posted 12 years ago
Hi,
This mail is to seek help from our Java community in a issue that we are currently facing with web service we have written in the application
that I am currently working on. An early response in this is highly appreciated.
I have implemented below Java client code to invoke the secure web-service(Signing and Encryption of SOAP Request). I am using the classes WSSecEncrypt & WSSecSignature for signing and encrypt the request.
I did the signing and encryption for the SOAP request, invoked the Web-service. The server side received the request and sent the encrypted response. But I am getting an error in the client side while receiving the encrypted response.
Client side :
1) sign the SOAP reuqest with client private key
2) Encrypt the request with server side public key
3) invoke the web-service ( request sent to server and server sent the response) but getting error while reading the encrypted the response.
Server side :
1) receive the request
2) decrypt the request, process the request
3) encrypth the response and send to client
I am getting the below exception exactly at below line (while getting encrypted response) and I have pasted the java client code below
SOAPEnvelope resEnvelope = call.invoke(msg);
do we have modify any parameters for the handlers WSDoAllSender or WSDoAllReceiver ?
Exception message :
AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.generalException
faultSubcode:
faultString: security processing failed (actions mismatch)
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}hostname:apsp9097
security processing failed (actions mismatch)
at org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFaultBuilder.java:222)
at org.apache.axis.message.SOAPFaultBuilder.endElement(SOAPFaultBuilder.java:129)
at org.apache.axis.encoding.DeserializationContext.endElement(DeserializationContext.java:1087)
at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.endElement(AbstractSAXParser.java:601)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanEndElement(XMLDocumentFragmentScannerImpl.java:1774)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:2930)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:648)
at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.next(XMLNSDocumentScannerImpl.java:140)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:510)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:807)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:737)
at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:107)
at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1205)
at com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:522)
at javax.xml.parsers.SAXParser.parse(SAXParser.java:395)
at org.apache.axis.encoding.DeserializationContext.parse(DeserializationContext.java:227)
at org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:696)
at org.apache.axis.Message.getSOAPEnvelope(Message.java:435)
at org.apache.axis.transport.http.HTTPSender.readFromSocket(HTTPSender.java:796)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:144)
at org.apache.axis.transport.http.HTTPSender.readFromSocket(HTTPSender.java:727)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:144)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at org.apache.axis.client.Call.invoke(Call.java:2767)
at org.apache.axis.client.Call.invoke(Call.java:1870)
at CallSecWS.main(CallSecWS.java:118)
Java Client code
=================
import java.io.ByteArrayInputStream;
import java.io.FileInputStream;
import java.io.InputStream;
import java.util.Properties;
import javax.xml.soap.MessageFactory;
import javax.xml.soap.SOAPMessage;
import org.apache.axis.Message;
import org.apache.axis.MessageContext;
import org.apache.axis.client.Call;
import org.apache.axis.client.Service;
import org.apache.axis.message.SOAPEnvelope;
import org.apache.ws.axis.security.WSDoAllReceiver;
import org.apache.ws.axis.security.WSDoAllSender;
import org.apache.ws.security.components.crypto.Crypto;
import org.apache.ws.security.components.crypto.CryptoFactory;
import org.apache.ws.security.handler.WSHandlerConstants;
import org.apache.ws.security.message.WSSecEncrypt;
import org.apache.ws.security.message.WSSecHeader;
import org.apache.ws.security.message.WSSecSignature;
import org.apache.xml.security.c14n.Canonicalizer;
import org.w3c.dom.Document;
public class CallSecWS
{
private static final String soapMsg = "<?xml version=\"1.0\" encoding=\"UTF-8\"?>" +
"<soapenv:Envelope xmlns:xsi=\"http://www.w3.org/2001/XMLSchema-instance\" x" +
" ><soapenv:Header></soapenv:Header>" +
" <soapenv:Body>" +
" </soapenv:Body>" +
"</soapenv:Envelope>";
public static void main(String[] args) throws Exception
{
try{
Properties clinetProps = new Properties();
MessageContext msgContext = null;
System.setProperty("javax.xml.soap.MessageFactory", "org.apache.axis.soap.MessageFactoryImpl");
System.setProperty("javax.net.ssl.trustStore", "C:\\sslcert.jks");
FileInputStream fis = new FileInputStream("C:\\crypto.properties");
clinetProps.load(fis);
fis.close();
Crypto ClientCrypto = CryptoFactory.getInstance(clinetProps);
//Creating Messaging Object
InputStream inStream = new ByteArrayInputStream(soapMsg.getBytes());
Message axisMsg = new Message(inStream);
axisMsg.setMessageContext(msgContext);
//creating envelople based on Message
SOAPEnvelope envelope = axisMsg.getSOAPEnvelope();
// Encrypting an signing the SOAP request
WSSecEncrypt encrypt = new WSSecEncrypt();
WSSecSignature sign = new WSSecSignature();
// Set the encryption and signging details
encrypt.setUserInfo("serverpublickey");
String strProvateKey = clinetProps.getProperty("org.apache.ws.security.crypto.merlin.keystore.alias");
String password = clinetProps.getProperty("org.apache.ws.security.crypto.merlin.keystore.password");
sign.setUserInfo(strProvateKey,password);
Document doc = envelope.getAsDocument();
WSSecHeader secHeader = new WSSecHeader();
secHeader.insertSecurityHeader(doc);
System.out.println("Before Encryption....");
Document encryptedDoc = encrypt.build(doc, ClientCrypto, secHeader);
System.out.println("After Encryption....");
Document encryptedSignedDoc = sign.build(encryptedDoc, ClientCrypto, secHeader);
Message msg = (Message) toSOAPMessage(encryptedSignedDoc);
System.out.println(msg.getSOAPPartAsString() );
// Encryption and signing done and invoking the secure web-service
String endpoint = "http://sys.ws.com/services/SecureService";
Service service = new Service();
Call call = (Call) service.createCall();
call.setTargetEndpointAddress( new java.net.URL(endpoint) );
call.setOperationStyle(org.apache.axis.constants.Style.MESSAGE);
// Sender handler
WSDoAllSender send = new WSDoAllSender();
send.setOption( WSHandlerConstants.SIG_PROP_FILE , "crypto.properties" );
send.setOption( WSHandlerConstants.SIG_KEY_ID, "DirectReference" );
send.setOption( WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT +" " + WSHandlerConstants.SIGNATURE );
send.setOption( WSHandlerConstants.USER, "PrivateKey" );
send.setOption( WSHandlerConstants.ENCRYPTION_USER, "serverpublickey");
send.setOption( WSHandlerConstants.PW_CALLBACK_CLASS,com.client.B2BCallBack.class.getName() );
// Receiver handler
WSDoAllReceiver recv = new WSDoAllReceiver();
recv.setOption( WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE+ " " + WSHandlerConstants.ENCRYPT );
recv.setOption( WSHandlerConstants.SIG_PROP_FILE, "crypto.properties" );
recv.setOption( WSHandlerConstants.SIG_KEY_ID, "DirectReference" );
recv.setOption( WSHandlerConstants.PW_CALLBACK_CLASS,com.client.B2BCallBack.class.getName() );
recv.setOption( WSHandlerConstants.ENCRYPTION_USER ,"serverpublickey");
// Setting the handlers
call.setClientHandlers(send, recv);
System.out.println("Set the all parameters");
SOAPEnvelope resEnvelope = call.invoke(msg);
System.out.println(resEnvelope.getBody().toString() );
}catch(Exception e){
e.printStackTrace();
}
}
public static SOAPMessage toSOAPMessage(Document doc) throws Exception
{
Canonicalizer c14n = Canonicalizer.getInstance(Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS);
byte[] canonicalMessage = c14n.canonicalizeSubtree(doc);
ByteArrayInputStream in = new ByteArrayInputStream(canonicalMessage);
MessageFactory factory = MessageFactory.newInstance();
return factory.createMessage(null, in);
}
}
Thanks
J Ashok