JBoss Community

WS-Security, <wsse:Security> Missing in client request

created by Ravi Choudhari in JBoss Web Services - View the full discussion

Hi,

I am trying to implement a secure webservice using WS-Security in

JBoss 5.1 following the steps in

http://www.developer.com/java/other/article.php/38...on-Server-with-WS-Security.htm,

On the server Side I have:

Service:

@WebService()
@MTOM
@SOAPBinding(style = SOAPBinding.Style.DOCUMENT, parameterStyle = SOAPBinding.ParameterStyle.WRAPPED)
@BindingType(value = javax.xml.ws.soap.SOAPBinding.SOAP11HTTP_BINDING)
@HandlerChain(file = "META-INF/handlers/userlogin-services-handlers-server.xml")
@Stateless
@Clustered(loadBalancePolicy = "FirstAvailable", partition = "ClusterA")
@EndpointConfig(configName = "Standard WSSecurity Endpoint",
configFile = "META-INF/standard-jaxws-endpoint-config.xml")
@WebContext(authMethod = "BASIC", secureWSDLAccess = true)
@RolesAllowed("member")
public class UsersLoginServices {
@WebMethod(operationName = "userLogin")
public boolean userLogin(@WebParam(name = "userName") String userName,
@WebParam(name = "password") String password) {
return usersLoginServices.userLogin(userName, password);
}
}

@WebService() @MTOM @SOAPBinding(style = SOAPBinding.Style.DOCUMENT, parameterStyle = SOAPBinding.ParameterStyle.WRAPPED) @BindingType(value = javax.xml.ws.soap.SOAPBinding.SOAP11HTTP_BINDING) @HandlerChain(file = "META-INF/handlers/userlogin-services-handlers-server.xml") @Stateless @Clustered(loadBalancePolicy = "FirstAvailable", partition = "ClusterA") @EndpointConfig(configName = "Standard WSSecurity Endpoint", configFile = "META-INF/standard-jaxws-endpoint-config.xml") @WebContext(authMethod = "BASIC", secureWSDLAccess = true) @RolesAllowed("member") public class UsersLoginServices { @WebMethod(operationName = "userLogin") public boolean userLogin(@WebParam(name = "userName") String userName, @WebParam(name = "password") String password) { return usersLoginServices.userLogin(userName, password); } }

standard-jaxws-endpoint-config.xml

<?xml version="1.0" encoding="UTF-8"?>
<jaxws-config xmlns="urn:jboss:jaxws-config:2.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:javaee="http://java.sun.com/xml/ns/javaee"
xsi:schemaLocation="urn:jboss:jaxws-config:2.0 schema/jaxws-config_2_0.xsd">
<endpoint-config>
<config-name>Standard WSSecurity Endpoint</config-name>
<post-handler-chains>
<javaee:handler-chain>
<javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings>
<javaee:handler>
<javaee:handler-name>WSSecurity Handler</javaee:handler-name>
<javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer</javaee:handler-class>
</javaee:handler>
</javaee:handler-chain>
</post-handler-chains>
</endpoint-config>
</jaxws-config>

<?xml version="1.0" encoding="UTF-8"?> <jaxws-config xmlns="urn:jboss:jaxws-config:2.0" xmlns:xsi="<a class="jive-link-external-small" href="http://www.w3.org/2001/XMLSchema-instance" target="_blank">http://www.w3.org/2001/XMLSchema-instance</a>" xmlns:javaee="<a class="jive-link-external-small" href="http://java.sun.com/xml/ns/javaee" target="_blank">http://java.sun.com/xml/ns/javaee</a>" xsi:schemaLocation="urn:jboss:jaxws-config:2.0 schema/jaxws-config_2_0.xsd"> <endpoint-config> <config-name>Standard WSSecurity Endpoint</config-name> <post-handler-chains> <javaee:handler-chain> <javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings> <javaee:handler> <javaee:handler-name>WSSecurity Handler</javaee:handler-name> <javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer</javaee:handler-class> </javaee:handler> </javaee:handler-chain> </post-handler-chains> </endpoint-config> </jaxws-config>

jboss-wsse-server.xml

<?xml version="1.0" encoding="UTF-8"?>
<jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
<key-store-file>META-INF/server.keystore</key-store-file>
<key-store-password>mypassword</key-store-password>
<key-store-type>jks</key-store-type>
<trust-store-file>META-INF/server.truststore</trust-store-file>
<trust-store-password>mypassword</trust-store-password>
<trust-store-type>jks</trust-store-type>
<key-passwords>
<key-password alias="server" password="mypassword" />
</key-passwords>
<config>
<timestamp ttl="300"/>
<sign type="x509v3" alias="serverkeys" includeTimestamp="true"></sign>
<encrypt type="x509v3" alias="clientkeys" algorithm="aes-256"
keyWrapAlgorithm="rsa_oaep" tokenReference="keyIdentifier"></encrypt>
<requires>
<encryption></encryption>
</requires>
</config>
</jboss-ws-security>

<?xml version="1.0" encoding="UTF-8"?> <jboss-ws-security xmlns="<a class="jive-link-external-small" href="http://www.jboss.com/ws-security/config" target="_blank">http://www.jboss.com/ws-security/config</a>" xmlns:xsi="<a class="jive-link-external-small" href="http://www.w3.org/2001/XMLSchema-instance" target="_blank">http://www.w3.org/2001/XMLSchema-instance</a>" xsi:schemaLocation="<a class="jive-link-external-small" href="http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd" target="_blank">http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd</a>"> <key-store-file>META-INF/server.keystore</key-store-file> <key-store-password>mypassword</key-store-password> <key-store-type>jks</key-store-type> <trust-store-file>META-INF/server.truststore</trust-store-file> <trust-store-password>mypassword</trust-store-password> <trust-store-type>jks</trust-store-type> <key-passwords> <key-password alias="server" password="mypassword" /> </key-passwords> <config> <timestamp ttl="300"/> <sign type="x509v3" alias="serverkeys" includeTimestamp="true"></sign> <encrypt type="x509v3" alias="clientkeys" algorithm="aes-256" keyWrapAlgorithm="rsa_oaep" tokenReference="keyIdentifier"></encrypt> <requires>  <encryption></encryption> </requires> </config> </jboss-ws-security>

I have copied jboss-wsse-server.xml, standard-jaxws-endpoint-config.xml, server.keystore, server.truststore to META-INF directory of the server project.

And on the client side I have:

standard-jaxws-client-config.xml

<?xml version="1.0" encoding="UTF-8"?>
<jaxws-config xmlns="urn:jboss:jaxws-config:2.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:javaee="http://java.sun.com/xml/ns/javaee"
xsi:schemaLocation="urn:jboss:jaxws-config:2.0 schema/jaxws-config_2_0.xsd">
<client-config>
<config-name>Standard WSSecurity Client</config-name>
<post-handler-chains>
<javaee:handler-chain>
<javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings>
<javaee:handler>
<javaee:handler-name>WSSecurityHandlerOutbound</javaee:handler-name>
<javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerClient</javaee:handler-class>
</javaee:handler>
</javaee:handler-chain>
</post-handler-chains>
</client-config>
</jaxws-config>

<?xml version="1.0" encoding="UTF-8"?> <jaxws-config xmlns="urn:jboss:jaxws-config:2.0" xmlns:xsi="<a class="jive-link-external-small" href="http://www.w3.org/2001/XMLSchema-instance" target="_blank">http://www.w3.org/2001/XMLSchema-instance</a>" xmlns:javaee="<a class="jive-link-external-small" href="http://java.sun.com/xml/ns/javaee" target="_blank">http://java.sun.com/xml/ns/javaee</a>" xsi:schemaLocation="urn:jboss:jaxws-config:2.0 schema/jaxws-config_2_0.xsd"> <client-config> <config-name>Standard WSSecurity Client</config-name> <post-handler-chains> <javaee:handler-chain> <javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings> <javaee:handler> <javaee:handler-name>WSSecurityHandlerOutbound</javaee:handler-name> <javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerClient</javaee:handler-class> </javaee:handler> </javaee:handler-chain> </post-handler-chains> </client-config> </jaxws-config>

jboss-wsse-client.xml

<?xml version="1.0" encoding="UTF-8"?>
<jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:schemaLocation="http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
<key-store-file>META-INF/client.keystore</key-store-file>
<key-store-password>mypassword</key-store-password>
<key-store-type>jks</key-store-type>
<trust-store-file>META-INF/client.truststore</trust-store-file>
<trust-store-password>mypassword</trust-store-password>
<trust-store-type>jks</trust-store-type>
<key-passwords>
<key-password alias="clientkyes" password="mypassword" />
</key-passwords>
<config>
<sign type="x509v3" alias="clientkyes" includeTimestamp="true"></sign>
<encrypt type="x509v3" alias="serverkeys" algorithm="aes-256"
keyWrapAlgorithm="rsa_oaep" tokenReference="keyIdentifier"></encrypt>
<requires>
<encryption></encryption>
</requires>
</config>
</jboss-ws-security>

<?xml version="1.0" encoding="UTF-8"?> <jboss-ws-security xmlns="<a class="jive-link-external-small" href="http://www.jboss.com/ws-security/config" target="_blank">http://www.jboss.com/ws-security/config</a>" xmlns:xsi="<a class="jive-link-external-small" href="http://www.w3.org/2001/XMLSchema-instance" target="_blank">http://www.w3.org/2001/XMLSchema-instance</a>" xsi:schemaLocation="<a class="jive-link-external-small" href="http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd" target="_blank">http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd</a>"> <key-store-file>META-INF/client.keystore</key-store-file> <key-store-password>mypassword</key-store-password> <key-store-type>jks</key-store-type> <trust-store-file>META-INF/client.truststore</trust-store-file> <trust-store-password>mypassword</trust-store-password> <trust-store-type>jks</trust-store-type> <key-passwords> <key-password alias="clientkyes" password="mypassword" /> </key-passwords> <config> <sign type="x509v3" alias="clientkyes" includeTimestamp="true"></sign> <encrypt type="x509v3" alias="serverkeys" algorithm="aes-256" keyWrapAlgorithm="rsa_oaep" tokenReference="keyIdentifier"></encrypt> <requires>  <encryption></encryption> </requires> </config> </jboss-ws-security>

Client Application:

@EndpointConfig(configName = "Standard WSSecurity Client")
public static void main(String[] args) throws MalformedURLException {
public static void main(String[] args) throws MalformedURLException {
UsersLoginServicesService service = new UsersLoginServicesService();
UsersLoginServices port = service.getUsersLoginServicesPort();
BindingProvider bindingProvider = (BindingProvider) port;
Map<String, Object> requestContext = bindingProvider
.getRequestContext();
requestContext.put(BindingProvider.USERNAME_PROPERTY, "username");
requestContext.put(BindingProvider.PASSWORD_PROPERTY, "password");
try {
boolean result = port.userLogin("username", "password");
// System.out.println(result);
if (result) {
System.out.println("Logged in");
} else {
System.out.println("Not logged in");
}
} catch (Exception ex) {
System.out.println(ex.getMessage());
}
}
}

@EndpointConfig(configName = "Standard WSSecurity Client") public static void main(String[] args) throws MalformedURLException { public static void main(String[] args) throws MalformedURLException { UsersLoginServicesService service = new UsersLoginServicesService(); UsersLoginServices port = service.getUsersLoginServicesPort(); BindingProvider bindingProvider = (BindingProvider) port; Map<String, Object> requestContext = bindingProvider .getRequestContext(); requestContext.put(BindingProvider.USERNAME_PROPERTY, "username"); requestContext.put(BindingProvider.PASSWORD_PROPERTY, "password"); try { boolean result = port.userLogin("username", "password"); // System.out.println(result); if (result) { System.out.println("Logged in"); } else { System.out.println("Not logged in"); } } catch (Exception ex) { System.out.println(ex.getMessage()); } } }

I have copied standard-jaxws-client-config.xml, jboss-wsse-client.xml and client.keystore, client.truststore to META-INF directory of the client.

But, When there is request from the client, I am getting the following Execption.

Exception in thread "main"

javax.xml.ws.soap.SOAPFaultException: This service requires <wsse:Security>, which is missing.

I have checked the request SOAP message & response messages, The client is not adding any <wsse:Security>, which is expected by the server.

Reply to this message by going to Community

Start a new discussion in JBoss Web Services at Community