Hi, I've got a web service that uses secret key encryption. It runs fine on tomcat, but when I try running it on websphere I get this error:
java.lang.ClassCastException: com.ibm.crypto.provider.AESCipher at javax.crypto.Cipher.getInstance(Unknown Source) at org.apache.xml.security.encryption.XMLCipher.getInstance(Unknown Source) ... Tomcat's using the Sun crypto classes in jce.jar and sun_jceprovider.jar, located in the java jre directories, whereas WebSphere comes with its own java libraries: ibmjcefw.jar and ibmjceprovider.jar. The AESCipher class is found in the latter. I tried to work around this by adding the Sun libraries to my project, but it seems WebSphere loads its own java classes before the application's, even if the class loader PARENT_LAST setting is used. Has anyone else had this problem? cheers, md > -----Original Message----- > From: Dimuthu Leelarathne (JIRA) [mailto:[EMAIL PROTECTED] > Sent: Thursday, July 12, 2007 5:21 AM > To: [EMAIL PROTECTED] > Subject: [jira] Closed: (RAMPART-46) org.apache.axis2.AxisFault: > Thesecurity token could not be authenticated or authorized > > > > [ > https://issues.apache.org/jira/browse/RAMPART-46?page=com.atla > ssian.jira.plugin.system.issuetabpanels:all-tabpanel ] > > Dimuthu Leelarathne closed RAMPART-46. > -------------------------------------- > > Resolution: Cannot Reproduce > > This issue has contradictions. > > > org.apache.axis2.AxisFault: The security token could not be > authenticated or authorized > > > -------------------------------------------------------------- > -------------------------- > > > > Key: RAMPART-46 > > URL: > https://issues.apache.org/jira/browse/RAMPART-46 > > Project: Rampart > > Issue Type: Test > > Affects Versions: 1.1 > > Environment: AXIS2 1.1 Client Side > > WSE 3.0 .net Server > > Reporter: Shweta Desai > > Priority: Blocker > > > > I have set the security header as written below. > > <wsse:UsernameToken > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401 > -wss-wssecurity-utility-1.0.xsd" wsu:Id="UsernameToken-9624795"> > > <wsse:Username>user2007</wsse:Username> > > <wsse:Password > Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- > username-token-profile-1.0#PasswordText">2007</wsse:Password> > > <wsse:Nonce>QOqyFHT9TydDSKieEDOdjw==</wsse:Nonce> > > <wsu:Created>2007-05-24T21:38:11Z</wsu:Created> > > </wsse:UsernameToken> > > But .net server expecting the token something written below. > > <wsse:UsernameToken > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401 > -wss-wssecurity-utility-1.0.xsd" > wsu:Id="SecurityToken-e1d2ddef-25f1-455e-a535-42aec1f8a1fc"> > > <wsse:Username>user_2007</wsse:Username> > > <wsse:Password > Type="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- > username-token-profile-1.0#PasswordText">2007</wsse:Password> > > <wsse:Nonce>mI0DNp0NZZ9BRlGYQn7xdQ==</wsse:Nonce> > > <wsu:Created>2006-12-05T23:42:15Z</wsu:Created> > > </wsse:UsernameToken> > > And because of that I am getting error like > > org.apache.axis2.AxisFault: The security token could not be > authenticated or authorized ---> WSE565: The password > provided by the SecurityTokenManager does not match the one > on the incoming token. > > at > org.apache.axis2.description.OutInAxisOperationClient.send(Out > InAxisOperation.java:271) > > at > org.apache.axis2.description.OutInAxisOperationClient.execute( > OutInAxisOperation.java:202) > > Few things of my coding: > > Sysout of callback password: > > pass type>> null > > password>> null > > Identifier>> adpinc2007r > > Usage>> 2 > > key>> null > > And passwordCallback function is something below: > > String id = pwcb.getIdentifer(); > > if("user_2007".equals(id)) { > > pwcb.setPassword("2007"); > > } > > I will be thankful if you guide me for this authentication issues. > > I am new to this security header setting and I am not sure > I have done right or not. > > Your help will be very appriciated. > > -- > This message is automatically generated by JIRA. > - > You can reply to this email to add a comment to the issue online. > >
