ws-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: Help Required - Adding wsu:Id in <ds:Signature>
Date Fri, 20 Apr 2012 08:36:25 GMT
I'm pretty sure the problem has nothing to do with the wsu:Id
attribute on the Signature Element. The problem is a NPE when
searching for the Element that has the wsu:Id Reference that the
Signature contains. The best strategy is to try upgrading to a later
version of WSS4J. Failing that if you can create a test-case that
reproduces the problem I'll take a look.

Colm.

On Thu, Apr 19, 2012 at 4:13 PM, Rameshwer Jangra <rjangra@yahoo.com> wrote:
> Colm,
> Service provider is a third party vendor and the same service is shared by
> many other clients. Not sure if it will be feasible to upgrade the version
> on Service provider side. Though I can try to convince the provider if we
> know how upgrading will fix the issue.
>
> Found the following comment in 1.5.1 version of
> SinatureProcessor.verifyXmlSignature(). Not sure if this refer to the same
> wsu:Id tag that is resulting in throwing an exception on the server side. If
> this is the same attribute, then how should I send the request differently
> so that this tag gets added while processing the request?
> ---------------------------------------------
> * @param returnElements verifyXMLSignature adds the wsu:ID attribute values
> for
>      *     the signed elements to this Set
> ------------------------------------------------
>
> Thanks,
> Rameshwer Jangra
> ________________________________
> From: Colm O hEigeartaigh <coheigea@apache.org>
> To: Rameshwer Jangra <rjangra@yahoo.com>
> Cc: "dev@ws.apache.org" <dev@ws.apache.org>
> Sent: Thursday, April 19, 2012 10:00 AM
>
> Subject: Re: Help Required - Adding wsu:Id in <ds:Signature>
>
> I've no idea what's going on there - 1.5.1 is an ancient version of
> WSS4J. Would it be possible to upgrade the service provider to the
> latest 1.5.12 version?
>
> Colm.
>
> On Thu, Apr 19, 2012 at 3:48 PM, Rameshwer Jangra <rjangra@yahoo.com> wrote:
>> My bad! Here's the complete request XML and the corresponding response
>> xml.
>>
>> Thanks,
>> Rameshwer Jangra
>> ________________________________
>> From: Colm O hEigeartaigh <coheigea@apache.org>
>> To: Rameshwer Jangra <rjangra@yahoo.com>
>> Cc: "dev@ws.apache.org" <dev@ws.apache.org>
>> Sent: Thursday, April 19, 2012 9:32 AM
>>
>> Subject: Re: Help Required - Adding wsu:Id in <ds:Signature>
>>
>> The SOAP Body appears to be missing in "Request2.xml"?
>>
>> Colm.
>>
>> On Thu, Apr 19, 2012 at 3:29 PM, Rameshwer Jangra <rjangra@yahoo.com>
>> wrote:
>>> Colm,
>>> Please find the request and response xmls attached to the mail.
>>> "successful-echo-request.xml" is a request XML provided by the Service
>>> Provider as an example of a successfully processed request.
>>>
>>> "Request2.xml" & "Response2.xml" are the request that I sent and the
>>> response I am getting. I have changed the value/data for the
>>> <wsse:SecurityTokenReference> & <wsse:BinarySecurityToken> tags.
Other
>>> than
>>> that the request is the actual request that I am sending to Service
>>> Provider.
>>>
>>> Let me know if you need any other information.
>>>
>>> Thanks,
>>> Rameshwer Jangra
>>> ________________________________
>>> From: Colm O hEigeartaigh <coheigea@apache.org>
>>> To: Rameshwer Jangra <rjangra@yahoo.com>
>>> Cc: "dev@ws.apache.org" <dev@ws.apache.org>
>>> Sent: Thursday, April 19, 2012 9:08 AM
>>>
>>> Subject: Re: Help Required - Adding wsu:Id in <ds:Signature>
>>>
>>> What does the request look like?
>>>
>>> Colm.
>>>
>>> On Thu, Apr 19, 2012 at 2:55 PM, Rameshwer Jangra <rjangra@yahoo.com>
>>> wrote:
>>>> I am using WSS4j 1.5.9 while creating the request. The Service Provider
>>>> is
>>>> using 1.5.1 for signature verification and decryption.
>>>>
>>>> Thanks,
>>>> Rameshwer Jangra
>>>> ________________________________
>>>> From: Colm O hEigeartaigh <coheigea@apache.org>
>>>> To: dev@ws.apache.org; Rameshwer Jangra <rjangra@yahoo.com>
>>>> Sent: Thursday, April 19, 2012 8:10 AM
>>>> Subject: Re: Help Required - Adding wsu:Id in <ds:Signature>
>>>>
>>>> What version of WSS4J are you using?
>>>>
>>>> Colm.
>>>>
>>>> On Tue, Apr 17, 2012 at 7:34 PM, Rameshwer Jangra <rjangra@yahoo.com>
>>>> wrote:
>>>>> Hi,
>>>>> I am using WSS4J for invoking a secured web service. The request XML
>>>>> generated by my client is almost the same as the sample provided by the
>>>>> Service Provider. The only difference is an additional "wsu:Id"
>>>>> attribute
>>>>> defined for <ds:Signature> tag.
>>>>>
>>>>> Here's what my code is generating:
>>>>>
>>>>> <ds:Signature Id="Signature-22"
>>>>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
>>>>>
>>>>> Here's what the Service Provider is expecting
>>>>>
>>>>> <ds:Signature Id="Signature-16906910" wsu:Id="Id-8819824"
>>>>> xmlns:ds="http://www.w3.org/2000/09/xmldsig#"
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
>>>>>
>>>>> I suspect that due to this missing tag I am getting the exception,
>>>>> pasted
>>>>> below, when I am try to invoke the service. I am not able to figure
out
>>>>> how
>>>>> the highlighted tag will get added to the XML. Is there any
>>>>> configuration/attribute that I can change while invoking
>>>>> the WSSecSignature.build()?
>>>>>
>>>>> Gone through the API documentation and the code but could not find
>>>>> anything
>>>>> specific to this. Will appreciate any help/guidance in resolving this.
>>>>>
>>>>> --------------------------------------------
>>>>> Caused by: java.lang.NullPointerException
>>>>> at
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> org.apache.ws.security.util.WSSecurityUtil.findElementById(WSSecurityUtil.java:298)
>>>>> at
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> org.apache.ws.security.util.WSSecurityUtil.getElementByWsuId(WSSecurityUtil.java:438)
>>>>> at
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:297)
>>>>> at
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:79)
>>>>> at
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:279)
>>>>> at
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:201)
>>>>> at org.apache.rampart.RampartEngine.process(RampartEngine.java:71)
>>>>> at
>>>>>
>>>>>
>>>>>
>>>>> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:69)
>>>>> at org.apache.axis2.engine.Phase.invoke(Phase.java:381)
>>>>> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:518)
>>>>> at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:483)
>>>>> at
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:319)
>>>>> at
>>>>>
>>>>> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:247)
>>>>> ... 12 more
>>>>> ----------------------------------------------
>>>>>
>>>>> Thanks,
>>>>> Rameshwer Jangra
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>
>>>>
>>>>
>>>> --
>>>> Colm O hEigeartaigh
>>>>
>>>> Talend Community Coder
>>>> http://coders.talend.com
>>>>
>>>>
>>>
>>>
>>>
>>> --
>>> Colm O hEigeartaigh
>>>
>>> Talend Community Coder
>>> http://coders.talend.com
>>>
>>>
>>
>>
>>
>> --
>> Colm O hEigeartaigh
>>
>> Talend Community Coder
>> http://coders.talend.com
>>
>>
>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


Mime
View raw message