This discussion is archived
0 Replies Latest reply: Mar 21, 2011 11:37 AM by 849093 RSS

security procesing failed(actions mismatch) while invkng secure web-service

849093 Newbie
Currently Being Moderated
Hi,

This mail is to seek help from our Java community in a issue that we are currently facing with web service we have written in the application
that I am currently working on. An early response in this is highly appreciated.

I have implemented Java client to invoke the secure web-service(Signing and Encryption of SOAP Request). I am using the classes WSSecEncrypt & WSSecSignature for signing and encrypt the request.

I did the signing and encryption for the SOAP request, invoked the Web-service. The server side received the request and sent the encrypted response. But I am getting an error in the client side while receiving the encrypted response.


Client side :
1) sign the SOAP reuqest with client private key
2) Encrypt the request with server side public key
3) invoke the web-service ( request sent to server and server sent the response) but getting error while reading the encrypted the response.

Server side :
1) receive the request
2) decrypt the request, process the request
3) encrypth the response and send to client

I am getting the below exception exactly at below line (while getting encrypted response) and I have pasted the java client code below
SOAPEnvelope resEnvelope = call.invoke(msg);


Exception message :
AxisFault
faultCode: {http://schemas.xmlsoap.org/soap/envelope/}Server.generalException
faultSubcode:
faultString: security processing failed (actions mismatch)
faultActor:
faultNode:
faultDetail:
{http://xml.apache.org/axis/}hostname:apsp9097

security processing failed (actions mismatch)
at org.apache.axis.message.SOAPFaultBuilder.createFault(SOAPFaultBuilder.java:222)
at org.apache.axis.message.SOAPFaultBuilder.endElement(SOAPFaultBuilder.java:129)
at org.apache.axis.encoding.DeserializationContext.endElement(DeserializationContext.java:1087)
at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.endElement(AbstractSAXParser.java:601)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanEndElement(XMLDocumentFragmentScannerImpl.java:1774)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl$FragmentContentDriver.next(XMLDocumentFragmentScannerImpl.java:2930)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentScannerImpl.next(XMLDocumentScannerImpl.java:648)
at com.sun.org.apache.xerces.internal.impl.XMLNSDocumentScannerImpl.next(XMLNSDocumentScannerImpl.java:140)
at com.sun.org.apache.xerces.internal.impl.XMLDocumentFragmentScannerImpl.scanDocument(XMLDocumentFragmentScannerImpl.java:510)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:807)
at com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML11Configuration.java:737)
at com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.java:107)
at com.sun.org.apache.xerces.internal.parsers.AbstractSAXParser.parse(AbstractSAXParser.java:1205)
at com.sun.org.apache.xerces.internal.jaxp.SAXParserImpl$JAXPSAXParser.parse(SAXParserImpl.java:522)
at javax.xml.parsers.SAXParser.parse(SAXParser.java:395)
at org.apache.axis.encoding.DeserializationContext.parse(DeserializationContext.java:227)
at org.apache.axis.SOAPPart.getAsSOAPEnvelope(SOAPPart.java:696)
at org.apache.axis.Message.getSOAPEnvelope(Message.java:435)
at org.apache.axis.transport.http.HTTPSender.readFromSocket(HTTPSender.java:796)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:144)
at org.apache.axis.transport.http.HTTPSender.readFromSocket(HTTPSender.java:727)
at org.apache.axis.transport.http.HTTPSender.invoke(HTTPSender.java:144)
at org.apache.axis.strategies.InvocationStrategy.visit(InvocationStrategy.java:32)
at org.apache.axis.SimpleChain.doVisiting(SimpleChain.java:118)
at org.apache.axis.SimpleChain.invoke(SimpleChain.java:83)
at org.apache.axis.client.AxisClient.invoke(AxisClient.java:165)
at org.apache.axis.client.Call.invokeEngine(Call.java:2784)
at org.apache.axis.client.Call.invoke(Call.java:2767)
at org.apache.axis.client.Call.invoke(Call.java:1870)
at CallSecWS.main(CallSecWS.java:118)


Java Code :

Properties clinetProps = new Properties();               
          MessageContext msgContext = null;          
          System.setProperty("javax.xml.soap.MessageFactory", "org.apache.axis.soap.MessageFactoryImpl");          
          FileInputStream fis = new FileInputStream("C:\\crypto.properties");          
          clinetProps.load(fis);
          Crypto ClientCrypto = CryptoFactory.getInstance(clinetProps);
          //Creating Messaging Object

          InputStream inStream = new ByteArrayInputStream(soapMsg.getBytes());
          Message axisMsg = new Message(inStream);
          axisMsg.setMessageContext(msgContext);

//creating envelople based on Message
          SOAPEnvelope envelope = axisMsg.getSOAPEnvelope();
          
// Encrypting an signing the SOAP request
          WSSecEncrypt encrypt = new WSSecEncrypt();
          WSSecSignature sign = new WSSecSignature();
          
// Set the encryption and signging details
          encrypt.setUserInfo("serverpublickey");     
          String strProvateKey = clinetProps.getProperty("org.apache.ws.security.crypto.merlin.keystore.alias");
          String password = clinetProps.getProperty("org.apache.ws.security.crypto.merlin.keystore.password");
          sign.setUserInfo(strProvateKey,password);     

// Creating the header
          Document doc = envelope.getAsDocument();     
          WSSecHeader secHeader = new WSSecHeader();
          secHeader.insertSecurityHeader(doc);


     // Dcoument ment signed and encrypted
          Document encryptedDoc = encrypt.build(doc, ClientCrypto, secHeader);
          System.out.println("After Encryption....");
          Document encryptedSignedDoc = sign.build(encryptedDoc, ClientCrypto, secHeader);
     Message msg = (Message) toSOAPMessage(encryptedSignedDoc);
     System.out.println(msg.getSOAPPartAsString() );
          
// Encryption and signing done and invoking the secure web-service
          String endpoint = "http://sys.ws.com/services/SecureService";
          Service service = new Service();
          Call call = (Call) service.createCall();
          call.setTargetEndpointAddress( new java.net.URL(endpoint) );
          call.setOperationStyle(org.apache.axis.constants.Style.MESSAGE);
          
// Sender handler
          WSDoAllSender send = new WSDoAllSender();     
          send.setOption( WSHandlerConstants.SIG_PROP_FILE , "crypto.properties" );
          send.setOption( WSHandlerConstants.SIG_KEY_ID, "DirectReference" );
          send.setOption( WSHandlerConstants.ACTION, WSHandlerConstants.ENCRYPT +" " + WSHandlerConstants.SIGNATURE );
          send.setOption( WSHandlerConstants.USER, "PrivateKey" );     
          send.setOption( WSHandlerConstants.ENCRYPTION_USER, "serverpublickey");     
          send.setOption( WSHandlerConstants.PW_CALLBACK_CLASS,com.client.B2BCallBack.class.getName() );     
          

// Receiver handler
          WSDoAllReceiver recv = new WSDoAllReceiver();
          recv.setOption( WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE+ " " + WSHandlerConstants.ENCRYPT );
          recv.setOption( WSHandlerConstants.SIG_PROP_FILE, "crypto.properties" );
          recv.setOption( WSHandlerConstants.SIG_KEY_ID, "DirectReference" );
          recv.setOption( WSHandlerConstants.PW_CALLBACK_CLASS,com.client.B2BCallBack.class.getName() );          
          recv.setOption( WSHandlerConstants.ENCRYPTION_USER ,"serverpublickey");

          // Setting the handlers          
call.setClientHandlers(send, recv);
          System.out.println("Set the all parameters");

// Invoking the web-service.
          SOAPEnvelope resEnvelope = call.invoke(msg);



public static SOAPMessage toSOAPMessage(Document doc) throws Exception
{
     Canonicalizer c14n = Canonicalizer.getInstance(Canonicalizer.ALGO_ID_C14N_WITH_COMMENTS);
     byte[] canonicalMessage = c14n.canonicalizeSubtree(doc);
     ByteArrayInputStream in = new ByteArrayInputStream(canonicalMessage);
     MessageFactory factory = MessageFactory.newInstance();
     return factory.createMessage(null, in);
}


Thanks
J Ashok

Edited by: 846090 on Mar 21, 2011 11:34 AM

Legend

  • Correct Answers - 10 points
  • Helpful Answers - 5 points