Re: CXF-Metro WS-SecureConversation interop issue (CXF client to Metro service)

  • From: Cyril <darthvader7777@...>
  • To: users@...
  • Subject: Re: CXF-Metro WS-SecureConversation interop issue (CXF client to Metro service)
  • Date: Thu, 23 Jan 2014 01:19:58 +0100

Problem solved on CXF side:
https://issues.apache.org/jira/browse/CXF-5497


On Tue, Jan 7, 2014 at 5:13 PM, Cyril <darthvader7777@...> wrote:

> Hello,
> I added HTTP message dumping to the metro debug logs in attachment, to
> make troubleshooting easier. I have also changed Basic256 assertions to
> Basic128 in the WSDL (and CXF upgraded to 2.7.8). Same error.
>
> I hope it helps.
>
> Regards,
> Cyril
>
>
> On Thu, Dec 19, 2013 at 2:56 AM, Cyril Dangerville <
> darthvader7777@...> wrote:
>
>> I forgot to mention I am using Metro 2.2.1 (and CXF 2.7.6).
>>
>>
>> On Thu, Dec 19, 2013 at 2:53 AM, Cyril Dangerville <
>> darthvader7777@...> wrote:
>>
>>> Hello,
>>> After running the Metro WS-SecureConversation sample (in samples/wssc
>>> folder) successfully, I tried to replace the Metro client with a CXF
>>> client, and got the error down below on the service side.I have attached
>>> the debug logs from Metro with the requests/responses. I have also 
>>> attached
>>> the service war deployed in Tomcat (generated/deployed from the sample's
>>> ant task) for convenience. I can also send the CXF client part (maven
>>> project) if necessary.
>>> The issue is apparently related to the verification of the signature on
>>> the timestamp, but I would need some help finding the root cause. Has
>>> anybody tried this use case before?
>>>
>>> Thanks for your help.
>>>
>>> Regards,
>>> Cyril
>>>
>>> --EXCEPTION ON METRO SERVICE--
>>> Using configured PlainTextPasswordValidator................
>>> context.isExpired >>> false
>>> Dec 19, 2013 2:24:47 AM
>>> com.sun.xml.ws.security.opt.impl.incoming.Signature process
>>> SEVERE: WSS1710: Signature Verification for Signature with ID SIG-4
>>> failed
>>> Dec 19, 2013 2:24:47 AM com.sun.xml.wss.jaxws.impl.SecurityServerTube
>>> processRequest
>>> SEVERE: WSSTUBE0025: Error in Verifying Security in the Inbound Message.
>>> com.sun.xml.wss.impl.WssSoapFaultException: Invalid Security Header
>>>         at
>>> com.sun.xml.ws.security.opt.impl.util.SOAPUtil.newSOAPFaultException(SOAPUtil.java:159)
>>>         at
>>> com.sun.xml.ws.security.opt.impl.incoming.Signature.process(Signature.java:351)
>>>         at
>>> com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.handleSecurityHeader(Security
>>>         at
>>> com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.cacheHeaders(SecurityRecipien
>>>         at
>>> com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.validateMessage(SecurityRecip
>>>         at
>>> com.sun.xml.wss.jaxws.impl.SecurityTubeBase.verifyInboundMessage(SecurityTubeBase.java:45
>>>         at
>>> com.sun.xml.wss.jaxws.impl.SecurityServerTube.processRequest(SecurityServerTube.java:295)
>>>         at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:1063)
>>>         at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:979)
>>>         at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:950)
>>>         at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:825)
>>>         at
>>> com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:380)
>>>         at
>>> com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:651)
>>>         at
>>> com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:264)
>>>         at
>>> com.sun.xml.ws.transport.http.servlet.ServletAdapter.invokeAsync(ServletAdapter.java:218)
>>>         at
>>> com.sun.xml.ws.transport.http.servlet.WSServletDelegate.doGet(WSServletDelegate.java:159)
>>>         at
>>> com.sun.xml.ws.transport.http.servlet.WSServletDelegate.doPost(WSServletDelegate.java:194
>>>         at
>>> com.sun.xml.ws.transport.http.servlet.WSServlet.doPost(WSServlet.java:80)
>>>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:641)
>>>         at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
>>>         at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.j
>>>         at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
>>>         at
>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:225)
>>>         at
>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169)
>>>         at
>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
>>>         at
>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
>>>         at
>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
>>>         at
>>> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927)
>>>         at
>>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
>>>         at
>>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
>>>         at
>>> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:999
>>>         at
>>> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.jav
>>>         at
>>> org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:307)
>>>         at
>>> java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1110)
>>>         at
>>> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:603)
>>>         at java.lang.Thread.run(Thread.java:722)
>>>
>>
>>
>


Re: CXF-Metro WS-SecureConversation interop issue (CXF client to Metro service)

Cyril 01/07/2014

Re: CXF-Metro WS-SecureConversation interop issue (CXF client to Metro service)

Cyril 01/23/2014
Terms of Use; Privacy Policy; Copyright ©2013-2016 (revision 20160708.bf2ac18)
 
 
Close
loading
Please Confirm
Close