[8.1.0.CR1][8.1.0.CR2] WS-Security incoming XML(request)signature validation problem
I'm developing and application(web services) with enabled WS-Security (request/response signature ). Client implementation file are generated as CXF artifacts from WSDL.
When application in run on Wildfly 8.0.0 everythink is ok. But on 8.1.0.CR1 8.1.0.CR2 signature validation fails on server side with message (The signature or decryption was invalid). Keystore/trust store are the same and are loaded properly.
As a client I use (for tests) SOUPUI 4.6.2 with configured outgoing WSS. There where any changes in WS-Security module in 8.1.0 ?
Below an exception from server.log
2014-05-13 15:44:06,290 DEBUG [org.apache.jcp.xml.dsig.internal.dom.DOMReference] (default task-1) Expected digest: vtU+R6sx2DPgvIbyOwg7QBszFMrhAdvhCvyT1e4B+JQ= 2014-05-13 15:44:06,290 DEBUG [org.apache.jcp.xml.dsig.internal.dom.DOMReference] (default task-1) Actual digest: Ob3MjaGZysaxRf6LyLKLR6madutOpH8nFxkzPvbABUA= 2014-05-13 15:44:06,290 DEBUG [org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature] (default task-1) Reference[#id-55] is valid: false 2014-05-13 15:44:06,291 DEBUG [org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature] (default task-1) Couldn't validate the References 2014-05-13 15:44:06,291 DEBUG [org.apache.ws.security.processor.SignatureProcessor] (default task-1) XML Signature verification has failed 2014-05-13 15:44:06,291 DEBUG [org.apache.ws.security.processor.SignatureProcessor] (default task-1) Signature Validation check: true 2014-05-13 15:44:06,291 DEBUG [org.apache.ws.security.processor.SignatureProcessor] (default task-1) Reference #id-55 check: false 2014-05-13 15:44:06,293 WARNING [org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor] (default task-1) : org.apache.ws.security.WSSecurityException: The signature or decryption was invalid at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:451) [wss4j-1.6.14.jar:1.6.14] at org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:231) [wss4j-1.6.14.jar:1.6.14] at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396) [wss4j-1.6.14.jar:1.6.14] at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:270) at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:120) at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:105) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272) at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:239) at org.jboss.wsf.stack.cxf.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:93) at org.jboss.wsf.stack.cxf.transport.ServletHelper.callRequestHandler(ServletHelper.java:133) at org.jboss.wsf.stack.cxf.CXFServletExt.invoke(CXFServletExt.java:88) at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:286) at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:206) at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final] at org.jboss.wsf.stack.cxf.CXFServletExt.service(CXFServletExt.java:136) at org.jboss.wsf.spi.deployment.WSFServlet.service(WSFServlet.java:140) [jbossws-spi-2.2.2.Final.jar:2.2.2.Final] at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final] at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85) at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:61) at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:113) at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:56) at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45) at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:61) at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70) at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25) at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:240) at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:227) at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:73) at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:146) at io.undertow.server.Connectors.executeRootHandler(Connectors.java:168) at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:727) at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_45] at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_45] at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_45]
I think problem may be in xml Canonicalization method because soupui request is little bit different than XML found in servel log
On client side looks like
<soapenv:Body wsu:Id="id-55" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
Server side log
2014-05-13 15:44:06,287 DEBUG [org.apache.jcp.xml.dsig.internal.DigesterOutputStream] (default task-1) Pre-digested input: 2014-05-13 15:44:06,287 DEBUG [org.apache.jcp.xml.dsig.internal.DigesterOutputStream] (default task-1) <soapenv:Body xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:v1r3="http://www.hp.com/mobicore/services/iss/v1r3" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-55"> (rest of an XML looks same as client sied)
Used WS-Policies in attachemt(policy.txt)
Server log
2014-05-13 15:44:06,263 DEBUG [org.apache.xml.security.transforms.Transform] (default task-1) Create URI "http://www.w3.org/2001/10/xml-exc-c14n#" class "class org.apache.xml.security.transforms.implementations.TransformC14NExclusive"
2014-05-13 15:44:06,263 DEBUG [org.apache.xml.security.transforms.Transform] (default task-1) The NodeList is [ds:CanonicalizationMethod: null]
2014-05-13 15:44:06,264 DEBUG [org.apache.xml.security.utils.ElementProxy] (default task-1) setElement(ds:CanonicalizationMethod, "null"
2014-05-13 15:44:06,264 DEBUG [org.apache.jcp.xml.dsig.internal.dom.ApacheCanonicalizer] (default task-1) Created transform for algorithm: http://www.w3.org/2001/10/xml-exc-c14n#
2014-05-13 15:44:06,264 DEBUG [org.apache.jcp.xml.dsig.internal.dom.ApacheCanonicalizer] (default task-1) isNodeSet() = true
2014-05-13 15:44:06,267 DEBUG [org.apache.xml.security.utils.ElementProxy] (default task-1) setElement("ec:InclusiveNamespaces", "null")
2014-05-13 15:44:06,276 DEBUG [org.apache.jcp.xml.dsig.internal.dom.DOMSignedInfo] (default task-1) Canonicalized SignedInfo:
2014-05-13 15:44:06,276 DEBUG [org.apache.jcp.xml.dsig.internal.dom.DOMSignedInfo] (default task-1) (removed)
2014-05-13 15:44:06,277 DEBUG [org.apache.jcp.xml.dsig.internal.dom.DOMSignedInfo] (default task-1) Data to be signed/verified:(removed)
2014-05-13 15:44:06,283 DEBUG [org.apache.jcp.xml.dsig.internal.dom.DOMReference] (default task-1) URIDereferencer class name: org.apache.jcp.xml.dsig.internal.dom.DOMURIDereferencer
2014-05-13 15:44:06,283 DEBUG [org.apache.jcp.xml.dsig.internal.dom.DOMReference] (default task-1) Data class name: org.apache.jcp.xml.dsig.internal.dom.ApacheNodeSetData
2014-05-13 15:44:06,285 DEBUG [org.apache.xml.security.transforms.Transform] (default task-1) Create URI "http://www.w3.org/2001/10/xml-exc-c14n#" class "class org.apache.xml.security.transforms.implementations.TransformC14NExclusive"
2014-05-13 15:44:06,285 DEBUG [org.apache.xml.security.transforms.Transform] (default task-1) The NodeList is [ds:Transform: null]
2014-05-13 15:44:06,286 DEBUG [org.apache.xml.security.utils.ElementProxy] (default task-1) setElement(ds:Transform, "null"
2014-05-13 15:44:06,286 DEBUG [org.apache.jcp.xml.dsig.internal.dom.ApacheCanonicalizer] (default task-1) Created transform for algorithm: http://www.w3.org/2001/10/xml-exc-c14n#
2014-05-13 15:44:06,286 DEBUG [org.apache.jcp.xml.dsig.internal.dom.ApacheCanonicalizer] (default task-1) ApacheData = true
2014-05-13 15:44:06,286 DEBUG [org.apache.xml.security.utils.ElementProxy] (default task-1) setElement("ec:InclusiveNamespaces", "null")
2014-05-13 15:44:06,287 DEBUG [org.apache.jcp.xml.dsig.internal.DigesterOutputStream] (default task-1) Pre-digested input:
2014-05-13 15:44:06,287 DEBUG [org.apache.jcp.xml.dsig.internal.DigesterOutputStream] (default task-1) <soapenv:Body xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:v1r3="http://www.hp.com/mobicore/services/iss/v1r3" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="id-55">
(rest of an XML)
2014-05-13 15:44:06,290 DEBUG [org.apache.jcp.xml.dsig.internal.dom.DOMReference] (default task-1) Expected digest: vtU+R6sx2DPgvIbyOwg7QBszFMrhAdvhCvyT1e4B+JQ=
2014-05-13 15:44:06,290 DEBUG [org.apache.jcp.xml.dsig.internal.dom.DOMReference] (default task-1) Actual digest: Ob3MjaGZysaxRf6LyLKLR6madutOpH8nFxkzPvbABUA=
2014-05-13 15:44:06,290 DEBUG [org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature] (default task-1) Reference[#id-55] is valid: false
2014-05-13 15:44:06,291 DEBUG [org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature] (default task-1) Couldn't validate the References
2014-05-13 15:44:06,291 DEBUG [org.apache.ws.security.processor.SignatureProcessor] (default task-1) XML Signature verification has failed
2014-05-13 15:44:06,291 DEBUG [org.apache.ws.security.processor.SignatureProcessor] (default task-1) Signature Validation check: true
2014-05-13 15:44:06,291 DEBUG [org.apache.ws.security.processor.SignatureProcessor] (default task-1) Reference #id-55 check: false
2014-05-13 15:44:06,293 WARNING [org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor] (default task-1) : org.apache.ws.security.WSSecurityException: The signature or decryption was invalid
at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:451) [wss4j-1.6.14.jar:1.6.14]
at org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:231) [wss4j-1.6.14.jar:1.6.14]
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396) [wss4j-1.6.14.jar:1.6.14]
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:270)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:120)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:105)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:239)
at org.jboss.wsf.stack.cxf.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:93)
at org.jboss.wsf.stack.cxf.transport.ServletHelper.callRequestHandler(ServletHelper.java:133)
at org.jboss.wsf.stack.cxf.CXFServletExt.invoke(CXFServletExt.java:88)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:286)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:206)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
at org.jboss.wsf.stack.cxf.CXFServletExt.service(CXFServletExt.java:136)
at org.jboss.wsf.spi.deployment.WSFServlet.service(WSFServlet.java:140) [jbossws-spi-2.2.2.Final.jar:2.2.2.Final]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)
at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:61)
at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)
at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:113)
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:56)
at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45)
at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:61)
at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58)
at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70)
at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)
at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:240)
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:227)
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:73)
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:146)
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:168)
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:727)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_45]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_45]
at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_45]
2014-05-13 15:44:06,317 FINE [org.apache.cxf.phase.PhaseInterceptorChain] (default task-1) Invoking handleFault on interceptor org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor@3ff23b51
2014-05-13 15:44:06,317 FINE [org.apache.cxf.phase.PhaseInterceptorChain] (default task-1) Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.MustUnderstandInterceptor@e3f7d41
2014-05-13 15:44:06,317 FINE [org.apache.cxf.phase.PhaseInterceptorChain] (default task-1) Invoking handleFault on interceptor org.apache.cxf.ws.mex.MEXInInterceptor@37910cd5
2014-05-13 15:44:06,317 FINE [org.apache.cxf.phase.PhaseInterceptorChain] (default task-1) Invoking handleFault on interceptor org.jboss.wsf.stack.cxf.interceptor.EnableDecoupledFaultInterceptor@5af25a7
2014-05-13 15:44:06,318 FINE [org.apache.cxf.phase.PhaseInterceptorChain] (default task-1) Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.StartBodyInterceptor@18472fff
2014-05-13 15:44:06,318 FINE [org.apache.cxf.phase.PhaseInterceptorChain] (default task-1) Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.SoapActionInInterceptor@44d28296
2014-05-13 15:44:06,318 FINE [org.apache.cxf.phase.PhaseInterceptorChain] (default task-1) Invoking handleFault on interceptor org.apache.cxf.binding.soap.interceptor.ReadHeadersInterceptor@13681cfd
2014-05-13 15:44:06,318 FINE [org.apache.cxf.phase.PhaseInterceptorChain] (default task-1) Invoking handleFault on interceptor org.apache.cxf.binding.soap.saaj.SAAJInInterceptor$SAAJPreInInterceptor@544e4733
2014-05-13 15:44:06,318 FINE [org.apache.cxf.phase.PhaseInterceptorChain] (default task-1) Invoking handleFault on interceptor org.apache.cxf.frontend.WSDLGetInterceptor@21fd9c
2014-05-13 15:44:06,318 FINE [org.apache.cxf.phase.PhaseInterceptorChain] (default task-1) Invoking handleFault on interceptor org.apache.cxf.interceptor.StaxInInterceptor@3dd27837
2014-05-13 15:44:06,318 FINE [org.apache.cxf.phase.PhaseInterceptorChain] (default task-1) Invoking handleFault on interceptor org.apache.cxf.transport.https.CertConstraintsInterceptor@4936b658
2014-05-13 15:44:06,318 FINE [org.apache.cxf.phase.PhaseInterceptorChain] (default task-1) Invoking handleFault on interceptor org.apache.cxf.interceptor.AttachmentInInterceptor@13e19073
2014-05-13 15:44:06,318 FINE [org.apache.cxf.phase.PhaseInterceptorChain] (default task-1) Invoking handleFault on interceptor org.jboss.wsf.stack.cxf.interceptor.EndpointAssociationInterceptor@3a71ce8b
2014-05-13 15:44:06,318 FINE [org.apache.cxf.phase.PhaseInterceptorChain] (default task-1) Invoking handleFault on interceptor org.apache.cxf.ws.policy.PolicyInInterceptor@34b87697
2014-05-13 15:44:06,319 WARNING [org.apache.cxf.phase.PhaseInterceptorChain] (default task-1) Interceptor for {http://www.hp.com/mobicore/services/iss/v1r3}IssAuthService has thrown exception, unwinding now: org.apache.cxf.binding.soap.SoapFault: The signature or decryption was invalid
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:844)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:327)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:120)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:105)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:239)
at org.jboss.wsf.stack.cxf.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:93)
at org.jboss.wsf.stack.cxf.transport.ServletHelper.callRequestHandler(ServletHelper.java:133)
at org.jboss.wsf.stack.cxf.CXFServletExt.invoke(CXFServletExt.java:88)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:286)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:206)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
at org.jboss.wsf.stack.cxf.CXFServletExt.service(CXFServletExt.java:136)
at org.jboss.wsf.spi.deployment.WSFServlet.service(WSFServlet.java:140) [jbossws-spi-2.2.2.Final.jar:2.2.2.Final]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)
at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:61)
at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)
at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:113)
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:56)
at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:45)
at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:61)
at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58)
at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:70)
at io.undertow.security.handlers.SecurityInitialHandler.handleRequest(SecurityInitialHandler.java:76)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)
at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:25)
at io.undertow.servlet.handlers.ServletInitialHandler.handleFirstRequest(ServletInitialHandler.java:240)
at io.undertow.servlet.handlers.ServletInitialHandler.dispatchRequest(ServletInitialHandler.java:227)
at io.undertow.servlet.handlers.ServletInitialHandler.access$000(ServletInitialHandler.java:73)
at io.undertow.servlet.handlers.ServletInitialHandler$1.handleRequest(ServletInitialHandler.java:146)
at io.undertow.server.Connectors.executeRootHandler(Connectors.java:168)
at io.undertow.server.HttpServerExchange$1.run(HttpServerExchange.java:727)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145) [rt.jar:1.7.0_45]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615) [rt.jar:1.7.0_45]
at java.lang.Thread.run(Thread.java:744) [rt.jar:1.7.0_45]
Caused by: org.apache.ws.security.WSSecurityException: The signature or decryption was invalid
at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:451) [wss4j-1.6.14.jar:1.6.14]
at org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:231) [wss4j-1.6.14.jar:1.6.14]
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396) [wss4j-1.6.14.jar:1.6.14]
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:270)
... 39 more
-
policy.txt.zip 542 bytes
