[jboss-user] [JBossWS] - Error calling external webservice from JBOSS ESB action

ayan13s do-not-reply at jboss.com
Mon Mar 9 04:46:59 EDT 2009 

We are facing issues in external web service call from esb action. Our web service client works perfectly when we call it from a standalone java program. But it throws NullPointerException when we try calling it from ESB action. We compared the request being passed to the service and found out the following. 

Signature in the request is being sent as a binary security token, but webservice expects subject key identifier.
Our standard-jaxws-client-config.xml has 'Standard WSSecurity Client' config(only) and in our jboss-wsse-client.xml file we have correct configuration() and we are setting it properly in the client using the following code.

URL securityURL = new File("jboss-wsse-client.xml").toURL();
((StubExt)impService).setSecurityConfig(securityURL.toExternalForm());

We are able to call the service successfully from standalone java app using same client. But when we try to invoke it from ESB, security token is being set incorrectly.

Request token reference  when calling from jboss esb action - 
<wsse:SecurityTokenReference wsu:Id='reference-3-1235384912204-31918910'><wsse:Reference URI='#token-2-1235384912204-24526361' ValueType='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3'/></wsse:SecurityTokenReference>

Request as it should be - 
<wsse:SecurityTokenReference wsu:Id='reference-2-1235384016982-12954112'><wsse:KeyIdentifier EncodingType='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary' ValueType='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier'>IR8MMN/HOdj8ZC2YJWlBgsqYbLo=</wsse:KeyIdentifier></wsse:SecurityTokenReference>

Server side log -

15:51:04,328 ERROR [HandlerChainExecutor] Exception during handler processing
java.lang.NullPointerException
                at org.jboss.ws.extensions.security.SecurityStore.validateCertificate(SecurityStore.java:501)
                at org.jboss.ws.extensions.security.BinarySecurityTokenValidator.validateToken(BinarySecurityTokenValidator.java:47)
                at org.jboss.ws.extensions.security.element.SecurityHeader.(SecurityHeader.java:78)
                at org.jboss.ws.extensions.security.SecurityDecoder.decode(SecurityDecoder.java:175)



Any pointer would be of great help. 


View the original post : http://www.jboss.org/index.html?module=bb&op=viewtopic&p=4216099#4216099

Reply to the post : http://www.jboss.org/index.html?module=bb&op=posting&mode=reply&p=4216099

More information about the jboss-user mailing list