoint.java!1590#*#org.apache.tomcat.util.net.SocketProcessorBase!run!SocketProcessorBase.java!49#*#java.util.concurrent.ThreadPoolExecutor!runWorker!ThreadPoolExecutor.java!1128#*#java.util.concurrent.ThreadPoolExecutor$Worker!run!ThreadPoolExecutor.java!628#*#org.apache.tomcat.util.threads.TaskThread$WrappingRunnable!run!TaskThread.java!61#*#java.lang.Thread!run!Thread.java!834#*#</stackTrace> </soap:Detail> </soap:Fault> </soap:Body> </soap:Envelope> >From what i can see it is this part of code: public void handleMessage(SoapMessage message) throws Fault { if (this.isGET(message)) { LOG.fine("StartBodyInterceptor skipped in HTTP GET method"); } else { XMLStreamReader xmlReader = (XMLStreamReader)message.getContent(XMLStreamReader.class); try { for(int i = xmlReader.next(); i == 13 || i == 10; i = xmlReader.next()) { } } catch (XMLStreamException var4) { throw new SoapFault(new Message("XML_STREAM_EXC", LOG, new Object[]{var4.getMessage()}), var4, message.getVersion().getSender()); } } } @Bean public WSS4JStaxInInterceptor wss4JStaxInInterceptor() throws Exception { Properties properties; Crypto crypto = CryptoFactory.getInstance(wss4jInProperties()); WSSSecurityProperties inProperties = new WSSSecurityProperties(); inProperties.addAction(WSSConstants.TIMESTAMP); inProperties.addAction(WSSConstants.SIGNATURE); inProperties.setSoap12(true); inProperties.addAction(WSSConstants.ENCRYPTION); inProperties.setEncryptionUser("xxx"); inProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("xxx_keystore.jks"),"xxx_keystore_passwordo".toCharArray()); inProperties.setSignatureUser("softnet"); inProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("xxx_keystore.jks"),"xxxx".toCharArray()); inProperties.setCallbackHandler(new ClientKeystorePasswordENCallback()); WSS4JStaxInInterceptor wss4JStaxInInterceptor = new WSS4JStaxInInterceptor(inProperties); return wss4JStaxInInterceptor; } On 2020/11/02 07:28:43, Colm O hEigeartaigh <[email protected]> wrote: > If it's still a problem please consider creating a test-case that we can > use to reproduce the issue. > > Colm. > > On Wed, Oct 28, 2020 at 2:21 PM Miha Zoubek <[email protected]> wrote: > > > Hello > > > > so my error is this: > > > > HelloImplService has thrown exception, unwinding now > > org.apache.cxf.interceptor.Fault: Message part { > > http://www.w3.org/2001/04/xmlenc#}EncryptedData was not recognized. > > (Does it exist in service WSDL?) > > > > Which is I guess due to my configuration of cfx part for deceyption. > > Signature, Timestamp are working perfectly. > > > > public WSS4JStaxInInterceptor wss4JStaxInInterceptor() throws Exception { > > > > WSSSecurityProperties inProperties = new WSSSecurityProperties(); > > //inProperties.addAction(WSSConstants.USERNAMETOKEN); > > inProperties.addAction(WSSConstants.TIMESTAMP); > > inProperties.addAction(WSSConstants.SIGNATURE); > > inProperties.addAction(WSSConstants.ENCRYPTION); > > inProperties.setEncryptionUser("xxx"); > > > > > > inProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("\"C:\\\\Users\\\\miha_\\\\OneDrive\\\\Dokumenti\\\\Job\\\\Lj\\\\Spring\\\\demo\\\\src\\\\main\\\\resources\\\\xxxx.jks"),"softnet_keystore_passwordo".toCharArray());; > > inProperties.setMustUnderstand(false); > > > > > > inProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("\"C:\\\\Users\\\\miha_\\\\OneDrive\\\\Dokumenti\\\\Job\\\\Lj\\\\Spring\\\\demo\\\\src\\\\main\\\\resources\\\\xxxx.jks"),"softnet_keystore_passwordo".toCharArray()); > > inProperties.setSignatureUser("cbd"); > > > > > > //inProperties.setSignatureVerificationCryptoProperties(wss4jInProperties()); > > > > > > > > //inProperties.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST); > > inProperties.setCallbackHandler(new > > ClientKeystorePasswordCallback()); > > > > WSS4JStaxInInterceptor wss4JStaxInInterceptor = new > > WSS4JStaxInInterceptor(inProperties); > > > > return wss4JStaxInInterceptor; > > > > } > > > > I guess i will need also to provide secret for private key which is in jks > > (i have now only provided password to access jks store). > > > > thank you > > miha > > >
