[jboss-user] [JBossWS] - Yet another WS-Security question ...

viniciuscarvalho do-not-reply at jboss.com
Mon Mar 10 16:50:19 EDT 2008 

Hello there! I'm using JBoss 4.2.1.GA with JBoss WS 

Before one can point, I've already read:

http://jbws.dyndns.org/mediawiki/index.php?title=User_Guide#WS-Security
http://www.jboss.com/index.html?module=bb&op=viewtopic&t=105580&postdays=0&postorder=asc&start=10
http://jbws.dyndns.org/mediawiki/index.php?title=WS-Security_options
http://www.jboss.org/index.html?module=bb&op=viewtopic&t=94406&postdays=0&postorder=asc&start=10

Although those really helped me getting things started, I could not get security running.

I have 2 services that need to have an encryption/sign options. I decided to do this using certificates.

One of the services, is a pure JSR-189 WS:


  | @Stateless(name="CSMQueryService")
  | @WebService(serviceName="CSMQueryService",targetNamespace="http://www.synos.com.br/CSM/definitions")
  | @SOAPBinding(use = SOAPBinding.Use.LITERAL, style = SOAPBinding.Style.DOCUMENT)
  | @WebContext(contextRoot="/csm/services",urlPattern="/CSMQueryService")
  | @EndpointConfig(configName = "Standard WSSecurity Endpoint")
  | @HandlerChain(file="resource://META-INF/ServerHandler.xml")
  | public class CSMQueryServiceImpl implements CSMQueryService
  | 
  | 

The other, is a bit trick since I've implemented the WSDL from a top-down approach, and it was hand created. But, I can't get even this one working :(

I have a jar, with jboss-wsse-server.xml, ServerHandler, csm.keystore, csm.truststore inside its META-INF dir.

During deployment, there's no error, neither warning on the console. But, when I access the service's WSDL I was hoping to find some ws-security related stuff in there, but there was none, this was my first concern.

So I tried to access it using SOAPUI (I'll not try to run tests using jboss ws clients, since this service will be accessed using other languages like .net). Well, I did not set the certificate on SOAPUI on purpose, but I was expecting an error like "Not allowed", instead, a nullpointer was thrown:


  | 2008-03-10 17:34:05,463 DEBUG [org.jboss.ws.core.jaxws.handler.HandlerResolverImpl] getHandlerChain: [type=POST,info=[service={http://www.synos.com.br/CSM/definitions}CSMQueryService,port={http://www.synos.com.br/CSM/definitions}CSMQueryServiceImplPort,binding=http://schemas.xmlsoap.org/wsdl/soap/http]]
  | 2008-03-10 17:34:05,464 DEBUG [org.jboss.ws.core.jaxws.handler.HandlerChainExecutor] Create a handler executor: [WSSecurity Handler]
  | 2008-03-10 17:34:05,464 DEBUG [org.jboss.ws.core.jaxws.handler.HandlerChainExecutor] Enter: handleIn BoundMessage
  | 2008-03-10 17:34:05,470 ERROR [org.jboss.ws.core.jaxws.handler.HandlerChainExecutor] Exception during handler processing
  | java.lang.NullPointerException
  | 	at org.jboss.ws.extensions.security.Util.matchNode(Util.java:188)
  | 	at org.jboss.ws.extensions.security.Util.matchNode(Util.java:183)
  | 	at org.jboss.ws.extensions.security.Util.findElement(Util.java:89)
  | 	at org.jboss.ws.extensions.security.WSSecurityDispatcher.handleInbound(WSSecurityDispatcher.java:114)
  | 	at org.jboss.ws.extensions.security.jaxws.WSSecurityHandler.handleInboundSecurity(WSSecurityHandler.java:78)
  | 	at org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer.handleInbound(WSSecurityHandlerServer.java:41)
  | 	at org.jboss.wsf.spi.jaxws.handler.GenericHandler.handleMessage(GenericHandler.java:55)
  | 	at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:295)
  | 	at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:140)
  | 	at org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS.callRequestHandlerChain(HandlerDelegateJAXWS.java:87)
  | 	at org.jboss.ws.core.server.ServiceEndpointInvoker.callRequestHandlerChain(ServiceEndpointInvoker.java:115)
  | 	at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:159)
  | 	at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:396)
  | 	at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:260)
  | 	at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:177)
  | 	at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:110)
  | 	at org.jboss.wsf.spi.invocation.EndpointServlet.service(EndpointServlet.java:72)
  | 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
  | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
  | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
  | 	at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
  | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
  | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
  | 	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
  | 	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
  | 	at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
  | 	at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
  | 	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
  | 	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
  | 	at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
  | 	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
  | 	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241)
  | 	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
  | 	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:580)
  | 	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
  | 	at java.lang.Thread.run(Thread.java:595)
  | 2008-03-10 17:34:05,481 DEBUG [org.jboss.ws.core.jaxws.handler.HandlerChainExecutor] Exit: handleIn BoundMessage with status: false
  | 2008-03-10 17:34:05,481 DEBUG [org.jboss.ws.core.jaxws.handler.MessageContextJAXWS] Begin response processing
  | 2008-03-10 17:34:05,481 DEBUG [org.jboss.ws.core.soap.MessageContextAssociation] popMessageContext: org.jboss.ws.core.jaxws.handler.SOAPMessageContextJAXWS at 1e7879f (Thread http-127.0.0.1-8080-1)
  | 2008-03-10 17:34:05,481 DEBUG [org.jboss.ws.core.soap.MessageContextAssociation] pushMessageContext: org.jboss.ws.core.jaxws.handler.SOAPMessageContextJAXWS at 4fe915 (Thread http-127.0.0.1-8080-1)
  | 2008-03-10 17:34:05,484 ERROR [org.jboss.ws.core.jaxws.SOAPFaultHelperJAXWS] SOAP request exception
  | javax.xml.ws.WebServiceException: java.lang.NullPointerException
  | 	at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.processHandlerFailure(HandlerChainExecutor.java:276)
  | 	at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:155)
  | 	at org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS.callRequestHandlerChain(HandlerDelegateJAXWS.java:87)
  | 	at org.jboss.ws.core.server.ServiceEndpointInvoker.callRequestHandlerChain(ServiceEndpointInvoker.java:115)
  | 	at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:159)
  | 	at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:396)
  | 	at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:260)
  | 	at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:177)
  | 	at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:110)
  | 	at org.jboss.wsf.spi.invocation.EndpointServlet.service(EndpointServlet.java:72)
  | 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
  | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
  | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
  | 	at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
  | 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
  | 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
  | 	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
  | 	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
  | 	at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
  | 	at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
  | 	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
  | 	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104)
  | 	at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
  | 	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
  | 	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241)
  | 	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
  | 	at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:580)
  | 	at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
  | 	at java.lang.Thread.run(Thread.java:595)
  | Caused by: java.lang.NullPointerException
  | 	at org.jboss.ws.extensions.security.Util.matchNode(Util.java:188)
  | 	at org.jboss.ws.extensions.security.Util.matchNode(Util.java:183)
  | 	at org.jboss.ws.extensions.security.Util.findElement(Util.java:89)
  | 	at org.jboss.ws.extensions.security.WSSecurityDispatcher.handleInbound(WSSecurityDispatcher.java:114)
  | 	at org.jboss.ws.extensions.security.jaxws.WSSecurityHandler.handleInboundSecurity(WSSecurityHandler.java:78)
  | 	at org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer.handleInbound(WSSecurityHandlerServer.java:41)
  | 	at org.jboss.wsf.spi.jaxws.handler.GenericHandler.handleMessage(GenericHandler.java:55)
  | 	at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:295)
  | 	at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:140)
  | 	... 27 more
  | 2008-03-10 17:34:05,503 DEBUG [org.jboss.ws.core.jaxws.SOAPFaultHelperJAXWS] Cannot obtain fault meta data for: class javax.xml.ws.WebServiceException
  | 2008-03-10 17:34:05,503 DEBUG [org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS] callFaultHandlerChain: PRE
  | 2008-03-10 17:34:05,503 DEBUG [org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS] callFaultHandlerChain: ENDPOINT
  | 2008-03-10 17:34:05,503 DEBUG [org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS] callFaultHandlerChain: POST
  | 2008-03-10 17:34:05,503 DEBUG [org.jboss.ws.core.jaxws.handler.HandlerChainExecutor] Enter: handleOutBoundFault
  | 2008-03-10 17:34:05,503 DEBUG [org.jboss.ws.core.jaxws.handler.HandlerChainExecutor] Exit: handleOutBoundFault with status: true
  | 

It is my first time using WS-Sec on jbossws. I have used it before on glassfish. And the provider added few stuff on the WSDL to let the client know about the extensions to the WSDL.

I believe that my questions are:

1st: Does jbossws add this meta-data inside the secured service?
2nd: How do I get it running?

Regards[/url]

View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4135463#4135463

Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4135463

More information about the jboss-user mailing list