1 Reply Latest reply: Jan 30, 2012 5:33 AM by tee tee RSS

    WSS4JInInterceptor General security error (WSSecurityEngine: Callback supplied no password for: null)

    tee tee Newbie

      I am using Jboss CXF to develop ws-security . I using jboss-6.0.0.Final and  jbossws-cxf-3.4.1 . I got the following error after i add ws-security to my web application . Please help. Thanks

       

       

       

      18:00:30,277 WARN  [org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor] : org.apache.ws.security.WSSecurityException: General security error (WSSecurityEngine: Callback supplied no password for: null)

          at org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:348) [:1.5.10]

          at org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:117) [:1.5.10]

          at org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:93) [:1.5.10]

          at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:328) [:1.5.10]

          at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:245) [:1.5.10]

          at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:215) [:2.3.1]

          at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:81) [:2.3.1]

          at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:255) [:2.3.1]

          at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:113) [:2.3.1]

          at org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestination.java:97) [:2.3.1]

          at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:461) [:2.3.1]

          at org.jboss.wsf.stack.cxf.ServletControllerExt.invoke(ServletControllerExt.java:172) [:3.4.1.GA]

          at org.jboss.wsf.stack.cxf.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:57) [:3.4.1.GA]

          at org.jboss.wsf.stack.cxf.transport.ServletHelper.callRequestHandler(ServletHelper.java:156) [:3.4.1.GA]

          at org.jboss.wsf.stack.cxf.CXFServletExt.invoke(CXFServletExt.java:90) [:3.4.1.GA]

          at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:179) [:2.3.1]

          at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:103) [:2.3.1]

          at javax.servlet.http.HttpServlet.service(HttpServlet.java:754) [:1.0.0.Final]

          at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:159) [:2.3.1]

          at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:324) [:6.0.0.Final]

          at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242) [:6.0.0.Final]

          at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [:6.0.0.Final]

          at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) [:6.0.0.Final]

          at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:181) [:6.0.0.Final]

          at org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.event(CatalinaContext.java:285) [:1.1.0.Final]

          at org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.invoke(CatalinaContext.java:261) [:1.1.0.Final]

          at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:88) [:6.0.0.Final]

          at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:100) [:6.0.0.Final]

          at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) [:6.0.0.Final]

          at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [:6.0.0.Final]

          at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) [:6.0.0.Final]

          at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [:6.0.0.Final]

          at org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.invoke(ActiveRequestResponseCacheValve.java:53) [:6.0.0.Final]

          at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362) [:6.0.0.Final]

          at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [:6.0.0.Final]

          at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:654) [:6.0.0.Final]

          at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:951) [:6.0.0.Final]

          at java.lang.Thread.run(Unknown Source) [:1.7.0]

       

      18:00:30,279 WARN  [org.apache.cxf.phase.PhaseInterceptorChain] Interceptor for {http://sample.com/}MathWS has thrown exception, unwinding now: org.apache.cxf.binding.soap.SoapFault: General security error (WSSecurityEngine: Callback supplied no password for: null)

          at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:656) [:2.3.1]

          at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:275) [:2.3.1]

          at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:81) [:2.3.1]

          at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:255) [:2.3.1]

          at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:113) [:2.3.1]

          at org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestination.java:97) [:2.3.1]

          at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:461) [:2.3.1]

          at org.jboss.wsf.stack.cxf.ServletControllerExt.invoke(ServletControllerExt.java:172) [:3.4.1.GA]

        • 1. Re: WSS4JInInterceptor General security error (WSSecurityEngine: Callback supplied no password for: null)
          tee tee Newbie

          This is all the related config and xml . Thanks

           

          web.xml

           

          <?xml version="1.0" encoding="UTF-8"?>

          <web-app

          version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"

          xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

          xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">

          <servlet>

            <servlet-name>MathWS</servlet-name>

            <servlet-class>com.sample.MathWS</servlet-class>

          </servlet>

          <servlet-mapping>

             <servlet-name>MathWS</servlet-name>

             <url-pattern>/*</url-pattern>

          </servlet-mapping>

          </web-app>

           

          jbossws-cxf.xml

           

          <beans

            xmlns='http://www.springframework.org/schema/beans'

            xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'

            xmlns:beans='http://www.springframework.org/schema/beans'

            xmlns:jaxws='http://cxf.apache.org/jaxws'

            xsi:schemaLocation='http://www.springframework.org/schema/beans

            http://www.springframework.org/schema/beans/spring-beans.xsd

            http://cxf.apache.org/jaxws

            http://cxf.apache.org/schemas/jaxws.xsd'>

           

            <jaxws:endpoint id="MathWS" address="http://localhost:8080/Samplews"

          implementor="com.sample.MathWS">

          <jaxws:invoker>

          <bean class="org.jboss.wsf.stack.cxf.InvokerJSE"/>

          </jaxws:invoker>

                <jaxws:outInterceptors>

                         <bean class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor"/>

                       <ref bean="TimestampSignEncrypt_Response"/>

                   </jaxws:outInterceptors>

                   <jaxws:inInterceptors>

                       <ref bean="TimestampSignEncrypt_Request"/>

                       <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>

                   </jaxws:inInterceptors>

          </jaxws:endpoint>

           

           

              <bean

                  id="TimestampSignEncrypt_Request"

                  class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"

                  >

                  <constructor-arg>

                      <map>

                          <entry key="action" value="Timestamp Signature Encrypt"/>

                          <entry key="signaturePropFile" value="serviceKeystore.properties"/>

                          <entry key="decryptionPropFile" value="serviceKeystore.properties"/>

                          <entry key="passwordCallbackClass" value="com.sample.ServiceKeystorePasswordCallback"/>

                      </map>

                  </constructor-arg>

              </bean>

             

              <bean

                  id="TimestampSignEncrypt_Response"

                  class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"

                  >

                  <constructor-arg>

                      <map>

                          <entry key="action" value="Timestamp Signature Encrypt"/>

                          <entry key="user" value="myservicekey"/>

                          <entry key="signaturePropFile" value="serviceKeystore.properties"/>

                          <entry key="encryptionPropFile" value="serviceKeystore.properties"/>

                          <entry key="encryptionUser" value="myclientkey"/>

                          <entry key="signatureKeyIdentifier" value="DirectReference"/>

                          <entry key="passwordCallbackClass" value="com.sample.ServiceKeystorePasswordCallback"/>

                          <entry key="signatureParts" value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>

                             <entry key="encryptionParts" value="{Element}{http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>

                          <entry key="encryptionKeyTransportAlgorithm" value="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>

                             <entry key="encryptionSymAlgorithm" value="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>

                      </map>

                  </constructor-arg>

              </bean>  

           

          </beans>

           

          serviceKeystore.properties

           

          org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin

          org.apache.ws.security.crypto.merlin.keystore.file=serviceKeystore.jks

          org.apache.ws.security.crypto.merlin.keystore.password=sspass

          org.apache.ws.security.crypto.merlin.keystore.type=jks

          org.apache.ws.security.crypto.merlin.keystore.alias=myservicekey

           

          Client.xml

           

          <beans xmlns="http://www.springframework.org/schema/beans"

                 xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

                 xmlns:jaxws="http://cxf.apache.org/jaxws"

                xmlns:http="http://cxf.apache.org/transports/http/configuration"

                 xsi:schemaLocation="http://www.springframework.org/schema/beans

                    http://www.springframework.org/schema/beans/spring-beans.xsd

                    http://cxf.apache.org/jaxws

                    http://cxf.apache.org/schemas/jaxws.xsd">

           

              <bean id="client" class="com.sample.Math"

                factory-bean="clientFactory" factory-method="create"/>

             

              <bean id="clientFactory" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean">

                <property name="serviceClass" value="com.sample.Math"/>

                <property name="address" value="http://127.0.0.1:8080/Samplews/MathWS"/>

                    <property name="inInterceptors">

                   <list>

                      <ref bean="TimestampSignEncrypt_Response"/>

                   </list>

                 </property>

                 <property name="outInterceptors">

                   <list>

                      <ref bean="TimestampSignEncrypt_Request"/>

                   </list>

                 </property>

              </bean>

             

              <bean

                  class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"

                  id="TimestampSignEncrypt_Request">

                  <constructor-arg>

                      <map>

                          <entry key="action" value="Timestamp Signature Encrypt"/>

                          <entry key="user" value="myclientkey"/>

                          <entry key="signaturePropFile" value="clientKeystore.properties"/>

                          <entry key="encryptionPropFile" value="clientKeystore.properties"/>

                          <entry key="encryptionUser" value="myservicekey"/>

                          <entry key="passwordCallbackClass" value="ClientKeystorePasswordCallback"/>

                          <entry key="signatureParts" value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>

                          <entry key="encryptionParts" value="{Element}{http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>

                          <entry key="encryptionSymAlgorithm" value="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>

                      </map>

                  </constructor-arg>

              </bean>

             

              <bean

                  class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"

                  id="TimestampSignEncrypt_Response">

                  <constructor-arg>

                      <map>

                          <entry key="action" value="Timestamp Signature Encrypt"/>

                          <entry key="signaturePropFile" value="clientKeystore.properties"/>

                          <entry key="decryptionPropFile" value="clientKeystore.properties"/>

                          <entry key="passwordCallbackClass" value="ClientKeystorePasswordCallback"/>

                      </map>

                  </constructor-arg>

              </bean>

               

          </beans>

           

           

          clientKeystore.properties

           

          org.apache.ws.security.crypto.merlin.keystore.file=clientKeystore.jks

          org.apache.ws.security.crypto.merlin.keystore.password=cspass

          org.apache.ws.security.crypto.merlin.keystore.type=jks

          org.apache.ws.security.crypto.merlin.keystore.alias=myclientkey