2 Replies Latest reply on Apr 1, 2008 10:06 PM by Emiliano Sacchi

    WS-Security and Dispatch

    Emiliano Sacchi Newbie

      Dear Sirs:

      We was working with JAXWS "Dispatch" to dynamically invoke a WS endpoint with WS-Security, and we had some problems that we
      couldn't solve yet. We will appreciate your help.

      When the program invokes the endpoint using the static class build with wsconsume it work properly including the security stuff but when
      we use (in the same installation and with the same ws) through Dispatch dynamically the signature is not validated.

      The current JBOSS config is Jboss 4.2.2. with jbossws-native-2.0.3.GA

      Bellow you can see the WS and client source code and the trace errors for the server and client.

      Thanks in advance and best regards

      The Web Service Code

      package pkg;
      
      import java.security.Principal;
      
      import javax.annotation.Resource;
      import javax.jws.HandlerChain;
      import javax.jws.WebMethod;
      import javax.jws.WebService;
      import javax.jws.soap.SOAPBinding;
      import javax.jws.soap.SOAPBinding.Style;
      import javax.xml.ws.WebServiceContext;
      import javax.xml.ws.handler.MessageContext;
      
      import org.jboss.ws.annotation.EndpointConfig;
      
      @WebService(name = "TestEndpoint", serviceName = "TestEndpointService",
      targetNamespace = "http://org.jboss.ws/jaxws/context")
      @SOAPBinding(style = Style.DOCUMENT)
      @EndpointConfig(configName = "Standard WSSecurity Endpoint")
      public class EndpointJSE {
      
       @Resource
       WebServiceContext wsCtx;
      
       @WebMethod
       public String hello(Person p) {
       return "Hello " + p.getFirstName() + " " + p.getLastName();
       }
      }
      
      public class Person implements Serializable {
      
       private String firstName;
       private String lastName;
      
       public String getFirstName() {
       return firstName;
       }
      
       public void setFirstName(String firstName) {
       this.firstName = firstName;
       }
      
       public String getLastName() {
       return lastName;
       }
      
       public void setLastName(String lastName) {
       this.lastName = lastName;
       }
      }
      


      The Client Code

      public class Test {
      
       public static void testWSWeb() {
       setSystemProperties();
       try {
       pruebaInicial();
       } catch (Exception ex) {
       ex.printStackTrace();
       }
       try {
       llamadoDinamico();
       } catch (Exception ex) {
       ex.printStackTrace();
       }
       }
      
       private static void pruebaInicial() {
       TestEndpointService service = new TestEndpointService();
       TestEndpoint port = service.getTestEndpointPort();
       BindingProvider provider = (BindingProvider) port;
      
       provider.getRequestContext()
       .put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY,
       "http://127.0.0.1:8888/M3_Ejemplo03_WSWeb");
      
       /*
       * Agrego handler standard para WS-Security en JBoss Alternativa
       * que le camina por arriba a los otros handlers
       */
       ((StubExt) port).setConfigName("Standard WSSecurity Client");
      
       Person p = new Person();
       p.setFirstName("Emiliano");
       p.setLastName("Sacchi");
       System.out.println(port.hello(p));
       }
      
      
       private static void llamadoDinamico() throws IOException,
       DatatypeConfigurationException {
       URL url = new URL("http://127.0.0.1:8888/M3_Ejemplo03_WSWeb?wsdl");
       URL securityURL = new File(
      
      "/home/esacchi/desarrollo/workspace/M3_Ejemplo03_WSWebClient/src/META-INF/jboss-wsse-client.xml")
       .toURL();
      
       QName serviceName = new QName("http://org.jboss.ws/jaxws/context",
       "TestEndpointService");
       Service service = Service.create(url, serviceName);
       Iterator<QName> i = service.getPorts();
      
       QName name = null;
       while (i.hasNext()) {
       name = (QName) i.next();
       System.out.println(name);
       }
      
       // service.getPort();
      
       Dispatch<Source> sourceDispatch = null;
       sourceDispatch = service.createDispatch(name, Source.class,
       Service.Mode.PAYLOAD);
      
      
       ((ConfigProvider) sourceDispatch).setSecurityConfig(securityURL
       .toExternalForm());
       ((ConfigProvider) sourceDispatch)
       .setConfigName("Standard WSSecurity Client");
      
       String request = "<ns1:hello xmlns:ns1='http://org.jboss.ws/jaxws/context'><arg0><firstName>Emiliano</firstName><lastName>Sacchi</lastName></arg0></ns1:hello>";
       System.out.println("\nInvoking xml request: " + request);
       Source result = sourceDispatch.invoke(new StreamSource(
       new StringReader(request)));
      
       System.out.println("Received xml response: " + result);
      
       Element docElement = DOMUtils.sourceToElement(result);
       Element retElement = DOMUtils.getFirstChildElement(docElement);
       String retPayload = DOMWriter.printNode(retElement, false);
       System.out.println("Received response: " + retPayload);
       }
      }
      


      Client Output

      pruebaInicial()
      01-abr-2008 16:47:43 org.apache.xml.security.signature.Reference verify
      INFO: Verification successful for URI "#element-1-1207079263166-18667724"
      01-abr-2008 16:47:43 org.apache.xml.security.signature.Reference verify
      INFO: Verification successful for URI "#timestamp"
      Hello Emiliano Sacchi
      


      llamadoDinamico()
      {http://org.jboss.ws/jaxws/context}TestEndpointPort
      
      Invoking xml request: <ns1:hello
      xmlns:ns1='http://org.jboss.ws/jaxws/context'><arg0><firstName>Emiliano</firstName><lastName>Sacchi</lastName></arg0></ns1:hello>
      javax.xml.ws.soap.SOAPFaultException:
      org.jboss.ws.core.CommonSOAPFaultException: Signature is invalid.
       at
      org.jboss.ws.core.jaxws.client.DispatchSOAPBinding.getReturnObject(DispatchSOAPBinding.java:165)
       at
      org.jboss.ws.core.jaxws.client.DispatchImpl.getReturnObject(DispatchImpl.java:447)
       at
      org.jboss.ws.core.jaxws.client.DispatchImpl.invokeInternalSOAP(DispatchImpl.java:249)
       at
      org.jboss.ws.core.jaxws.client.DispatchImpl.invokeInternal(DispatchImpl.java:168)
       at
      org.jboss.ws.core.jaxws.client.DispatchImpl.invoke(DispatchImpl.java:132)
       at test.Test.llamadoDinamico(Test.java:135)
       at test.Test.testWSWeb(Test.java:55)
       at test.Test.main(Test.java:39)


      Server Output

      pruebaInicial()
      16:47:42,826 INFO [Reference] Verification successful for URI
      "#element-1-1207079261680-33340097"
      16:47:42,827 INFO [Reference] Verification successful for URI "#timestamp"


      llamadoDinamico()
      16:47:47,267 WARN [Reference] Verification failed for URI
      "#element-4-1207079267194-23838383"
      16:47:47,268 INFO [Reference] Verification successful for URI "#timestamp"
      16:47:47,269 ERROR [WSSecurityDispatcher] Internal error occured
      handling inbound message:
      org.jboss.ws.extensions.security.exception.FailedCheckException:
      Signature is invalid.
       at
      org.jboss.ws.extensions.security.SignatureVerificationOperation.process(SignatureVerificationOperation.java:61)
       at
      org.jboss.ws.extensions.security.SecurityDecoder.decode(SecurityDecoder.java:124)
       at
      org.jboss.ws.extensions.security.SecurityDecoder.decode(SecurityDecoder.java:186)
       at
      org.jboss.ws.extensions.security.WSSecurityDispatcher.handleInbound(WSSecurityDispatcher.java:149)
       at
      org.jboss.ws.extensions.security.jaxws.WSSecurityHandler.handleInboundSecurity(WSSecurityHandler.java:78)
       at
      org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer.handleInbound(WSSecurityHandlerServer.java:41)
       at
      org.jboss.ws.core.jaxws.handler.GenericHandler.handleMessage(GenericHandler.java:55)
       at
      org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:295)
       at
      org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:140)
       at
      org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS.callRequestHandlerChain(HandlerDelegateJAXWS.java:87)
       at
      org.jboss.ws.core.server.ServiceEndpointInvoker.callRequestHandlerChain(ServiceEndpointInvoker.java:128)
       at
      org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:172)
       at
      org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:418)
       at
      org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:274)
       at
      org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:191)
       at
      org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:124)
       at
      org.jboss.wsf.stack.jbws.EndpointServlet.service(EndpointServlet.java:84)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
       at
      org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
       at
      org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
       at
      org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
       at
      org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
       at
      org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
       at
      org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
       at
      org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
       at
      org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
       at
      org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
       at
      org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
       at
      org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
       at
      org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
       at
      org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
       at
      org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
       at
      org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
       at
      org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
       at
      org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
       at java.lang.Thread.run(Thread.java:595)
      16:47:47,270 ERROR [HandlerChainExecutor] Exception during handler
      processing
      org.jboss.ws.core.CommonSOAPFaultException: Signature is invalid.
       at
      org.jboss.ws.extensions.security.WSSecurityDispatcher.convertToFault(WSSecurityDispatcher.java:107)
       at
      org.jboss.ws.extensions.security.WSSecurityDispatcher.handleInbound(WSSecurityDispatcher.java:179)
       at
      org.jboss.ws.extensions.security.jaxws.WSSecurityHandler.handleInboundSecurity(WSSecurityHandler.java:78)
       at
      org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer.handleInbound(WSSecurityHandlerServer.java:41)
       at
      org.jboss.ws.core.jaxws.handler.GenericHandler.handleMessage(GenericHandler.java:55)
       at
      org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:295)
       at
      org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:140)
       at
      org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS.callRequestHandlerChain(HandlerDelegateJAXWS.java:87)
       at
      org.jboss.ws.core.server.ServiceEndpointInvoker.callRequestHandlerChain(ServiceEndpointInvoker.java:128)
       at
      org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:172)
       at
      org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:418)
       at
      org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:274)
       at
      org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:191)
       at
      org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:124)
       at
      org.jboss.wsf.stack.jbws.EndpointServlet.service(EndpointServlet.java:84)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
       at
      org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
       at
      org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
       at
      org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
       at
      org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
       at
      org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
       at
      org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
       at
      org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
       at
      org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
       at
      org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
       at
      org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
       at
      org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
       at
      org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
       at
      org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
       at
      org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
       at
      org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
       at
      org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
       at
      org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
       at java.lang.Thread.run(Thread.java:595)
      16:47:47,446 ERROR [SOAPFaultHelperJAXWS] SOAP request exception
      javax.xml.ws.WebServiceException:
      org.jboss.ws.core.CommonSOAPFaultException: Signature is invalid.
       at
      org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.processHandlerFailure(HandlerChainExecutor.java:276)
       at
      org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:155)
       at
      org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS.callRequestHandlerChain(HandlerDelegateJAXWS.java:87)
       at
      org.jboss.ws.core.server.ServiceEndpointInvoker.callRequestHandlerChain(ServiceEndpointInvoker.java:128)
       at
      org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:172)
       at
      org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:418)
       at
      org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:274)
       at
      org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:191)
       at
      org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:124)
       at
      org.jboss.wsf.stack.jbws.EndpointServlet.service(EndpointServlet.java:84)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
       at
      org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
       at
      org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
       at
      org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
       at
      org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
       at
      org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
       at
      org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
       at
      org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
       at
      org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
       at
      org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
       at
      org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
       at
      org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
       at
      org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
       at
      org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
       at
      org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
       at
      org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
       at
      org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
       at
      org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
       at java.lang.Thread.run(Thread.java:595)
      Caused by: org.jboss.ws.core.CommonSOAPFaultException: Signature is invalid.
       at
      org.jboss.ws.extensions.security.WSSecurityDispatcher.convertToFault(WSSecurityDispatcher.java:107)
       at
      org.jboss.ws.extensions.security.WSSecurityDispatcher.handleInbound(WSSecurityDispatcher.java:179)
       at
      org.jboss.ws.extensions.security.jaxws.WSSecurityHandler.handleInboundSecurity(WSSecurityHandler.java:78)
       at
      org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer.handleInbound(WSSecurityHandlerServer.java:41)
       at
      org.jboss.ws.core.jaxws.handler.GenericHandler.handleMessage(GenericHandler.java:55)
       at
      org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:295)
       at
      org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:140)
       ... 27 more
      16:47:47,588 ERROR [SOAPFaultHelperJAXWS] SOAP request exception
      javax.xml.ws.WebServiceException:
      org.jboss.ws.core.CommonSOAPFaultException: Signature is invalid.
       at
      org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.processHandlerFailure(HandlerChainExecutor.java:276)
       at
      org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:155)
       at
      org.jboss.ws.core.jaxws.handler.HandlerDelegateJAXWS.callRequestHandlerChain(HandlerDelegateJAXWS.java:87)
       at
      org.jboss.ws.core.server.ServiceEndpointInvoker.callRequestHandlerChain(ServiceEndpointInvoker.java:128)
       at
      org.jboss.ws.core.server.ServiceEndpointInvoker.invoke(ServiceEndpointInvoker.java:172)
       at
      org.jboss.wsf.stack.jbws.RequestHandlerImpl.processRequest(RequestHandlerImpl.java:418)
       at
      org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleRequest(RequestHandlerImpl.java:274)
       at
      org.jboss.wsf.stack.jbws.RequestHandlerImpl.doPost(RequestHandlerImpl.java:191)
       at
      org.jboss.wsf.stack.jbws.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:124)
       at
      org.jboss.wsf.stack.jbws.EndpointServlet.service(EndpointServlet.java:84)
       at javax.servlet.http.HttpServlet.service(HttpServlet.java:803)
       at
      org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
       at
      org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
       at
      org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)
       at
      org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:235)
       at
      org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
       at
      org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:230)
       at
      org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
       at
      org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:179)
       at
      org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
       at
      org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
       at
      org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
       at
      org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
       at
      org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
       at
      org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
       at
      org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
       at
      org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
       at
      org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
       at java.lang.Thread.run(Thread.java:595)
      Caused by: org.jboss.ws.core.CommonSOAPFaultException: Signature is invalid.
       at
      org.jboss.ws.extensions.security.WSSecurityDispatcher.convertToFault(WSSecurityDispatcher.java:107)
       at
      org.jboss.ws.extensions.security.WSSecurityDispatcher.handleInbound(WSSecurityDispatcher.java:179)
       at
      org.jboss.ws.extensions.security.jaxws.WSSecurityHandler.handleInboundSecurity(WSSecurityHandler.java:78)
       at
      org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer.handleInbound(WSSecurityHandlerServer.java:41)
       at
      org.jboss.ws.core.jaxws.handler.GenericHandler.handleMessage(GenericHandler.java:55)
       at
      org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:295)
       at
      org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:140)
       ... 27 more