CXF exception: unsupported signature or encryption algorithm
concombremasqué Jun 18, 2009 1:03 PMHi there,
I have developed a simple CXF 2.2 WS client application using WS-Policy and WS-Security to connect to a remote Web Service. It works great and I'm happy with that.
My issue now:
I am currently trying to package this as an OSGi bundle. When I deploy it on FUSE ESB 4.1 I get the following exception:
18:25:36,656 | INFO | xtenderThread-14 | PhaseInterceptorChain | g.apache.cxf.endpoint.ClientImpl 469 | Interceptor has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: An unsupported signature or encryption algorithm was used (unsupported key transport encryption algorithm: No such algorithm: http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p)
at org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:384)
at org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.handleBinding(SymmetricBindingHandler.java:113)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:130)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:73)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:236)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:469)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:299)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:251)
at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:403)
at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:310)
at org.apache.cxf.ws.security.policy.interceptors.SecureConversationOutInterceptor.issueToken(SecureConversationOutInterceptor.java:156)
at org.apache.cxf.ws.security.policy.interceptors.SecureConversationOutInterceptor.handleMessage(SecureConversationOutInterceptor.java:68)
at org.apache.cxf.ws.security.policy.interceptors.SecureConversationOutInterceptor.handleMessage(SecureConversationOutInterceptor.java:43)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:236)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:469)
..........
I have installed the JCE for unlimited strength crypto so I think everything is fine here.
I then try to find differences between my sample application and the bundle and I ask myself if this may be due to BouncyCastle as it seems it is not present/installed as a bundle by default in FUSE ESB 4.1 (bouncycastle is a dependency in my sample application project).
Is this the solution? Is there a ready to use BouncyCastle bundle somewhere?
Thanks a lot.
DD