[jboss-user] [JBossWS] - WSSecurity not working

jopere do-not-reply at jboss.com
Sun May 13 21:06:15 EDT 2007 

I have created web service that uses a POJO endpoint and have successfully connected to it from a servlet.  Now I am trying to add WSSecurity to it, using signed certificates.  When I run the client, it connects to the web service, but the message is not signed.  I verify this by monitoring the soap message, which does not include any of the wsse tags.

I am using:
JBoss 4.0.4.GA with the default JBossWS installed
JDK 1.5.0_07
JWSDP 2.0
Compiling the service using wstools
Compiling the client using wscompile
I Used OpenSSL to created the signed certificates/keystore/truststore

After reading both the JBossWS User Guide and the JAX-WS User Guide as well as many posts to this forum I used the following setup for the web serivice and client.

Web Service:  included jboss-wsse-server.xml, standard-jaxrpc-endpoint-config.xml, server.truststore and client.keystore in web-inf, along with normal deployment descriptors.

jboss-wsse-server.xml:

<?xml version="1.0" encoding="UTF-8"?>
<jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
 xsi:schemaLocation="http://www.jboss.com/ws-security/config   
 http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
    <key-store-file>META-INF/client.keystore</key-store-file>
    <key-store-password>webservicec</key-store-password>
    <trust-store-file>META-INF/server.truststore</trust-store-file>
    <trust-store-password>jbossws</trust-store-password>
    
        
        
            
        
    
</jboss-ws-security>

standard-jaxrpc-endpoint-config.xml:

<jaxws-config xmlns="urn:jboss:jaxws-config:2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:javaee="http://java.sun.com/xml/ns/javaee"
              xsi:schemaLocation="urn:jboss:jaxws-config:2.0 jaxws-config_2_0.xsd">
   <endpoint-config>
      <config-name>Standard WSSecurity Endpoint</config-name>
      <pre-handler-chains>
         <javaee:handler-chain>
            <javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings>
            <javaee:handler>
               <javaee:handler-name>WSSecurity Handler</javaee:handler-name>
               <javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer</javaee:handler-class>
            </javaee:handler>
         </javaee:handler-chain>
      </pre-handler-chains>
   </endpoint-config>
</jaxws-config>

web.xml:

<?xml version="1.0" encoding="UTF-8"?>
<web-app xmlns="http://java.sun.com/xml/ns/j2ee" version="2.4" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://java.sun.com/xml/ns/j2ee http://java.sun.com/xml/ns/j2ee/web-app_2_4.xsd">
  .. servlet mappings ...
  <context-param>
    <param-name>jbossws-config-name</param-name>>
    <param-value>Standard Secure Endpoint</param-value>
  </context-param>
</web-app>

Client:  Included jboss-wsse-client.xml, standard-jaxrpc-client-config.xml, and client.keystore in web-inf, as well as normal deployment descriptorts.

jboss-wsse-client.xml:

<?xml version="1.0" encoding="UTF-8"?>
<jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
	xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" 
	xsi:schemaLocation="http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
	<key-store-file>META-INF/client.keystore</key-store-file>
	<key-store-password>jbossws</key-store-password>
	
		
		
			
		
	
</jboss-ws-security>

standard-jaxrpc-client-config.xml:

<jaxrpc-config xmlns="urn:jboss:jaxrpc-config:2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:j2ee="http://java.sun.com/xml/ns/j2ee"
  xsi:schemaLocation="urn:jboss:jaxrpc-config:2.0 jaxrpc-config_2_0.xsd">
  <client-config>
    <config-name>Standard WSSecurity Client</config-name>
    <post-handler-chain>
      <handler-chain-name>WSSecurity Handlers</handler-chain-name>
      
        <j2ee:handler-name>WSSecurityHandlerOutbound</j2ee:handler-name>
        <j2ee:handler-class>org.jboss.ws.extensions.security.jaxrpc.WSSecurityHandlerOutbound</j2ee:handler-class>
      
    </post-handler-chain>
  </client-config>
</jaxrpc-config>

I also included several libs from libraries from the JAXRPC and SAAJ libs in the JWSDP.  I did not add any special code to web.wml.

Both the web service and client deploy without error, and when I run the service is runs without error.  But when I look at the SOAP message that was sent it is not signed.

Next I tried upgrading to JBossWS 1.2.1.  With this configuration both web the service and client install correctly, but when I run the code I get this error:

19:54:23,064 WARN  [[WebClient]] Servlet.service() for servlet WebClient threw exception
java.rmi.RemoteException: Couldn't create SOAP message factory due to exception: javax.xml.soap.SOAP
Exception: Unable to create message factory for SOAP: org.jboss.ws.core.soap.MessageFactoryImpl; nes
ted exception is:
        Couldn't create SOAP message factory due to exception: javax.xml.soap.SOAPException: Unable
to create message factory for SOAP: org.jboss.ws.core.soap.MessageFactoryImpl
        at com.acxiom.mypkg.Purchaser_Stub.purchase(Purchaser_Stub.java:88)
        at com.acxiom.webclient.Client.doGet(Client.java:41)
        at com.acxiom.webclient.Client.doPost(Client.java:95)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:810)
...

Can somebody please help me to see what I am doing wrong?

Thanks!






View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4045319#4045319

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4045319

More information about the jboss-user mailing list