Yet another WS-Security question ...
viniciuscarvalho Mar 10, 2008 4:50 PMHello there! I'm using JBoss 4.2.1.GA with JBoss WS
Before one can point, I've already read:
http://jbws.dyndns.org/mediawiki/index.php?title=User_Guide#WS-Security
http://www.jboss.com/index.html?module=bb&op=viewtopic&t=105580&postdays=0&postorder=asc&start=10
http://jbws.dyndns.org/mediawiki/index.php?title=WS-Security_options
http://www.jboss.org/index.html?module=bb&op=viewtopic&t=94406&postdays=0&postorder=asc&start=10
Although those really helped me getting things started, I could not get security running.
I have 2 services that need to have an encryption/sign options. I decided to do this using certificates.
One of the services, is a pure JSR-189 WS:
@Stateless(name="CSMQueryService") @WebService(serviceName="CSMQueryService",targetNamespace="http://www.synos.com.br/CSM/definitions") @SOAPBinding(use = SOAPBinding.Use.LITERAL, style = SOAPBinding.Style.DOCUMENT) @WebContext(contextRoot="/csm/services",urlPattern="/CSMQueryService") @EndpointConfig(configName = "Standard WSSecurity Endpoint") @HandlerChain(file="resource://META-INF/ServerHandler.xml") public class CSMQueryServiceImpl implements CSMQueryService
The other, is a bit trick since I've implemented the WSDL from a top-down approach, and it was hand created. But, I can't get even this one working :(
I have a jar, with jboss-wsse-server.xml, ServerHandler, csm.keystore, csm.truststore inside its META-INF dir.
During deployment, there's no error, neither warning on the console. But, when I access the service's WSDL I was hoping to find some ws-security related stuff in there, but there was none, this was my first concern.
So I tried to access it using SOAPUI (I'll not try to run tests using jboss ws clients, since this service will be accessed using other languages like .net). Well, I did not set the certificate on SOAPUI on purpose, but I was expecting an error like "Not allowed", instead, a nullpointer was thrown:
2008-03-10 17:34:05,463 DEBUG [org.jboss.ws.core.jaxws.handler.HandlerResolverImpl] getHandlerChain: [type=POST,info=[service={http://www.synos.com.br/CSM/definitions}CSMQueryService,port={http://www.synos.com.br/CSM/definitions}CSMQueryServiceImplPort,binding=http://schemas.xmlsoap.org/wsdl/soap/http]] 2008-03-10 17:34:05,464 DEBUG [org.jboss.ws.core.jaxws.handler.HandlerChainExecutor] Create a handler executor: [WSSecurity Handler] 2008-03-10 17:34:05,464 DEBUG [org.jboss.ws.core.jaxws.handler.HandlerChainExecutor] Enter: handleIn BoundMessage 2008-03-10 17:34:05,470 ERROR [org.jboss.ws.core.jaxws.handler.HandlerChainExecutor] Exception during handler processing java.lang.NullPointerException at org.jboss.ws.extensions.security.Util.matchNode(Util.java:188) at org.jboss.ws.extensions.security.Util.matchNode(Util.java:183) at org.jboss.ws.extensions.security.Util.findElement(Util.java:89) at org.jboss.ws.extensions.security.WSSecurityDispatcher.handleInbound(WSSecurityDispatcher.java:114) at org.jboss.ws.extensions.security.jaxws.WSSecurityHandler.handleInboundSecurity(WSSecurityHandler.java:78) at org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer.handleInbound(WSSecurityHandlerServer.java:41) at org.jboss.wsf.spi.jaxws.handler.GenericHandler.handleMessage(GenericHandler.java:55) at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:295) at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:140) at org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS.callRequestHandlerChain(HandlerDelegateJAXWS.java:87) at org.jboss.ws.core.server.ServiceEndpointInvoker.callRequestHandlerChain(ServiceEndpointInvoker.java:115) at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:159) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:396) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:260) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:177) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:110) at org.jboss.wsf.spi.invocation.EndpointServlet.service(EndpointServlet.java:72) at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104) at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:580) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Thread.java:595) 2008-03-10 17:34:05,481 DEBUG [org.jboss.ws.core.jaxws.handler.HandlerChainExecutor] Exit: handleIn BoundMessage with status: false 2008-03-10 17:34:05,481 DEBUG [org.jboss.ws.core.jaxws.handler.MessageContextJAXWS] Begin response processing 2008-03-10 17:34:05,481 DEBUG [org.jboss.ws.core.soap.MessageContextAssociation] popMessageContext: org.jboss.ws.core.jaxws.handler.SOAPMessageContextJAXWS@1e7879f (Thread http-127.0.0.1-8080-1) 2008-03-10 17:34:05,481 DEBUG [org.jboss.ws.core.soap.MessageContextAssociation] pushMessageContext: org.jboss.ws.core.jaxws.handler.SOAPMessageContextJAXWS@4fe915 (Thread http-127.0.0.1-8080-1) 2008-03-10 17:34:05,484 ERROR [org.jboss.ws.core.jaxws.SOAPFaultHelperJAXWS] SOAP request exception javax.xml.ws.WebServiceException: java.lang.NullPointerException at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.processHandlerFailure(HandlerChainExecutor.java:276) at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:155) at org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS.callRequestHandlerChain(HandlerDelegateJAXWS.java:87) at org.jboss.ws.core.server.ServiceEndpointInvoker.callRequestHandlerChain(ServiceEndpointInvoker.java:115) at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:159) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:396) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:260) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:177) at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:110) at org.jboss.wsf.spi.invocation.EndpointServlet.service(EndpointServlet.java:72) at javax.servlet.http.HttpServlet.service(HttpServlet.java:803) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175) at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179) at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128) at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:104) at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:241) at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844) at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:580) at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447) at java.lang.Thread.run(Thread.java:595) Caused by: java.lang.NullPointerException at org.jboss.ws.extensions.security.Util.matchNode(Util.java:188) at org.jboss.ws.extensions.security.Util.matchNode(Util.java:183) at org.jboss.ws.extensions.security.Util.findElement(Util.java:89) at org.jboss.ws.extensions.security.WSSecurityDispatcher.handleInbound(WSSecurityDispatcher.java:114) at org.jboss.ws.extensions.security.jaxws.WSSecurityHandler.handleInboundSecurity(WSSecurityHandler.java:78) at org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer.handleInbound(WSSecurityHandlerServer.java:41) at org.jboss.wsf.spi.jaxws.handler.GenericHandler.handleMessage(GenericHandler.java:55) at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:295) at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:140) ... 27 more 2008-03-10 17:34:05,503 DEBUG [org.jboss.ws.core.jaxws.SOAPFaultHelperJAXWS] Cannot obtain fault meta data for: class javax.xml.ws.WebServiceException 2008-03-10 17:34:05,503 DEBUG [org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS] callFaultHandlerChain: PRE 2008-03-10 17:34:05,503 DEBUG [org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS] callFaultHandlerChain: ENDPOINT 2008-03-10 17:34:05,503 DEBUG [org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS] callFaultHandlerChain: POST 2008-03-10 17:34:05,503 DEBUG [org.jboss.ws.core.jaxws.handler.HandlerChainExecutor] Enter: handleOutBoundFault 2008-03-10 17:34:05,503 DEBUG [org.jboss.ws.core.jaxws.handler.HandlerChainExecutor] Exit: handleOutBoundFault with status: true
It is my first time using WS-Sec on jbossws. I have used it before on glassfish. And the provider added few stuff on the WSDL to let the client know about the extensions to the WSDL.
I believe that my questions are:
1st: Does jbossws add this meta-data inside the secured service?
2nd: How do I get it running?
Regards[/url]