aspose file tools*
The moose likes Web Services and the fly likes Axis2/Rampart problem. Certificate not found for user. Big Moose Saloon
  Search | Java FAQ | Recent Topics | Flagged Topics | Hot Topics | Zero Replies
Register / Login
JavaRanch » Java Forums » Java » Web Services
Bookmark "Axis2/Rampart problem. Certificate not found for user." Watch "Axis2/Rampart problem. Certificate not found for user." New topic
Author

Axis2/Rampart problem. Certificate not found for user.

Raine Pyssysalo
Greenhorn

Joined: Dec 04, 2009
Posts: 5
Hi,

I have this Jax-ws web service which functions as a container for Axis-client. This client sends secure and signed messages with Rampart. I have ran into problems lately because I can't change keystore on the fly. It always crashes to following error:

org.apache.axis2.AxisFault: Error during Signature: ; nested exception is:
org.apache.ws.security.WSSecurityException: General security error (No certificates for user user1 were found for signature)
at org.apache.rampart.handler.WSDoAllSender.processMessage(WSDoAllSender.java:67)
at org.apache.rampart.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:72)
at org.apache.axis2.engine.Phase.invoke(Phase.java:318)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:251)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:416)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)

This is really weird problem because I can normally send messages always when I start Tomcat-server or when I restart the server. So it seems that something stays in the memory or cache that isn't cleared.

Thanks! Raine
Raine Pyssysalo
Greenhorn

Joined: Dec 04, 2009
Posts: 5
Ok, I've found out this much:

My dynamic keystore change fails because Password Callback Handler validates wrong certificate. Handler gets the password on the first call to service and certificate is saved somewhere in the memory. If I use "hardcoded"-password -> my service will work fine if the first call is made with matching certificate.

Does anybody know how to clear old certificate from the memory/cache? Restarting Tomcat will work but I need bit more dynamic solution
Raine Pyssysalo
Greenhorn

Joined: Dec 04, 2009
Posts: 5
Ok I found out the solution. The trick was to use PolicyBased configuration. I was using old ParameterBased configuration. Here is a link to great blog by Thilina:

How to build rampart-config programmatically..

Remember to define policy.xml file when following this tutorial. This was something that I first forgot to do
PrasannaKumar Sathiyanantham
Ranch Hand

Joined: Nov 12, 2009
Posts: 110
Hi i am also working on axis2 1.5 version(just beginning to work on it). Can you provide me any online tutorial links or any books for apache axis .please.

I am not able to understand a lot in it. help me


To err is human,
To forgive is not company policy
Raine Pyssysalo
Greenhorn

Joined: Dec 04, 2009
Posts: 5
Hi,

Are you trying to create web service or client? I think the easiest way to work with Axis is with Netbeans plugins.

Netbeans tutorials I think this is a great place to start..
PrasannaKumar Sathiyanantham
Ranch Hand

Joined: Nov 12, 2009
Posts: 110
thank you. I will look into them.

I just want to understand how the server and client side works meaning i just want to develop a project with the web service me acting as both server and client.

I will look into the netbeans tutorial. But is there a tutorial available for eclipse because in my office am expected to work in eclipse IDE only. That's why.

However thank you for that link
 
I agree. Here's the link: http://aspose.com/file-tools
 
subject: Axis2/Rampart problem. Certificate not found for user.