ws-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <j...@apache.org>
Subject [jira] [Resolved] (WSS-402) Message not being signed correctly when using RSA (2048 bit ) certs
Date Tue, 17 Sep 2013 12:45:52 GMT

     [ https://issues.apache.org/jira/browse/WSS-402?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]

Colm O hEigeartaigh resolved WSS-402.
-------------------------------------

    Resolution: Incomplete
    
> Message not being signed correctly when using RSA (2048 bit ) certs
> -------------------------------------------------------------------
>
>                 Key: WSS-402
>                 URL: https://issues.apache.org/jira/browse/WSS-402
>             Project: WSS4J
>          Issue Type: Bug
>    Affects Versions: 1.5.12
>            Reporter: Dan Chanez
>            Assignee: Colm O hEigeartaigh
>
> I upgraded to 1.5.12 from 1.5.11. When using RSA(1024 bit) self signed certs everything
works fine. But when I use RSA (2048 bit) Verisign signed certs I get the following stack
trace on the client side:
> org.apache.ws.security.WSSecurityException: The signature or decryption was invalid
> 	at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:322)
> 	at org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:85)
> 	at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:311)
> 	at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:228)
> 	at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:158)
> 	at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:65)
> 	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:220)
> 	at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:633)
> 	at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:2064)
> 	at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1942)
> 	at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1867)
> 	at org.apache.cxf.io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java:47)
> 	at org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:170)
> 	at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:66)
> 	at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:595)
> 	at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
> 	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:220)
> 	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:466)
> 	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:299)
> 	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:251)
> 	at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
> 	at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
> 	at $Proxy51.executeCommand(Unknown Source)
> 	at com.transending.ws.client.web.action.WebServiceClientAction.populateWSClientResponse(WebServiceClientAction.java:152)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> 	at sun.reflect.NativeMethodAccessorImpl.invoke(Unknown Source)
> 	at sun.reflect.DelegatingMethodAccessorImpl.invoke(Unknown Source)
> 	at java.lang.reflect.Method.invoke(Unknown Source)
> 	at org.apache.struts.actions.DispatchAction.dispatchMethod(DispatchAction.java:269)
> 	at org.apache.struts.actions.DispatchAction.execute(DispatchAction.java:170)
> 	at org.apache.struts.chain.commands.servlet.ExecuteAction.execute(ExecuteAction.java:58)
> 	at org.apache.struts.chain.commands.AbstractExecuteAction.execute(AbstractExecuteAction.java:67)
> 	at org.apache.struts.chain.commands.ActionCommandBase.execute(ActionCommandBase.java:51)
> 	at org.apache.commons.chain.impl.ChainBase.execute(ChainBase.java:190)
> 	at org.apache.commons.chain.generic.LookupCommand.execute(LookupCommand.java:304)
> 	at org.apache.commons.chain.impl.ChainBase.execute(ChainBase.java:190)
> 	at org.apache.struts.chain.ComposableRequestProcessor.process(ComposableRequestProcessor.java:283)
> 	at org.apache.struts.action.ActionServlet.process(ActionServlet.java:1913)
> 	at org.apache.struts.action.ActionServlet.doPost(ActionServlet.java:462)
> 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:647)
> 	at javax.servlet.http.HttpServlet.service(HttpServlet.java:729)
> 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
> 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> 	at org.displaytag.filter.ResponseOverrideFilter.doFilter(ResponseOverrideFilter.java:125)
> 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
> 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> 	at log.MDCServletFilter.doFilter(MDCServletFilter.java:80)
> 	at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:215)
> 	at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
> 	at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:213)
> 	at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:172)
> 	at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
> 	at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
> 	at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:548)
> 	at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
> 	at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:174)
> 	at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:875)
> 	at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
> 	at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
> 	at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
> 	at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:689)
> 	at java.lang.Thread.run(Unknown Source) 
> When I reverted back to 1.5.11 using the same RSA (2048 bit) Verisign signed certs everything
works fine.

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@ws.apache.org
For additional commands, e-mail: dev-help@ws.apache.org


Mime
View raw message