1 2 Previous Next 16 Replies Latest reply on Jul 1, 2008 9:21 AM by helmutdoe

    Unable to create a WSClient that uses jboss-wsse-client.xml

    noclueu2

      Hello All,
      I am trying to do a simple WS that requires a user/password and has encryption. I have the user/password working and the server (i think) is doing encryption but I cannot get my client to use the jboss-wsse-client.xml file. Here is all my code, step by step.

      SERVER:
      jboss-wsse-server.xml

      <?xml version="1.0" encoding="UTF-8"?>
      
      <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
       <key-store-file>META-INF/wsse.keystore</key-store-file>
       <key-store-password>jbossws</key-store-password>
       <trust-store-file>META-INF/wsse.truststore</trust-store-file>
       <trust-store-password>jbossws</trust-store-password>
       <config>
       <sign type="x509v3" alias="wsse"/>
       <requires>
       <signature/>
       </requires>
       </config>
      </jboss-ws-security>
      


      ServerHandler.xml
      <?xml version="1.0" encoding="UTF-8"?>
      
      <handler-config>
       <handler-chain>
       <handler-chain-name>SecureHandlerChain</handler-chain-name>
       <handler>
       <handler-name>WSSecurityHandlerInbound</handler-name>
       <handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer</handler-class>
       </handler>
       </handler-chain>
      </handler-config>
      


      Server Source:
      TestMagicRemoteInterface.java
      import javax.ejb.Local;
      import javax.ejb.Remote;
      
      @Local
      @Remote
      public interface TestMagicRemoteInterface {
       String pullFromHat(String input);
      }
      


      TestMagicBean.java
      import javax.annotation.PostConstruct;
      import javax.annotation.security.RolesAllowed;
      import javax.ejb.Local;
      import javax.ejb.Remote;
      import javax.ejb.Stateless;
      import javax.jws.WebMethod;
      import javax.jws.WebResult;
      import javax.jws.WebService;
      import javax.jws.HandlerChain;
      import javax.jws.soap.SOAPBinding;
      
      import org.jboss.annotation.ejb.RemoteBinding;
      import org.jboss.annotation.security.SecurityDomain;
      import org.jboss.ws.annotation.WebContext;
      
      @WebService(name = "EndpointInterface",
       targetNamespace = "http://com.test.www/test/jsr181ejb",
       serviceName = "MagicService")
      @SOAPBinding(style = SOAPBinding.Style.RPC)
      @Local(TestMagicRemoteInterface.class)
      @Remote(TestMagicRemoteInterface.class)
      @RolesAllowed("internal")
      @Stateless
      @RemoteBinding(jndiBinding = "/ejb3/TestMagician")
      @WebContext(authMethod="BASIC", transportGuarantee="NONE", secureWSDLAccess=false)
      @SecurityDomain(value="JBossWS")
      @HandlerChain(file="resource://config/ServerHandler.xml", name="SecureHandlerChain")
      public class TestMagicBean implements TestMagicRemoteInterface {
      
       @WebMethod(operationName="PullFromHat")
       @WebResult(name = "hat")
       public String pullFromHat(String input) {
       return "White Rabbit--"+input;
       }
      }
      


      build.xml

      <?xml version="1.0" encoding="UTF-8"?>
      <project default="dist" basedir="." name="JBossWS-Tests">
       <property file="${basedir}/build.properties"/>
      
       <property name="dist.dir" value="${basedir}/dist"/>
       <property name="bin.dir" value="${basedir}/bin"/>
       <property name="src.dir" value="${basedir}/src"/>
       <property name="conf.dir" value="${basedir}/conf"/>
       <property name="keystore.dir" value="${basedir}/keystore"/>
      
       <property name="jboss.client" value="${jboss40.home}/client"/>
       <property name="jboss.deploy" value="${jboss40.home}/server/${jboss.server.instance}"/>
      
       <available classname="java.lang.Enum" property="HAVE_JDK_1.5"/>
      
       <target name="check-jvm">
       <fail message="jdk-1.5 is required" unless="HAVE_JDK_1.5"/>
       </target>
      
       <target name="prepare-classpath" depends="check-jvm">
       <path id="core.classpath">
       <pathelement location="${jboss40.home}/lib/jboss-common.jar"/>
       <pathelement location="${jboss40.home}/lib/jboss-jmx.jar"/>
       <pathelement location="${jboss40.home}/lib/jboss-system.jar"/>
       <pathelement location="${jboss40.home}/lib/jboss-xml-binding.jar"/>
       </path>
       <path id="jbossws.classpath">
       <fileset dir="${jboss.deploy}/deploy/jbossws.sar">
       <include name="*.jar"/>
       </fileset>
       <pathelement location="${jboss.client}/jbossws-client.jar"/>
       <pathelement location="${jboss.client}/jboss-jaxrpc.jar"/>
       <pathelement location="${jboss.client}/jboss-saaj.jar"/>
       </path>
       <path id="ejb3.classpath">
       <fileset dir="${jboss.deploy}/deploy/ejb3.deployer">
       <include name="*.jar"/>
       </fileset>
       <pathelement location="${jboss.client}/jboss-ejb3-client.jar"/>
       <pathelement location="${jboss.deploy}/lib/jboss-j2ee.jar"/>
       </path>
       <path id="wstools.classpath">
       <pathelement location="${jboss.client}/jboss-xml-binding.jar"/>
       <pathelement location="${jboss.client}/activation.jar"/>
       <pathelement location="${jboss.client}/javassist.jar"/>
       <pathelement location="${jboss.client}/jbossall-client.jar"/>
       <pathelement location="${jboss.client}/jbossretro-rt.jar"/>
       <pathelement location="${jboss.client}/jboss-backport-concurrent.jar"/>
       <pathelement location="${jboss.client}/jbossws-client.jar"/>
       <pathelement location="${jboss.client}/log4j.jar"/>
       <pathelement location="${jboss.client}/mail.jar"/>
       </path>
       <path id="build.classpath">
       <path refid="core.classpath"/>
       <path refid="jbossws.classpath"/>
       <path refid="ejb3.classpath"/>
       </path>
       </target>
      
       <target name="wstools" depends="prepare-classpath">
       <taskdef name="wstools" classname="org.jboss.ws.tools.ant.wstools"
       classpathref="wstools.classpath"/>
      
       </target>
      
      
       <target name="compile" depends="prepare-classpath">
       <delete dir="${bin.dir}"/>
       <mkdir dir="${bin.dir}"/>
       <javac destdir="${bin.dir}">
       <src path="${src.dir}"/>
       <classpath refid="build.classpath"/>
       </javac>
       </target>
      
       <target name="package" depends="compile">
       <delete dir="${dist.dir}"/>
       <mkdir dir="${dist.dir}"/>
       <jar destfile="${dist.dir}/${project.name}.jar">
       <zipfileset dir="${bin.dir}">
       <include name="**"/>
       </zipfileset>
       <zipfileset dir="${conf.dir}" prefix="config">
       <include name="ServerHandler.xml"/>
       </zipfileset>
       <zipfileset dir="${conf.dir}" prefix="META-INF">
       <include name="jboss-wsse-server.xml"/>
       </zipfileset>
       <zipfileset dir="${keystore.dir}" prefix="META-INF">
       <include name="wsse.*"/>
       </zipfileset>
       </jar>
       </target>
      
      
       <target name="dist" depends="package">
       <echo message="Preparing Dist"/>
       </target>
      </project>
      


      Everything above builds and deploys and expects the client to use wsse:Security



      Client Code:
      jboss-wsse-client.jar

      <?xml version="1.0" encoding="UTF-8"?>
      
      <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
       <key-store-file>c:/work/workspace/TestWebServicesClient/keystore/wsse.keystore</key-store-file>
       <key-store-password>jbossws</key-store-password>
       <trust-store-file>c:/work/workspace/TestWebServicesClient/keystore/wsse.truststore</trust-store-file>
       <trust-store-password>jbossws</trust-store-password>
       <config>
       <sign type="x509v3" alias="wsse"/>
       <requires>
       <encryption/>
       </requires>
       </config>
      </jboss-ws-security>
      


      wstools-config.xml
      <?xml version="1.0" encoding="UTF-8"?>
      
      <configuration xmlns="http://www.jboss.org/jbossws-tools"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="http://www.jboss.org/jbossws-tools http://www.jboss.org/jbossws-tools/schema/jbossws-tool_1_0.xsd">
       <wsdl-java file="http://localhost:8080/MagicService/TestMagicBean?wsdl">
      
       </wsdl-java>
      </configuration>
      


      ClientTest.java
      import java.net.URL;
      import java.util.Map;
      
      import javax.xml.namespace.QName;
      import javax.xml.ws.BindingProvider;
      
      import com.client.MagicService;
      import com.client.EndpointInterface;
      
      public class ClientTest {
      
       public static void main(String[] args) {
       System.setProperty("org.jboss.wsse.keyStore", "c:/work/workspace/TestWebServicesClient/keystore/wsse.keystore");
       System.setProperty("org.jboss.wsse.keyStorePassword", "jbossws");
       System.setProperty("org.jboss.wsse.keyStoreType", "x509v3");
       System.setProperty("org.jboss.wsse.trustStore", "c:/work/workspace/TestWebServicesClient/keystore/wsse.truststore");
       System.setProperty("org.jboss.wsse.trustStorePassword", "jbossws");
       System.setProperty("org.jboss.wsse.trustStoreType", "x509v3");
      
      
       try {
       System.out.println("Hello World, I'm about to do magic");
       MagicService service = new MagicService();
       EndpointInterface port = service.getEndpointInterfacePort();
       BindingProvider bindingProvider = (BindingProvider) port;
       Map<String, Object> reqContext = bindingProvider.getRequestContext();
       reqContext.put(BindingProvider.USERNAME_PROPERTY, "myuser");
       reqContext.put(BindingProvider.PASSWORD_PROPERTY, "mypassword");
      
       System.out.println(port.pullFromHat("Java Client Test"));
      
       } catch (Exception e) {
       e.printStackTrace();
       }
      
       }
      
      }
      



      build.xml
      <?xml version="1.0" encoding="UTF-8"?>
      <project default="dist" basedir="." name="JBossWS-Tests">
       <property file="${basedir}/build.properties"/>
      
       <property name="dist.dir" value="${basedir}/dist"/>
       <property name="bin.dir" value="${basedir}/bin"/>
       <property name="src.dir" value="${basedir}/src"/>
       <property name="conf.dir" value="${basedir}/conf"/>
       <property name="keystore.dir" value="${basedir}/keystore"/>
       <property name="thirdparty.dir" value="${basedir}/thirdparty"/>
      
       <property name="jboss.client" value="${jboss40.home}/client"/>
       <property name="jboss.deploy" value="${jboss40.home}/server/${jboss.server.instance}"/>
      
       <available classname="java.lang.Enum" property="HAVE_JDK_1.5"/>
      
       <target name="check-jvm">
       <fail message="jdk-1.5 is required" unless="HAVE_JDK_1.5"/>
       </target>
      
       <target name="prepare-classpath" depends="check-jvm">
       <path id="core.classpath">
       <pathelement location="${jboss40.home}/lib/jboss-common.jar"/>
       <pathelement location="${jboss40.home}/lib/jboss-jmx.jar"/>
       <pathelement location="${jboss40.home}/lib/jboss-system.jar"/>
       <pathelement location="${jboss40.home}/lib/jboss-xml-binding.jar"/>
       </path>
       <path id="jbossws.classpath">
       <fileset dir="${jboss.deploy}/deploy/jbossws.sar">
       <include name="*.jar"/>
       </fileset>
       <pathelement location="${jboss.client}/jbossws-client.jar"/>
       <pathelement location="${jboss.client}/jboss-jaxrpc.jar"/>
       <pathelement location="${jboss.client}/jboss-saaj.jar"/>
       </path>
       <path id="ejb3.classpath">
       <fileset dir="${jboss.deploy}/deploy/ejb3.deployer">
       <include name="*.jar"/>
       </fileset>
       <pathelement location="${jboss.client}/jboss-ejb3-client.jar"/>
       <pathelement location="${jboss.deploy}/lib/jboss-j2ee.jar"/>
       </path>
       <path id="wstools.classpath">
       <pathelement location="${jboss.client}/jboss-xml-binding.jar"/>
       <pathelement location="${jboss.client}/activation.jar"/>
       <pathelement location="${jboss.client}/javassist.jar"/>
       <pathelement location="${jboss.client}/jbossall-client.jar"/>
       <pathelement location="${jboss.client}/jbossretro-rt.jar"/>
       <pathelement location="${jboss.client}/jboss-backport-concurrent.jar"/>
       <pathelement location="${jboss.client}/jbossws-client.jar"/>
       <pathelement location="${jboss.client}/log4j.jar"/>
       <pathelement location="${jboss.client}/mail.jar"/>
       <path refid="core.classpath"/>
       <path refid="jbossws.classpath"/>
       <path refid="ejb3.classpath"/>
       </path>
       <path id="build.classpath">
       <path refid="core.classpath"/>
       <path refid="jbossws.classpath"/>
       <path refid="ejb3.classpath"/>
       </path>
       <path id="client.classpath">
       <fileset dir="${jboss.client}">
       <include name="*.jar"/>
       </fileset>
       <path refid="core.classpath"/>
       <path refid="jbossws.classpath"/>
       <path refid="ejb3.classpath"/>
       <pathelement location="${jboss40.home}/lib/endorsed/xercesImpl.jar"/>
       </path>
       </target>
      
       <target name="wstools" depends="prepare-classpath">
      
       <taskdef name="wstools" classname="org.jboss.ws.tools.ant.wstools"
       classpathref="wstools.classpath"/>
       <!-- <wstools dest="${bin.dir}" config="conf/wstools-config.xml"/> -->
       <taskdef name="wsconsume" classname="org.jboss.ws.tools.jaxws.ant.wsconsume">
       <classpath refid="wstools.classpath"/>
       <classpath location="${thirdparty.dir}/jbossws-wsconsume-impl.jar"/>
       <classpath location="${thirdparty.dir}/jaxb-xjc.jar"/>
       </taskdef>
       <wsconsume wsdl="http://localhost:8080/MagicService/TestMagicBean?wsdl" package="com.client" sourcedestdir="${src.dir}" keep="true"/>
      
      
       </target>
      
      
       <target name="compile" depends="prepare-classpath">
       <delete dir="${bin.dir}"/>
       <mkdir dir="${bin.dir}"/>
       <javac destdir="${bin.dir}">
       <src path="${src.dir}"/>
       <classpath refid="build.classpath"/>
       </javac>
       </target>
      
       <target name="package" depends="compile">
       <delete dir="${dist.dir}"/>
       <mkdir dir="${dist.dir}"/>
       <jar destfile="${dist.dir}/${project.name}-Client.jar">
       <manifest>
       <attribute name="Main-Class" value="ClientTest"/>
       </manifest>
       <zipfileset dir="${bin.dir}">
       <include name="**"/>
       </zipfileset>
       <zipfileset dir="${conf.dir}" prefix="META-INF">
       <include name="jboss-wsse-client.xml"/>
       </zipfileset>
       </jar>
       </target>
      
      
       <target name="dist" depends="package">
       <echo message="Preparing Dist"/>
       </target>
      
       <target name="run" depends="dist">
       <echo message="About To RUN"/>
      
      
       <java classname="ClientTest" fork="true">
       <classpath>
       <pathelement location="${dist.dir}/${project.name}-Client.jar"/>
       <fileset dir="${jboss.client}">
       <include name="*.jar"/>
       </fileset>
       <pathelement location="${jboss40.home}/lib/endorsed/xercesImpl.jar"/>
       </classpath>
       </java>
       </target>
      </project>
      


      Jar File structure:
       META-INF
       jboss-wsse-client.xml
       Manifest.mf
       ClientTest.class
       com
       client
       MagicService.class
       EndpointInterface.class
      


      My above code works if I do not include the jboss-wsse-server.xml but once I add it, the client fails. I do know that I had to add the HandlerChain to the server class for things to work, is there something similar that I have to do to the client?


      Thanks,
      Richard K


        • 1. Re: Unable to create a WSClient that uses jboss-wsse-client.
          peterj

          First, I think the client is neither signing nor encrypting the messages. The jboss-wsse-client.xml file is confused, it indicates that encryption is required but never states how to encrypt the message, but it does indicate how to sign the message. To encrypt the message, the < config > section should read:

          <config>
           <encrypt type="x509v3" alias="wsse"/>
           <requires>
           <encryption/>
           </requires>
           </config>


          Similarly, according to the jboss-wsse-server.xml file, the response messages is being signed but not encrypted.

          What error are you seeing? Is there an error on both the client and server? If so, the error is happening at the server and the client error is typically a reflection of that error.

          • 2. Re: Unable to create a WSClient that uses jboss-wsse-client.
            noclueu2

            I tried changing the config files to have encrypt in them with no succes. The serve continues to work but my client does not.

            Here is the error message:

            javax.xml.ws.soap.SOAPFaultException: javax.xml.rpc.soap.SOAPFaultException: This service requires <wsse:Security>, which is missing.
             at org.jboss.ws.core.jaxws.SOAPFaultHelperJAXWS.getSOAPFaultException(SOAPFaultHelperJAXWS.java:56)
             at org.jboss.ws.core.jaxws.binding.SOAP11BindingJAXWS.throwFaultException(SOAP11BindingJAXWS.java:111)
             at org.jboss.ws.core.CommonSOAPBinding.unbindResponseMessage(CommonSOAPBinding.java:460)
             at org.jboss.ws.core.CommonClient.invoke(CommonClient.java:333)
             at org.jboss.ws.core.jaxws.client.ClientImpl.invoke(ClientImpl.java:185)
             at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:163)
             at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:149)
             at $Proxy8.pullFromHat(Unknown Source)
             at com.partminer.test.client.ClientTest.main(Unknown Source)
            


            Here is the client request (Notice how there is no signing or encryption):
            POST /MagicService/TestMagicBean?datatype=SOAPMessage HTTP/1.1
            Authorization: Basic Y29ubmVjdGVzOnNlY3JldA==
            SOAPAction: ""
            Content-Type: text/xml; charset=UTF-8
            User-Agent: Java/1.5.0_11
            Host: localhost:8080
            Accept: text/html, image/gif, image/jpeg, *; q=.2, */*; q=.2
            Connection: keep-alive
            Content-Length: 245
            
            <env:Envelope xmlns:env='http://schemas.xmlsoap.org/soap/envelope/'><env:Header></env:Header><env:Body><ns1:PullFromHat xmlns:ns1='http://com.test.www/test/jsr181ejb'><arg0>Java Client Test</arg0></ns1:PullFromHat></env:Body></env:Envelope>
            


            And the server response:
            HTTP/1.1 500 Internal Server Error
            Server: Apache-Coyote/1.1
            X-Powered-By: Servlet 2.4; JBoss-4.0.5.GA (build: CVSTag=Branch_4_0 date=200610162339)/Tomcat-5.5
            Content-Type: text/xml;charset=UTF-8
            Transfer-Encoding: chunked
            Date: Tue, 03 Apr 2007 14:31:45 GMT
            Connection: close
            
            bd
            <env:Envelope xmlns:env='http://schemas.xmlsoap.org/soap/envelope/'><env:Header></env:Header><env:Body><env:Fault xmlns:env='http://schemas.xmlsoap.org/soap/envelope/'><faultcode>env:Server
            c
            </faultcode>
            72
            <faultstring>javax.xml.rpc.soap.SOAPFaultException: This service requires <wsse:Security>, which is missing.
            e
            </faultstring>
            c
            </env:Fault>
            1a
            </env:Body></env:Envelope>
            0
            
            
            


            It seems the server is doing what is expected but the client is not.

            Thanks,
            Richard K

            • 3. Re: Unable to create a WSClient that uses jboss-wsse-client.
              noclueu2

              One more question that might answer my problem.

              In the service code for user/password I add annotation:

              @RolesAllowed("internal")
              and
              @SecurityDomain(value="JBossWS")
              


              In the client to pass the user password, I had to add:
              BindingProvider bindingProvider = (BindingProvider) port;
               Map<String, Object> reqContext = bindingProvider.getRequestContext();
               reqContext.put(BindingProvider.USERNAME_PROPERTY, "myuser");
               reqContext.put(BindingProvider.PASSWORD_PROPERTY, "mypassword");
              


              For signing/encryption I added this annotation to the service:
              @HandlerChain(file="resource://config/ServerHandler.xml", name="SecureHandlerChain")

              and added the the ServerHandler.xml and jboss-wsse-server.xml

              To the client, I did nothing special to the code, just added the jboss-wsse-client.xml. Is there a bit of code I am not doing, that I should? If so, what is it?

              Thanks Again,
              Richard K


              • 4. Re: Unable to create a WSClient that uses jboss-wsse-client.
                peterj

                You never said if you made the suggested jboss-wsse-client.xml changes.

                • 5. Re: Unable to create a WSClient that uses jboss-wsse-client.
                  peterj

                  I also see that the handler chain is missing for the client. Without that, the client doesn't know to apply the jboss-wsse-client.xml.

                  I was going to refer you to the documentation on how to do this, but noticed that there is nothing about it in the documentation. Perhaps I got it from the older documentation? No matter, add to your client a META-INF/standard-jaxws-client-config.xml file with these contents:

                  <?xml version="1.0" encoding="UTF-8"?>
                  
                  <!-- $Id: standard-jaxws-client-config.xml 2313 2007-02-09 10:02:09Z thomas.diesler@jboss.com $ -->
                  
                  <jaxws-config xmlns="urn:jboss:jaxws-config:2.0" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:javaee="http://java.sun.com/xml/ns/javaee"
                   xsi:schemaLocation="urn:jboss:jaxws-config:2.0 jaxws-config_2_0.xsd">
                  
                  
                   <client-config>
                   <config-name>Standard WSSecurity Client</config-name>
                   <post-handler-chains>
                   <javaee:handler-chain>
                   <javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings>
                   <javaee:handler>
                   <javaee:handler-name>WSSecurityHandlerOutbound</javaee:handler-name>
                   <javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerClient</javaee:handler-class>
                   </javaee:handler>
                   </javaee:handler-chain>
                   </post-handler-chains>
                   </client-config>
                  
                  </jaxws-config>


                  The name is unimportant, the client code for JBossWS will pick up the first client-config in this file.

                  • 6. Re: Unable to create a WSClient that uses jboss-wsse-client.
                    noclueu2

                    Yes I did update jboss-wsee-***.xml on both the client and server. The issue was the missing META-INF/standard-jaxws-client-config.xml on the client. Once I added that I now get a new error:

                    javax.xml.ws.soap.SOAPFaultException: Endpoint {http://com.test.www/test/jsr181ejb}EndpointInterfacePort does not contain operation meta data for: {http://www.w3.org/2001/04/xmlenc#}EncryptedData

                    But the important part is that the client is sending encrypted data and the server is expecting encrypted data. I just now need to sort out why the data I'm sending is incorrect.

                    Thanks for the help,
                    Richard K

                    • 7. Re: Unable to create a WSClient that uses jboss-wsse-client.
                      peterj

                      I think this error comes about because the method name used on the client does not exactly match the method name on the server. Looking at your code, the method is exported as PullFromHat but in the client you use pullFromHat. Seems like you used a different WSDL to generate the client than what you actually are using on the server.

                      • 8. Re: Unable to create a WSClient that uses jboss-wsse-client.
                        noclueu2

                        I recreated the service removing anotation:
                        @WebMethod(operationName="PullFromHat")

                        Then rebuilt the client classes using the new WSDL. I still get the same error.
                        If I just do signing and not encryption everything works great. I use the same file contents for both the jboss-wsse-server.xml and jboss-wsse-client.xml which is:

                        <?xml version="1.0" encoding="UTF-8"?>
                        
                        <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                         xsi:schemaLocation="http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
                         <key-store-file>META-INF/wsse.keystore</key-store-file>
                         <key-store-password>jbossws</key-store-password>
                         <trust-store-file>META-INF/wsse.truststore</trust-store-file>
                         <trust-store-password>jbossws</trust-store-password>
                         <config>
                         <sign type="x509v3" alias="wsse"/>
                         <encrypt type="x509v3" alias="wsse" />
                         <requires>
                         <signature/>
                         <encryption/>
                         </requires>
                         </config>
                        </jboss-ws-security>
                        



                        If I change them to:
                        <?xml version="1.0" encoding="UTF-8"?>
                        
                        <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                         xsi:schemaLocation="http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
                         <key-store-file>META-INF/wsse.keystore</key-store-file>
                         <key-store-password>jbossws</key-store-password>
                         <trust-store-file>META-INF/wsse.truststore</trust-store-file>
                         <trust-store-password>jbossws</trust-store-password>
                         <config>
                         <sign type="x509v3" alias="wsse"/>
                         <requires>
                         <signature/>
                         </requires>
                         </config>
                        </jboss-ws-security>
                        

                        The above works. I also tried it without the signature and just encryption which gives me the same error.

                        Thanks,
                        Richard k

                        • 9. Re: Unable to create a WSClient that uses jboss-wsse-client.
                          estrnod

                          Did you ever get an answer to how to get the client to use <wsse:Security>? I have been following this thread closely because it reflects my own experience and even my own suspicion that the client needed something similar to the HandlerChain on the server side, before I read your post. I incorporated standard-jaxws-client-config.xml in my own build but with both signature & encryption required, am also still getting javax.xml.rpc.soap.SOAPFaultException: This service requires <wsse:Security>, which is missing.

                          Thanks,
                          Ellen Strnod

                          • 10. Re: Unable to create a WSClient that uses jboss-wsse-client.
                            peterj

                            Make sure the standard-jaxws-client-config.xml contains only the "Standard WSSecurity Client" configuration, you have to delete the other two configurations. Seems like only the first one is used, and I have not found out how to indicate which one to use if there are multiple.

                            • 11. Re: Unable to create a WSClient that uses jboss-wsse-client.
                              thomas.diesler

                              Hava a look at the security samples. A clients needs the security handlers configured and the security config file

                              http://jbws.dyndns.org/mediawiki/index.php/JAX-WS_User_Guide#WS-Security

                              • 12. Re: Unable to create a WSClient that uses jboss-wsse-client.
                                rieman4d

                                I'm getting the same error as Richard K:

                                SOAPFaultException: Endpoint {http://org.jboss.ws/xabraws}WebServiceImplPort does not contain operation meta data for: {http://www.w3.org/2001/04/xmlenc#}EncryptedData

                                The server log SOAPMessage trace shows the client request is encrypted, but the server gets the exception above.

                                Richard, did you find a way to fix your problem?

                                Thanks,
                                Ron C

                                • 13. Re: Unable to create a WSClient that uses jboss-wsse-client.
                                  smjain

                                  Hi ,
                                  I am trying to set up a standalone client for JBossWS Security. I am using JBoss4.2 with JBoss ws2.0.2.
                                  I am unable to get the standalone client working.I think server expects the <wse-security tag which the client is not sending. I have all the configuration files in proper place both on client and server. Can anyone who has configured it end to end guide me on this.
                                  I need this help a little urgently
                                  Best Regards
                                  Shashank

                                  • 14. Re: Unable to create a WSClient that uses jboss-wsse-client.
                                    peterj

                                    Shashank, please do not post questions at the end of someone else's thread. You have asked the same question on three separate threads, and as far as I can tell have not made use of the advice given on those threads.

                                    1 2 Previous Next