1 Reply Latest reply: Jan 30, 2012 5:33 AM by tee tee RSS

WSS4JInInterceptor General security error (WSSecurityEngine: Callback supplied no password for: null)

tee tee Newbie

I am using Jboss CXF to develop ws-security . I using jboss-6.0.0.Final and  jbossws-cxf-3.4.1 . I got the following error after i add ws-security to my web application . Please help. Thanks

 

 

 

18:00:30,277 WARN  [org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor] : org.apache.ws.security.WSSecurityException: General security error (WSSecurityEngine: Callback supplied no password for: null)

    at org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:348) [:1.5.10]

    at org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:117) [:1.5.10]

    at org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:93) [:1.5.10]

    at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:328) [:1.5.10]

    at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:245) [:1.5.10]

    at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:215) [:2.3.1]

    at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:81) [:2.3.1]

    at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:255) [:2.3.1]

    at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:113) [:2.3.1]

    at org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestination.java:97) [:2.3.1]

    at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:461) [:2.3.1]

    at org.jboss.wsf.stack.cxf.ServletControllerExt.invoke(ServletControllerExt.java:172) [:3.4.1.GA]

    at org.jboss.wsf.stack.cxf.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:57) [:3.4.1.GA]

    at org.jboss.wsf.stack.cxf.transport.ServletHelper.callRequestHandler(ServletHelper.java:156) [:3.4.1.GA]

    at org.jboss.wsf.stack.cxf.CXFServletExt.invoke(CXFServletExt.java:90) [:3.4.1.GA]

    at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:179) [:2.3.1]

    at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:103) [:2.3.1]

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:754) [:1.0.0.Final]

    at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:159) [:2.3.1]

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:324) [:6.0.0.Final]

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:242) [:6.0.0.Final]

    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:275) [:6.0.0.Final]

    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191) [:6.0.0.Final]

    at org.jboss.web.tomcat.security.SecurityAssociationValve.invoke(SecurityAssociationValve.java:181) [:6.0.0.Final]

    at org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.event(CatalinaContext.java:285) [:1.1.0.Final]

    at org.jboss.modcluster.catalina.CatalinaContext$RequestListenerValve.invoke(CatalinaContext.java:261) [:1.1.0.Final]

    at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:88) [:6.0.0.Final]

    at org.jboss.web.tomcat.security.SecurityContextEstablishmentValve.invoke(SecurityContextEstablishmentValve.java:100) [:6.0.0.Final]

    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127) [:6.0.0.Final]

    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102) [:6.0.0.Final]

    at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:158) [:6.0.0.Final]

    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109) [:6.0.0.Final]

    at org.jboss.web.tomcat.service.request.ActiveRequestResponseCacheValve.invoke(ActiveRequestResponseCacheValve.java:53) [:6.0.0.Final]

    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:362) [:6.0.0.Final]

    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) [:6.0.0.Final]

    at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:654) [:6.0.0.Final]

    at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:951) [:6.0.0.Final]

    at java.lang.Thread.run(Unknown Source) [:1.7.0]

 

18:00:30,279 WARN  [org.apache.cxf.phase.PhaseInterceptorChain] Interceptor for {http://sample.com/}MathWS has thrown exception, unwinding now: org.apache.cxf.binding.soap.SoapFault: General security error (WSSecurityEngine: Callback supplied no password for: null)

    at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:656) [:2.3.1]

    at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:275) [:2.3.1]

    at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:81) [:2.3.1]

    at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:255) [:2.3.1]

    at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:113) [:2.3.1]

    at org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestination.java:97) [:2.3.1]

    at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:461) [:2.3.1]

    at org.jboss.wsf.stack.cxf.ServletControllerExt.invoke(ServletControllerExt.java:172) [:3.4.1.GA]

  • 1. Re: WSS4JInInterceptor General security error (WSSecurityEngine: Callback supplied no password for: null)
    tee tee Newbie

    This is all the related config and xml . Thanks

     

    web.xml

     

    <?xml version="1.0" encoding="UTF-8"?>

    <web-app

    version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"

    xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

    xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">

    <servlet>

      <servlet-name>MathWS</servlet-name>

      <servlet-class>com.sample.MathWS</servlet-class>

    </servlet>

    <servlet-mapping>

       <servlet-name>MathWS</servlet-name>

       <url-pattern>/*</url-pattern>

    </servlet-mapping>

    </web-app>

     

    jbossws-cxf.xml

     

    <beans

      xmlns='http://www.springframework.org/schema/beans'

      xmlns:xsi='http://www.w3.org/2001/XMLSchema-instance'

      xmlns:beans='http://www.springframework.org/schema/beans'

      xmlns:jaxws='http://cxf.apache.org/jaxws'

      xsi:schemaLocation='http://www.springframework.org/schema/beans

      http://www.springframework.org/schema/beans/spring-beans.xsd

      http://cxf.apache.org/jaxws

      http://cxf.apache.org/schemas/jaxws.xsd'>

     

      <jaxws:endpoint id="MathWS" address="http://localhost:8080/Samplews"

    implementor="com.sample.MathWS">

    <jaxws:invoker>

    <bean class="org.jboss.wsf.stack.cxf.InvokerJSE"/>

    </jaxws:invoker>

          <jaxws:outInterceptors>

                   <bean class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor"/>

                 <ref bean="TimestampSignEncrypt_Response"/>

             </jaxws:outInterceptors>

             <jaxws:inInterceptors>

                 <ref bean="TimestampSignEncrypt_Request"/>

                 <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>

             </jaxws:inInterceptors>

    </jaxws:endpoint>

     

     

        <bean

            id="TimestampSignEncrypt_Request"

            class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"

            >

            <constructor-arg>

                <map>

                    <entry key="action" value="Timestamp Signature Encrypt"/>

                    <entry key="signaturePropFile" value="serviceKeystore.properties"/>

                    <entry key="decryptionPropFile" value="serviceKeystore.properties"/>

                    <entry key="passwordCallbackClass" value="com.sample.ServiceKeystorePasswordCallback"/>

                </map>

            </constructor-arg>

        </bean>

       

        <bean

            id="TimestampSignEncrypt_Response"

            class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"

            >

            <constructor-arg>

                <map>

                    <entry key="action" value="Timestamp Signature Encrypt"/>

                    <entry key="user" value="myservicekey"/>

                    <entry key="signaturePropFile" value="serviceKeystore.properties"/>

                    <entry key="encryptionPropFile" value="serviceKeystore.properties"/>

                    <entry key="encryptionUser" value="myclientkey"/>

                    <entry key="signatureKeyIdentifier" value="DirectReference"/>

                    <entry key="passwordCallbackClass" value="com.sample.ServiceKeystorePasswordCallback"/>

                    <entry key="signatureParts" value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>

                       <entry key="encryptionParts" value="{Element}{http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>

                    <entry key="encryptionKeyTransportAlgorithm" value="http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>

                       <entry key="encryptionSymAlgorithm" value="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>

                </map>

            </constructor-arg>

        </bean>  

     

    </beans>

     

    serviceKeystore.properties

     

    org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin

    org.apache.ws.security.crypto.merlin.keystore.file=serviceKeystore.jks

    org.apache.ws.security.crypto.merlin.keystore.password=sspass

    org.apache.ws.security.crypto.merlin.keystore.type=jks

    org.apache.ws.security.crypto.merlin.keystore.alias=myservicekey

     

    Client.xml

     

    <beans xmlns="http://www.springframework.org/schema/beans"

           xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

           xmlns:jaxws="http://cxf.apache.org/jaxws"

          xmlns:http="http://cxf.apache.org/transports/http/configuration"

           xsi:schemaLocation="http://www.springframework.org/schema/beans

              http://www.springframework.org/schema/beans/spring-beans.xsd

              http://cxf.apache.org/jaxws

              http://cxf.apache.org/schemas/jaxws.xsd">

     

        <bean id="client" class="com.sample.Math"

          factory-bean="clientFactory" factory-method="create"/>

       

        <bean id="clientFactory" class="org.apache.cxf.jaxws.JaxWsProxyFactoryBean">

          <property name="serviceClass" value="com.sample.Math"/>

          <property name="address" value="http://127.0.0.1:8080/Samplews/MathWS"/>

              <property name="inInterceptors">

             <list>

                <ref bean="TimestampSignEncrypt_Response"/>

             </list>

           </property>

           <property name="outInterceptors">

             <list>

                <ref bean="TimestampSignEncrypt_Request"/>

             </list>

           </property>

        </bean>

       

        <bean

            class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor"

            id="TimestampSignEncrypt_Request">

            <constructor-arg>

                <map>

                    <entry key="action" value="Timestamp Signature Encrypt"/>

                    <entry key="user" value="myclientkey"/>

                    <entry key="signaturePropFile" value="clientKeystore.properties"/>

                    <entry key="encryptionPropFile" value="clientKeystore.properties"/>

                    <entry key="encryptionUser" value="myservicekey"/>

                    <entry key="passwordCallbackClass" value="ClientKeystorePasswordCallback"/>

                    <entry key="signatureParts" value="{Element}{http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd}Timestamp;{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>

                    <entry key="encryptionParts" value="{Element}{http://www.w3.org/2000/09/xmldsig#}Signature;{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>

                    <entry key="encryptionSymAlgorithm" value="http://www.w3.org/2001/04/xmlenc#tripledes-cbc"/>

                </map>

            </constructor-arg>

        </bean>

       

        <bean

            class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor"

            id="TimestampSignEncrypt_Response">

            <constructor-arg>

                <map>

                    <entry key="action" value="Timestamp Signature Encrypt"/>

                    <entry key="signaturePropFile" value="clientKeystore.properties"/>

                    <entry key="decryptionPropFile" value="clientKeystore.properties"/>

                    <entry key="passwordCallbackClass" value="ClientKeystorePasswordCallback"/>

                </map>

            </constructor-arg>

        </bean>

         

    </beans>

     

     

    clientKeystore.properties

     

    org.apache.ws.security.crypto.merlin.keystore.file=clientKeystore.jks

    org.apache.ws.security.crypto.merlin.keystore.password=cspass

    org.apache.ws.security.crypto.merlin.keystore.type=jks

    org.apache.ws.security.crypto.merlin.keystore.alias=myclientkey