4:05 a.m.
Hi all,
I have troubles making JBoss 5.0 GA to sign my SOAP messages.
I have an external web-service on HTTPS hosting. It expects all incoming messages to be
singed with BinarySecurityToken element.
I performed the following steps:
1. Read http://jbws.dyndns.org/mediawiki/index.php/JAX-WS_User_Guide#WS-Security
tutirial.
2. Put jboss-wsse-client.xml and jboss-wsse-server.xml to WEB-INF of my client
web-application. The content was the following:
<?xml version = "1.0" encoding = "UTF-8"?>
| <jboss-ws-security
| xmlns = "http://www.jboss.com/ws-security/config"
| xmlns:xsi = "http://www.w3.org/2001/XMLSchema-instance"
| xsi:schemaLocation = "http://www.jboss.com/ws-security/config
| http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
| <key-store-file>WEB-INF/.keystore</key-store-file>
| <key-store-password>123456</key-store-password>
| <trust-store-file>WEB-INF/.truststore</trust-store-file>
| <trust-store-password>123456</trust-store-password>
| <config>
| <sign type = "x509v3" alias = "ec2"></sign>
| <requires>
| <signature></signature>
| </requires>
| </config>
| </jboss-ws-security>
|
3. Put .keystore and .trustore files in WEB-INF.
4. Called web-service. The following exception was found in log:
anonymous wrote : 12:56:19,140 ERROR [HTTPClientInvoker] Error creating SSL Socket Factory
for client invoker: Error initializing socket factory SSL context: Can not find truststore
url.
| javax.xml.ws.soap.SOAPFaultException: Service was not able to authenticate the
request: access credentials are missing
| at
org.jboss.ws.core.jaxws.SOAPFaultHelperJAXWS.getSOAPFaultException(SOAPFaultHelperJAXWS.java:84)
| at
org.jboss.ws.core.jaxws.binding.SOAP11BindingJAXWS.throwFaultException(SOAP11BindingJAXWS.java:107)
| at
org.jboss.ws.core.CommonSOAPBinding.unbindResponseMessage(CommonSOAPBinding.java:577)
| at org.jboss.ws.core.CommonClient.invoke(CommonClient.java:381)
| at org.jboss.ws.core.jaxws.client.ClientImpl.invoke(ClientImpl.java:291)
| at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:170)
| at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:150)
| at $Proxy160.describeImages(Unknown Source)
| at com.amazon.demo.TestCall.doGet(TestCall.java:55)
| at javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
| at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
| at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
| at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
| at
org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
| at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
| at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
| at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235)
| at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
| at
org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190)
| at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
| at
org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
| at
org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
| at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
| at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
| at
org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
| at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
| at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
| at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:828)
| at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:601)
| at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
| at java.lang.Thread.run(Thread.java:619)
It seems that security is still turned off.
Do you guys have any ideas on what I did wrong?
Thanks.
View the original post :
http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4196827#...
Reply to the post :
http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&a...