Can not engage WS security
lordxxx Dec 16, 2008 5:05 AMHi all,
I have troubles making JBoss 5.0 GA to sign my SOAP messages.
I have an external web-service on HTTPS hosting. It expects all incoming messages to be singed with BinarySecurityToken element.
I performed the following steps:
1. Read http://jbws.dyndns.org/mediawiki/index.php/JAX-WS_User_Guide#WS-Security tutirial.
2. Put jboss-wsse-client.xml and jboss-wsse-server.xml to WEB-INF of my client web-application. The content was the following:
<?xml version = "1.0" encoding = "UTF-8"?> <jboss-ws-security xmlns = "http://www.jboss.com/ws-security/config" xmlns:xsi = "http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation = "http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd"> <key-store-file>WEB-INF/.keystore</key-store-file> <key-store-password>123456</key-store-password> <trust-store-file>WEB-INF/.truststore</trust-store-file> <trust-store-password>123456</trust-store-password> <config> <sign type = "x509v3" alias = "ec2"></sign> <requires> <signature></signature> </requires> </config> </jboss-ws-security>
3. Put .keystore and .trustore files in WEB-INF.
4. Called web-service. The following exception was found in log:
12:56:19,140 ERROR [HTTPClientInvoker] Error creating SSL Socket Factory for client invoker: Error initializing socket factory SSL context: Can not find truststore url.
javax.xml.ws.soap.SOAPFaultException: Service was not able to authenticate the request: access credentials are missing
at org.jboss.ws.core.jaxws.SOAPFaultHelperJAXWS.getSOAPFaultException(SOAPFaultHelperJAXWS.java:84)
at org.jboss.ws.core.jaxws.binding.SOAP11BindingJAXWS.throwFaultException(SOAP11BindingJAXWS.java:107)
at org.jboss.ws.core.CommonSOAPBinding.unbindResponseMessage(CommonSOAPBinding.java:577)
at org.jboss.ws.core.CommonClient.invoke(CommonClient.java:381)
at org.jboss.ws.core.jaxws.client.ClientImpl.invoke(ClientImpl.java:291)
at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:170)
at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:150)
at $Proxy160.describeImages(Unknown Source)
at com.amazon.demo.TestCall.doGet(TestCall.java:55)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:690)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:235)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:190)
at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:92)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.process(SecurityContextEstablishmentValve.java:126)
at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:70)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:330)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:828)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:601)
at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:447)
at java.lang.Thread.run(Thread.java:619)
It seems that security is still turned off.
Do you guys have any ideas on what I did wrong?
Thanks.