JAX-WS Axis2 Rampart

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

JAX-WS Axis2 Rampart

megadeth
Hi,

I renamed rampart.mar to rampart.jar and put it into classpath of java project (also addressing and rahas mars).
This java project is client of my jax-ws web service. I use it for signing messages.

In client I put this:

String axis2xml = "C:/.../conf/client.axis2.xml";
System.setProperty(Constants.AXIS2_CONF, axis2xml);
FileSystemConfigurator configurator = new FileSystemConfigurator(null, axis2xml);
ClientConfigurationFactory factory = new ClientConfigurationFactory(configurator);
MetadataFactoryRegistry.setFactory(ClientConfigurationFactory.class, factory);

JaxwsLibrary service = new JaxwsLibrary();
ESomePortType stub = service.getLibrary();

BindingProvider provider = (BindingProvider)stub;

Policy policy = loadPolicy("sign-policy-client.xml");
provider.getRequestContext().put(RampartMessageData.KEY_RAMPART_POLICY, policy);

provider.getRequestContext().put(BindingProvider.ENDPOINT_ADDRESS_PROPERTY,
"<a href="http://localhost:8080........../MyWebService">http://localhost:8080........../MyWebService");

I realized that I MUST set factory BEFORE creating service object. If you do not, then Axis will not be configured properly.
As you can see, my entire policy is in separate xml. I also put this policy into wsdl, but I am not sure if this one (from wsdl) is used anywhere.

Then I generate service jar:
<jar jarfile="${service-archive-name}.jar"> 
<fileset dir="${compiled-code}"/> 
</jar> 

"compiled-code" is directory where resides classes generated by wsimport.
Then I put this into axis2.xml on the service side (I am not sure this is correct):

<parameter name="OutflowSecurity"> 
<action> 
<items>Signature</items> 
<user>serveralias</user> 
<passwordCallbackClass>hr.bla.bla.PWServiceHandler</passwordCallbackClass> 
<signaturePropFile>crypto.properties</signaturePropFile> 
</action> 
</parameter> 

<parameter name="InflowSecurity"> 
<action> 
<items>Signature</items> 
<passwordCallbackClass>hr.bla.bla.PWServiceHandler</passwordCallbackClass> 
<signaturePropFile>crypto.properties</signaturePropFile> 
</action> 
</parameter> 

 
Also, I put crypto.properties, My.jks and handler class into MyUtil.jar.
Then MyUtil.jar is added to /WEB-INF/lib.

When I start all this (WebSphere 6.1, Rational Software Developer with TCP/IP monitoring, Axis 1.6.0 and Rampart 1.6.0; axis and rampart versions MUST be the same) client sends signed message to web service. From the web service side this message is validated, but when server sends acknowledgement message something goes wrong.
I can see from debugger that password handler (on service side) do his job, but after that I see this (without security everything works ok):

[2012.06.18 10:08:52:000 CEST] 0000001f ServletWrappe E SRVE0068E: Uncaught exception thrown in one of the service methods of the servlet: AxisServlet. Exception thrown : java.lang.NullPointerException
at org.apache.rampart.builder.BindingBuilder.getSignatureBuilder(BindingBuilder.java:281)
at org.apache.rampart.builder.BindingBuilder.getSignatureBuilder(BindingBuilder.java:255)
at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:717)
at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:414)
at org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricBindingBuilder.java:90)
at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:147)
at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:65)
at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:262)
at org.apache.axis2.engine.AxisEngine.sendFault(AxisEngine.java:516)
at org.apache.axis2.transport.http.AxisServlet.handleFault(AxisServlet.java:433)
at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:216)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.service(ServletWrapper.java:989)
at com.ibm.ws.webcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:501)
at com.ibm.ws.wswebcontainer.servlet.ServletWrapper.handleRequest(ServletWrapper.java:464)
at com.ibm.ws.webcontainer.servlet.CacheServletWrapper.handleRequest(CacheServletWrapper.java:90)
at com.ibm.ws.webcontainer.WebContainer.handleRequest(WebContainer.java:744)
at com.ibm.ws.wswebcontainer.WebContainer.handleRequest(WebContainer.java:1455)
at com.ibm.ws.webcontainer.channel.WCChannelLink.ready(WCChannelLink.java:113)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleDiscrimination(HttpInboundLink.java:454)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.handleNewInformation(HttpInboundLink.java:383)
at com.ibm.ws.http.channel.inbound.impl.HttpInboundLink.ready(HttpInboundLink.java:279)
at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.sendToDiscriminators(NewConnectionInitialReadCallback.java:214)
at com.ibm.ws.tcp.channel.impl.NewConnectionInitialReadCallback.complete(NewConnectionInitialReadCallback.java:113)
at com.ibm.ws.tcp.channel.impl.AioReadCompletionListener.futureCompleted(AioReadCompletionListener.java:165)
at com.ibm.io.async.AbstractAsyncFuture.invokeCallback(AbstractAsyncFuture.java:217)
at com.ibm.io.async.AsyncChannelFuture.fireCompletionActions(AsyncChannelFuture.java:161)
at com.ibm.io.async.AsyncFuture.completed(AsyncFuture.java:136)
at com.ibm.io.async.ResultHandler.complete(ResultHandler.java:195)
at com.ibm.io.async.ResultHandler.runEventProcessingLoop(ResultHandler.java:743)
at com.ibm.io.async.ResultHandler$2.run(ResultHandler.java:873)
at com.ibm.ws.util.ThreadPool$Worker.run(ThreadPool.java:1469)

I realize that above exception is because I forgot to load policy for service.

Using this:
 https://issues.apache.org/jira/browse/AXIS2-4611?p...em.issuetabpanels:all-tabpanel 

I tried to create aar and put policy in service.xml.
But for that I need axis2 1.7 and rampart 1.7. (The same thing is with 1.6.0 versions).

After that I get:
<?xml version='1.0' encoding='UTF-8'?><soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing"><wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" soapenv:mustUnderstand="1"><wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Timestamp-1"><wsu:Created>2012-06-18T14:45:29.000Z</wsu:Created><wsu:Expires>2012-06-18T14:50:29.000Z</wsu:Expires></wsu:Timestamp><wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="CertId-CFAD48F0CEE02316E613400307290001">MIICKzCCAZSgAwIBAgIET9nnZDANBgkqhkiG9w0BAQQFADBaMQswCQYDVQQGEwJIUjENMAsGA1UEChMERmluYTETMBEGA1UECxMKUHJvZ3JhbWVyaTEnMCUGA1UEAxMeZHRvbWxqZW5vdmljMS5pbnRyYW5ldC5maW5hLmhyMB4XDTEyMDYxNDEzMzAxMloXDTEzMDYxNDEzMzAxMlowWjELMAkGA1UEBhMCSFIxDTALBgNVBAoTBEZpbmExEzARBgNVBAsTClByb2dyYW1lcmkxJzAlBgNVBAMTHmR0b21samVub3ZpYzEuaW50cmFuZXQuZmluYS5ocjCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEAu/FWX1RIOSHaVSMHMU/debHywi5PMkKXQISeWljpZ/by4T/HEQGFB9muJDnOTdHJ8ELF0s+r1RUAF/+mG5sD3UpUZeAmyP+haSQh5weD7Aj/OUf3g8S6/Ftk5OkS4XOaVWqJwhpkTrLa9Lgk2fQLpOW2Zsk0z62Cb87/VsYy42ECAwEAATANBgkqhkiG9w0BAQQFAAOBgQAJ0+fNH8o3BPV9JgQrjdJbeObRccNT7fIR3YtMgtm/Xp6/hqMAbS/qBkNsPx4VJImc8xjXnWdDr6I0+nsxTtCmw5FIPKKkYaYWxo3r/LZy6eZwcSfAzxWGVv4S4b8lIkZqLn2iBBKNEwDPr5dDtCMj5+SfvDmRo1Kp096K7iEqHw==</wsse:BinarySecurityToken><ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#" Id="Signature-2"> 
<ds:SignedInfo> 
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> 
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1" /> 
<ds:Reference URI="#Id-806760470"> 
<ds:Transforms> 
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> 
</ds:Transforms> 
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> 
<dsigestValue>PZ7Tv3Iei2t9trchNcReIWIPqdg=</dsigestValue> 
</ds:Reference> 
<ds:Reference URI="#Timestamp-1"> 
<ds:Transforms> 
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#" /> 
</ds:Transforms> 
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1" /> 
<dsigestValue>dW1lWCZA1zJ+aKHv7k6oIE7VcDE=</dsigestValue> 
</ds:Reference> 
</ds:SignedInfo> 
<ds:SignatureValue> 
Vw2alx+bvcoUqhtYKeYfNm4LEi6P1PBqJs2vDu9mzN4VghsLiYXQsADaK2S+izxNLIy+FwVuXn/z
DI7tyPqZtZW6GXUGfl8fSJvDbxtcX7SWu8mQwzQGuK9gBQRLMkqEvB3Gh/YuNpD8htiU1jFM4jBw
yhgIQco07s1R5B+yK5U=
</ds:SignatureValue> 
<ds:KeyInfo Id="KeyId-CFAD48F0CEE02316E613400307290002"> 
<wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="STRId-CFAD48F0CEE02316E613400307290003"><wsse:Reference URI="#CertId-CFAD48F0CEE02316E613400307290001" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" /></wsse:SecurityTokenReference> 
</ds:KeyInfo> 
</ds:Signature></wsse:Security><wsa:Action>http://www.w3.org/2005/08/addressing/soap/fault</wsa:Action><wsa:RelatesTo>urn:uuid:4a9625ed-87b6-4238-8fc8-2589f578edd9</wsa:RelatesTo></soapenv:Header><soapenv:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id-806760470"><soapenv:Fault><faultcode>soapenv:Server</faultcode><faultstring>java.lang.RuntimeException: The service class cannot be found for this  AxisService.</faultstring><detail /></soapenv:Fault></soapenv:Body></soapenv:Envelope> 

I suppose that rampart now runs but without Axis doing web service method call.

Probably Axis can't find service class. Also debugger won't debug this class in Eclipse.

Do I need to comment some of this features in axis2.xml ?
   
    <deployer extension=".class" directory="pojo" class="org.apache.axis2.deployment.POJODeployer"/>
    <deployer extension=".jar" directory="servicejars"
              class="org.apache.axis2.jaxws.framework.JAXWSDeployer"/>
    <deployer extension=".jar" directory="transports"
              class="org.apache.axis2.deployment.TransportDeployer"/>


If I put service jar into "servicejars" directory then I have to configure security from axis2.xml as I tried but without success.

Please, help me.

Thanks.
 
Loading...