3 Replies Latest reply on Apr 9, 2007 11:14 PM by peterj

WS-Security and certificate password

peterj Mar 28, 2007 2:19 PM

I just noticed what I think is a problem. If I generate a certificate and use a different password for it than what I used for the keystore, then I get a key not found error. The problem appears to be in the SecurityStore.getPrivateKey method, this line:

key = (PrivateKey)keyStore.getKey(alias, decryptPassword(keyStorePassword).toCharArray());

which assumes that the keystore password is also associated with the certificate.

I also checked jboss-ws-security_1_0.xsd to see if there was a way to provide a password along with the alias in the tag, but there was none.

Should I open a JIRA?

1. Re: WS-Security and certificate password

jason.greene Mar 28, 2007 3:36 PM (in response to peterj)

PeterJ,

Yes go ahead. Also if you plan on doing some improvements patches are welcome :)

-Jason
Actions
2. Re: WS-Security and certificate password

peterj Mar 29, 2007 12:57 PM (in response to peterj)

Hmm, JIRA seems to not work with Firefox any more (I am using 2.0.0.3, and I even disable all of my plugins). I am getting a null pointer exception on the home page and even issues assigned to me state that I don't have the necessary rights to work on them. So I tried IE 7, works fine there.

Anyway, I created an issue: http://jira.jboss.org/jira/browse/JBWS-1594.

I think I should be able to work on it next week so I assigned it to myself. Of course, feel free to modify the Fix Versions (I guessed at what they would be).
Actions
3. Re: WS-Security and certificate password

peterj Apr 9, 2007 11:14 PM (in response to peterj)

I have a patch. It works. I could simply apply the patch in Subversion, but I would prefer to place the patch into JIRA and have someone on the JBossWS team apply the patch (especially since I changed the xsd file, not sure if that requires a new version number or what). But JIRA doesn't like me, no matter whether I use Firefox or IE. When I log in, I can see the list of projects in the left column, but in the right column, where I should see things such as my assigned JIRA tasks, I instead see this exception:

An error occurred whilst rendering this message. Please contact the administrators, and inform them of this bug. Details: ------- java.lang.NullPointerException at com.atlassian.jira.issue.search.providers.LuceneSearchProvider.searchCount(LuceneSearchProvider.java:87) at com.atlassian.jira.portal.portlets.SavedFiltersPortlet.getCountsForFilter(SavedFiltersPortlet.java:52) at sun.reflect.GeneratedMethodAccessor832.invoke(Unknown Source) at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) at java.lang.reflect.Method.invoke(Method.java:585) at org.apache.velocity.util.introspection.UberspectImpl$VelMethodImpl.invoke(UberspectImpl.java:267) at org.apache.velocity.runtime.parser.node.ASTMethod.execute(ASTMethod.java:197) at org.apache.velocity.runtime.parser.node.ASTReference.execute(ASTReference.java:175) at org.apache.velocity.runtime.parser.node.ASTReference.render(ASTReference.java:220) at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:55) at org.apache.velocity.runtime.parser.node.ASTIfStatement.render(ASTIfStatement.java:70) at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:55) at org.apache.velocity.runtime.directive.Foreach.render(Foreach.java:166) at org.apache.velocity.runtime.parser.node.ASTDirective.render(ASTDirective.java:114) at org.apache.velocity.runtime.parser.node.ASTBlock.render(ASTBlock.java:55) at org.apache.velocity.runtime.parser.node.ASTIfStatement.render(ASTIfStatement.java:70) at org.apache.velocity.runtime.parser.node.SimpleNode.render(SimpleNode.java:230) at org.apache.velocity.Template.merge(Template.java:256) at org.apache.velocity.app.VelocityEngine.mergeTemplate(VelocityEngine.java:450) at com.atlassian.velocity.DefaultVelocityManager.getEncodedBody(DefaultVelocityManager.java:76) at com.atlassian.velocity.DefaultVelocityManager.getEncodedBody(DefaultVelocityManager.java:60) at com.atlassian.velocity.DefaultVelocityManager.getEncodedBody(DefaultVelocityManager.java:55) at com.atlassian.jira.plugin.JiraResourcedModuleDescriptor.getHtml(JiraResourcedModuleDescriptor.java:97) at com.atlassian.jira.portal.PortletImpl.getViewHtml(PortletImpl.java:67) at com.atlassian.jira.portal.portlets.AbstractRequiresUserPortlet.getViewHtml(AbstractRequiresUserPortlet.java:25) at org.apache.jsp.secure.views.dashboard_jsp._jspService(dashboard_jsp.java:1035) at org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:97) at javax.servlet.http.HttpServlet.service(HttpServlet.java:810) at org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:332) at org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:314) at org.apache.jasper.servlet.JspServlet.service(JspServlet.java:264) at javax.servlet.http.HttpServlet.service(HttpServlet.java:810) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher.java:672) at org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDispatcher.java:463) at org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatcher.java:398) at org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatcher.java:301) at com.atlassian.jira.web.dispatcher.JiraServletDispatcher.service(JiraServletDispatcher.java:253) at javax.servlet.http.HttpServlet.service(HttpServlet.java:810) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:252) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at com.atlassian.jira.web.filters.AccessLogFilter.doFilter(AccessLogFilter.java:35) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at com.opensymphony.module.sitemesh.filter.PageFilter.parsePage(PageFilter.java:119) at com.opensymphony.module.sitemesh.filter.PageFilter.doFilter(PageFilter.java:55) at com.atlassian.jira.web.filters.SitemeshExcludePathFilter.doFilter(SitemeshExcludePathFilter.java:38) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at com.atlassian.seraph.filter.SecurityFilter.doFilter(SecurityFilter.java:182) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at com.atlassian.seraph.filter.LoginFilter.doFilter(LoginFilter.java:181) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at com.atlassian.util.profiling.filters.ProfilingFilter.doFilter(ProfilingFilter.java:132) at com.atlassian.jira.web.filters.ProfilingAndErrorFilter.doFilter(ProfilingAndErrorFilter.java:35) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at com.atlassian.jira.web.filters.ActionCleanupDelayFilter.doFilter(ActionCleanupDelayFilter.java:39) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at com.atlassian.johnson.filters.JohnsonFilter.doFilter(JohnsonFilter.java:91) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at com.atlassian.jira.web.filters.gzip.GzipFilter.doFilter(GzipFilter.java:72) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at com.atlassian.core.filters.AbstractEncodingFilter.doFilter(AbstractEncodingFilter.java:37) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:202) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:173) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:178) at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:175) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:74) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:126) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:105) at org.apache.catalina.valves.FastCommonAccessLogValve.invoke(FastCommonAccessLogValve.java:495) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:107) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:148) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:869) at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:664) at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:527) at org.apache.tomcat.util.net.MasterSlaveWorkerThread.run(MasterSlaveWorkerThread.java:112) at java.lang.Thread.run(Thread.java:595)

And if I go straight to this particular JIRA issue I am informed that I would have more options available if I first logged in.

Help.
Actions

Go to original post