You should enable debug logging to get the root cause of the failure. Colm.
On Tue, Nov 3, 2020 at 9:47 AM Miha Zoubek <[email protected]> wrote: > Hello > > no, i have found what was the cause. It was the wrong path to jks file. > But now I am having different problem. Callback is now called but I get > error: > > <soap:Envelope xmlns:soap="http://www.w3.org/2003/05/soap-envelope";> > <soap:Body> > <soap:Fault> > <soap:Code> > <soap:Value>soap:Sender</soap:Value> > </soap:Code> > <soap:Reason> > <soap:Text xml:lang="en">Error reading XMLStreamReader: > org.apache.wss4j.common.ext.WSSecurityException: A security error was > encountered when verifying the message</soap:Text> > </soap:Reason> > <soap:Detail> > <stackTrace xmlns="http://cxf.apache.org/fault";>Caused by: > javax.xml.stream.XMLStreamException: > org.apache.wss4j.common.ext.WSSecurityException: A security error was > encountered when verifying the message > > #*#org.apache.wss4j.stax.impl.WSSecurityStreamReader!next!WSSecurityStreamReader.java!56#*#org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor!handleMessage!StartBodyInterceptor.java!60#*#org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor!handleMessage!StartBodyInterceptor.java!38#*#org.apache.cxf.phase.PhaseInterceptorChain!doIntercept!PhaseInterceptorChain.java!308#*#org.apache.cxf.transport.ChainInitiationObserver!onMessage!ChainInitiationObserver.java!121#*#org.apache.cxf.transport.http.AbstractHTTPDestination!invoke!AbstractHTTPDestination.java!267#*#org.apache.cxf.transport.servlet.ServletController!invokeDestination!ServletController.java!234#*#org.apache.cxf.transport.servlet.ServletController!invoke!ServletController.java!208#*#org.apache.cxf.transport.servlet.ServletController!invoke!ServletController.java!160#*#org.apache.cxf.transport.servlet.CXFNonSpringServlet!invoke!CXFNonSpringServlet.java!225#*#org.apache.cxf.transport.servlet.AbstractHTTPServlet!h > > > andleRequest!AbstractHTTPServlet.java!296#*#org.apache.cxf.transport.servlet.AbstractHTTPServlet!doPost!AbstractHTTPServlet.java!215#*#javax.servlet.http.HttpServlet!service!HttpServlet.java!652#*#org.apache.cxf.transport.servlet.AbstractHTTPServlet!service!AbstractHTTPServlet.java!271#*#org.apache.catalina.core.ApplicationFilterChain!internalDoFilter!ApplicationFilterChain.java!231#*#org.apache.catalina.core.ApplicationFilterChain!doFilter!ApplicationFilterChain.java!166#*#org.apache.tomcat.websocket.server.WsFilter!doFilter!WsFilter.java!53#*#org.apache.catalina.core.ApplicationFilterChain!internalDoFilter!ApplicationFilterChain.java!193#*#org.apache.catalina.core.ApplicationFilterChain!doFilter!ApplicationFilterChain.java!166#*#org.springframework.web.filter.RequestContextFilter!doFilterInternal!RequestContextFilter.java!100#*#org.springframework.web.filter.OncePerRequestFilter!doFilter!OncePerRequestFilter.java!119#*#org.apache.catalina.core.ApplicationFilterChain!internalDoFilt > > > er!ApplicationFilterChain.java!193#*#org.apache.catalina.core.ApplicationFilterChain!doFilter!ApplicationFilterChain.java!166#*#org.springframework.web.filter.FormContentFilter!doFilterInternal!FormContentFilter.java!93#*#org.springframework.web.filter.OncePerRequestFilter!doFilter!OncePerRequestFilter.java!119#*#org.apache.catalina.core.ApplicationFilterChain!internalDoFilter!ApplicationFilterChain.java!193#*#org.apache.catalina.core.ApplicationFilterChain!doFilter!ApplicationFilterChain.java!166#*#org.springframework.web.filter.CharacterEncodingFilter!doFilterInternal!CharacterEncodingFilter.java!201#*#org.springframework.web.filter.OncePerRequestFilter!doFilter!OncePerRequestFilter.java!119#*#org.apache.catalina.core.ApplicationFilterChain!internalDoFilter!ApplicationFilterChain.java!193#*#org.apache.catalina.core.ApplicationFilterChain!doFilter!ApplicationFilterChain.java!166#*#org.apache.catalina.core.StandardWrapperValve!invoke!StandardWrapperValve.java!202#*#org.apache.catali > > > na.core.StandardContextValve!invoke!StandardContextValve.java!97#*#org.apache.catalina.authenticator.AuthenticatorBase!invoke!AuthenticatorBase.java!541#*#org.apache.catalina.core.StandardHostValve!invoke!StandardHostValve.java!143#*#org.apache.catalina.valves.ErrorReportValve!invoke!ErrorReportValve.java!92#*#org.apache.catalina.core.StandardEngineValve!invoke!StandardEngineValve.java!78#*#org.apache.catalina.connector.CoyoteAdapter!service!CoyoteAdapter.java!343#*#org.apache.coyote.http11.Http11Processor!service!Http11Processor.java!374#*#org.apache.coyote.AbstractProcessorLight!process!AbstractProcessorLight.java!65#*#org.apache.coyote.AbstractProtocol$ConnectionHandler!process!AbstractProtocol.java!868#*# > org.apache.tomcat.util.net > .NioEndpoint$SocketProcessor!doRun!NioEndpoint.java!1590#*# > org.apache.tomcat.util.net > .SocketProcessorBase!run!SocketProcessorBase.java!49#*#java.util.concurrent.ThreadPoolExecutor!runWorker!ThreadPoolExecutor.java!1128#*#java.util.concurrent.ThreadPoolE > > xecutor$Worker!run!ThreadPoolExecutor.java!628#*#org.apache.tomcat.util.threads.TaskThread$WrappingRunnable!run!TaskThread.java!61#*#java.lang.Thread!run!Thread.java!834#*#Caused > by: org.apache.wss4j.common.ext.WSSecurityException : A security error was > encountered when verifying the > message#*#org.apache.wss4j.stax.impl.WSSecurityStreamReader!next!WSSecurityStreamReader.java!56#*#org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor!handleMessage!StartBodyInterceptor.java!60#*#org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor!handleMessage!StartBodyInterceptor.java!38#*#org.apache.cxf.phase.PhaseInterceptorChain!doIntercept!PhaseInterceptorChain.java!308#*#org.apache.cxf.transport.ChainInitiationObserver!onMessage!ChainInitiationObserver.java!121#*#org.apache.cxf.transport.http.AbstractHTTPDestination!invoke!AbstractHTTPDestination.java!267#*#org.apache.cxf.transport.servlet.ServletController!invokeDestination!ServletController.java!234#*#org.apache.cxf.transport.s > > > ervlet.ServletController!invoke!ServletController.java!208#*#org.apache.cxf.transport.servlet.ServletController!invoke!ServletController.java!160#*#org.apache.cxf.transport.servlet.CXFNonSpringServlet!invoke!CXFNonSpringServlet.java!225#*#org.apache.cxf.transport.servlet.AbstractHTTPServlet!handleRequest!AbstractHTTPServlet.java!296#*#org.apache.cxf.transport.servlet.AbstractHTTPServlet!doPost!AbstractHTTPServlet.java!215#*#javax.servlet.http.HttpServlet!service!HttpServlet.java!652#*#org.apache.cxf.transport.servlet.AbstractHTTPServlet!service!AbstractHTTPServlet.java!271#*#org.apache.catalina.core.ApplicationFilterChain!internalDoFilter!ApplicationFilterChain.java!231#*#org.apache.catalina.core.ApplicationFilterChain!doFilter!ApplicationFilterChain.java!166#*#org.apache.tomcat.websocket.server.WsFilter!doFilter!WsFilter.java!53#*#org.apache.catalina.core.ApplicationFilterChain!internalDoFilter!ApplicationFilterChain.java!193#*#org.apache.catalina.core.ApplicationFilterChain!doFilt > > > er!ApplicationFilterChain.java!166#*#org.springframework.web.filter.RequestContextFilter!doFilterInternal!RequestContextFilter.java!100#*#org.springframework.web.filter.OncePerRequestFilter!doFilter!OncePerRequestFilter.java!119#*#org.apache.catalina.core.ApplicationFilterChain!internalDoFilter!ApplicationFilterChain.java!193#*#org.apache.catalina.core.ApplicationFilterChain!doFilter!ApplicationFilterChain.java!166#*#org.springframework.web.filter.FormContentFilter!doFilterInternal!FormContentFilter.java!93#*#org.springframework.web.filter.OncePerRequestFilter!doFilter!OncePerRequestFilter.java!119#*#org.apache.catalina.core.ApplicationFilterChain!internalDoFilter!ApplicationFilterChain.java!193#*#org.apache.catalina.core.ApplicationFilterChain!doFilter!ApplicationFilterChain.java!166#*#org.springframework.web.filter.CharacterEncodingFilter!doFilterInternal!CharacterEncodingFilter.java!201#*#org.springframework.web.filter.OncePerRequestFilter!doFilter!OncePerRequestFilter.java!119#* > > > #org.apache.catalina.core.ApplicationFilterChain!internalDoFilter!ApplicationFilterChain.java!193#*#org.apache.catalina.core.ApplicationFilterChain!doFilter!ApplicationFilterChain.java!166#*#org.apache.catalina.core.StandardWrapperValve!invoke!StandardWrapperValve.java!202#*#org.apache.catalina.core.StandardContextValve!invoke!StandardContextValve.java!97#*#org.apache.catalina.authenticator.AuthenticatorBase!invoke!AuthenticatorBase.java!541#*#org.apache.catalina.core.StandardHostValve!invoke!StandardHostValve.java!143#*#org.apache.catalina.valves.ErrorReportValve!invoke!ErrorReportValve.java!92#*#org.apache.catalina.core.StandardEngineValve!invoke!StandardEngineValve.java!78#*#org.apache.catalina.connector.CoyoteAdapter!service!CoyoteAdapter.java!343#*#org.apache.coyote.http11.Http11Processor!service!Http11Processor.java!374#*#org.apache.coyote.AbstractProcessorLight!process!AbstractProcessorLight.java!65#*#org.apache.coyote.AbstractProtocol$ConnectionHandler!process!AbstractProtoc > > > ol.java!868#*#org.apache.tomcat.util.net.NioEndpoint$SocketProcessor!doRun!NioEndpoint.java!1590#*#org. > apache.tomcat.util.net > .SocketProcessorBase!run!SocketProcessorBase.java!49#*#java.util.concurrent.ThreadPoolExecutor!runWorker!ThreadPoolExecutor.java!1128#*#java.util.concurrent.ThreadPoolExecutor$Worker!run!ThreadPoolExecutor.java!628#*#org.apache.tomcat.util.threads.TaskThread$WrappingRunnable!run!TaskThread.java!61#*#java.lang.Thread!run!Thread.java!834#*#</stackTrace> > </soap:Detail> > </soap:Fault> > </soap:Body> > </soap:Envelope> > > > From what i can see it is this part of code: > > public void handleMessage(SoapMessage message) throws Fault { > if (this.isGET(message)) { > LOG.fine("StartBodyInterceptor skipped in HTTP GET method"); > } else { > XMLStreamReader xmlReader = > (XMLStreamReader)message.getContent(XMLStreamReader.class); > > try { > for(int i = xmlReader.next(); i == 13 || i == 10; i = > xmlReader.next()) { > } > > } catch (XMLStreamException var4) { > throw new SoapFault(new Message("XML_STREAM_EXC", LOG, new > Object[]{var4.getMessage()}), var4, message.getVersion().getSender()); > } > } > } > > > @Bean > public WSS4JStaxInInterceptor wss4JStaxInInterceptor() throws Exception > { > Properties properties; > Crypto crypto = CryptoFactory.getInstance(wss4jInProperties()); > > WSSSecurityProperties inProperties = new WSSSecurityProperties(); > inProperties.addAction(WSSConstants.TIMESTAMP); > inProperties.addAction(WSSConstants.SIGNATURE); > inProperties.setSoap12(true); > inProperties.addAction(WSSConstants.ENCRYPTION); > > inProperties.setEncryptionUser("xxx"); > > > inProperties.loadSignatureVerificationKeystore(this.getClass().getClassLoader().getResource("xxx_keystore.jks"),"xxx_keystore_passwordo".toCharArray()); > inProperties.setSignatureUser("softnet"); > > > inProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("xxx_keystore.jks"),"xxxx".toCharArray()); > > inProperties.setCallbackHandler(new > ClientKeystorePasswordENCallback()); > > WSS4JStaxInInterceptor wss4JStaxInInterceptor = new > WSS4JStaxInInterceptor(inProperties); > > return wss4JStaxInInterceptor; > > } > > > > On 2020/11/02 07:28:43, Colm O hEigeartaigh <[email protected]> wrote: > > If it's still a problem please consider creating a test-case that we can > > use to reproduce the issue. > > > > Colm. > > > > On Wed, Oct 28, 2020 at 2:21 PM Miha Zoubek <[email protected]> wrote: > > > > > Hello > > > > > > so my error is this: > > > > > > HelloImplService has thrown exception, unwinding now > > > org.apache.cxf.interceptor.Fault: Message part { > > > http://www.w3.org/2001/04/xmlenc#}EncryptedData was not recognized. > > > (Does it exist in service WSDL?) > > > > > > Which is I guess due to my configuration of cfx part for deceyption. > > > Signature, Timestamp are working perfectly. > > > > > > public WSS4JStaxInInterceptor wss4JStaxInInterceptor() throws > Exception { > > > > > > WSSSecurityProperties inProperties = new > WSSSecurityProperties(); > > > //inProperties.addAction(WSSConstants.USERNAMETOKEN); > > > inProperties.addAction(WSSConstants.TIMESTAMP); > > > inProperties.addAction(WSSConstants.SIGNATURE); > > > inProperties.addAction(WSSConstants.ENCRYPTION); > > > inProperties.setEncryptionUser("xxx"); > > > > > > > inProperties.loadDecryptionKeystore(this.getClass().getClassLoader().getResource("\"C:\\\\Users\\\\miha_\\\\OneDrive\\\\Dokumenti\\\\Job\\\\Lj\\\\Spring\\\\demo\\\\src\\\\main\\\\resources\\\\xxxx.jks"),"softnet_keystore_passwordo".toCharArray());; > > > inProperties.setMustUnderstand(false); > > > > > > > inProperties.loadSignatureKeyStore(this.getClass().getClassLoader().getResource("\"C:\\\\Users\\\\miha_\\\\OneDrive\\\\Dokumenti\\\\Job\\\\Lj\\\\Spring\\\\demo\\\\src\\\\main\\\\resources\\\\xxxx.jks"),"softnet_keystore_passwordo".toCharArray()); > > > inProperties.setSignatureUser("cbd"); > > > > > > > //inProperties.setSignatureVerificationCryptoProperties(wss4jInProperties()); > > > > > > > > > > //inProperties.setUsernameTokenPasswordType(WSSConstants.UsernameTokenPasswordType.PASSWORD_DIGEST); > > > inProperties.setCallbackHandler(new > > > ClientKeystorePasswordCallback()); > > > > > > WSS4JStaxInInterceptor wss4JStaxInInterceptor = new > > > WSS4JStaxInInterceptor(inProperties); > > > > > > return wss4JStaxInInterceptor; > > > > > > } > > > > > > I guess i will need also to provide secret for private key which is in > jks > > > (i have now only provided password to access jks store). > > > > > > thank you > > > miha > > > > > >
