This week's book giveaway is in the Web Services forum.
We're giving away four copies of Microservices in Action and have Morgan Bruce & Paulo A. Pereira on-line!
See this thread for details.
Win a copy of Microservices in Action this week in the Web Services forum!
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Bear Bibeault
  • Devaka Cooray
  • Liutauras Vilda
  • Jeanne Boyarsky
Sheriffs:
  • Knute Snortum
  • Junilu Lacar
  • paul wheaton
Saloon Keepers:
  • Ganesh Patekar
  • Frits Walraven
  • Tim Moores
  • Ron McLeod
  • Carey Brown
Bartenders:
  • Stephan van Hulst
  • salvin francis
  • Tim Holloway

Getting security processing failed(actionsmismatch) while invkng secure webservce(signing+encryption  RSS feed

 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi,

This mail is to seek help from our Java community in a issue that we are currently facing with web service we have written in the application
that I am currently working on. An early response in this is highly appreciated.

I have implemented below Java client code to invoke the secure web-service(Signing and Encryption of SOAP Request). I am using the classes WSSecEncrypt & WSSecSignature for signing and encrypt the request.

I did the signing and encryption for the SOAP request, invoked the Web-service. The server side received the request and sent the encrypted response. But I am getting an error in the client side while receiving the encrypted response.

Client side :
1) sign the SOAP reuqest with client private key
2) Encrypt the request with server side public key
3) invoke the web-service ( request sent to server and server sent the response) but getting error while reading the encrypted the response.

Server side :
1) receive the request
2) decrypt the request, process the request
3) encrypth the response and send to client

I am getting the below exception exactly at below line (while getting encrypted response) and I have pasted the java client code below
SOAPEnvelope resEnvelope = call.invoke(msg);

do we have modify any parameters for the handlers WSDoAllSender or WSDoAllReceiver ?

Exception message :
AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.generalException
faultSubcode:
faultString: security processing failed (actions mismatch)
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}hostname:apsp9097

security processing failed (actions mismatch)
at org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFaultBuilder.java:222)
at org.apache.axis.message.SOAPFaultBuilder.endElement(SOAPFaultBuilder.java:129)
at org.apache.axis.encoding.DeserializationContext.endElement(DeserializationContext.java:1087)
at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.endElement(AbstractSAXParser.java:601)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanEndElement(XMLDocumentFragmentScannerImpl.java:1774)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:2930)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:648)
at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.next(XMLNSDocumentScannerImpl.java:140)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:510)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:807)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:737)
at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:107)
at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1205)
at com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:522)
at javax.xml.parsers.SAXParser.parse(SAXParser.java:395)
at org.apache.axis.encoding.DeserializationContext.parse(DeserializationContext.java:227)
at org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:696)
at org.apache.axis.Message.getSOAPEnvelope(Message.java:435)
at org.apache.axis.transport.http.HTTPSender.readFromSocket(HTTPSender.java:796)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:144)
at org.apache.axis.transport.http.HTTPSender.readFromSocket(HTTPSender.java:727)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:144)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at org.apache.axis.client.Call.invoke(Call.java:2767)
at org.apache.axis.client.Call.invoke(Call.java:1870)
at CallSecWS.main(CallSecWS.java:118)


Java Client code
=================

import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.InputStream;
import java.util.Properties;
import javax.xml.soap.MessageFactory;
import javax.xml.soap.SOAPMessage;
import org.apache.axis.Message;
import org.apache.axis.MessageContext;
import org.apache.axis.client.Call;
import org.apache.axis.client.Service;
import org.apache.axis.message.SOAPEnvelope;
import org.apache.ws.axis.security.WSDoAllReceiver;
import org.apache.ws.axis.security.WSDoAllSender;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.components.crypto.CryptoFactory;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.message.WSSecEncrypt;
import org.apache.ws.security.message.WSSecHeader;
import org.apache.ws.security.message.WSSecSignature;
import org.apache.xml.security.c14n.Canonicalizer;
import org.w3c.dom.Document;


public class CallSecWS
{

private static final String soapMsg = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" +
"<soapenv:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" x" +
" ><soapenv:Header></soapenv:Header>" +
" <soapenv:Body>" +
" </soapenv:Body>" +
"</soapenv:Envelope>";

public static void main(String[] args) throws Exception
{
try{
Properties clinetProps = new Properties();
MessageContext msgContext = null;
System.setProperty("javax.xml.soap.MessageFactory", "org.apache.axis.soap.MessageFactoryImpl");
System.setProperty("javax.net.ssl.trustStore", "C:\\sslcert.jks");
FileInputStream fis = new FileInputStream("C:\\crypto.properties");
clinetProps.load(fis);
fis.close();
Crypto ClientCrypto = CryptoFactory.getInstance(clinetProps);
//Creating Messaging Object

InputStream inStream = new ByteArrayInputStream(soapMsg.getBytes());
Message axisMsg = new Message(inStream);
axisMsg.setMessageContext(msgContext);
//creating envelople based on Message
SOAPEnvelope envelope = axisMsg.getSOAPEnvelope();
// Encrypting an signing the SOAP request
WSSecEncrypt encrypt = new WSSecEncrypt();
WSSecSignature sign = new WSSecSignature();
// Set the encryption and signging details
encrypt.setUserInfo("serverpublickey");
String strProvateKey = clinetProps.getProperty("org.apache.ws.security.crypto.merlin.keystore.alias");
String password = clinetProps.getProperty("org.apache.ws.security.crypto.merlin.keystore.password");
sign.setUserInfo(strProvateKey,password);

Document doc = envelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
System.out.println("Before Encryption....");
Document encryptedDoc = encrypt.build(doc, ClientCrypto, secHeader);
System.out.println("After Encryption....");
Document encryptedSignedDoc = sign.build(encryptedDoc, ClientCrypto, secHeader);
Message msg = (Message) toSOAPMessage(encryptedSignedDoc);
System.out.println(msg.getSOAPPartAsString() );
// Encryption and signing done and invoking the secure web-service
String endpoint = "http://sys.ws.com/services/SecureService";
Service service = new Service();
Call call = (Call) service.createCall();
call.setTargetEndpointAddress( new java.net.URL(endpoint) );
call.setOperationStyle(org.apache.axis.constants.Style.MESSAGE);
// Sender handler
WSDoAllSender send = new WSDoAllSender();
send.setOption( WSHandlerConstants.SIG_PROP_FILE , "crypto.properties" );
send.setOption( WSHandlerConstants.SIG_KEY_ID, "DirectReference" );
send.setOption( WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT +" " + WSHandlerConstants.SIGNATURE );
send.setOption( WSHandlerConstants.USER, "PrivateKey" );
send.setOption( WSHandlerConstants.ENCRYPTION_USER, "serverpublickey");
send.setOption( WSHandlerConstants.PW_CALLBACK_CLASS,com.client.B2BCallBack.class.getName() );
// Receiver handler
WSDoAllReceiver recv = new WSDoAllReceiver();
recv.setOption( WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE+ " " + WSHandlerConstants.ENCRYPT );
recv.setOption( WSHandlerConstants.SIG_PROP_FILE, "crypto.properties" );
recv.setOption( WSHandlerConstants.SIG_KEY_ID, "DirectReference" );
recv.setOption( WSHandlerConstants.PW_CALLBACK_CLASS,com.client.B2BCallBack.class.getName() );
recv.setOption( WSHandlerConstants.ENCRYPTION_USER ,"serverpublickey");
// Setting the handlers
call.setClientHandlers(send, recv);
System.out.println("Set the all parameters");
SOAPEnvelope resEnvelope = call.invoke(msg);
System.out.println(resEnvelope.getBody().toString() );
}catch(Exception e){
e.printStackTrace();
}
}
public static SOAPMessage toSOAPMessage(Document doc) throws Exception
{
Canonicalizer c14n = Canonicalizer.getInstance(Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS);
byte[] canonicalMessage = c14n.canonicalizeSubtree(doc);
ByteArrayInputStream in = new ByteArrayInputStream(canonicalMessage);
MessageFactory factory = MessageFactory.newInstance();
return factory.createMessage(null, in);
}
}

Thanks
J Ashok


 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!