Hi Friends,
I have developed a Axis2 webservices with security, my service is in java and client is in .NET, while connecting through .NET client , the security process is failing, some the details is missing in request. kindly help for ws security configuration in app.config(.NET client). Please find below error details , java security file and .net file
ERROR DETAILS:
2009-12-17 01:31:07,128 [TP-Processor22] INFO org.apache.ws.security.message.token.SecurityTokenReference - X509IssuerSerial alias: null
2009-12-17 01:31:07,128 [TP-Processor22] DEBUG org.apache.ws.security.processor.EncryptedKeyProcessor - X509IssuerSerial alias: null
2009-12-17 01:31:07,128 [TP-Processor22] INFO com.ycs.narada.services.PasswordCallBackHandler - PasswordCallback handle
2009-12-17 01:31:07,128 [TP-Processor22] INFO com.ycs.narada.services.PasswordCallBackHandler - Identifier::null
2009-12-17 01:31:07,128 [TP-Processor22] DEBUG org.apache.rampart.handler.WSDoAllReceiver - WSDoAllReceiver: exit invoke()
2009-12-17 01:31:07,128 [TP-Processor22] ERROR org.apache.axis2.engine.AxisEngine - WSDoAllReceiver: security processing failed
org.apache.axis2.AxisFault: WSDoAllReceiver: security processing failed
at org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:214)
at org.apache.rampart.handler.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:86)
at org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72)
at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163)
at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275)
at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:133)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:637)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at java.lang.Thread.run(Thread.java:595)
Caused by: org.apache.ws.security.WSSecurityException: The signature or decryption was invalid; nested exception is:
java.lang.Exception: alias is null
at org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:292)
at org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:92)
at org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:80)
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:311)
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:228)
at org.apache.rampart.handler.WSDoAllReceiver.processBasic(WSDoAllReceiver.java:211)
... 24 more
Caused by: java.lang.Exception: alias is null
at org.apache.ws.security.components.crypto.CryptoBase.getPrivateKey(CryptoBase.java:137)
at org.apache.ws.security.processor.EncryptedKeyProcessor.handleEncryptedKey(EncryptedKeyProcessor.java:290)
... 29 more
JAVA services.xml file
<module ref="rampart" />
<parameter name="InflowSecurity">
<action>
<items>Encrypt Signature</items>
<passwordCallbackClass>com.ycs.test.PasswordCallBackHandler</passwordCallbackClass>
<decryptionPropFile>service.properties</decryptionPropFile>
<signaturePropFile>service.properties</signaturePropFile>
</action>
</parameter>
<parameter name="OutflowSecurity">
<action>
<items>Encrypt Signature</items>
<user>service</user>
<encryptionUser>client</encryptionUser>
<encryptionPropFile>service.properties</encryptionPropFile>
<passwordCallbackClass>com.ycs.test.PasswordCallBackHandler</passwordCallbackClass>
<signaturePropFile>service.properties</signaturePropFile>
<signatureKeyIdentifier>DirectReference</signatureKeyIdentifier>
</action>
</parameter>
*.NET app.config file*
<client>
<endpoint address="http://localhost:1919/testWs/services/HelloWorld"
behaviorConfiguration="ClientCertBehavior" binding="customBinding"
bindingConfiguration="JavaInterop" contract="localhost.HelloWorldPortType"
name="HelloWorldHttpSoap12Endpoint">
<identity>
<dns value="YALAMANCHILI" />
</identity>
</endpoint>
</client>
<bindings>
<customBinding>
<binding name="JavaInterop">
<security defaultAlgorithmSuite="Basic128Rsa15" allowSerializedSigningTokenOnReply="true"
authenticationMode="MutualCertificate" requireDerivedKeys="false"
securityHeaderLayout="Lax" includeTimestamp="true" messageProtectionOrder="EncryptBeforeSign"
messageSecurityVersion="WSSecurity10WSTrustFebruary2005WSSecureConversationFebruary2005WSSecurityPolicy11BasicSecurityProfile10">
<issuedTokenParameters keyType="AsymmetricKey">
<issuer address="" binding="customBinding" bindingConfiguration="JavaInterop" />
<issuerMetadata address="">
<identity>
<certificateReference x509FindType="FindByIssuerName" isChainIncluded="false" />
</identity>
</issuerMetadata>
</issuedTokenParameters>
<localClientSettings detectReplays="false" />
<secureConversationBootstrap defaultAlgorithmSuite="Basic128Rsa15"
allowSerializedSigningTokenOnReply="true" authenticationMode="MutualCertificate"
requireDerivedKeys="false" securityHeaderLayout="Lax" messageProtectionOrder="EncryptBeforeSign">
<issuedTokenParameters keyType="AsymmetricKey" />
</secureConversationBootstrap>
</security>
<textMessageEncoding messageVersion="Default" />
<httpTransport />
</binding>
</customBinding>
</bindings>
<behaviors>
<endpointBehaviors>
<behavior name="ClientCertBehavior">
<clientCredentials>
<clientCertificate findValue="f1 88 d8 95 76 76 5b be 74 53 90 92 fc cf 16 e0 67 5e 4d 34"
storeLocation="CurrentUser" storeName="My" x509FindType="FindByThumbprint" />
<serviceCertificate>
<defaultCertificate findValue="d4 79 bc 17 94 3a 3c 14 a1 a2 1f c7 ba b7 a7 3e 08 1b 0a 8d"
storeLocation="CurrentUser" storeName="My" x509FindType="FindByThumbprint" />
<authentication certificateValidationMode="None" revocationMode="NoCheck" />
</serviceCertificate>
<peer>
<peerAuthentication certificateValidationMode="None" />
<messageSenderAuthentication certificateValidationMode="None"
revocationMode="NoCheck" />
</peer>
</clientCredentials>
</behavior>
</endpointBehaviors>
</behaviors>
Kindly help me friends.
Thanks in Advance
---------------
Siva kumar