[JBoss Web Services] - Problem implementing WS-Security X509 Token in JBoss 5.x
by Andrea De Angelis
Andrea De Angelis [https://community.jboss.org/people/soulshunter] created the discussion
"Problem implementing WS-Security X509 Token in JBoss 5.x"
To view the discussion, visit: https://community.jboss.org/message/771678#771678
--------------------------------------------------------------
Hi all,
i'm re-writing an application developped for JBoss 4.3 fro a new environment in JBoss 5.1.
In this application (EAR) we've a WAR with some Web Services with WS-Security and X509 Token.
In the first environment (Jboss 4.3) my jboss-wsse-server.xml look as:
{code:xml}
<jboss-ws-security
xmlns=" http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/config"
xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation=" http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/config
http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
<!-- PRODUCTION -->
<key-store-file>/mydirectory/keystore/server.keystore</key-store-file>
<key-store-password>xxx</key-store-password>
<key-store-type>jks</key-store-type>
<trust-store-file>/mydirectory/keystore/server.truststore</trust-store-file>
<trust-store-password>xxx</trust-store-password>
<trust-store-type>jks</trust-store-type>
<!-- timestamp tolerance -->
<timestamp-verification createdTolerance="600" warnCreated="true" expiresTolerance="600" warnExpires="true" />
<config>
<!-- <timestamp ttl="1000"/> -->
<sign type="x509v3" alias="server" />
<requires>
<signature/>
</requires>
<authenticate>
<signatureCertAuth certificatePrincipal="com.examples.service.jbossws.MyCertificatePrincipal"/>
</authenticate>
</config>
</jboss-ws-security>
{code}
And my Jboss-service.xml as:
{code:xml}
<mbean code="org.jboss.security.plugins.JaasSecurityDomain"
name="jboss.security:service=SanferSecurityDomain">
<constructor>
<arg type="java.lang.String" value="SanferWSCert"/>
</constructor>
<attribute name="KeyStoreURL">/mydirectory/keystore/server.keystore</attribute>
<attribute name="KeyStorePass">xxx</attribute>
<attribute name="KeyStoreType">jks</attribute>
<depends>jboss.security:service=JaasSecurityManager</depends>
</mbean>
<mbean code="org.jboss.security.auth.login.DynamicLoginConfig"
name="whatever:service=SanferLogin">
<attribute name="AuthConfig">my-login-config.xml</attribute>
<depends optional-attribute-name="LoginConfigService">
jboss.security:service=XMLLoginConfig</depends>
<depends optional-attribute-name="SecurityManagerService">
jboss.security:service=JaasSecurityManager</depends>
</mbean>
</server>
{code}
I highlighted in red the absolute path of my keystore and truststore.
When i deploy this EAR in Jboss 4.3 everything it's ok, but in Jboss 5.1 i've the error message above:
{code}
Caused by: org.jboss.ws.WSException: Cannot find required security resource: /opt/sanfer/keystore/server.keystore
at org.jboss.ws.metadata.wsse.WSSecurityConfigFactory.getResource(WSSecurityConfigFactory.java:114)
at org.jboss.ws.metadata.wsse.WSSecurityConfigFactory.initKeystorePath(WSSecurityConfigFactory.java:89)
at org.jboss.ws.metadata.wsse.WSSecurityConfigFactory.createConfiguration(WSSecurityConfigFactory.java:72)
at org.jboss.ws.metadata.builder.jaxws.JAXWSWebServiceMetaDataBuilder.buildWebServiceMetaData(JAXWSWebServiceMetaDataBuilder.java:132)
at org.jboss.ws.metadata.builder.jaxws.JAXWSServerMetaDataBuilder.setupProviderOrWebService(JAXWSServerMetaDataBuilder.java:52)
at org.jboss.ws.metadata.builder.jaxws.JAXWSMetaDataBuilderJSE.buildMetaData(JAXWSMetaDataBuilderJSE.java:61)
at org.jboss.wsf.stack.jbws.UnifiedMetaDataDeploymentAspect.start(UnifiedMetaDataDeploymentAspect.java:64)
at org.jboss.wsf.framework.deployment.DeploymentAspectManagerImpl.deploy(DeploymentAspectManagerImpl.java:129)
at org.jboss.wsf.container.jboss50.deployer.ArchiveDeployerHook.deploy(ArchiveDeployerHook.java:76)
at org.jboss.wsf.container.jboss50.deployer.AbstractWebServiceDeployer.internalDeploy(AbstractWebServiceDeployer.java:60)
at org.jboss.deployers.spi.deployer.helpers.AbstractRealDeployer.deploy(AbstractRealDeployer.java:55)
at org.jboss.deployers.plugins.deployers.DeployerWrapper.deploy(DeployerWrapper.java:179)
... 30 more
{code}
The WSSecurityConfig can't locate the keystore from the absolute path, but the JaasSecurityDomain however locate it.
I've tried another different way putting the Keystore and Trustore inside the WEB-INF folder of WAR, and i've a similar scenario.
In this case the WSSecurityConfig locate the Kesytsore/Trustore but the JaasSecurityDomain throw the error "Can't locate resource: WEB-INF/server.keystore".
I think i've some Class Loading issue, can you help me to fix it?
Thanks for the help.
--------------------------------------------------------------
Reply to this message by going to Community
[https://community.jboss.org/message/771678#771678]
Start a new discussion in JBoss Web Services at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&con...]
13 years, 5 months
[JBoss Tools] - Jboss 7.1.1 problem
by eramesh.java
eramesh.java [https://community.jboss.org/people/eramesh.java] created the discussion
"Jboss 7.1.1 problem"
To view the discussion, visit: https://community.jboss.org/message/764927#764927
--------------------------------------------------------------
Hi,
In my eclipse I am getting the below error message.
---------------
18:51:41,463 INFO [org.jboss.as.jpa] (MSC service thread 1-1) JBAS011401: Read persistence.xml for pricingEE
18:51:41,463 INFO [org.jboss.as.jpa] (MSC service thread 1-1) JBAS011401: Read persistence.xml for pricingRMSEE
18:51:41,463 INFO [org.jboss.as.jpa] (MSC service thread 1-1) JBAS011401: Read persistence.xml for pricingRMSMI
18:51:41,463 INFO [org.jboss.as.jpa] (MSC service thread 1-1) JBAS011401: Read persistence.xml for pricingRMSPFEE
18:51:41,463 INFO [org.jboss.as.jpa] (MSC service thread 1-1) JBAS011401: Read persistence.xml for pricingRMSRDMEE
18:51:41,463 INFO [org.jboss.as.jpa] (MSC service thread 1-1) JBAS011401: Read persistence.xml for pricingRMSWEBEE
18:51:41,901 ERROR [org.jboss.msc.service.fail] (MSC service thread 1-1) MSC00001: Failed to start service jboss.deployment.unit."ML-PricingEAR.ear".DEPENDENCIES: org.jboss.msc.service.StartException in service jboss.deployment.unit."ML-PricingEAR.ear".DEPENDENCIES: Failed to process phase DEPENDENCIES of deployment "ML-PricingEAR.ear"
at org.jboss.as.server.deployment.DeploymentUnitPhaseService.start(DeploymentUnitPhaseService.java:119) [jboss-as-server-7.1.0.Final.jar:7.1.0.Final]
at org.jboss.msc.service.ServiceControllerImpl$StartTask.startService(ServiceControllerImpl.java:1811) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]
at org.jboss.msc.service.ServiceControllerImpl$StartTask.run(ServiceControllerImpl.java:1746) [jboss-msc-1.0.2.GA.jar:1.0.2.GA]
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) [rt.jar:1.6.0_21]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) [rt.jar:1.6.0_21]
at java.lang.Thread.run(Thread.java:619) [rt.jar:1.6.0_21]
Caused by: java.lang.IllegalArgumentException: JBAS011470: Persistence unitName was not specified and there are 6 persistence unit definitions in application deployment "ML-PricingEAR.ear". Either change the application to have only one persistence unit definition or specify the unitName for each reference to a persistence unit.
----------------------------------------
Please advise!
--------------------------------------------------------------
Reply to this message by going to Community
[https://community.jboss.org/message/764927#764927]
Start a new discussion in JBoss Tools at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&con...]
13 years, 5 months
[JNDI and Naming] - Re: PortableRemoteObject.narrow() returns null
by Brian Lara
Brian Lara [https://community.jboss.org/people/bclara] created the discussion
"Re: PortableRemoteObject.narrow() returns null"
To view the discussion, visit: https://community.jboss.org/message/765410#765410
--------------------------------------------------------------
Any updates on how to resolve this?
I am getting null after invoking narrrow() on PortableRemoteObject as well. I do get IOR string as above, so JNDI lookup works.
I am newbie to Jboss and migrating from Websphere.
My EJB client is in separate EAR on separate server than the EJB project. Both EJB and EJB client are running on Jboss 5.1 GA 'all' configuration over RMI-IIOP.
I don't see any stubs generated in ejb client jar. When I put stubs manually there (from my websphere project), I no longer get null and home is returned properly.
I cannot continue to do this (using Websphere stubs for Jboss), what else is needed for dynamic stubs to work in Jboss?
Do I need to include any specific libraries on client side?
Do i need any special descriptor files for ejb client jar in Jboss (like jboss-ejb-client.xml)
Any help much appreciated!!
--------------------------------------------------------------
Reply to this message by going to Community
[https://community.jboss.org/message/765410#765410]
Start a new discussion in JNDI and Naming at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&con...]
13 years, 5 months
