[JBossWS] - WS-Security Username Token Password Digest
by bschmoll1
I'm having some dfficulty in converting a web service from a cleartext password to using a password digest. Following the directions from http://jbossws.jboss.org/mediawiki/index.php?title=WS-Security_options I've created a "JBossWSDigest" application policy in the login-config.xml
| <application-policy name="JBossWSDigest">
| <authentication>
| <login-module code="org.jboss.security.auth.spi.UsersRolesLoginModule" flag="required">
| <module-option name="usersProperties">props/jbossws-users.properties</module-option>
| <module-option name="rolesProperties">props/jbossws-roles.properties</module-option>
| <module-option name="hashAlgorithm">SHA</module-option>
| <module-option name="hashEncoding">BASE64</module-option>
| <module-option name="hashUserPassword">false</module-option>
| <module-option name="hashStorePassword">true</module-option>
| <module-option name="storeDigestCallback">org.jboss.ws.extensions.security.auth.callback.UsernameTokenCallback</module-option>
| <module-option name="unauthenticatedIdentity">anonymous</module-option>
| </login-module>
| </authentication>
| </application-policy>
|
The jboss-wsse-server.xml
| <?xml version="1.0" encoding="UTF-8"?>
| <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
| xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
| xsi:schemaLocation="http://www.jboss.com/ws-security/config
| http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
| <config>
| <requires/>
| <username digestPassword="true" useNonce="true" useCreated="true"/>
| <authenticate>
| <usernameAuth/>
| </authenticate>
| <!-- <timestamp ttl="300"/> -->
| </config>
| </jboss-ws-security>
|
When I call the service via soapUI the following is dumped in the server.log
| 2008-11-28 12:24:04,065 DEBUG [org.jboss.ejb3.security.Ejb3AuthenticationInterceptor] Authentication failure
| javax.security.auth.login.LoginException: storeDigestCallback callback failed
| at org.jboss.security.auth.spi.UsernamePasswordLoginModule.createPasswordHash(UsernamePasswordLoginModule.java:409)
| at org.jboss.security.auth.spi.UsernamePasswordLoginModule.login(UsernamePasswordLoginModule.java:209)
| at org.jboss.security.auth.spi.UsersRolesLoginModule.login(UsersRolesLoginModule.java:152)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:597)
| at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
| at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
| at javax.security.auth.login.LoginContext$4.run(LoginContext.java:683)
| at java.security.AccessController.doPrivileged(Native Method)
| at javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:680)
| at javax.security.auth.login.LoginContext.login(LoginContext.java:579)
| at org.jboss.security.plugins.JaasSecurityManager.defaultLogin(JaasSecurityManager.java:603)
| at org.jboss.security.plugins.JaasSecurityManager.authenticate(JaasSecurityManager.java:537)
| at org.jboss.security.plugins.JaasSecurityManager.isValid(JaasSecurityManager.java:344)
| at org.jboss.aspects.security.AuthenticationInterceptor.authenticate(AuthenticationInterceptor.java:123)
| at org.jboss.aspects.security.AuthenticationInterceptor.invoke(AuthenticationInterceptor.java:66)
| at org.jboss.ejb3.security.Ejb3AuthenticationInterceptor.invoke(Ejb3AuthenticationInterceptor.java:110)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.ejb3.ENCPropagationInterceptor.invoke(ENCPropagationInterceptor.java:46)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.ejb3.asynchronous.AsynchronousInterceptor.invoke(AsynchronousInterceptor.java:106)
| at org.jboss.aop.joinpoint.MethodInvocation.invokeNext(MethodInvocation.java:101)
| at org.jboss.wsf.container.jboss42.InvocationHandlerEJB3.invoke(InvocationHandlerEJB3.java:103)
| at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:221)
| at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:466)
| at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:284)
| at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:201)
| at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:134)
| at org.jboss.wsf.stack.jbws.EndpointServlet.service(EndpointServlet.java:84)
| at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
| at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
| at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
| at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
| at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
| at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
| at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:182)
| at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
| at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
| at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
| at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
| at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
| at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
| at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
| at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
| at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
| at java.lang.Thread.run(Thread.java:619)
| Caused by: javax.security.auth.callback.UnsupportedCallbackException: Unrecognized Callback
| at org.jboss.security.auth.callback.SecurityAssociationHandler.handle(SecurityAssociationHandler.java:128)
| at javax.security.auth.login.LoginContext$SecureCallbackHandler$1.run(LoginContext.java:955)
| at java.security.AccessController.doPrivileged(Native Method)
| at javax.security.auth.login.LoginContext$SecureCallbackHandler.handle(LoginContext.java:951)
| at org.jboss.security.auth.spi.UsernamePasswordLoginModule.createPasswordHash(UsernamePasswordLoginModule.java:399)
| ... 49 more
|
It seems like the exception is due to the "Unrecognized Callback" but I don't see what I'm missing in the configuration.
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4193274#4193274
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4193274
16 years
[JBossWS] - Help with wsconsume..
by troy.sellers
Hi All,
I am trying to build a client from an existing WSDL and am running into these errors..
I am wondering if this has to do with the fact that the existing wsdl is rpc/encoding.... if so, how do i modify this wsdl (have no access to the actual endpoint) so that the wsconsume will work?
C:\Documents and Settings\troy.sellers\Desktop\jbossws-native-bin-dist\deploy\bi
n>wsconsume.bat -k customer.wsdl
parsing WSDL...
[WARNING] src-resolve: Cannot resolve the name 'soapenc:Array' to a(n) 'type def
inition' component.
line 108 of file:/C:/Documents%20and%20Settings/troy.sellers/Desktop/jbossws-n
ative-bin-dist/deploy/bin/customer.wsdl#types?schema2
[ERROR] undefined simple or complex type 'soapenc:Array'
line 108 of file:/C:/Documents%20and%20Settings/troy.sellers/Desktop/jbossws-n
ative-bin-dist/deploy/bin/customer.wsdl
[ERROR] undefined attribute 'soapenc:arrayType'
line 109 of file:/C:/Documents%20and%20Settings/troy.sellers/Desktop/jbossws-n
ative-bin-dist/deploy/bin/customer.wsdl
[ERROR] undefined simple or complex type 'soapenc:Array'
line 115 of file:/C:/Documents%20and%20Settings/troy.sellers/Desktop/jbossws-n
ative-bin-dist/deploy/bin/customer.wsdl
[ERROR] undefined attribute 'soapenc:arrayType'
line 116 of file:/C:/Documents%20and%20Settings/troy.sellers/Desktop/jbossws-n
ative-bin-dist/deploy/bin/customer.wsdl
Failed to invoke WsImport
java.lang.NullPointerException
at com.sun.tools.xjc.reader.internalizer.SCDBasedBindingSet.apply(SCDBas
edBindingSet.java:237)
at com.sun.tools.xjc.ModelLoader.createXSOM(ModelLoader.java:518)
at com.sun.tools.xjc.api.impl.s2j.SchemaCompilerImpl.bind(SchemaCompiler
Impl.java:232)
at com.sun.tools.xjc.api.impl.s2j.SchemaCompilerImpl.bind(SchemaCompiler
Impl.java:85)
at com.sun.tools.ws.processor.modeler.wsdl.JAXBModelBuilder.bind(JAXBMod
elBuilder.java:120)
at com.sun.tools.ws.processor.modeler.wsdl.WSDLModeler.buildJAXBModel(WS
DLModeler.java:2173)
at com.sun.tools.ws.processor.modeler.wsdl.WSDLModeler.internalBuildMode
l(WSDLModeler.java:173)
at com.sun.tools.ws.processor.modeler.wsdl.WSDLModeler.buildModel(WSDLMo
deler.java:119)
at com.sun.tools.ws.wscompile.WsimportTool.run(WsimportTool.java:148)
at org.jboss.ws.tools.jaxws.impl.SunRIConsumerImpl.consume(SunRIConsumer
Impl.java:187)
at org.jboss.wsf.spi.tools.cmd.WSConsume.importServices(Unknown Source)
at org.jboss.wsf.spi.tools.cmd.WSConsume.main(Unknown Source)
Hope someone can help with this one?
Cheers,
Troy
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4192920#4192920
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4192920
16 years