0 Replies Latest reply on Oct 13, 2008 11:09 PM by biemond

    11G ws proxy client gives me Failed to process signature.null

    biemond
      Hi

      I got this error maybe someone can help me

      thanks Edwin

      java.rmi.RemoteException: SOAPFaultException - FaultCode [{http://schemas.xmlsoap.org/soap/envelope/}Server] FaultString [Failed to process signature.null] FaultActor [null]No Detail; nested exception is:
           weblogic.wsee.jaxrpc.soapfault.WLSOAPFaultException: Failed to process signature.null
           at nl.ordina.ws.client.CreditCheck_Stub.checkOrder(CreditCheck_Stub.java:39)
           at nl.ordina.ws.TestWS.main(TestWS.java:65)
      Caused by: weblogic.wsee.jaxrpc.soapfault.WLSOAPFaultException: Failed to process signature.null
           at weblogic.wsee.codec.soap11.SoapCodec.decodeFault(SoapCodec.java:355)
           at weblogic.wsee.ws.dispatch.client.CodecHandler.decodeFault(CodecHandler.java:115)
           at weblogic.wsee.ws.dispatch.client.CodecHandler.decode(CodecHandler.java:100)
           at weblogic.wsee.ws.dispatch.client.CodecHandler.handleFault(CodecHandler.java:88)
           at weblogic.wsee.handler.HandlerIterator.handleFault(HandlerIterator.java:309)
           at weblogic.wsee.handler.HandlerIterator.handleResponse(HandlerIterator.java:269)
           at weblogic.wsee.ws.dispatch.client.ClientDispatcher.handleResponse(ClientDispatcher.java:213)
           at weblogic.wsee.ws.dispatch.client.ClientDispatcher.dispatch(ClientDispatcher.java:150)
           at weblogic.wsee.ws.WsStub.invoke(WsStub.java:87)
           at weblogic.wsee.jaxrpc.StubImpl._invoke(StubImpl.java:337)
           at nl.ordina.ws.client.CreditCheck_Stub.checkOrder(CreditCheck_Stub.java:34)
           ... 1 more
      Caused by: weblogic.xml.crypto.wss.WSSecurityException: Failed to process signature.null
           at weblogic.xml.crypto.wss.SecurityImpl.processAndMarshalSignature(SecurityImpl.java:359)
           at weblogic.xml.crypto.wss.SecurityImpl.add(SecurityImpl.java:142)
           at weblogic.xml.crypto.wss.SecurityBuilderImpl.addSignature(SecurityBuilderImpl.java:909)
           at weblogic.xml.crypto.wss.SecurityBuilderImpl.addSignatureWithToken(SecurityBuilderImpl.java:348)
           at weblogic.xml.crypto.wss.SecurityBuilderImpl.addSignatureInternal(SecurityBuilderImpl.java:329)
           at weblogic.xml.crypto.wss11.internal.SecurityBuilderImpl.addSignature(SecurityBuilderImpl.java:351)
           at weblogic.wsee.security.wss.plan.SecurityMessageArchitect.processIntegrity(SecurityMessageArchitect.java:904)
           at weblogic.wsee.security.wss.plan.SecurityMessageArchitect.constructMessage(SecurityMessageArchitect.java:310)
           at weblogic.wsee.security.wss.plan.SecurityMessageArchitect.buildWssMessage(SecurityMessageArchitect.java:136)
           at weblogic.wsee.security.wss.plan.SecurityMessageArchitect.buildWssMessage(SecurityMessageArchitect.java:119)
           at weblogic.wsee.security.wss.SecurityPolicyArchitect.processOutbound(SecurityPolicyArchitect.java:217)
           at weblogic.wsee.security.wss.SecurityPolicyArchitect.processMessagePolicy(SecurityPolicyArchitect.java:117)
           at weblogic.wsee.security.wss.SecurityPolicyConductor.processRequestOutbound(SecurityPolicyConductor.java:120)
           at weblogic.wsee.security.wss.SecurityPolicyConductor.processRequestOutbound(SecurityPolicyConductor.java:92)
           at weblogic.wsee.security.wssp.handlers.WssClientHandler.processOutbound(WssClientHandler.java:113)
           at weblogic.wsee.security.wssp.handlers.WssClientHandler.processRequest(WssClientHandler.java:68)
           at weblogic.wsee.security.wssp.handlers.WssHandler.handleRequest(WssHandler.java:92)
           at weblogic.wsee.handler.HandlerIterator.handleRequest(HandlerIterator.java:141)
           at weblogic.wsee.handler.HandlerIterator.handleRequest(HandlerIterator.java:107)
           at weblogic.wsee.ws.dispatch.client.ClientDispatcher.dispatch(ClientDispatcher.java:132)
           ... 4 more
      Caused by: weblogic.xml.crypto.dsig.api.XMLSignatureException
           at weblogic.xml.crypto.dsig.SignedInfoImpl.createSignature(SignedInfoImpl.java:101)
           at weblogic.xml.crypto.dsig.XMLSignatureImpl.sign(XMLSignatureImpl.java:204)
           at weblogic.xml.crypto.wss.SecurityImpl.processAndMarshalSignature(SecurityImpl.java:355)
           ... 23 more
      Caused by: weblogic.xml.crypto.api.KeySelectorException: Failed to resolve key using SecurityTokenReference weblogic.xml.crypto.wss11.internal.bst.BSTR@160e069 URI: str_Gd32NOIPFZLwvql9
           at weblogic.xml.crypto.common.keyinfo.KeyResolver.getKeyFromSTR(KeyResolver.java:309)
           at weblogic.xml.crypto.common.keyinfo.KeyResolver.select(KeyResolver.java:127)
           at weblogic.xml.crypto.dsig.SignedInfoImpl.getSignKey(SignedInfoImpl.java:216)
           at weblogic.xml.crypto.dsig.SignedInfoImpl.createSignature(SignedInfoImpl.java:99)
           ... 25 more
      Process exited with exit code 0.

      this is the ws code


      import javax.jws.WebMethod;
      import javax.jws.WebService;
      import weblogic.jws.Policy;

      @WebService
      @Policy(uri = "policy:Wssp1.2-2007-Wss1.0-UsernameToken-Plain-X509-Basic256.xml")
      public class CreditCheck {

      @WebMethod
      public CreditObject CheckOrder(Integer customerId,Integer orderId, double orderTotal ) {
      CreditObject credit = new CreditObject();
      if (orderTotal > 1000) {
      credit.setApproved(false);
      credit.reason = "order total too high";
      } else credit.setApproved(true);

      return credit;
      }

      }

      client code

      package nl.ordina.ws;

      import java.security.cert.X509Certificate;

      import java.util.ArrayList;
      import java.util.List;

      import javax.xml.rpc.Stub;

      import nl.ordina.ws.client.CreditCheck;
      import nl.ordina.ws.client.CreditCheckService;
      import nl.ordina.ws.client.CreditCheckService_Impl;

      import weblogic.security.SSL.TrustManager;
      import weblogic.wsee.security.bst.ClientBSTCredentialProvider;
      import weblogic.wsee.security.bst.StubPropertyBSTCredProv;
      import weblogic.wsee.security.unt.ClientUNTCredentialProvider;
      import weblogic.wsee.security.util.CertUtils;
      import weblogic.xml.crypto.wss.WSSecurityContext;
      import weblogic.xml.crypto.wss.provider.CredentialProvider;

      public class TestWS {

      public static void main(String[] args) {
      try {
      String username = "weblogic";
      String password = "weblogic";

      String clientKeyStore = "d:/wsclient.jks";
      String clientKeyStorePass = "welcome";
      String clientKeyAlias = "wsclient";
      String clientKeyPass = "welcome";
      String serverCertFile = "d:/weblogic.crt";

      String wsdl = "http://localhost:7101/ws-ws_security-context-root/CreditCheckPort?wsdl";
      CreditCheckService service = new CreditCheckService_Impl(wsdl);
      CreditCheck port = service.getCreditCheckPort();


      List credProviders = new ArrayList();

      X509Certificate serverCert = (X509Certificate) CertUtils.getCertificate(serverCertFile);

      CredentialProvider cp = new ClientUNTCredentialProvider(username, password);
      credProviders.add(cp);
      cp = new ClientBSTCredentialProvider(clientKeyStore,
      clientKeyStorePass,
      clientKeyAlias,
      clientKeyPass,
      "JKS",
      serverCert);
      credProviders.add(cp);

      Stub stub = (Stub) port;
      stub._setProperty(WSSecurityContext.CREDENTIAL_PROVIDER_LIST, credProviders);
      stub._setProperty(StubPropertyBSTCredProv.SERVER_ENCRYPT_CERT,CertUtils.getCertificate(serverCertFile));

      stub._setProperty(WSSecurityContext.TRUST_MANAGER,
      new TrustManager(){
      public boolean certificateCallback(X509Certificate[] chain, int validateErr){
      return true;
      }
      } );

      CreditObject credit = port.checkOrder(10,10,1100);
      System.out.println(credit.getReason());


      // Add your own code here

      } catch (Exception ex) {
      ex.printStackTrace();
      }

      }

      }


      Here the certificates I generated and also added to wls

      key
      D:\oracle\Middleware\jdk160_05\bin\keytool -genkey -dname "CN=WSCLIENT, OU=ICT, O=Ordina, L=Nieuwegein, S=Utrecht, C=NL" -alias wsclient -keystore d:\wsclient.jks -storepass welcome -keypass welcome -keysize 1024
      request
      D:\oracle\Middleware\jdk160_05\bin\keytool -certreq -alias wsclient -dname "CN=WSCLIENT, OU=ICT, O=Ordina, L=Nieuwegein, S=Utrecht, C=NL" -file d:\wsclient.csr -keystore d:\wsclient.jks -storepass welcome -keypass welcome -keysize 1024

      sign request
      d:\tools\openssl\bin\openssl x509 -CA d:/projecten/certs/cacert.pem -CAkey d:/projecten/certs/cakey.pem -CAserial d:/projecten/certs/serial.txt -req -in d:\wsclient.csr -out d:\wsclient.crt -days 365

      import CA
      D:\oracle\Middleware\jdk160_05\bin\keytool -import -file d:/projecten/certs/cacert.pem -alias ca -keystore d:\wsclient.jks -storepass welcome -keypass welcome
      import WSCLIENT
      D:\oracle\Middleware\jdk160_05\bin\keytool -import -file d:\wsclient.crt -alias wsclient -keystore d:\wsclient.jks -storepass welcome -keypass welcome

      import ca in wls
      D:\oracle\Middleware\jdk160_05\bin\keytool -import -file d:/projecten/certs/cacert.pem -alias ca -keystore D:\oracle\Middleware\wlserver_10.3\server\lib\DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase
      D:\oracle\Middleware\jdk160_05\bin\keytool -import -file d:\wsclient.crt -alias wsclient -keystore D:\oracle\Middleware\wlserver_10.3\server\lib\DemoTrust.jks -storepass DemoTrustKeyStorePassPhrase


      D:\oracle\Middleware\jdk160_05\bin\keytool -import -file d:\demoidentity.cer -alias demoidentity -keystore d:\wsclient.jks -storepass welcome