[jboss-user] [JBoss Web Services] New message: "Problem encrypting or signing WS-Security header elements"

Tray Scates do-not-reply at jboss.com
Tue Feb 16 14:57:22 EST 2010


User development,

A new message was posted in the thread "Problem encrypting or signing WS-Security header elements":

http://community.jboss.org/message/526628#526628

Author  : Tray Scates
Profile : http://community.jboss.org/people/TScates

Message:
--------------------------------------------------------------
Using jbossws-native-3.1.1
 
*Scenario:*
Web service require an encrypted Username/password text token (Security element in SOAP Header).
 
*Issue:*
We can successfully encrypt and sign SOAP Body and SOAP Body elements but when we try to encrypt or sign a SOAP Header element (or content of an element) we get the following exception:
 
     [java] Exception in thread "main" javax.xml.ws.WebServiceException: java.lang.RuntimeException: Could not find element
     [java]               at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.processHandlerFailure(HandlerChainExecutor.java:286)
     [java]               at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:157)
     [java]               at org.jboss.ws.core.jaxws.client.ClientImpl.callRequestHandlerChain(ClientImpl.java:177)
     [java]               at org.jboss.ws.core.CommonClient.invoke(CommonClient.java:298)
     [java]               at org.jboss.ws.core.jaxws.client.ClientImpl.invoke(ClientImpl.java:290)
     [java]               at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:170)
     [java]               at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:150)
     [java]               at $Proxy12.echoUserType(Unknown Source)
     [java]               at org.jboss.test.ws.jaxws.samples.wssecurity.client.WSSClient.main(WSSClient.java:56)
     [java] Caused by: java.lang.RuntimeException: Could not find element
     [java]               at org.jboss.ws.extensions.security.operation.EncryptionOperation.processTarget(EncryptionOperation.java:108)
     [java]               at org.jboss.ws.extensions.security.operation.EncryptionOperation.process(EncryptionOperation.java:172)
     [java]               at org.jboss.ws.extensions.security.SecurityEncoder.encode(SecurityEncoder.java:72)
     [java]               at org.jboss.ws.extensions.security.WSSecurityDispatcher.encodeMessage(WSSecurityDispatcher.java:217)
     [java]               at org.jboss.ws.extensions.security.jaxws.WSSecurityHandler.handleOutboundSecurity(WSSecurityHandler.java:104)
     [java]               at org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerClient.handleOutbound(WSSecurityHandlerClient.java:43)
     [java]               at org.jboss.wsf.common.handler.GenericHandler.handleMessage(GenericHandler.java:53)
     [java]               at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:305)
     [java]               at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:142)
     [java]               ... 7 more
 
*Solution we tried (jboss-wsse-client.xml ):*
<?xml version="1.0" encoding="UTF-8"?>
<jboss-ws-security xmlns="http://www.jboss.com/ws-security/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                   xsi:schemaLocation="http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
    <config>

        <username/>
        <encrypt type="x509v3" alias="wsse">
         <targets>
           <target type="qname" contentOnly="true">{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd/}UsernameToken</target>
           <target type="qname" contentOnly="true">{http://schemas.xmlsoap.org/soap/envelope/}Body</target>
         </targets>
        </encrypt>

        <sign type="x509v3" alias="wsse"/>

        <requires>
            <encryption/>
            <signature/>
        </requires>
    </config>
</jboss-ws-security>
 
*Message:*
<env:Envelope xmlns:env='http://schemas.xmlsoap.org/soap/envelope/'>
<env:Header>
<wsse:Security env:mustUnderstand='1' xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd' xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'>
<wsse:UsernameToken wsu:Id='token-1-1266272328381-32739270'><wsse:Username>test</wsse:Username><wsse:Password Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText'>password</wsse:Password></wsse:UsernameToken></wsse:Security></env:Header>
<env:Body><ns1:echoUserType xmlns:ns1='http://org.jboss.ws/samples/wssecurity'><user><msg>Request message sent at Mon Feb 15 17:18:47 EST 2010</msg></user></ns1:echoUserType></env:Body></env:Envelope>

--------------------------------------------------------------

To reply to this message visit the message page: http://community.jboss.org/message/526628#526628




More information about the jboss-user mailing list