1 2 Previous Next 15 Replies Latest reply on Jul 28, 2009 8:10 AM by seventy8

    Need help : JBossWS Security!

    xinhua

      Hi all,
      i want to use ssl and signature to protect my WS on Jboss4.2.2GA , ssl works perfectly but when i use client to send a request with signature, i always got an error. My codes, configurations and evn listed as followed:

      JBoss4.2.2GA
      jdk1.5

      SSL keyStore&trustStore file: ksbws.keystore
      Signature keyStore&trustStore file: ksbws_security.keystore

      Server Side:

      @Stateless
      @SecurityDomain("JBossWS")
      @RolesAllowed("friend")
      @WebService(endpointInterface="de.xxx.xxx.KSBService")
      @WebContext(contextRoot="/KSBService",
       urlPattern="/*",
       authMethod="BASIC",
       transportGuarantee="CONFIDENTIAL",
       secureWSDLAccess=false)
      @EndpointConfig(configName = "Standard WSSecurity Endpoint")
      public class KSBServiceBean implements KSBService,KSBServiceRemote,KSBServiceLocal{
      
       private static final Logger log = Logger.getLogger(KSBServiceBean.class);
      
       @EJB
       KSBManagerLocal ksb;
      
       public sting validateLogin(Long userNo, String password) {
       // doSomething
       }
      
      }


      in META-INF/ i putted ksbws_security.keystore and jboss-wsse-server.xml
      here is my jboss-wsse-server.xml:
      <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="http://www.jboss.com/ws-security/config
       http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
       <key-store-file>META-INF/ksbws_security.keystore</key-store-file>
       <key-store-password>test</key-store-password>
       <trust-store-file>META-INF/ksbws_security.keystore</trust-store-file>
       <trust-store-password>test</trust-store-password>
       <config>
       <sign type="x509v3" alias="KSBWS_SECURITY" />
       <requires>
       <signature />
       </requires>
       </config>
      </jboss-ws-security>
      


      Server side jar deployed without exception

      Client:
      codes

       public static void main(String[] args) {
       KSBService ksb = null;
       try {
       //SSL keystore
       System.setProperty("javax.net.ssl.keyStore", "c:\\ksbws.keystore");
       System.setProperty("javax.net.ssl.trustStore", "c:\\ksbws.keystore");
       System.setProperty("javax.net.ssl.keyStorePassword", "test");
       System.setProperty("javax.net.ssl.trustStorePassword", "test");
       System.setProperty("javax.net.ssl.keyStoreType", "jks");
       System.setProperty("javax.net.ssl.trustStoreType", "jks");
       System.setProperty("org.jboss.security.ignoreHttpsHost","true");
      
       //Signature keystore
       System.setProperty("org.jboss.ws.wsse.keyStore","c:\\ksbws_security.keystore");
       System.setProperty("org.jboss.ws.wsse.trustStore","c:\\ksbws_security.keystore");
       System.setProperty("org.jboss.ws.wsse.keyStorePassword", "test");
       System.setProperty("org.jboss.ws.wsse.trustStorePassword", "test");
       System.setProperty("org.jboss.ws.wsse.keyStoreType", "jks");
       System.setProperty("org.jboss.ws.wsse.trustStoreType", "jks");
      
       Service service = Service.create(new URL("http://localhost:8180/KSBService/KSBServiceBean?wsdl"),
       new QName("http://xxx.xxx.de/","KSBServiceBeanService") );
      
      
      
      
       ksb= service.getPort(KSBService.class);
      
       ((StubExt) ksb).setConfigName("Standard WSSecurity Client");
      
       BindingProvider bp = (BindingProvider)ksb;
       bp.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "kermit");
       bp.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "thefrog");
      
      
       } catch (Exception e) {
      ....
      ...
      
      
      


      also, i putted jboss-wsse-client.xml in META-INF/

       <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
       xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
       xsi:schemaLocation="http://www.jboss.com/ws-security/config
       http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
       <config>
       <sign type="x509v3" alias="KSBWS_SECURITY"/>
       <requires>
       <signature/>
       </requires>
       </config>
       </jboss-ws-security>
      


      But when i run client , an Exception like this:

      java.lang.ClassCastException: $Proxy23 cannot be cast to org.jboss.ws.core.StubExt
       at dexxxxx.xxxx.xxxx.MultiThreadsTest.main(MultiThreadsTest.java:43)
      Exception in thread "Thread-1" com.sun.xml.ws.client.ClientTransportException: request requires HTTP authentication: Unauthorized
       at com.sun.xml.ws.transport.http.client.HttpClientTransport.checkResponseCode(HttpClientTransport.java:197)
       at com.sun.xml.ws.transport.http.client.HttpTransportPipe.process(HttpTransportPipe.java:137)
       at com.sun.xml.ws.transport.http.client.HttpTransportPipe.processRequest(HttpTransportPipe.java:74)
       at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:559)
       at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:518)
       at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:503)
       at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:400)
       at com.sun.xml.ws.client.Stub.process(Stub.java:235)
       at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:120)
       at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:230)
       at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke(SyncMethodHandler.java:210)
       at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:103)
       at $Proxy23.validateLogin(Unknown Source)
      


      It seems that jboss-wsse-client.xml was not readed by client.
      If i remove codes and configs for signature, SSL works fine.

      can anyone help me???

      thanks

        • 1. Re: Need help : JBossWS Security!
          xinhua

          ok, i think ((StubExt) ksb).setConfigName("Standard WSSecurity Client"); is in a wrong place, now i put it under http auth block

           .....
           BindingProvider bp = (BindingProvider)ksb;
           bp.getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "kermit");
           bp.getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "thefrog");
          
           ((StubExt) ksb).setConfigName("Standard WSSecurity Client");
          .....
          


          HTTP authentication: Unauthorized exception by client is gone , but server side runs into trouble:

          $ 11:30:01,343 ERROR [HandlerChainExecutor] Exception during handler processing
          java.lang.NullPointerException
           at org.jboss.ws.extensions.security.Util.matchNode(Util.java:188)
           at org.jboss.ws.extensions.security.Util.matchNode(Util.java:183)
           at org.jboss.ws.extensions.security.Util.findElement(Util.java:89)
           at org.jboss.ws.extensions.security.WSSecurityDispatcher.handleInbound(WSSecurityDispatcher.java:115)
           at org.jboss.ws.extensions.security.jaxws.WSSecurityHandler.handleInboundSecurity(WSSecurityHandler.java:78)
           at org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer.handleInbound(WSSecurityHandlerServer.java:41)
           at org.jboss.ws.core.jaxws.handler.GenericHandler.handleMessage(GenericHandler.java:55)
           at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:295)
           at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:140)
           at org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS.callRequestHandlerChain(HandlerDelegateJAXWS.java:87)
           at org.jboss.ws.core.server.ServiceEndpointInvoker.callRequestHandlerChain(ServiceEndpointInvoker.java:126)
           at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:170)
           at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:408)
           at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:272)
           at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:189)
           at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:122)
           at org.jboss.wsf.stack.jbws.EndpointServlet.service(EndpointServlet.java:84)
           at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
           at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
           at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
           at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:524)
           at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
           at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
           at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
           at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
           at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
           at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
           at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
           at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
           at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
           at java.lang.Thread.run(Thread.java:595)
          11:30:01,343 ERROR [SOAPFaultHelperJAXWS] SOAP request exception
          javax.xml.ws.WebServiceException: java.lang.NullPointerException
           at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.processHandlerFailure(HandlerChainExecutor.java:276)
           at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:155)
           at org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS.callRequestHandlerChain(HandlerDelegateJAXWS.java:87)
           at org.jboss.ws.core.server.ServiceEndpointInvoker.callRequestHandlerChain(ServiceEndpointInvoker.java:126)
           at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:170)
           at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:408)
           at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:272)
           at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:189)
           at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:122)
           at org.jboss.wsf.stack.jbws.EndpointServlet.service(EndpointServlet.java:84)
           at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
           at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
           at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
           at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:524)
           at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
           at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
           at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
           at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
           at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
           at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
           at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
           at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
           at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
           at java.lang.Thread.run(Thread.java:595)
          Caused by: java.lang.NullPointerException
           at org.jboss.ws.extensions.security.Util.matchNode(Util.java:188)
           at org.jboss.ws.extensions.security.Util.matchNode(Util.java:183)
           at org.jboss.ws.extensions.security.Util.findElement(Util.java:89)
           at org.jboss.ws.extensions.security.WSSecurityDispatcher.handleInbound(WSSecurityDispatcher.java:115)
           at org.jboss.ws.extensions.security.jaxws.WSSecurityHandler.handleInboundSecurity(WSSecurityHandler.java:78)
           at org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer.handleInbound(WSSecurityHandlerServer.java:41)
           at org.jboss.ws.core.jaxws.handler.GenericHandler.handleMessage(GenericHandler.java:55)
           at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:295)
           at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:140)
           ... 28 more
          11:30:01,343 ERROR [SOAPFaultHelperJAXWS] SOAP request exception
          javax.xml.ws.WebServiceException: java.lang.NullPointerException
           at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.processHandlerFailure(HandlerChainExecutor.java:276)
           at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:155)
           at org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS.callRequestHandlerChain(HandlerDelegateJAXWS.java:87)
           at org.jboss.ws.core.server.ServiceEndpointInvoker.callRequestHandlerChain(ServiceEndpointInvoker.java:126)
           at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:170)
           at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:408)
           at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:272)
           at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:189)
           at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:122)
           at org.jboss.wsf.stack.jbws.EndpointServlet.service(EndpointServlet.java:84)
           at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
           at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
           at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
           at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
           at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:524)
           at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
           at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
           at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
           at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
           at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
           at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
           at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
           at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
           at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
           at java.lang.Thread.run(Thread.java:595)
          Caused by: java.lang.NullPointerException
           at org.jboss.ws.extensions.security.Util.matchNode(Util.java:188)
           at org.jboss.ws.extensions.security.Util.matchNode(Util.java:183)
           at org.jboss.ws.extensions.security.Util.findElement(Util.java:89)
           at org.jboss.ws.extensions.security.WSSecurityDispatcher.handleInbound(WSSecurityDispatcher.java:115)
           at org.jboss.ws.extensions.security.jaxws.WSSecurityHandler.handleInboundSecurity(WSSecurityHandler.java:78)
           at org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer.handleInbound(WSSecurityHandlerServer.java:41)
           at org.jboss.ws.core.jaxws.handler.GenericHandler.handleMessage(GenericHandler.java:55)
           at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:295)
           at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:140)
           ... 28 more
          
          


          can anyone help?

          • 2. Re: Need help : JBossWS Security!
            xinhua

            i updated the jbossWS-native in jboss4.2.2GA to jbossws-3.0.1-native-2.0.4.GA

            the severside exception is also changed:(

            12:45:06,234 ERROR [HandlerChainExecutor] Exception during handler processing
            org.jboss.ws.core.CommonSOAPFaultException: This service requires <wsse:Security>, which is missing.
             at org.jboss.ws.extensions.security.WSSecurityDispatcher.convertToFault(WSSecurityDispatcher.java:100)
             at org.jboss.ws.extensions.security.WSSecurityDispatcher.decodeMessage(WSSecurityDispatcher.java:207)
             at org.jboss.ws.extensions.security.jaxws.WSSecurityHandler.handleInboundSecurity(WSSecurityHandler.java:83)
             at org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer.handleInbound(WSSecurityHandlerServer.java:41)
             at org.jboss.ws.core.jaxws.handler.GenericHandler.handleMessage(GenericHandler.java:55)
             at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:295)
             at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:140)
             at org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS.callRequestHandlerChain(HandlerDelegateJAXWS.java:97)
             at org.jboss.ws.core.server.ServiceEndpointInvoker.callRequestHandlerChain(ServiceEndpointInvoker.java:127)
             at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:171)
             at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:466)
             at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:284)
             at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:201)
             at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:134)
             at org.jboss.wsf.stack.jbws.EndpointServlet.service(EndpointServlet.java:84)
             at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
             at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
             at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
             at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
             at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
             at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
             at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
             at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
             at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
             at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:524)
             at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
             at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
             at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
             at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
             at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
             at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
             at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
             at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
             at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
             at java.lang.Thread.run(Thread.java:595)
            12:45:06,234 ERROR [SOAPFaultHelperJAXWS] SOAP request exception
            javax.xml.ws.WebServiceException: org.jboss.ws.core.CommonSOAPFaultException: This service requires <wsse:Security>, which is missing.
             at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.processHandlerFailure(HandlerChainExecutor.java:276)
             at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:155)
             at org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS.callRequestHandlerChain(HandlerDelegateJAXWS.java:97)
             at org.jboss.ws.core.server.ServiceEndpointInvoker.callRequestHandlerChain(ServiceEndpointInvoker.java:127)
             at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:171)
             at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:466)
             at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:284)
             at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:201)
             at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:134)
             at org.jboss.wsf.stack.jbws.EndpointServlet.service(EndpointServlet.java:84)
             at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
             at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
             at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
             at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
             at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
             at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
             at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
             at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
             at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
             at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:524)
             at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
             at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
             at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
             at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
             at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
             at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
             at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
             at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
             at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
             at java.lang.Thread.run(Thread.java:595)
            Caused by: org.jboss.ws.core.CommonSOAPFaultException: This service requires <wsse:Security>, which is missing.
            .....
            
            
            


            it seems that request from client is not right. :(
            need help....



            • 3. Re: Need help : JBossWS Security!
              xinhua

              ok,

              i see, maybe jboss-wsse-client.xml or standard-jaxws-client-config.xml not loaded ,so i copied the both xml into META-INF and also changed the client code like this:

              
               Service s = Service.create(url, qn);
               Test port = s.getPort(Test.class);
              
               URL securityURL = new File("META-INF/jboss-wsse-client.xml").toURL();
               URL securityConfig= new File("META-INF/standard-jaxws-client-config.xml").toURL();
               ((StubExt) port).setSecurityConfig(securityURL.toExternalForm());
               ((StubExt) port).setConfigName("Standard WSSecurity Client",securityConfig.toExternalForm());
              
              
               ((BindingProvider) port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "kermit");
               ((BindingProvider) port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "thefrog");
               ((BindingProvider) port).getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY, "http://localhost:4040/miguoWS/TestBean");


              but in soap monitor i found <wsse: Security> is still missing in request.
              (jboss4.2.1GA, jbossws-3.0.1-native-2.0.4.GA, jdk1.5 update 15)

              Really nobody can help me out here ?



              • 4. Re: Need help : JBossWS Security!
                helmutdoe

                Same Problem here ...

                $Proxy29 cannot be cast to org.jboss.ws.core.StubExt

                did someone solve this problem?

                • 5. Re: Need help : JBossWS Security!
                  timeagentess

                  I can confirm the same issue occurring when working with JBoss 4.0.5 & JBossWS 2.0.0.

                  • 6. Re: Need help : JBossWS Security!
                    helmutdoe

                     

                    "helmutdoe" wrote:
                    Same Problem here ...

                    $Proxy29 cannot be cast to org.jboss.ws.core.StubExt

                    did someone solve this problem?


                    Im using JBoss AS 4.2.2 GA & JBossWS native 3.0.2

                    • 7. Re: Need help : JBossWS Security!
                      timeagentess

                      I apologize, I might have been a bit ambiguous -- I wanted to say that I encountered the same "<wsse:Security> is missing" error when the client pings the web service.

                      • 8. Re: Need help : JBossWS Security!
                        helmutdoe

                        The <wsse:Security> missing occurs if i remove the followin line on my code.

                        ((StubExt) ksb).setConfigName("Standard WSSecurity Client");
                        


                        And this is traceable to me because then the client application do not know how he should configure the SecurityHandlers. Since i had debugged the client code i was able to locate when the exception occurs.

                        ((StubExt) ksb).setSecurityConfig("META-INF/jboss-wsse-client.xml");
                        


                        I have a problem on understanding how the client side gets this xml. Since Webservices have to be interoperable only the wsdl should be public.

                        Im looking forward to fix these problems

                        • 9. Re: Need help : JBossWS Security!
                          timeagentess

                           

                          "helmutdoe" wrote:
                          The <wsse:Security> missing occurs if i remove the followin line on my code.

                          ((StubExt) ksb).setConfigName("Standard WSSecurity Client");
                          


                          And this is traceable to me because then the client application do not know how he should configure the SecurityHandlers. Since i had debugged the client code i was able to locate when the exception occurs.

                          ((StubExt) ksb).setSecurityConfig("META-INF/jboss-wsse-client.xml");
                          



                          Hmm, interesting -- I have both lines of code as you mentioned them in my client, but I'm still getting the "missing <wsse:Security>" error. So I must be doing something else wrong, as well :)

                          • 10. Re: Need help : JBossWS Security!
                            asoldano

                             

                            "helmutdoe" wrote:
                            Same Problem here ...

                            $Proxy29 cannot be cast to org.jboss.ws.core.StubExt

                            did someone solve this problem?


                            Could you please post your client side code, including the imports? (you too xinhua). I suspect you might be mixing jaxrpc and jaxws classes.

                            • 11. Re: Need help : JBossWS Security!
                              asoldano

                               

                              "helmutdoe" wrote:
                              The <wsse:Security> missing occurs if i remove the followin line on my code.

                              ((StubExt) ksb).setConfigName("Standard WSSecurity Client");
                              


                              And this is traceable to me because then the client application do not know how he should configure the SecurityHandlers.

                              Yes, without that the client doesn't even know that ws-security is to be used.

                              ((StubExt) ksb).setSecurityConfig("META-INF/jboss-wsse-client.xml");
                              


                              I have a problem on understanding how the client side gets this xml. Since Webservices have to be interoperable only the wsdl should be public.

                              Of course it is not public, it's client side specific since it contains the location to the client keystores, etc.
                              The jbossws code will look for the specified location the client application jar. Please note you can also provide absolute path to point to an external file.

                              • 12. Re: Need help : JBossWS Security!
                                xinhua

                                 

                                "alessio.soldano@jboss.com" wrote:
                                "helmutdoe" wrote:
                                Same Problem here ...

                                $Proxy29 cannot be cast to org.jboss.ws.core.StubExt

                                did someone solve this problem?


                                Could you please post your client side code, including the imports? (you too xinhua). I suspect you might be mixing jaxrpc and jaxws classes.


                                Hi, here is my import
                                import java.io.File;
                                import java.net.URL;
                                import javax.xml.namespace.QName;
                                import javax.xml.ws.BindingProvider;
                                import javax.xml.ws.Service;
                                import org.jboss.ws.core.StubExt;
                                


                                is that right, thanks.

                                • 13. Re: Need help : JBossWS Security!
                                  helmutdoe

                                  Hi all,

                                  yes think you were right i had mixed RPC und JAXWS. Also after a while i was able to fix the <wsse:Securtiy> -Tag missing by using the folloing code

                                  import java.io.File;
                                  import java.net.MalformedURLException;
                                  import java.net.URL;
                                  import java.util.ArrayList;
                                  import java.util.List;
                                  import javax.xml.namespace.QName;
                                  import javax.xml.ws.BindingProvider;
                                  import javax.xml.ws.Service;
                                  import javax.xml.ws.handler.Handler;
                                  import org.jboss.ws.core.StubExt;
                                  import org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerClient;
                                  import org.jboss.ws.extensions.addressing.jaxws.WSAddressingClientHandler;
                                  
                                  ...
                                   System.setProperty("org.jboss.ws.wsse.keyStore","src/WEB-INF/keystore.jks");
                                   System.setProperty("org.jboss.ws.wsse.trustStore", "src/WEB-INF/cacerts.jks");
                                   System.setProperty("org.jboss.ws.wsse.keyStorePassword", "changeit");
                                   System.setProperty("org.jboss.ws.wsse.trustStorePassword", "changeit");
                                   System.setProperty("org.jboss.ws.wsse.keyStoreType", "jks");
                                   System.setProperty("org.jboss.ws.wsse.trustStoreType", "jks");
                                  
                                  
                                  
                                   // Create Service Binding
                                   URL url = new URL("http://localhost:8080/LottoBean/LottoEJBWS?wsdl");
                                   QName qName = new QName("urn:com:tools:wsse", "LottoEJBWSService");
                                  
                                   //LottoEJBWSService service = new LottoEJBWSService(url,qName);
                                   LottoEJBWS port = Service.create(url, qName).getPort(LottoEJBWS.class);
                                  
                                   ((StubExt) port).setSecurityConfig(new File("src/META-INF/jboss-wsse-client.xml").toURI().toURL().toExternalForm());
                                   ((StubExt) port).setConfigName("Standard WSSecurity Client");
                                  
                                   BindingProvider binding = (BindingProvider)port;
                                   List<Handler> handlerChain = new ArrayList<Handler>();
                                   // handlerChain.add(new WSAddressingClientHandler());
                                   handlerChain.add(new WSSecurityHandlerClient());
                                   handlerChain.add(new LogHandler());
                                   binding.getBinding().setHandlerChain(handlerChain);
                                  


                                  With this code and my configured handlers i be able to sign messages. If i add encryption to the WebService Endponit i run in an other Exception.

                                  Endpoint {urn:com:tools:wsse}LottoEJBWSPort does not contain operation meta data for: {http://www.w3.org/2001/04/xmlenc#}EncryptedData
                                  javax.xml.ws.soap.SOAPFaultException: Endpoint {urn:com:tools:wsse}LottoEJBWSPort does not contain operation meta data for: {http://www.w3.org/2001/04/xmlenc#}EncryptedData
                                   at org.jboss.ws.core.jaxws.SOAPFaultHelperJAXWS.getSOAPFaultException(SOAPFaultHelperJAXWS.java:72)
                                   at org.jboss.ws.core.jaxws.binding.SOAP11BindingJAXWS.throwFaultException(SOAP11BindingJAXWS.java:109)
                                   at org.jboss.ws.core.CommonSOAPBinding.unbindResponseMessage(CommonSOAPBinding.java:579)
                                  ....
                                  


                                  The code below shows my xml handler files.

                                  standard-jaxws-client-config.xml


                                  
                                   <client-config>
                                   <config-name>Standard WSSecurity Client</config-name>
                                   <post-handler-chains>
                                   <javaee:handler-chain>
                                   <javaee:protocol-bindings>##SOAP11_HTTP ##SOAP11_HTTP_MTOM</javaee:protocol-bindings>
                                   <javaee:handler>
                                   <javaee:handler-name>WSSecurityHandlerOutbound</javaee:handler-name>
                                   <javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerClient</javaee:handler-class>
                                   </javaee:handler>
                                   </javaee:handler-chain>
                                   </post-handler-chains>
                                   </client-config>
                                  



                                  standard-jaxws-endpoint-config.xml

                                  
                                  
                                  <endpoint-config>
                                   <config-name>Standard WSSecurity Endpoint</config-name>
                                   <post-handler-chains>
                                   <javaee:handler-chain>
                                   <javaee:protocol-bindings>##SOAP11_HTTP ##SOAP11_HTTP_MTOM</javaee:protocol-bindings>
                                   <javaee:handler>
                                   <javaee:handler-name>WSSecurity Handler</javaee:handler-name>
                                   <javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer</javaee:handler-class>
                                   </javaee:handler>
                                   <javaee:handler>
                                   <javaee:handler-name>Recording Handler</javaee:handler-name>
                                   <javaee:handler-class>org.jboss.wsf.framework.invocation.RecordingServerHandler</javaee:handler-class>
                                   </javaee:handler>
                                   </javaee:handler-chain>
                                   </post-handler-chains>
                                   </endpoint-config>
                                  


                                  jboss-wsse-client.xml

                                  <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
                                  xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                                  xsi:schemaLocation="http://www.jboss.com/ws-security/config
                                  http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
                                   <config>
                                   <sign type="x509v3" alias="s1as" includeTimestamp="false"/>
                                   <encrypt type="x509v3" alias="s1as" />
                                   <requires>
                                   <signature/>
                                   </requires>
                                   </config>
                                  </jboss-ws-security>
                                  


                                  jboss-wsse-server.xml

                                   <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
                                   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
                                   xsi:schemaLocation="http://www.jboss.com/ws-security/config
                                   http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
                                   <key-store-file>WEB-INF/keystore.jks</key-store-file>
                                   <key-store-password>changeit</key-store-password>
                                   <key-store-type>jks</key-store-type>
                                   <trust-store-file>WEB-INF/cacerts.jks</trust-store-file>
                                   <trust-store-password>changeit</trust-store-password>
                                   <config>
                                   <sign type="x509v3" alias="s1as" includeTimestamp="false"/>
                                   <encrypt type="x509v3" alias="s1as" />
                                   <requires>
                                   <signature/>
                                   </requires>
                                   </config>
                                  </jboss-ws-security>
                                  


                                  Thnx for any hints



                                  • 14. Re: Need help : JBossWS Security!
                                    xinhua

                                    Sorry, forgot to paste the codes

                                     public static void main(String[] args) {
                                     KSBService ksb = null;
                                     try {
                                     //SSL keystore
                                     System.setProperty("javax.net.ssl.keyStore", "c:\\ksbws.keystore");
                                     System.setProperty("javax.net.ssl.trustStore", "c:\\ksbws.keystore");
                                     System.setProperty("javax.net.ssl.keyStorePassword", "test");
                                     System.setProperty("javax.net.ssl.trustStorePassword", "test");
                                     System.setProperty("javax.net.ssl.keyStoreType", "jks");
                                     System.setProperty("javax.net.ssl.trustStoreType", "jks");
                                     System.setProperty("org.jboss.security.ignoreHttpsHost","true");
                                    
                                     //Signature keystore
                                     System.setProperty("org.jboss.ws.wsse.keyStore","c:\\ksbws_security.keystore");
                                     System.setProperty("org.jboss.ws.wsse.trustStore","c:\\ksbws_security.keystore");
                                     System.setProperty("org.jboss.ws.wsse.keyStorePassword", "test");
                                     System.setProperty("org.jboss.ws.wsse.trustStorePassword", "test");
                                     System.setProperty("org.jboss.ws.wsse.keyStoreType", "jks");
                                     System.setProperty("org.jboss.ws.wsse.trustStoreType", "jks");
                                    
                                     Service service = Service.create(new URL("http://localhost:8180/KSBService/KSBServiceBean?wsdl"),
                                     new QName("http://xxx.xxx.de/","KSBServiceBeanService") );
                                    
                                    
                                    
                                    
                                     ksb= service.getPort(KSBService.class);
                                    
                                     URL securityURL = new File("META-INF/jboss-wsse-client.xml").toURL();
                                     URL securityConfig= new File("META-INF/standard-jaxws-client-config.xml").toURL();
                                     ((StubExt) port).setSecurityConfig(securityURL.toExternalForm());
                                     ((StubExt) port).setConfigName("Standard WSSecurity Client",securityConfig.toExternalForm());
                                    
                                    
                                     ((BindingProvider) port).getRequestContext().put(BindingProvider.USERNAME_PROPERTY, "kermit");
                                     ((BindingProvider) port).getRequestContext().put(BindingProvider.PASSWORD_PROPERTY, "thefrog");
                                    
                                    
                                    
                                     } catch (Exception e) {
                                    ....
                                    ...
                                    


                                    and also, i am not very clear about mixing jaxrpc and jaxws classes. :?

                                    1 2 Previous Next