1 Reply Latest reply: Jun 7, 2012 11:07 PM by Arshad Noor RSS

    com.sun.xml.wss.XWSSecurityException: Policy verification error

    103720
      Hello -

      I am getting the following error while trying to send a signed soap message to web service. The error comes as SOAPFaultException

      com.sun.xml.wss.XWSSecurityException: Policy verification error:Missing Signature Element - perhaps a second supporting signature or Incorrect Key types or references were used in Signature

      The complete trace is

      WSITPVD0035: Error in Verifying Security in Inbound Message.
      com.sun.xml.wss.impl.PolicyViolationException: com.sun.xml.wss.XWSSecurityException: Policy verification error:Missing Signature Element - perhaps a second supporting signature or Incorrect Key types or references were used in Signature
           at com.sun.xml.wss.impl.policy.verifier.MessagePolicyVerifier.verifyPolicy(MessagePolicyVerifier.java:124)
           at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.createMessage(SecurityRecipient.java:973)
           at com.sun.xml.ws.security.opt.impl.incoming.SecurityRecipient.validateMessage(SecurityRecipient.java:230)
           at com.sun.xml.wss.provider.wsit.WSITServerAuthContext.verifyInboundMessage(WSITServerAuthContext.java:539)
           at com.sun.xml.wss.provider.wsit.WSITServerAuthContext.validateRequest(WSITServerAuthContext.java:324)
           at com.sun.xml.wss.provider.wsit.WSITServerAuthContext.validateRequest(WSITServerAuthContext.java:236)
           at com.sun.enterprise.webservice.CommonServerSecurityPipe.processRequest(CommonServerSecurityPipe.java:172)
           at com.sun.enterprise.webservice.CommonServerSecurityPipe.process(CommonServerSecurityPipe.java:133)
           at com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:115)
           at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:598)
           at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:557)
           at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:542)
           at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:439)
           at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:243)
           at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:471)
           at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:244)
           at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:135)
           at com.sun.enterprise.webservice.JAXWSServlet.doPost(JAXWSServlet.java:177)
           at javax.servlet.http.HttpServlet.service(HttpServlet.java:754)
           at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
           at org.apache.catalina.core.ApplicationFilterChain.servletService(ApplicationFilterChain.java:427)
           at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:315)
           at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:287)
           at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:218)
           at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:648)
           at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:593)
           at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:94)
           at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:98)
           at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:222)
           at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:648)
           at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:593)
           at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:587)
           at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1093)
           at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:166)
           at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:648)
           at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:593)
           at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:587)
           at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1093)
           at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:291)
           at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:666)
           at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:597)
           at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:872)
           at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:341)
           at com.sun.enterprise.web.connector.grizzly.ssl.SSLReadTask.process(SSLReadTask.java:444)
           at com.sun.enterprise.web.connector.grizzly.ssl.SSLReadTask.doTask(SSLReadTask.java:230)
           at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:264)
           at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106)
      Caused by: com.sun.xml.wss.XWSSecurityException: Policy verification error:Missing Signature Element - perhaps a second supporting signature or Incorrect Key types or references were used in Signature
           at com.sun.xml.wss.impl.policy.verifier.MessagePolicyVerifier.processPrimaryPolicy(MessagePolicyVerifier.java:219)
           at com.sun.xml.wss.impl.policy.verifier.MessagePolicyVerifier.verifyPolicy(MessagePolicyVerifier.java:119)
           ... 46 more


      Any help is really appreciated. Thanks.