WSDoAllReceiver: security processing failed (actions mismatch)

Hi guys,

I've got an issue when trying to encrypt my web service... I'm gonna show you some of the related files that I think that might be causing this problem...

services.xml:

<parameter name="InflowSecurity"> <action> <items>Encrypt</items> <passwordCallbackClass>siterWS.PWCBHandler</passwordCallbackClass> <decryptionPropFile>META-INF/client.properties</decryptionPropFile> </action> </parameter> <parameter name="OutflowSecurity"> <action> <items>Encrypt</items> <encryptionUser>siterWSClient.SiterWSCallbackHandler</encryptionUser> <encryptionPropFile>META-INF/client.properties</encryptionPropFile> </action> </parameter>


client.properties:

org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin org.apache.ws.security.crypto.merlin.keystore.type=jks org.apache.ws.security.crypto.merlin.keystore.password=mypassword org.apache.ws.security.crypto.merlin.file=C:/Documents and Settings/gustavo/Meus documentos/workspace/SiterWSClient/WebContent/META-INF/server.jks

The Exception:

Exception in thread "main" org.apache.axis2.AxisFault: WSDoAllReceiver: security processing failed (actions mismatch) at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:486) at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:343) at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:389) at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:211) at org.apache.axis2.client.OperationClient.execute(OperationClient.java:163) at siterWSClient.SiterWSStub.urlValida(SiterWSStub.java:158) at siterWSClient.SecureSiterWS.main(SecureSiterWS.java:28)

Does anybody know what the problem is? I've read somewhere that people also set the axis2.xml file which is in the axis' conf directory... if so, what do I need to do with it?

Thanks in advance,

Gus.

No, you generally do not need to alter the axis2.xml file (assuming you're talking about the server-side axis2.xml file).

You will need to adapt the client-side configuration file, which sometimes is also called axis2.xml or client.axis2.xml, so that it includes a similar section about InflowSecurity and OutflowSecurity. Do you have that? If so, post it here; if not, there's your problem.

Hmmm so I guess that we figured out what my problem is... I don't have this axis2.xml file, and I'm not sure where to place it. I thought I would only need the server.xml to do the encryption. Should place this axis2.xml in META-INF directory inside my .aar file?

Many thanks,

Gus.

No. The META-INF/services.xml file is already in the .aar file, and it determines what security will be done on the *server*.

The file I'm talking about is used on the *client*. The security for both sides needs to match, or you'll get a mismatch error.

You'd use the client-side file name as value for the "axis2.xml" property that you pass to the client. (That's assuming that you're using Axis2 on the client side as well. If you're using some other client SOAP framework, then you need to consult its documentation for how to set its security options.)

Thank you so much,

I built my axis2.xml file and everything seemed to go well until I got another problem... I've been trying in any ways to make this work but seems that I'm not giving the right path of my client.properties file or something like this.

Exception in thread "main" org.apache.axis2.AxisFault: CryptoFactory: Cannot load properties: C:\Documents and Settings\gustavo\Meus documentos\workspace\SiterWSClient\WebContent\META-INF\client.properties at org.apache.rampart.handler.WSDoAllSender.processMessage(WSDoAllSender.java:67) at org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72) at org.apache.axis2.engine.Phase.invoke(Phase.java:292) at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:212) at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:377) at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:374) at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:211) at org.apache.axis2.client.OperationClient.execute(OperationClient.java:163) at siterWSClient.SiterWSStub.urlValida(SiterWSStub.java:158) at siterWSClient.SecureSiterWS.main(SecureSiterWS.java:28) Caused by: java.lang.RuntimeException: CryptoFactory: Cannot load properties: C:\Documents and Settings\gustavo\Meus documentos\workspace\SiterWSClient\WebContent\META-INF\client.properties at org.apache.ws.security.components.crypto.CryptoFactory.getProperties(CryptoFactory.java:254) at org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:171) at org.apache.ws.security.handler.WSHandler.loadEncryptionCrypto(WSHandler.java:396) at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:140) at org.apache.rampart.handler.WSDoAllSender.processBasic(WSDoAllSender.java:201) at org.apache.rampart.handler.WSDoAllSender.processMessage(WSDoAllSender.java:64) ... 9 more

and here is a snippet of my axis2.xml:

<module ref="rampart"/> <parameter name="InflowSecurity"> <action> <items>Encrypt</items> <passwordCallbackClass>siterWSClient.SiterWSCallbackHandler</passwordCallbackClass> <decryptionPropFile>C:\Documents and Settings\gustavo\Meus documentos\workspace\SiterWSClient\WebContent\META-INF\client.properties</decryptionPropFile> </action> </parameter> <parameter name="OutflowSecurity"> <action> <items>Encrypt</items> <encryptionUser>siterWSClient.SiterWSCallbackHandler</encryptionUser> <encryptionPropFile>C:\Documents and Settings\gustavo\Meus documentos\workspace\SiterWSClient\WebContent\META-INF\client.properties</encryptionPropFile> </action> </parameter>

this is my main method:

public static void main(String[] args) throws Exception { System.setProperty("javax.net.ssl.trustStore", "C:\\Documents and Settings\\gustavo\\Meus documentos\\workspace\\SiterWSClient\\WebContent\\META-INF\\server.jks"); System.setProperty("javax.net.ssl.trustStorePassword", "mypassword"); //To be able to load the client configuration from axis2.xml ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem("C:\\Documents and Settings\\gustavo\\Meus documentos\\workspace\\SiterWSClient\\client-repo", "C:\\Documents and Settings\\gustavo\\Meus documentos\\workspace\\SiterWSClient\\WebContent\\META-INF\\axis2.xml"); SiterWSStub stub = new SiterWSStub(ctx,"http://localhost:8080/axis2/services/SiterWS"); ServiceClient sc = stub._getServiceClient(); sc.engageModule("rampart"); Options options = sc.getOptions(); options.setUserName("siteruser"); options.setPassword("mypassword"); String result = stub.urlValida("test.com"); System.out.println(result); }