JBossDeveloper

This is finally a core ws-security implementation exception. You should check the logs for the complete exception stacktrace (a WSSecurityException that is then converted to the CommonSOAPFaultException you get) or error, giving us hints about the problem. Generally speaking this is somehow related to the keystore/truststore configuration since in the try/catch block that might raise this exception, actual sign/encrypt is performed.

The book JBoss in Action (http://www.manning.com/jamae/) contains a chapter on web services (chapter 9). (You have to sign up for MEAP to get access to that chapter.) In that chapter, I describe all of the steps necessary to set up WSSecurity for a web service and its client, including both encryption and signing. The section on signing uses both signing and encryption, but you can leave off the encryption part.

The example code in that chapter is complete, even the statements to build the keystores are provided. So it should have everything you need. (At some point, the source code for the book will also be posted. Not sure of the timing for that.)

Were you able to configure WS security by any chance..I tried a lot of options bu still couldnt get it working. Can you please share the steps as to how to create the client and server for WS Security.
Your help is needed urgently
Regards
Shashank

Did you get the book? The section on configuring WSSecurity is very detailed.

Hi Peter,
I havent yet got the book.Dont have the fund right now..
May be if you can help me out only on this Web service security stuff ,it would be really helpful
Regards
Shashank

Hi,
I tried to purchase the EBook but it does not who up India as the country in the drop down.
Pls let me know how can i purchase it
Regards
Shashank

Also one more question is that do the examples in book work on JBoss4.2
Regards
Shashank

Contact Manning if you have problems purchasing the book. There should be a link somewhere on the Manning web site. And yes the examples work on 4.2 - that is all I had when I first came up with the examples. I do not recall changing anything to get the examples working on 5.0 beta3. But then it has been over a year since I initially put the examples together...

Thx peter

Hi Peter,
I purchased the book. I see this is a JAX-RPC kind of implementation. Mine is a JAX-WS style of web service and also I didnt get much information on how to configure a standalone client.Pls help on that
Regards
Shashank

Here is another example using WS-Security too: http://jbws.dyndns.org/mediawiki/index.php?title=Security_and_attachments_sample
Source code is available through SVN only until we release the next JBossWS version.

Hi,
My client jar is configured like this
META-INF
jboss-wsse-client.xml
standard-jaxws-client.xml

com
test
Has all proxy classes generated by wsconsume tool

and
com
test
standalone

Has the java class for calling the web service through the port

All my files are configured properly and I am setting all jars required as per wsrunclient tool in the classpath. Still the client is not adding the <wsse-security tags as required by server. This is the error I get on server.Seems server is set up properly to accept the encryped data but client is unable to call the outbound handler...
This is the client messges I get

DEBUG [main] (JAXWSClientMetaDataBuilder.java:77) - START buildMetaData: [servic
e={http://org.jboss.ws/samples/wssecurity}SecureService]
DEBUG [main] (WSDLDefinitionsFactory.java:102) - parse: http://127.0.0.1:8080/Te
stSecure/SecureService?wsdl
DEBUG [main] (JAXWSClientMetaDataBuilder.java:103) - END buildMetaData:
UnifiedMetaData:
implementation: jbossws-native-2.0.3.GA (build=200801251318)
deploymentName: null
securityDomain: null

ServiceMetaData:
qname={http://org.jboss.ws/samples/wssecurity}SecureService
refName=null
wsdName=null
wsdlFile=null
wsdlLocation=http://127.0.0.1:8080/TestSecure/SecureService?wsdl
jaxrpcMapping=null
publishLocation=null
securityConfig=null
properties=null

TypesMetaData:


ClientEndpointMetaData:
type=JAXWS
qname={http://org.jboss.ws/samples/wssecurity}SecureServicePort
address=http://127.0.0.1:8080/TestSecure/SecureService
binding=http://schemas.xmlsoap.org/wsdl/soap/http
seiName=null
configFile=META-INF/standard-jaxws-client-config.xml
configName=Standard Client
authMethod=null
properties={}

OperationMetaData:
qname={http://org.jboss.ws/samples/wssecurity}getName
javaName={http://org.jboss.ws/samples/wssecurity}getName
style=rpc/literal
oneWay=false
soapAction=
DEBUG [main] (JAXWSClientMetaDataBuilder.java:277) - START: rebuildMetaData
DEBUG [main] (EndpointMetaData.java:311) - setParameterStyle: null
DEBUG [main] (JAXWSMetaDataBuilder.java:134) - processSOAPBinding on: com.hp.sec
urity.client.SecureService
DEBUG [main] (EndpointMetaData.java:311) - setParameterStyle: WRAPPED
DEBUG [main] (EndpointMetaData.java:708) - Create new config [name=Standard Clie
nt,file=META-INF/standard-jaxws-client-config.xml]
DEBUG [main] (JBossWSConfigFactory.java:125) - getConfig: [name=Standard Client,
url=META-INF/standard-jaxws-client-config.xml]
DEBUG [main] (JBossWSConfigFactory.java:71) - parse: jar:file:/C:/jboss_new/clie
nt/jbossws-client.jar!/META-INF/standard-jaxws-client-config.xml
DEBUG [main] (EndpointMetaData.java:763) - Configure EndpointMetaData
DEBUG [main] (EndpointMetaData.java:775) - Added 0 PRE handlers
DEBUG [main] (EndpointMetaData.java:776) - Added 0 ENDPOINT handlers
DEBUG [main] (EndpointMetaData.java:777) - Added 0 POST handlers
DEBUG [main] (JAXWSMetaDataBuilder.java:938) - JAXBContext [types=[class java.la
ng.String, class java.lang.String],tns=http://org.jboss.ws/samples/wssecurity]
DEBUG [main] (OperationMetaData.java:207) - Found best matching java method: pub
lic abstract java.lang.String com.hp.security.client.SecureService.getName(java.
lang.String)
DEBUG [main] (JAXWSClientMetaDataBuilder.java:323) - END: rebuildMetaData

ServiceMetaData:
qname={http://org.jboss.ws/samples/wssecurity}SecureService
refName=null
wsdName=null
wsdlFile=null
wsdlLocation=http://127.0.0.1:8080/TestSecure/SecureService?wsdl
jaxrpcMapping=null
publishLocation=null
securityConfig=null
properties=null

TypesMetaData:
[complexType={http://www.w3.org/2001/XMLSchema}string,javaType=java.lang.Strin
g]


ClientEndpointMetaData:
type=JAXWS
qname={http://org.jboss.ws/samples/wssecurity}SecureServicePort
address=http://127.0.0.1:8080/TestSecure/SecureService
binding=http://schemas.xmlsoap.org/wsdl/soap/http
seiName=com.hp.security.client.SecureService
configFile=META-INF/standard-jaxws-client-config.xml
configName=Standard Client
authMethod=null
properties={}

OperationMetaData:
qname={http://org.jboss.ws/samples/wssecurity}getName
javaName=getName
style=rpc/literal
oneWay=false
soapAction=
ParameterMetaData:
xmlName=name
partName=name
xmlType={http://www.w3.org/2001/XMLSchema}string
javaType=java.lang.String
mode=IN
inHeader=false
index=0
ReturnMetaData:
xmlName=return
partName=return
xmlType={http://www.w3.org/2001/XMLSchema}string
javaType=java.lang.String
mode=OUT
inHeader=false
index=-1
DEBUG [main] (EndpointMetaData.java:628) - Configure SOAPBinding
DEBUG [main] (HandlerResolverImpl.java:125) - initHandlerChain: PRE
DEBUG [main] (HandlerResolverImpl.java:125) - initHandlerChain: ENDPOINT
DEBUG [main] (HandlerResolverImpl.java:125) - initHandlerChain: POST
DEBUG [main] (HandlerResolverImpl.java:99) - getHandlerChain: [type=PRE,info=[se
rvice={http://org.jboss.ws/samples/wssecurity}SecureService,port={http://org.jbo
ss.ws/samples/wssecurity}SecureServicePort,binding=http://schemas.xmlsoap.org/ws
dl/soap/http]]
DEBUG [main] (HandlerResolverImpl.java:99) - getHandlerChain: [type=POST,info=[s
ervice={http://org.jboss.ws/samples/wssecurity}SecureService,port={http://org.jb
oss.ws/samples/wssecurity}SecureServicePort,binding=http://schemas.xmlsoap.org/w
sdl/soap/http]]
DEBUG [main] (HandlerResolverImpl.java:99) - getHandlerChain: [type=ENDPOINT,inf
o=[service={http://org.jboss.ws/samples/wssecurity}SecureService,port={http://or
g.jboss.ws/samples/wssecurity}SecureServicePort,binding=http://schemas.xmlsoap.o
rg/wsdl/soap/http]]
DEBUG [main] (BindingImpl.java:94) - setHandlerChain: []
DEBUG [main] (ServiceDelegateImpl.java:427) - No port configuration for: {http:/
/org.jboss.ws/samples/wssecurity}SecureServicePort
DEBUG [main] (MessageContextAssociation.java:46) - pushMessageContext: org.jboss
.ws.core.jaxws.handler.SOAPMessageContextJAXWS@322bce (Thread main)
DEBUG [main] (EndpointInvocation.java:103) - setRequestParamValue: [name=name,va
lue=java.lang.String]
DEBUG [main] (CommonSOAPBinding.java:144) - bindRequestMessage: {http://org.jbos
s.ws/samples/wssecurity}getName
DEBUG [main] (CommonSOAPBinding.java:189) - Create RPC body element: {http://org
.jboss.ws/samples/wssecurity}getName
DEBUG [main] (EndpointInvocation.java:110) - getRequestParamValue: name
DEBUG [main] (EndpointInvocation.java:268) - transformPayloadValue: java.lang.St
ring -> java.lang.String
DEBUG [main] (HandlerChainExecutor.java:84) - Create a handler executor: []
DEBUG [main] (HandlerChainExecutor.java:84) - Create a handler executor: []
DEBUG [main] (HandlerChainExecutor.java:84) - Create a handler executor: []
DEBUG [main] (HTTPRemotingConnection.java:169) - Get locator for: [addr=http://1
27.0.0.1:8080/TestSecure/SecureService,props={javax.xml.ws.service.endpoint.addr
ess=http://127.0.0.1:8080/TestSecure/SecureService}]
DEBUG [main] (MicroRemoteClientInvoker.java:240) - org.jboss.remoting.transport.
http.HTTPClientInvoker@b51404 connecting
DEBUG [main] (MicroRemoteClientInvoker.java:245) - org.jboss.remoting.transport.
http.HTTPClientInvoker@b51404 connected
DEBUG [main] (HTTPRemotingConnection.java:213) - Remoting metadata: {HEADER={SOA
PAction="", Content-Type=text/xml; charset=UTF-8}, NoThrowOnError=true}
DEBUG [main] (HTTPClientInvoker.java:253) - Setting request header with SOAPActi
on : ""
DEBUG [main] (HTTPClientInvoker.java:253) - Setting request header with Content-
Type : text/xml; charset=UTF-8
DEBUG [main] (SOAPContentElement.java:136) - -----------------------------------

DEBUG [main] (SOAPContentElement.java:137) - Transitioning from OBJECT_VALID to
XML_VALID
DEBUG [main] (ObjectContent.java:135) - getXMLFragment from Object [xmlType={htt
p://www.w3.org/2001/XMLSchema}string,javaType=class java.lang.String]
DEBUG [main] (SimpleSerializer.java:58) - serialize: [xmlName=name,xmlType={http
://www.w3.org/2001/XMLSchema}string]
DEBUG [main] (ObjectContent.java:162) - xmlFragment: [source=Shashank</nam
e>]
DEBUG [main] (SOAPContentElement.java:143) - -----------------------------------

DEBUG [main] (SOAPMessageUnMarshallerHTTP.java:118) - getMimeHeaders from: {Conn
ection=[close], X-Powered-By=[Servlet 2.4; JBoss-4.2.1.GA (build: SVNTag=JBoss_4
_2_1_GA date=200707131605)/Tomcat-5.5], ResponseCodeMessage=Internal Server Erro
r, Date=[Tue, 12 Feb 2008 13:27:41 GMT], Content-Type=[text/xml;charset=UTF-8],
Server=[Apache-Coyote/1.1], HEADER={SOAPAction="", Content-Type=text/xml; charse
t=UTF-8}, Transfer-Encoding=[chunked], NoThrowOnError=true, ResponseCode=500}
DEBUG [main] (MessageFactoryImpl.java:205) - createMessage: [contentType=text/xm
l; charset=UTF-8]
DEBUG [main] (InvokerRegistry.java:595) - removed org.jboss.remoting.transport.h
ttp.HTTPClientInvoker@b51404 from registry
DEBUG [main] (MessageContextJAXWS.java:105) - Begin response processing
DEBUG [main] (MessageContextAssociation.java:75) - popMessageContext: org.jboss.
ws.core.jaxws.handler.SOAPMessageContextJAXWS@322bce (Thread main)
DEBUG [main] (MessageContextAssociation.java:46) - pushMessageContext: org.jboss
.ws.core.jaxws.handler.SOAPMessageContextJAXWS@7244ca (Thread main)
DEBUG [main] (CommonSOAPBinding.java:542) - unbindResponseMessage: {http://org.j
boss.ws/samples/wssecurity}getName
DEBUG [main] (HandlerChainExecutor.java:96) - close
DEBUG [main] (HandlerChainExecutor.java:96) - close
DEBUG [main] (HandlerChainExecutor.java:96) - close
DEBUG [main] (MessageContextAssociation.java:75) - popMessageContext: org.jboss.
ws.core.jaxws.handler.SOAPMessageContextJAXWS@7244ca (Thread main)
Exception in thread "main" java.lang.NoClassDefFoundError: javax/xml/soap/SOAPFa
ult
at javax.xml.ws.soap.SOAPFaultException.(SOAPFaultException.java:4
3)
at org.jboss.ws.core.jaxws.SOAPFaultHelperJAXWS.getSOAPFaultException(SO
APFaultHelperJAXWS.java:72)
at org.jboss.ws.core.jaxws.binding.SOAP11BindingJAXWS.throwFaultExceptio
n(SOAP11BindingJAXWS.java:109)
at org.jboss.ws.core.CommonSOAPBinding.unbindResponseMessage(CommonSOAPB
inding.java:579)
at org.jboss.ws.core.CommonClient.invoke(CommonClient.java:381)
at org.jboss.ws.core.jaxws.client.ClientImpl.invoke(ClientImpl.java:300)

at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:16
6)
at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:15
2)
at $Proxy8.getName(Unknown Source)
at com.test.standalone.NewClient.(NewClient.java:55)
at com.test.standalone.NewClient.main(NewClient.java:95)


Regards
Shashank

I purchased the book. I see this is a JAX-RPC kind of implementation. Mine is a JAX-WS style of web service and also I didnt get much information on how to configure a standalone client.

You can get the source code at http://members.cox.net/ocjohnsons/jbia-src.zip. Open the index.html file in the root directory for instructions. Of course, this file has only the web services source, the source for the other chapters are not included.

I have tried it with JBoss 5.0 beta3 (hey, beta4 just came out yesterday) and JBoss 4.2.2.GA. Runs as is on beta3, but on 4.2.2, after you build the example, you will have to add the following jar file to the classpath in the target/dist/client.[bat|sh] script:

jboss_home/client/jboss-ejb3x.jar

This jar contains annotations which otherwise would be missing.

On a side note, each time a new jbossas release comes out, the jboss-specific ejb3 annotations have moved, sometimes to to a new package other times to a new jar file. Half of the fun of breaking in a new jbossas release is figuring out where the annotations are hiding now. ;-)