Hi Colm: Thanks for the response. The reason I'm using this is because I'm just updating an already existing application and massive changes are not so easily approved. I did, however, just recently find out my issue at hand. All I was doing was loading the public and SignatureAction was unable to find the private key since it did not exist. As soon as I loaded the private key into the keystore it worked perfectly.
Thanks, Chris On Mon, Dec 1, 2008 at 12:04 PM, Colm O hEigeartaigh <[EMAIL PROTECTED]>wrote: > Hi Chris, > > > > Can you try running this against a SNAPSHOT version of trunk? I updated the > exception propagation in SignatureAction to throw the exception, rather than > just the message, so it might give you more information than what you're > seeing. > > > > Why not just write your own crypto implementation rather than use Merlin > btw? > > > > Colm. > > > ------------------------------ > > *From:* Chris Long [mailto:[EMAIL PROTECTED] > *Sent:* 25 November 2008 20:03 > *To:* [email protected] > *Subject:* Help needed in manually loading a certificate using WSHandler > > > > Hello: > > I'm currently running into some issues while attempting to manually load a > certificate to sign a SOAP message with instead of using a certificate > loaded in a keystore. Currently I am attempting to do the following: > > 1) create a Crypto object by using: > Crypto crypt = > CryptoFactory.getInstance("D:/crypto-testclient.properties"); > > Where the crypto-testclient.properties file looks like this: > > > org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin > org.apache.ws.security.crypto.merlin.keystore.type=jks > org.apache.ws.security.crypto.merlin.keystore.password=test > org.apache.ws.security.crypto.merlin.file=D://testclient-keystore > > 2) load the certificate into the Crypto object: > String filePath = "D:\\chris-testclient.crt"; > FileInputStream fis = new FileInputStream(filePath); > crypt.loadCertificate(fis); > > 3) set the following: > RequestData reqData = new RequestData(); > reqData.setMsgContext(msgContext); > reqData.getSignatureParts().removeAllElements(); > reqData.getEncryptParts().removeAllElements(); > reqData.setNoSerialization(false); > reqData.setUsername("chris-testclient"); > int doAction = WSSecurityUtil.decodeAction("Signature", actions); > > 4) Create a Document object and store the SOAP envelope in it. > > 5) At this point I've overloaded the doSenderAction to pass my Crypto > object along. Since the only action I care about is the Signature I've > modified if ((doAction & WSConstants.SIGN) == WSConstants.SIGN) {...} block > to the following: > > if ((doAction & WSConstants.SIGN) == WSConstants.SIGN) { > Crypto crypto = (Crypto) cryptos.get(sigPropFile); > if (crypto == null) { > try { > String filePath = "D:\\chris-testclient.crt"; > FileInputStream fis = new FileInputStream(filePath); > crypto = > CryptoFactory.getInstance("D://crypto-testclient.properties", > this.getClassLoader(reqData.getMsgContext())); > crypto.loadCertificate(fis); > cryptos.put(sigPropFile, crypto); > } catch (Exception e) {System.out.println("Exception in > doAction");} > } > reqData.setSigCrypto(crypto); > decodeSignatureParameter(reqData); > } > > Once doSenderAction gets to: wssConfig.getAction(actionToDo).execute(this, > actionToDo, doc, reqData); I get the following error: > > Caused by: org.apache.ws.security.WSSecurityException: WSHandler: > Signature: error during message > procesingorg.apache.ws.security.WSSecurityException: General security error > (Unexpected number of X509Data: for Signature) > at > org.apache.ws.security.action.SignatureAction.execute(SignatureAction.java:57) > > > Can anyone tell me what I'm doing wrong? Or if I need to provide more > information to get an answer? > > Thanks, > > Christopher Long >
