0 Replies Latest reply on Dec 24, 2010 12:41 AM by Ravi Choudhari

    WS-Security, <wsse:Security> Missing in client request

    Ravi Choudhari Newbie

      Hi,

       

      I am trying to implement a secure webservice using WS-Security in

      JBoss 5.1 following the steps in

      http://www.developer.com/java/other/article.php/38...on-Server-with-WS-Security.htm,

       

       

      On the server Side I have:

       

       

      Service:

       

       

      1. @WebService() 
      2. @MTOM 
      3. @SOAPBinding(style = SOAPBinding.Style.DOCUMENT, parameterStyle = SOAPBinding.ParameterStyle.WRAPPED) 
      4. @BindingType(value = javax.xml.ws.soap.SOAPBinding.SOAP11HTTP_BINDING) 
      5. @HandlerChain(file = "META-INF/handlers/userlogin-services-handlers-server.xml") 
      6. @Stateless 
      7. @Clustered(loadBalancePolicy = "FirstAvailable", partition = "ClusterA") 
      8. @EndpointConfig(configName = "Standard WSSecurity Endpoint", 
      9. configFile = "META-INF/standard-jaxws-endpoint-config.xml") 
      10. @WebContext(authMethod = "BASIC", secureWSDLAccess = true) 
      11. @RolesAllowed("member") 
      12. public class UsersLoginServices { 
      13.     @WebMethod(operationName = "userLogin") 
      14.     public boolean userLogin(@WebParam(name = "userName") String userName, 
      15.             @WebParam(name = "password") String password) { 
      16.  
      17.         return usersLoginServices.userLogin(userName, password); 
      18.     } 

       

       

       

       

      standard-jaxws-endpoint-config.xml

       

       

      1. <?xml version="1.0" encoding="UTF-8"?> 
      2.  
      3. <jaxws-config xmlns="urn:jboss:jaxws-config:2.0" 
      4.     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:javaee="http://java.sun.com/xml/ns/javaee
      5.     xsi:schemaLocation="urn:jboss:jaxws-config:2.0 schema/jaxws-config_2_0.xsd"> 
      6.  
      7.     <endpoint-config> 
      8.         <config-name>Standard WSSecurity Endpoint</config-name> 
      9.         <post-handler-chains> 
      10.             <javaee:handler-chain> 
      11.                 <javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings> 
      12.                 <javaee:handler> 
      13.                     <javaee:handler-name>WSSecurity Handler</javaee:handler-name> 
      14.                     <javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerServer</javaee:handler-class> 
      15.                 </javaee:handler> 
      16.             </javaee:handler-chain> 
      17.         </post-handler-chains> 
      18.     </endpoint-config> 
      19.  
      20. </jaxws-config> 

       

       

       

      jboss-wsse-server.xml

       

      1. <?xml version="1.0" encoding="UTF-8"?> 
      2. <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config
      3.     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance
      4.     xsi:schemaLocation="http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd"> 
      5.  
      6.     <key-store-file>META-INF/server.keystore</key-store-file> 
      7.     <key-store-password>mypassword</key-store-password> 
      8.     <key-store-type>jks</key-store-type> 
      9.  
      10.     <trust-store-file>META-INF/server.truststore</trust-store-file> 
      11.     <trust-store-password>mypassword</trust-store-password> 
      12.     <trust-store-type>jks</trust-store-type> 
      13.  
      14.     <key-passwords> 
      15.         <key-password alias="server" password="mypassword" /> 
      16.     </key-passwords> 
      17.  
      18.     <config> 
      19.         <timestamp ttl="300"/> 
      20.         <sign type="x509v3" alias="serverkeys" includeTimestamp="true"></sign> 
      21.         <encrypt type="x509v3" alias="clientkeys" algorithm="aes-256" 
      22.             keyWrapAlgorithm="rsa_oaep" tokenReference="keyIdentifier"></encrypt> 
      23.         <requires> 
      24.             <!--<signature></signature>--> 
      25.             <encryption></encryption> 
      26.         </requires> 
      27.     </config> 
      28. </jboss-ws-security> 

       

       

       

      I have copied jboss-wsse-server.xml,  standard-jaxws-endpoint-config.xml, server.keystore, server.truststore  to META-INF directory of the server project.

       

       

       

      And on the client side I have:

       

       

      standard-jaxws-client-config.xml

       

       

      1. <?xml version="1.0" encoding="UTF-8"?> 
      2.  
      3. <jaxws-config xmlns="urn:jboss:jaxws-config:2.0" 
      4.     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:javaee="http://java.sun.com/xml/ns/javaee
      5.     xsi:schemaLocation="urn:jboss:jaxws-config:2.0 schema/jaxws-config_2_0.xsd"> 
      6.  
      7.     <client-config> 
      8.         <config-name>Standard WSSecurity Client</config-name> 
      9.         <post-handler-chains> 
      10.             <javaee:handler-chain> 
      11.                 <javaee:protocol-bindings>##SOAP11_HTTP</javaee:protocol-bindings> 
      12.                 <javaee:handler> 
      13.                     <javaee:handler-name>WSSecurityHandlerOutbound</javaee:handler-name> 
      14.                     <javaee:handler-class>org.jboss.ws.extensions.security.jaxws.WSSecurityHandlerClient</javaee:handler-class> 
      15.                 </javaee:handler> 
      16.             </javaee:handler-chain> 
      17.         </post-handler-chains> 
      18.     </client-config> 
      19.  
      20. </jaxws-config> 

       

       

       

      jboss-wsse-client.xml

       

       

      1. <?xml version="1.0" encoding="UTF-8"?> 
      2. <jboss-ws-security xmlns="http://www.jboss.com/ws-security/config
      3.     xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance
      4.     xsi:schemaLocation="http://www.jboss.com/ws-security/schema/jboss-ws-security_1_0.xsd"> 
      5.  
      6.     <key-store-file>META-INF/client.keystore</key-store-file> 
      7.     <key-store-password>mypassword</key-store-password> 
      8.     <key-store-type>jks</key-store-type> 
      9.  
      10.     <trust-store-file>META-INF/client.truststore</trust-store-file> 
      11.     <trust-store-password>mypassword</trust-store-password> 
      12.     <trust-store-type>jks</trust-store-type> 
      13.  
      14.     <key-passwords> 
      15.         <key-password alias="clientkyes" password="mypassword" /> 
      16.     </key-passwords> 
      17.  
      18.     <config> 
      19.         <sign type="x509v3" alias="clientkyes" includeTimestamp="true"></sign> 
      20.         <encrypt type="x509v3" alias="serverkeys" algorithm="aes-256" 
      21.             keyWrapAlgorithm="rsa_oaep" tokenReference="keyIdentifier"></encrypt> 
      22.         <requires> 
      23.             <!-- <signature></signature> --> 
      24.             <encryption></encryption> 
      25.         </requires> 
      26.     </config> 
      27. </jboss-ws-security> 

       

       

       

      Client Application:

       

       

      1. @EndpointConfig(configName = "Standard WSSecurity Client") 
      2. public static void main(String[] args) throws MalformedURLException { 
      3.  
      4.     public static void main(String[] args) throws MalformedURLException { 
      5.         UsersLoginServicesService service = new UsersLoginServicesService(); 
      6.         UsersLoginServices port = service.getUsersLoginServicesPort(); 
      7.  
      8.         BindingProvider bindingProvider = (BindingProvider) port; 
      9.         Map<String, Object> requestContext = bindingProvider 
      10.                 .getRequestContext(); 
      11.  
      12.         requestContext.put(BindingProvider.USERNAME_PROPERTY, "username"); 
      13.         requestContext.put(BindingProvider.PASSWORD_PROPERTY, "password"); 
      14.  
      15.         try { 
      16.             boolean result = port.userLogin("username", "password"); 
      17.             // System.out.println(result); 
      18.             if (result) { 
      19.                 System.out.println("Logged in"); 
      20.             } else { 
      21.                 System.out.println("Not logged in"); 
      22.             } 
      23.         } catch (Exception ex) { 
      24.             System.out.println(ex.getMessage()); 
      25.         } 
      26.     } 

       

       

       

      I have copied standard-jaxws-client-config.xml,  jboss-wsse-client.xml and client.keystore, client.truststore to META-INF  directory of the client.

       

       

      But, When there is request from the client, I am getting the following Execption.

       

       

      Exception in thread "main"

      javax.xml.ws.soap.SOAPFaultException: This service requires <wsse:Security>, which is missing.

       

       

      I have checked the request SOAP message & response messages,  The client is not adding any <wsse:Security>, which is expected by  the server.