[JBoss Web Services] - My ws-security setting doesn't work.
by Joseph Hwang
Joseph Hwang [https://community.jboss.org/people/aupres] created the discussion
"My ws-security setting doesn't work."
To view the discussion, visit: https://community.jboss.org/message/817924#817924
--------------------------------------------------------------
My WS-security reference site is https://docs.jboss.org/author/display/JBWS/WS-Security https://docs.jboss.org/author/display/JBWS/WS-Security.
I coded interface and bean like below :
@WebService
public interface IHelloPort {
@WebMethod
@WebResult
public String sayHello(@WebParam String name);
}
@WebService
@EndpointConfig(configFile = "WEB-INF/jaxws-endpoint-config.xml", configName = "Custom WS-Security Endpoint")
public class HelloBean implements IHelloPort {
@Override
@WebMethod
@WebResult
public String sayHello(@WebParam String name) {
// TODO Auto-generated method stub
return "Hello " + name;
}
}
Then I generated WEB-INF/jaxws-endpoint-config.xml
<jaxws-config xmlns="urn:jboss:jbossws-jaxws-config:4.0" xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance http://www.w3.org/2001/XMLSchema-instance"
xmlns:javaee=" http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee"
xsi:schemaLocation="urn:jboss:jbossws-jaxws-config:4.0 schema/jbossws-jaxws-config_4_0.xsd">
<endpoint-config>
<config-name>Custom WS-Security Endpoint</config-name>
<property>
<property-name>ws-security.signature.properties</property-name>
<property-value>${jboss.server.config.dir}/wssecurity.properties</property-value>
</property>
<property>
<property-name>ws-security.encryption.properties</property-name>
<property-value>${jboss.server.config.dir}/wssecurity.properties</property-value>
</property>
<property>
<property-name>ws-security.signature.username</property-name>
<property-value>joseph</property-value>
</property>
<property>
<property-name>ws-security.encryption.username</property-name>
<property-value>joseph</property-value>
</property>
<property>
<property-name>ws-security.callback-handler</property-name>
<property-value>com.aaa.ws.KeystorePasswordCallback</property-value>
</property>
</endpoint-config>
</jaxws-config>
Next I made ${jboss.server.config.dir}/wssecurity.properties and KeystorePasswordCallback.java like below
-- wssecurity.properties
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=111111
org.apache.ws.security.crypto.merlin.keystore.alias=testWSssl
org.apache.ws.security.crypto.merlin.keystore.file=${jboss.server.config.dir}/jboss7ssl.jks
-- KeystorePasswordCallback.java
public class KeystorePasswordCallback implements CallbackHandler {
private Map<String, String> passwords = new HashMap<String, String>();
public KeystorePasswordCallback() {
passwords.put("joseph", "11111");
}
@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
// TODO Auto-generated method stub
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
String pass = passwords.get(pc.getIdentifier());
if (pass != null) {
pc.setPassword(pass);
return;
}
}
}
public void setAliasPassword(String alias, String password) {
passwords.put(alias, password);
}
}
Last I generated jboss7ssl.jks file with keytool command
keytool -genkey -alias testWSssl -keystore jboss7ssl.jks -keyalg RSA -validity 180
Deployment threw no exception. But WS-security encryption was not applied to wsdl. Generated soap file was just plain xml file.
WS-security encryption setting doesn't work. Did i miss anything?
I need your advice. Thanks in advanced !
--------------------------------------------------------------
Reply to this message by going to Community
[https://community.jboss.org/message/817924#817924]
Start a new discussion in JBoss Web Services at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&con...]
13 years, 1 month
[JBoss Messaging] - jboss java application creating numerous connections on machine
by Laxmi Chalasani
Laxmi Chalasani [https://community.jboss.org/people/laxminc] created the discussion
"jboss java application creating numerous connections on machine"
To view the discussion, visit: https://community.jboss.org/message/817887#817887
--------------------------------------------------------------
Hello,
We are using Jboss-5.1.0.GA as our messaging server for our application. We have the maxclientsize set to 300. But we are seeing numerour connections on the application machine when we do netstat.
Also the java application is crashing unable to process the Messages from the DB.
Below is the snippet of code we are using to QueueConnections. We are using java 1.6. We are havinng issues after upgarding to jboss5 and jdk1.6. We had no issues with the load when running on application on java 1.3 using jboss-3.2.2.
We are using mssql 2000 for database for JBOSS and Java application.
We see the below exception when clients have issue connecting to receive the jboss messages:
CommunicationException: null
1. Threw Exception...javax.naming.CommunicationException [Root exception is java.rmi.ConnectException: Connection refused to host: 172.17.100.202; nested exception is:
java.net.ConnectException: Connection refused: connect]
javax.naming.CommunicationException [Root exception is java.rmi.ConnectException: Connection refused to host: 172.17.100.202; nested exception is:
java.net.ConnectException: Connection refused: connect]
at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:839)
at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:686)
at javax.naming.InitialContext.lookup(InitialContext.java:392)
at com.adsretail.nextor.jms.ADS_JMS_Server.hostStart(ADS_JMS_Server.java:131)
at com.adsretail.nextor.jms.ADS_BaseReceive_MQ.checkConnection(ADS_BaseReceive_MQ.java:105)
at com.adsretail.nextor.jms.ADS_BaseReceive_MQ.reinitialize(ADS_BaseReceive_MQ.java:171)
at com.adsretail.nextor.jms.ADS_BaseReceive_MQ.onException(ADS_BaseReceive_MQ.java:177)
at org.jboss.jms.client.remoting.ConsolidatedRemotingConnectionListener.handleConnectionException(ConsolidatedRemotingConnectionListener.java:113)
at org.jboss.remoting.ConnectionValidator$1.run(ConnectionValidator.java:744)
Caused by: java.rmi.ConnectException: Connection refused to host: 172.17.100.202; nested exception is:
java.net.ConnectException: Connection refused: connect
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:601)
at sun.rmi.transport.tcp.TCPChannel.createConnection(TCPChannel.java:198)
at sun.rmi.transport.tcp.TCPChannel.newConnection(TCPChannel.java:184)
at sun.rmi.server.UnicastRef.invoke(UnicastRef.java:110)
at org.jnp.server.NamingServer_Stub.lookup(Unknown Source)
at org.jnp.interfaces.NamingContext.lookup(NamingContext.java:726)
... 8 more
Caused by: java.net.ConnectException: Connection refused: connect
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.PlainSocketImpl.doConnect(PlainSocketImpl.java:333)
at java.net.PlainSocketImpl.connectToAddress(PlainSocketImpl.java:195)
at java.net.PlainSocketImpl.connect(PlainSocketImpl.java:182)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:366)
at java.net.Socket.connect(Socket.java:519)
at java.net.Socket.connect(Socket.java:469)
at java.net.Socket.<init>(Socket.java:366)
at java.net.Socket.<init>(Socket.java:180)
at sun.rmi.transport.proxy.RMIDirectSocketFactory.createSocket(RMIDirectSocketFactory.java:22)
at sun.rmi.transport.proxy.RMIMasterSocketFactory.createSocket(RMIMasterSocketFactory.java:128)
at sun.rmi.transport.tcp.TCPEndpoint.newSocket(TCPEndpoint.java:595)
... 13 more
Any input is appericiated.
Thanks,
Laxmi
QueueConnectionFactory hostQcf = null;
if(appServer.equalsIgnoreCase("JBOSS"))
{
//JBOSS environment
Hashtable<String,String> env = new Hashtable<String,String>();
env.put(Context.INITIAL_CONTEXT_FACTORY,"org.jnp.interfaces.NamingContextFactory");
env.put(Context.PROVIDER_URL, "jnp://" + ipAddress + ":1099");
env.put(Context.OBJECT_FACTORIES, "org.jboss.naming:org.jnp.interfaces");
ErrorLog1.getInstance().logMessage("ipAddress: " + ipAddress);
//cgduan jdk1.6 update
if (JAVA_VERSION.indexOf("1.6") == -1){
hostCtx = NamingManager.getInitialContext(env);
hostQcf = (QueueConnectionFactory)hostCtx.lookup("OIL2ConnectionFactory");//SCO3181 nt 11/25/2003 //SC04617 nt 08/30/04
}else{
hostCtx_JDK16 = new InitialContext(env);
hostQcf = (QueueConnectionFactory) hostCtx_JDK16.lookup("ConnectionFactory");
}
//JBOSS environment
}
::::
hostConn = hostQcf.createQueueConnection();
hostSession = hostConn.createQueueSession(false, QueueSession.AUTO_ACKNOWLEDGE);
//TS8577 mduan
qServerStart = true;
public void recvAsync() throws Exception
{
try
{
if (JAVA_VERSION.indexOf("1.6") == -1){
hostConn.setExceptionListener(this);//SC0070 nt 08/14/2007
hostQueue = (Queue)hostCtx.lookup(getQueueName());
QueueReceiver recv = hostSession.createReceiver(hostQueue);
recv.setMessageListener(this);
hostConn.start();
}else{
hostConn.setExceptionListener(this);
hostQueue = (Queue)hostCtx_JDK16.lookup(getQueueName());
// create a queue receiver
QueueReceiver recv = hostSession.createReceiver(hostQueue);
// set an asynchronous message listener
recv.setMessageListener(this);
hostConn.start();
}
} catch(Exception e) {
throw e;
}
}
--------------------------------------------------------------
Reply to this message by going to Community
[https://community.jboss.org/message/817887#817887]
Start a new discussion in JBoss Messaging at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&con...]
13 years, 1 month
[jBPM] - OnAllSubTasksEndParentEndStrategy java.lang.VerifyError: Cannot inherit from final class
by Julien Serdaru
Julien Serdaru [https://community.jboss.org/people/jserdaru] created the discussion
"OnAllSubTasksEndParentEndStrategy java.lang.VerifyError: Cannot inherit from final class"
To view the discussion, visit: https://community.jboss.org/message/817868#817868
--------------------------------------------------------------
Hi there, I am trying to set up a local task service using JPA persistence and hibernate. Environment: Java 6, Hibernate 4.1.7, jBPM 5.4.0.Final When creating the entity manager factory I get the following exception when hibernate tries to instantiate the class OnAllSubTasksEndParentEndStrategy. {code} Caused by: java.lang.VerifyError: Cannot inherit from final class at java.lang.ClassLoader.defineClass1(Native Method) at java.lang.ClassLoader.defineClassCond(ClassLoader.java:631) at java.lang.ClassLoader.defineClass(ClassLoader.java:615) at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:141) at java.net.URLClassLoader.defineClass(URLClassLoader.java:283) at java.net.URLClassLoader.access$000(URLClassLoader.java:58) at java.net.URLClassLoader$1.run(URLClassLoader.java:197) at java.security.AccessController.doPrivileged(Native Method) at java.net.URLClassLoader.findClass(URLClassLoader.java:190) at java.lang.ClassLoader.loadClass(ClassLoader.java:306) at sun.misc.Launcher$AppClassLoader.loadClass(Launcher.java:301) at java.lang.ClassLoader.loadClass(ClassLoader.java:247) at java.lang.Class.forName0(Native Method) at java.lang.Class.forName(Class.java:247) at org.hibernate.internal.util.ReflectHelper.classForName(ReflectHelper.java:170) at org.hibernate.ejb.Ejb3Configuration.classForName(Ejb3Configuration.java:1318) {code} Looking at that class, I see that it inherits the enum SubTasksStrategy. I thought extending an enum was prohibited in Java. Am I missing something here? Thanks for the help! My persistence.xml {code} jdbc/jbpm-ds org.jbpm.task.Attachment org.jbpm.task.BooleanExpression org.jbpm.task.Comment org.jbpm.task.Content org.jbpm.task.Deadline org.jbpm.task.Delegation org.jbpm.task.EmailNotification org.jbpm.task.EmailNotificationHeader org.jbpm.task.Escalation org.jbpm.task.Group org.jbpm.task.I18NText org.jbpm.task.Notification org.jbpm.task.OnAllSubTasksEndParentEndStrategy org.jbpm.task.OnParentAbortAllSubTasksEndStrategy org.jbpm.task.PeopleAssignments org.jbpm.task.Reassignment org.jbpm.task.Status org.jbpm.task.SubTasksStrategy org.jbpm.task.Task org.jbpm.task.TaskData org.jbpm.task.User
{code}
--------------------------------------------------------------
Reply to this message by going to Community
[https://community.jboss.org/message/817868#817868]
Start a new discussion in jBPM at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&con...]
13 years, 1 month
jboss clustering
by sara
hi,
i need to configure Jboss clustering , i tried to apply it in the same
server but i couldn't perform Failover
so now i'm trying two different ips at different machines , what should
i do exactly?!
REGARDS,
SARA
13 years, 1 month
[JBoss Web Services] - Reference SAML assertion in Signature block
by Indira Akundi
Indira Akundi [https://community.jboss.org/people/crumbs] created the discussion
"Reference SAML assertion in Signature block"
To view the discussion, visit: https://community.jboss.org/message/817796#817796
--------------------------------------------------------------
Using JBoss 7.2 from GitHub:
*https://community.jboss.org/message/817407#817407 Re: JBoss 7.2 Warning:No assertion builder for type {http://schemas.xmlsoap.org/ws/2005/07/securitypolicy}ProtectTokens registered*
So I switched back to the non-policy way, and used wss4jinterceptors instead.
Again, using JBOSs 7.2 from GitHub, with all the modules that come with it.
wss4j is 1.6.9.
I followed the example in the following link.
The STR references the SAML token now, the timestamp and body are signed.
The SAML assertion has a signature inside the saml assertion.
But the SAML assertion is not signed externally, ie, there is no reference to the SAML assertion in the Signature block.
The Signature block only has reference to the timestamp and body.
http://svn.apache.org/viewvc?view=revision&revision=1081802 http://svn.apache.org/viewvc?view=revision&revision=1081802
| /** |
| 215 | * This test creates a holder-of-key SAML1 Assertion, and sends it in the security header |
| 216 | * to the provider. |
| 217 | */ |
| 218 | @Test |
| 219 | public void testSaml1TokenHOK() throws Exception { |
| 220 | Map<String, Object> outProperties = new HashMap<String, Object>(); |
| 221 | outProperties.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_SIGNED); |
| 222 | outProperties.put(WSHandlerConstants.SAML_PROP_FILE, "saml_hok.properties"); |
| 223 | outProperties.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference"); |
| 224 | outProperties.put(WSHandlerConstants.USER, "alice"); |
| 225 | outProperties.put("password", "password"); |
| 226 | outProperties.put(WSHandlerConstants.SIG_PROP_FILE, "alice.properties"); |
| 227 | SAML1CallbackHandler callbackHandler = new SAML1CallbackHandler(); |
| 228 | callbackHandler.setConfirmationMethod(SAML1Constants.CONF_HOLDER_KEY); |
| 229 | outProperties.put( |
| 230 | WSHandlerConstants.SAML_CALLBACK_REF, callbackHandler |
| 231 | ); |
Is there any way using CXF or JBOSSWS-CXF either policy or non-policy way to sign the saml assertion? I,e, have a reference to it in the Signature block, not just inside the saml assertion?
--------------------------------------------------------------
Reply to this message by going to Community
[https://community.jboss.org/message/817796#817796]
Start a new discussion in JBoss Web Services at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&con...]
13 years, 1 month
