8 Replies Latest reply on Aug 21, 2009 9:13 AM by ksinno

    ...Port does not contain operation meta data for: {http://ww

    helmutdoe

      Hi Community,

      i know i had posted this problem allready in another thread but i seems to be a good choice to state this as standalone topic.
      What i need and what i had already done. I need to get working a simple Webservice using WSSecurity. Both Encryption and Signature shall be used. The Webservice should consumed by a standalone client.

      So what i have done. Since i had read all tutorial from JBossWS and several other Documentation i got the folloing code for my Server Side.

      /*
       * LottoEJBWS.java
       *
       * Created on 22. Juni 2008, 13:18
       *
       * To change this template, choose Tools | Template Manager
       * and open the template in the editor.
       */
      
      package com.tools.wsse;
      
      import java.util.Random;
      import javax.ejb.Stateless;
      
      import javax.jws.HandlerChain;
      import javax.jws.WebMethod;
      import javax.jws.WebService;
      import javax.jws.soap.SOAPBinding;
      
      import org.jboss.annotation.security.SecurityDomain;
      import org.jboss.ws.annotation.EndpointConfig;
      
      
      /**
       *
       * @author Wolfram
       **/
      @WebService(name="LottoEJBWS",
       targetNamespace = "urn:com:tools:wsse",
       serviceName = "LottoEJBWSService")
      @SOAPBinding(style = SOAPBinding.Style.DOCUMENT,
       parameterStyle=SOAPBinding.ParameterStyle.WRAPPED,
       use=SOAPBinding.Use.LITERAL)
      @EndpointConfig(configName="Standard WSSecurity Endpoint")
      public class LottoEJBWS {
       @WebMethod()
       public String get6from49() {
       Random random = new Random();
       String result = "";
      
      //cutted
      
       return (result);
       }
      
       /**
       * Web service operation
       */
       @WebMethod()
       public boolean setValue(String name, int age) {
       System.out.println("====================================");
       System.out.println("Name: " + name + " Age: " + age );
       System.out.println("====================================");
       return true;
       }
      }
      


      web.xml
      <?xml version="1.0" encoding="UTF-8"?>
      <web-app xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns="http://java.sun.com/xml/ns/javaee" xmlns:web="http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd" id="WebApp_ID" version="2.5">
       <context-param>
       <param-name>jbossws-config-name</param-name>
       <param-value>Standard WSSecurity Endpoint</param-value>
       </context-param>
       <display-name>LottoWSSE-war</display-name>
       <servlet>
       <servlet-name>LottoEJBWS</servlet-name>
       <servlet-class>com.tools.wsse.LottoEJBWS</servlet-class>
       <load-on-startup>1</load-on-startup>
       </servlet>
       <servlet-mapping>
       <servlet-name>LottoEJBWS</servlet-name>
       <url-pattern>/LottoEJBWS</url-pattern>
       </servlet-mapping>
       <session-config>
       <session-timeout>30</session-timeout>
       </session-config>
       <welcome-file-list>
       <welcome-file>index.html</welcome-file>
       <welcome-file>index.htm</welcome-file>
       <welcome-file>index.jsp</welcome-file>
       <welcome-file>default.html</welcome-file>
       <welcome-file>default.htm</welcome-file>
       <welcome-file>default.jsp</welcome-file>
       </welcome-file-list>
      </web-app>
      


      jboss-wsse-client.xml

      <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xsi:schemaLocation="http://www.jboss.com/ws-security/config
      http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
       <config>
       <sign type="x509v3" alias="s1as" includeTimestamp="false"/>
       <encrypt type="x509v3"
       alias="s1as"/>
       <requires>
       <signature/>
       <encryption/>
       </requires>
       </config>
      </jboss-ws-security>


      jboss-wsse-server.xml

      <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
      xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
      xsi:schemaLocation="http://www.jboss.com/ws-security/config
      http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">
       <config>
       <sign type="x509v3" alias="s1as" includeTimestamp="false"/>
       <encrypt type="x509v3"
       alias="s1as"/>
       <requires>
       <signature/>
       <encryption/>
       </requires>
       </config>
      </jboss-ws-security>


      Since @EndpointConfig points to AS_HOME/server/default/deploy/jbosswss.sar/META-INF no need to includes standard-jaxws-endpoint-config.xml.
      All the above described in addition with Trust + Keystore is packed as war file and deployed successfull.

      The Client Side is implemented as shown below. To get Service classes etc. wsconsume -k <wsdl-url> was used. All automatically generated files arent shown. So the Cleint looks like...

      /*
       * Main.java
       *
       * Created on 22. Juni 2008, 18:20
       *
       * To change this template, choose Tools | Template Manager
       * and open the template in the editor.
       */
      
      package com.tools.wsse;
      
      import java.io.File;
      import java.net.URL;
      import java.util.ArrayList;
      import java.util.Iterator;
      import java.util.List;
      import javax.jws.HandlerChain;
      import javax.xml.namespace.QName;
      import javax.xml.ws.BindingProvider;
      import javax.xml.ws.Service;
      import javax.xml.ws.WebServiceClient;
      import javax.xml.ws.handler.Handler;
      import org.apache.log4j.Logger;
      import org.apache.log4j.PropertyConfigurator;
      import org.jboss.ws.core.StubExt;
      import org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerClient;
      import org.jboss.ws.extensions.addressing.jaxws.WSAddressingClientHandler;
      
      /**
       *
       * @author Wolfram
       */
      public class Main {
      
       /** Creates a new instance of Main */
       public Main() {}
      
       public static void main(String[] args) {
      
       try { // Call Web Service Operation
       // PropertyConfigurator.configure("src//log4j.properties");
      
       System.setProperty("org.jboss.ws.wsse.keyStore", "src/WEB-INF/keystore.jks");
       System.setProperty("org.jboss.ws.wsse.trustStore", "src/WEB-INF/cacerts.jks");
       System.setProperty("org.jboss.ws.wsse.keyStorePassword", "changeit");
       System.setProperty("org.jboss.ws.wsse.trustStorePassword", "changeit");
       System.setProperty("org.jboss.ws.wsse.keyStoreType", "jks");
       System.setProperty("org.jboss.ws.wsse.trustStoreType", "jks");
      
       URL wsdlURL = new URL("http://localhost:8080/LottoWSSE-war/LottoEJBWS?wsdl");
       QName serviceName = new QName("urn:com:tools:wsse", "LottoEJBWSService");
       Service service = Service.create(wsdlURL, serviceName);
       LottoEJBWS port = service.getPort(LottoEJBWS.class);
       System.out.println(System.getProperty("user.dir").toString());
       ((StubExt) port).setSecurityConfig(new File("src/META-INF/jboss-wsse-client.xml").toURI().toURL().toExternalForm());
       ((StubExt) port).setConfigName("Standard WSSecurity Client");
      
       BindingProvider bindingProvider = (BindingProvider)port;
       List<Handler> handlerChain = new ArrayList<Handler>();
       handlerChain.add(new WSAddressingClientHandler());
       handlerChain.add(new WSSecurityHandlerClient());
       handlerChain.add(new LogHandler());
       bindingProvider.getBinding().setHandlerChain(handlerChain);
      
       //org.me.client.LottoEJBWSService service = new org.me.client.LottoEJBWSService();
       //org.me.client.LottoEJBWS port = service.getLottoEJBWSPort();
      
       // TODO process result here
      
       java.lang.String result = port.get6From49();
       System.out.println("Result = "+result);
       } catch (Exception ex) {
       System.out.println("Fehler: " + ex.getMessage());
       ex.printStackTrace(System.out);
       }
      
       }
      }
      
      


      the file jboss-wsse-client.xml is the same like above ones.

      The SoapRequest is signed and encrypted. but the server throws the following Exception.

      14:35:26,515 ERROR [SOAPFaultHelperJAXWS] SOAP request exception
      org.jboss.ws.core.CommonSOAPFaultException: Endpoint {urn:com:tools:wsse}LottoEJBWSPort does not contain operation meta data for: {http://www.w3.org/2001/04/xmlenc#}EncryptedData
       at org.jboss.ws.core.server.ServiceEndpointInvoker.getDispatchDestination(ServiceEndpointInvoker.java:468)
       at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:177)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:466)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:284)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:201)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:134)
       at org.jboss.wsf.stack.jbws.EndpointServlet.service(EndpointServlet.java:84)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
       at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
       at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
       at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
       at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
       at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
       at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
       at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
       at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
       at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
       at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
       at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
       at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
       at java.lang.Thread.run(Thread.java:595)
      14:35:26,515 ERROR [SOAPFaultHelperJAXRPC] SOAP request exception
      javax.xml.rpc.soap.SOAPFaultException: Endpoint {urn:com:tools:wsse}LottoEJBWSPort does not contain operation meta data for: {http://www.w3.org/2001/04/xmlenc#}EncryptedData
       at org.jboss.ws.core.jaxrpc.SOAPFaultHelperJAXRPC.exceptionToFaultMessage(SOAPFaultHelperJAXRPC.java:189)
       at org.jboss.ws.core.jaxws.SOAPFaultHelperJAXWS.exceptionToFaultMessage(SOAPFaultHelperJAXWS.java:170)
       at org.jboss.ws.core.jaxws.binding.SOAP11BindingJAXWS.createFaultMessageFromException(SOAP11BindingJAXWS.java:104)
       at org.jboss.ws.core.CommonSOAPBinding.bindFaultMessage(CommonSOAPBinding.java:671)
       at org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:279)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:466)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:284)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:201)
       at org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:134)
       at org.jboss.wsf.stack.jbws.EndpointServlet.service(EndpointServlet.java:84)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
       at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
       at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
       at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
       at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
       at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
       at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
       at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
       at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
       at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
       at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
       at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
       at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
       at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
       at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
       at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
       at java.lang.Thread.run(Thread.java:595)



      I hope to pointed out detaily my problem and looking froward for response.

      Thank You

        • 1. Re: ...Port does not contain operation meta data for: {http:
          helmutdoe

          Hi
          i tried several combinations of modifing jboss-wsse-*.xml

           <port name="LottoEJBWSPort">
           <operation name="{urn:com:tools:wsse}setValue">
           <config>
           <sign type="x509v3" alias="s1as" includeTimestamp="false">
           <targets>
           <target type="qname">setValueResponse</target>
           </targets>
           </sign>
           <encrypt type="x509v3" alias="s1as">
           <targets>
           <target type="qname">setValueResponse</target>
           </targets>
           </encrypt>
           <requires>
           <signature/>
           <encryption/>
           </requires>
           </config>
           </operation>
           </port>
          
          


          unfortunately the result is the same. in this example http://wiki.jboss.org/wiki/WSSecurityComplexExample i saw that for respose elements a typeNamespace has been setted. Since i work with JAXWS i didnt found the annotation to activate this.

          Thanks in advance ....

          if it is a Bug how can i report it?


          • 2. Re: ...Port does not contain operation meta data for: {http:
            asoldano

            You can add an issue on http://jira.jboss.org/jira/browse/JBWS. Please attach a simple application showing the behaviour you're seeing.

            • 3. Re: ...Port does not contain operation meta data for: {http:
              timeagentess

              @helmutdoe: What error do you get when you only request signing in jboss-wsse-*.xml?
              (I'd like to see if my behaviour is the same, or whether I'm having additional problems)

              Thanks!

              • 4. Re: ...Port does not contain operation meta data for: {http:
                helmutdoe

                Hi,

                if i disable encryption and only sign my requests all is don completly successfull without occuring any kind of errors. Last night i tried downgrading again and used JEMS Installer: http://www.jboss.org/jemsinstaller/downloads/. After i had patched the included jbossws stack from 2.0.1 -> 2.0.4 i get a new error which was allready discussed in this forum.

                [Reference] Verification failed for URI "#timestamp"
                11:14:36,296 ERROR [WSSecurityDispatcher] Internal error occured handling inbound message:
                org.jboss.ws.extensions.security.exception.FailedCheckException: Signature is invalid.
                 at org.jboss.ws.extensions.security.operation.SignatureVerificationOperation.process(SignatureVerificationOperation.java:65)
                 at org.jboss.ws.extensions.security.SecurityDecoder.decode(SecurityDecoder.java:134)
                
                


                Since i had downgraded from 3.0.2 to 2.0.4 disabeling timestamps
                <sign .... includeTimestamp="false"/>


                arent allwoed any more.

                I cant imagine that everyone who implements Webservices using jbossws - stack donot use encryption. If someone got this allready working please post an example :).

                BIG Thanks and i hope that helps you
                timeagentess

                Bye


                • 5. Re: ...Port does not contain operation meta data for: {http:
                  timeagentess

                  Thank you! Well, I'll be following closely the jira issue related to this :)
                  Good luck to you, too!

                  • 6. Re: ...Port does not contain operation meta data for: {http:
                    thomasjvi

                    Hi All,
                    I am using the exact same way as mentioned above. I am not able to use the jbossws_client.jar file in my lib folder to avoid compilation error while using org.jboss.ws.annotation.EndpointConfig. This give some conflict with the existing implimentation. Can I use any other jar file for making my ear file?##
                    TJ

                    • 7. Re: ...Port does not contain operation meta data for: {http:
                      ksinno

                      Hi,

                      Any updates on this issue ? Has anyone been able to solve it ?
                      I'm using JBoss 5.1.0 and I get this problem. (SOAPFaultException... Port does not contain operation meta data for EncryptedData... )
                      Also what is the key for this issue on Jira ?

                      thanks!

                      • 8. Re: ...Port does not contain operation meta data for: {http:
                        ksinno

                        Hi,

                        JBoss processes the HandlerTypes in the following order for JAXWS:
                        POST
                        ENDPOINT
                        PRE

                        Since the POST handler needs to parse some information from the soap message to identify the ENDPOINT handler chain to call, you should do your decrypting at the level of the POST handler.
                        To do this, you can annotate your webservice class with @EndpointConfig and define your post handlers in the file standard-jaxws-endpoint-config.xml under META-INF

                        Alternatively, to stay independent from JBoss specific code (ie no dependency to JBoss), you do the below configuration at the level of the deployment descriptors, by modifying the file standard-jaxws-endpoint-config.xml under [JBOSS_HOME]\server\[type]\deployers\jbossws.deployer\META-INF (path differs for JBoss 4.3 ... but same file name) and adding your post-handler chain (example below).

                        <endpoint-config>
                         <config-name>Murex Security Handlers</config-name>
                         <post-handler-chains>
                         <javaee:handler-chain>
                         <javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings>
                         <javaee:handler>
                         <javaee:handler-name>My Security Handler</javaee:handler-name>
                         <javaee:handler-class>package.security.MySecurityClass</javaee:handler-class>
                         </javaee:handler>
                         </javaee:handler-chain>
                         </post-handler-chains>
                         </endpoint-config>


                        The Config-name you create should be referenced in your web.xml file inside your war file such as the following:
                        <context-param>
                         <param-name>jbossws-config-name</param-name>
                         <param-value>My Security Handler</param-value>
                         </context-param>


                        Cheers.