2 Replies Latest reply on Jun 16, 2010 4:49 PM by zurchman

    building a WS Client with WS-Security

    jplistero

      Hi all,

       

      I' am trying to build a web service client and sing the soap message.

      I 'am using jbossws-cxf to generate the Stubs with wsconsume tool.

       

      My first problem is to build the jboss-wsse-client.xml ...

      I have my private key, my sing cert and the CA root for the server (I havent access to the server)

       

      to build a keystore I use:

      openssl pkcs12 -export -chain -in mySing.crt -CAfile root.cer -inkey myPrivate.key -out keystore.pkcs12

      (I made a client with a soapui tool, and the keystore works fine)

       

      so ... my  jboss-wsse-client.xml:

       

      <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
      <config>
      <sign type="x509v3" alias="1" />
      <requires>
      <signature />
      </requires>
      </config>
      </jboss-ws-security>
      And in my Client, this is my code:
      System.setProperty("org.jboss.ws.wsse.keyStore","/home/jp/tmp/keystore.pkcs12");
      System.setProperty("org.jboss.ws.wsse.keyStorePassword", "12345");
      System.setProperty("org.jboss.ws.wsse.keyStoreType", "pkcs");
      SomeService service = new SomeService();
      SomePort port =  service.getPort();
      URL securityURL = new File("/home/jp/workspace1/myProject/src/META-INF/jboss-wsse-client.xml").toURL();
      ((StubExt) port).setSecurityConfig(securityURL.toExternalForm());
      ((StubExt) port).setConfigName("Standard WSSecurity Client","/home/jp/workspace1
      /myProject
      /src/META-INF/jboss-wsse-client.xml");
      also I add reference to jboss-AS-5.1/lib/endoresed and jboss-AS-5.1/client

      Someone known what is Wrong ? the jboss-wsse-client.xml ? the Client ? the references jars ?


      now I'am having this exception
      java.lang.reflect.UndeclaredThrowableException
      at $Proxy21.setConfigName(Unknown Source)
      at otroMain.Client.llamadoEstatica(Client.java:57)
      at otroMain.Client.main(Client.java:42)
      Caused by: java.lang.reflect.InvocationTargetException
      at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
      at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
      at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
      at java.lang.reflect.Method.invoke(Method.java:597)
      at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:111)
      ... 3 more
      Caused by: org.jboss.ws.WSException: Invalid config namespace: http://www.jboss.com/ws-security/config
      at org.jboss.ws.metadata.config.JBossWSConfigFactory.parse(JBossWSConfigFactory.java:94)
      at org.jboss.ws.metadata.config.JBossWSConfigFactory.getConfig(JBossWSConfigFactory.java:151)
      at org.jboss.ws.metadata.umdm.EndpointMetaData.initEndpointConfigMetaData(EndpointMetaData.java:923)
      at org.jboss.ws.metadata.umdm.EndpointMetaData.createEndpointConfigMetaData(EndpointMetaData.java:889)
      at org.jboss.ws.metadata.umdm.ClientEndpointMetaData.createEndpointConfigMetaData(ClientEndpointMetaData.java:83)
      at org.jboss.ws.metadata.umdm.FeatureAwareClientEndpointMetaDataAdapter.createEndpointConfigMetaData(FeatureAwareClientEndpointMetaDataAdapter.java:120)
      at org.jboss.ws.core.jaxws.client.ClientImpl.setConfigName(ClientImpl.java:492)

      thanks,

      jp

        • 1. Re: building a WS Client with WS-Security
          jplistero

          I change

           

           

           

           

           

          ((StubExt) port).setConfigName("Standard WSSecurity Client","/home/jp/workspace1/
          myProject
          /src/META-INF/jboss-wsse-client.xml");
          to 
          ((StubExt) port).setConfigName("Standard WSSecurity Client");
          and I build a a TrustStore with the ca root ... alias server.

          then I change
          jboss-wsse-client.xml to:
          <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config"
          <config>
          <sign type="x509v3" alias="1" />
          <encrypt type="x509v3" alias="server" />
          <requires>
          <encription/>
          <signature/>
          </requires>
          </config>
          </jboss-ws-security>
          If I sniff with a wireshark I see the response ...
          but in the code I have this exception when I invoke the method:
          javax.xml.ws.WebServiceException: org.jboss.ws.core.CommonSOAPFaultException: An internal WS-Security error occurred. See log for details
          at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.processHandlerFailure(HandlerChainExecutor.java:309)
          at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:176)
          at org.jboss.ws.core.jaxws.client.ClientImpl.callRequestHandlerChain(ClientImpl.java:181)
          at org.jboss.ws.core.CommonClient.invoke(CommonClient.java:322)
          at org.jboss.ws.core.jaxws.client.ClientImpl.invoke(ClientImpl.java:302)
          at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:181)
          at org.jboss.ws.core.jaxws.client.ClientProxy.invoke(ClientProxy.java:161)
          at $Proxy21.autorizarVentaTicket(Unknown Source)
          at otroMain.Client.llamadoEstaticoComplejo(Client.java:129)
          at otroMain.Client.main(Client.java:46)
          Caused by: org.jboss.ws.core.CommonSOAPFaultException: An internal WS-Security error occurred. See log for details
          at org.jboss.ws.extensions.security.WSSecurityDispatcher.convertToFault(WSSecurityDispatcher.java:270)
          at org.jboss.ws.extensions.security.WSSecurityDispatcher.encodeMessage(WSSecurityDispatcher.java:232)
          at org.jboss.ws.extensions.security.jaxws.WSSecurityHandler.handleOutboundSecurity(WSSecurityHandler.java:104)
          at org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerClient.handleOutbound(WSSecurityHandlerClient.java:43)
          at org.jboss.wsf.common.handler.GenericHandler.handleMessage(GenericHandler.java:53)
          at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:328)
          at org.jboss.ws.core.jaxws.handler.HandlerChainExecutor.handleMessage(HandlerChainExecutor.java:146)
          ... 8 more
          Any ideas what is happing ?

          thanks!

          • 2. Re: building a WS Client with WS-Security
            zurchman

            An internal WS-Security error occurred. See log for details.

             

            This is a "catch-all" error that is not very helpful in diagnosing security faults.  To figure out what is going on, you will need to configure client logging.

             

            Try adding this to your logging configuration file:

             

            log4j.logger.org.jboss.ws.extensions.security=TRACE