• Post Reply Bookmark Topic Watch Topic
  • New Topic
programming forums Java Mobile Certification Databases Caching Books Engineering Micro Controllers OS Languages Paradigms IDEs Build Tools Frameworks Application Servers Open Source This Site Careers Other all forums
this forum made possible by our volunteer staff, including ...
Marshals:
  • Campbell Ritchie
  • Bear Bibeault
  • Ron McLeod
  • Jeanne Boyarsky
  • Paul Clapham
Sheriffs:
  • Tim Cooke
  • Liutauras Vilda
  • Junilu Lacar
Saloon Keepers:
  • Tim Moores
  • Stephan van Hulst
  • Tim Holloway
  • fred rosenberger
  • salvin francis
Bartenders:
  • Piet Souris
  • Frits Walraven
  • Carey Brown

SOAP Header missing using (Hash values do not match ) Rampart/Axis2

 
Greenhorn
Posts: 1
  • Mark post as helpful
  • send pies
  • Quote
  • Report post to moderator
Hi all,
I am writing a java client to consume a web service that I have no control of. The web service requires a sign message. I have configured Rampart to sign the message with file policy.xml and code.

Server WS return this error:

org.apache.axis2.AxisFault: SOAP header missing
[java] at org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:166)
[java] at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:99)
[java] at org.apache.axis2.engine.Phase.invoke(Phase.java:318)
[java] at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:251)
[java] at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:160)
[java] at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:364)
[java] at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:417)
[java] at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
[java] at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
[java] at es.contrataciondelestado.b2b.publicacion.ServicioPublicacionB2BStub.getExpedientState(ServicioPublicacionB2BStub.java:238)
[java] at PruebaCliente.main(PruebaCliente.java:109)
[java] Caused by: org.apache.rampart.RampartException: SOAP header missing
[java] at org.apache.rampart.RampartEngine.process(RampartEngine.java:106)
[java] at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92)
[java] ... 9 more

The server who validate the messages is an IBM Websphere DataPower XS40 and return the error "Hash values do not match. (from client)".

I'm using axis2-1.5.1, rampart-1.5, jdk1.6.0_20

My policy.xml is:

<?xml version="1.0" encoding="UTF-8"?>

<wsp:Policy wsu:Id="SigEncr" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy">;
<wsp:ExactlyOne>
<wsp:All>
<sp:AsymmetricBinding xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">;
<wsp:Policy>
<sp:InitiatorToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">;
<wsp:Policy>
<sp:RequireThumbprintReference/>
<sp:WssX509V1Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:InitiatorToken>
<sp:RecipientToken>
<wsp:Policy>
<sp:X509Token sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/Never">;
<wsp:Policy>
<sp:RequireThumbprintReference/>
<sp:WssX509V3Token10/>
</wsp:Policy>
</sp:X509Token>
</wsp:Policy>
</sp:RecipientToken>
<sp:AlgorithmSuite>
<wsp:Policy>
<sp:TripleDesRsa15/>
</wsp:Policy>
</sp:AlgorithmSuite>
<sp:Layout>
<wsp:Policy>
<sp:Strict/>
</wsp:Policy>
</sp:Layout>
<sp:IncludeTimestamp/>
<sp:OnlySignEntireHeadersAndBody/>
</wsp:Policy>
</sp:AsymmetricBinding>
<sp:Wss10 xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">;
<wsp:Policy>
<sp:MustSupportRefKeyIdentifier/>
<sp:MustSupportRefIssuerSerial/>
</wsp:Policy>
</sp:Wss10>
<sp:SignedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">;
<sp:Body/>
</sp:SignedParts>
<sp:EncryptedParts xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">;
<sp:Body/>
</sp:EncryptedParts>
<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">;
<ramp:user>clientkey</ramp:user>
<ramp:encryptionUser>serverkey</ramp:encryptionUser>
<ramp:passwordCallbackClass>com.sosnoski.ws.library.adb.PWCBHandler</ramp:passwordCallbackClass>
<ramp:signatureCypto>
<ramp:crypto provider="org.apache.ws.security.components.crypto.Merlin">
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.type">JKS</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.file">client.keystore</ramp:property>
<ramp:property name="org.apache.ws.security.crypto.merlin.keystore.password">nosecret</ramp:property>
</ramp:crypto>
</ramp:signatureCypto>
</ramp:RampartConfig>


</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>


My java class is:

public class PruebaCliente {
/**
* Load policy file from classpath.
*/
private static Policy loadPolicy(String name) throws XMLStreamException {
ClassLoader loader = PruebaCliente.class.getClassLoader();
InputStream resource = loader.getResourceAsStream(name);
StAXOMBuilder builder = new StAXOMBuilder(resource);
return PolicyEngine.getPolicy(builder.getDocumentElement());
}

public static void main(String[] args) {
PruebaCliente pc = new PruebaCliente();
Logger log = Logger.getLogger( pc.getClass() );
System.setProperty("javax.net.ssl.trustStore", "security/almacenPLACE.jks");
System.setProperty("javax.net.ssl.trustStorePassword", "changeit");

// create the client stub
String target = "https://ip:port/service";

ServicioPublicacionB2BStub stub;
try {
ConfigurationContextFactory.createConfigurationContextFromFileSystem(
/axis2-1.5.1/repository/",
null);

stub = new ServicioPublicacionB2BStub(target);
System.out.println("Stub initializated");

// configure and engage Rampart
ServiceClient client = stub._getServiceClient();
Options options = client.getOptions();

try {
RampartConfig rampartConfig = new RampartConfig();
Properties merlinProp = new Properties();
merlinProp.put("org.apache.ws.security.crypto.merlin.keystore.type", "PKCS12");
merlinProp.put("org.apache.ws.security.crypto.merlin.file","clienteplace.p12");
merlinProp.put("org.apache.ws.security.crypto.merlin.keystore.alias", "clienteplace");
merlinProp.put("org.apache.ws.security.crypto.merlin.keystore.password", "changeit");
CryptoConfig cryptoConfig = new CryptoConfig();
cryptoConfig.setProvider("org.apache.ws.security.components.crypto.Merlin");
cryptoConfig.setProp(merlinProp);
rampartConfig.setUser("clienteplace");
rampartConfig.setUserCertAlias("clienteplace");
rampartConfig.setPwCbClass("PWCBHandler");
rampartConfig.setSigCryptoConfig(cryptoConfig);

StAXOMBuilder builder = new StAXOMBuilder("security/policy.xml");
Policy policy = PolicyEngine.getPolicy(builder.getDocumentElement());

policy.addAssertion(rampartConfig);
options.setProperty(RampartMessageData.KEY_RAMPART_POLICY, policy);
client.engageModule("rampart");

// web service call
GetExpedientStateDocument gesDocument = GetExpedientStateDocument.Factory.newInstance();
GetExpedientStateDocument.GetExpedientState ges = gesDocument.addNewGetExpedientState();
ges.setExpedientNumber("RED_B2B_01");
ges.setBuyerProfileId("10000200031834");

stub.getExpedientState(gesDocument);

} catch (XMLStreamException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (RemoteException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (FileNotFoundException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
} catch (AxisFault e) {
// TODO Auto-generated catch block
e.printStackTrace();
}


}
}


Please, any help is appreciated.

Thanks.

Antonio.
    Bookmark Topic Watch Topic
  • New Topic