2 Replies Latest reply on Dec 16, 2010 3:50 AM by Alessio Soldano

    Problem encrypting or signing WS-Security header elements

    Tray Scates Newbie

      Version:

      We are using jbossws-native-3.2.2

       

       

      Scenario:

      Web service requires an encrypted Username/password text token (Security element in SOAP Header).

       

      Issue:

      We can successfully encrypt and sign SOAP Body and SOAP Body elements but when we try to encrypt or sign a SOAP Header element (or content of an element) we get the following exception:

       

      {code}

           [java] Exception in thread "main" javax.xml.ws.WebServiceException: java.lang.RuntimeException: Could not find element

           [java]               at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.processHandlerFailure(HandlerChainExecutor.java:286)

           [java]               at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:157)

           [java]               at org.jboss.ws.core.jaxws.client.ClientImpl.callRequestHandlerChain(ClientImpl.java:177)

           [java]               at org.jboss.ws.core.CommonClient.invoke(CommonClient.java:298)

           [java]               at org.jboss.ws.core.jaxws.client.ClientImpl.invoke(ClientImpl.java:290)

           [java]               at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:170)

           [java]               at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:150)

           [java]               at $Proxy12.echoUserType(Unknown Source)

           [java]               at org.jboss.test.ws.jaxws.samples.wssecurity.client.WSSClient.main(WSSClient.java:56)

           [java] Caused by: java.lang.RuntimeException: Could not find element

           [java]               at org.jboss.ws.extensions.security.operation.EncryptionOperation.processTarget(EncryptionOperation.java:108)

           [java]               at org.jboss.ws.extensions.security.operation.EncryptionOperation.process(EncryptionOperation.java:172)

           [java]               at org.jboss.ws.extensions.security.SecurityEncoder.encode(SecurityEncoder.java:72)

           [java]               at org.jboss.ws.extensions.security.WSSecurityDispatcher.encodeMessage(WSSecurityDispatcher.java:217)

           [java]               at org.jboss.ws.extensions.security.jaxws.WSSecurityHandler.handleOutboundSecurity(WSSecurityHandler.java:104)

           [java]               at org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerClient.handleOutbound(WSSecurityHandlerClient.java:43)

           [java]               at org.jboss.wsf.common.handler.GenericHandler.handleMessage(GenericHandler.java:53)

           [java]               at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:305)

           [java]               at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:142)

           [java]               ... 7 more

      {code}

       

       

      Solution we tried:

      This is the xml that is in jboss-wsse-client.xml.

      {code:xml}

      <?xml version="1.0" encoding="UTF-8"?>

       

      <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"                xsi:schemaLocation="http://www.jboss.com/ws-security/config http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd">


          <config>


              <username/>


              <encrypt type="x509v3" alias="wsse">


               <targets>


                 <target type="qname" contentOnly="true">{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd/}UsernameToken</target>


                 <target type="qname" contentOnly="true">{http://schemas.xmlsoap.org/soap/envelope/}Body</target>


               </targets>


              </encrypt>


              <sign type="x509v3" alias="wsse"/>


              <requires>


                  <encryption/>


                  <signature/>


              </requires>


          </config>


      </jboss-ws-security>

      {code}

       

       

      Message:

      This is the message that we want to encrypt.

       

      {code:xml}

      <env:Envelope xmlns:env='http://schemas.xmlsoap.org/soap/envelope/'>

      <env:Header>
        <wsse:Security env:mustUnderstand='1'xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'>

         <wsse:UsernameToken wsu:Id='token-1-1266272328381-32739270'>

          <wsse:Username>test</wsse:Username>

          <wsse:Password Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText'>password</wsse:Password>

         </wsse:UsernameToken>

       

        </wsse:Security>

      </env:Header>

      <env:Body>

        <ns1:echoUserType xmlns:ns1='http://org.jboss.ws/samples/wssecurity'>

          <user><msg>Request message sent at Mon Feb 15 17:18:47 EST 2010</msg></user>
        </ns1:echoUserType>
      </env:Body>
      </env:Envelope>

      {code}