• Post Reply Bookmark Topic Watch Topic
  • New Topic

org.apache.cxf.ws.policy.PolicyException: Cannot encrypt data

 
Joseph Hwang
Greenhorn
Posts: 24
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
I use WildFly 8.0.0-alpha and make ws-security project. These are my codes.

=== IHelloWorld.java

@WebService ( targetNamespace = "http://www.aaa.com/jbossws/ws-extensions/wssecurity" )
@PolicySets({"WS-Addressing","WS-SP-EX223_WSS11_Anonymous_X509_Sign_Encrypt"})
public interface IHelloWorld {
@WebMethod
@WebResult
public String sayHello(@WebParam String name);
}

=== HelloWorld.java

@WebService(
portName = "HelloWorldServicePort",
serviceName = "HelloWorldService",
targetNamespace = "http://www.aaa.com/jbossws/ws-extensions/wssecurity",
endpointInterface = "com.aaa.ws.IHelloWorld"
)
@EndpointProperties(
value = {
@EndpointProperty(key = "ws-security.signature.properties", value = "server.properties"),
@EndpointProperty(key = "ws-security.encryption.properties", value = "server.properties"),
@EndpointProperty(key = "ws-security.signature.username", value = "server"),
@EndpointProperty(key = "ws-security.encryption.username", value = "client"),
@EndpointProperty(key = "ws-security.callback-handler", value = "com.aaa.ws.KeystorePasswordCallback")
}) // this annotation seems not to work
public class HelloWorld implements IHelloWorld {
@Override
public String sayHello(String name) {
// TODO Auto-generated method stub
return "Hello " + name;
}

}

==== KeystorePasswordCallback.java

public class KeystorePasswordCallback implements CallbackHandler {
private Map<String, String> passwords = new HashMap<String, String>();

public KeystorePasswordCallback() {
passwords.put("server", "password");
passwords.put("client", "password");
}

@Override
public void handle(Callback[] callbacks) throws IOException, UnsupportedCallbackException {
// TODO Auto-generated method stub
for (int i = 0; i < callbacks.length; i++) {
WSPasswordCallback pc = (WSPasswordCallback)callbacks[i];
String pass = passwords.get(pc.getIdentifier());
if (pass != null) {
pc.setPassword(pass);
return;
}
}
}

public void setAliasPassword(String alias, String password) {
passwords.put(alias, password);
}
}

=== server.properties
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=password
org.apache.ws.security.crypto.merlin.keystore.alias=server
org.apache.ws.security.crypto.merlin.keystore.file=META-INF/server.jks

=== client.properties
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=password
org.apache.ws.security.crypto.merlin.keystore.alias=client
org.apache.ws.security.crypto.merlin.keystore.file=META-INF/client.jks

=== client

public class WSSClient {
private final String serviceURL="http://localhost:8080/WSSHelloWorld/HelloWorld";
private IHelloWorld proxy;

public WSSClient() throws IOException {
QName serviceName = new QName("http://www.aaa.com/jbossws/ws-extensions/wssecurity", "HelloWorldService");
URL wsdlURL = new URL(serviceURL + "?wsdl");
Service service = Service.create(wsdlURL, serviceName);
proxy = (IHelloWorld)service.getPort(IHelloWorld.class);

((BindingProvider)proxy).getRequestContext().put(SecurityConstants.CALLBACK_HANDLER, new KeystorePasswordCallback());
((BindingProvider)proxy).getRequestContext().put(SecurityConstants.SIGNATURE_PROPERTIES, Thread.currentThread().getContextClassLoader().getResource("META-INF/client.properties"));
((BindingProvider)proxy).getRequestContext().put(SecurityConstants.ENCRYPT_PROPERTIES, Thread.currentThread().getContextClassLoader().getResource("META-INF/client.properties"));
((BindingProvider)proxy).getRequestContext().put(SecurityConstants.SIGNATURE_USERNAME, "client");
((BindingProvider)proxy).getRequestContext().put(SecurityConstants.ENCRYPT_USERNAME, "server");
}

public String callMethd(String name) throws IOException {
return proxy.sayHello(name); // this line throws Exception.
}
}

My browser throws the exception like below

Context Path: /WSSHelloWorld
Servlet Path: /index.jsp
Path Info: null
Query String: null

Stack Trace
org.apache.jasper.JasperException: javax.xml.ws.soap.SOAPFaultException: Cannot encrypt data
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:409)
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:321)

I think @EndpointProperties annotation of HelloWorld.java does not work.
Need your help desperately!
 
  • Post Reply Bookmark Topic Watch Topic
  • New Topic
Boost this thread!