1 message in net.java.dev.jwsdp.usersCertificate validation failed| From | Sent On | Attachments |
|---|---|---|
| Kashif Saleem | Aug 22, 2006 5:52 pm |  .xml, .xml |
| Subject: | Certificate validation failed | |
|---|---|---|
| From: | Kashif Saleem (kash...@googlemail.com) | |
| Date: | Aug 22, 2006 5:52:05 pm | |
| List: | net.java.dev.jwsdp.users | |
| Attachments: | sign-encrypt-client.xml - 1k encrypt-sign-server.xml - 0.7k | |
Hi All,
After running the simple security example, I changed the configuration to use my own certificates, but I confronted the following Certificate validation failed problem:
bash-2.05b$ ant run-sample Buildfile: build.xml
clean: [delete] Deleting directory /a/green/cs/research/medic/home0/paramedic/ucackxs/jwsdp-2.0 /xws-security/samples/easy/build [delete] Deleting directory /a/green/cs/research/medic/home0/paramedic/ucackxs/jwsdp- 2.0 /xws-security/samples/easy/dist
as8-check:
ws-check:
tc-check: [mkdir] Created dir: /a/green/cs/research/medic/home0/paramedic/ucackxs/jwsdp-2.0/xws-security/samples/easy/build/client/classes
[mkdir] Created dir: /a/green/cs/research/medic/home0/paramedic/ucackxs/jwsdp-2.0 /xws-security/samples/easy/build/server/WEB-INF/classes [mkdir] Created dir: /a/green/cs/research/medic/home0/paramedic/ucackxs/jwsdp- 2.0 /xws-security/samples/easy/dist
compile-handler-code: [echo] Compiling the handler source code [javac] Compiling 1 source file to /a/green/cs/research/medic/home0/paramedic/ucackxs/jwsdp-2.0/xws-security/samples/easy/build/server/WEB-INF/classes
[javac] Compiling 1 source file to /a/green/cs/research/medic/home0/paramedic/ucackxs/jwsdp-2.0 /xws-security/samples/easy/build/client/classes
create-handler-jar: [jar] Building jar: /a/green/cs/research/medic/home0/paramedic/ucackxs/jwsdp- 2.0 /xws-security/samples/easy/build/client/secenv-handler.jar
prepare:
gen-server: [echo] Running wscompile....
compile-server: [echo] Compiling the server-side source code.... [javac] Compiling 2 source files to /a/green/cs/research/medic/home0/paramedic/ucackxs/jwsdp- 2.0 /xws-security/samples/easy/build/server/WEB-INF/classes
setup-web-inf: [echo] Setting up build/server/WEB-INF... [copy] Copying 1 file to /a/green/cs/research/medic/home0/paramedic/ucackxs/jwsdp- 2.0 /xws-security/samples/easy/build/server/WEB-INF [copy] Copying 1 file to /a/green/cs/research/medic/home0/paramedic/ucackxs/jwsdp-2.0 /xws-security/samples/easy/build/server/WEB-INF [copy] Copying 1 file to /a/green/cs/research/medic/home0/paramedic/ucackxs/jwsdp- 2.0 /xws-security/samples/easy/build/server/WEB-INF
raw-war: [echo] Packaging to dist/easy-portable.war.... [jar] Building jar: /a/green/cs/research/medic/home0/paramedic/ucackxs/jwsdp-2.0/xws-security/samples/easy/dist/easy- portable.war
process-war: [echo] Running wsdeploy...
build-server:
check-if-deployed-as:
undeploy-sjsas:
deploy-sjsas:
check-if-deployed-ws:
undeploy-sjsws:
deploy-sjsws:
check-if-deployed-tom: [echo] Checking for deployed webapp at context path /secureeasy
undeploy-tomcat: [echo] Undeploying existing webapp at secureeasy
undeploy-tomcat-war-present: [echo] Undeploying existing webapp at secureeasy [undeploy-catalina] OK - Undeployed application at context path /secureeasy
deploy-tomcat: [echo] Deploying war for easy to tomcat [deploy-catalina] OK - Deployed application at context path /secureeasy
deploy-forced:
gen-client: [echo] Running wscompile....
compile-client: [echo] Compiling the client source code.... [javac] Compiling 1 source file to /a/green/cs/research/medic/home0/paramedic/ucackxs/jwsdp- 2.0 /xws-security/samples/easy/build/client
build-client:
run-sample: [echo] Running the easy.TestClient program.... [java] Service URL=http://localhost:8082/secureeasy/Ping [java] 23-Aug-2006 01:34:11 com.sun.xml.wss.impl.filter.DumpFilterprocess [java] INFO: ==== Sending Message Start ==== [java] <?xml version="1.0" encoding="UTF-8"?> [java] <env:Envelope xmlns:env=" http://schemas.xmlsoap.org/soap/envelope/" xmlns:enc="http://schemas.xmlsoap.org/soap/encoding/ " xmlns:ns0="http://xmlsoap.org/Ping" xmlns:xsd=" http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance "> [java] <env:Header> [java] <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" env:mustUnderstand="1"> [java] <xenc:EncryptedKey xmlns:xenc="http://www.w3.org/2001/04/xmlenc# "> [java] <xenc:EncryptionMethod Algorithm=" http://www.w3.org/2001/04/xmlenc#rsa-1_5"/> [java] <ds:KeyInfo xmlns:ds=" http://www.w3.org/2000/09/xmldsig#"> [java] <wsse:SecurityTokenReference> [java] <wsse:KeyIdentifier EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509SubjectKeyIdentifier ">eN9famBBWzHNUIwWRhMPktcM+VQ=</wsse:KeyIdentifier> [java] </wsse:SecurityTokenReference> [java] </ds:KeyInfo> [java] <xenc:CipherData> [java] <xenc:CipherValue>ecoQoFRduMv4JDJ3Dl9rhJx3/tS13zcxFS2CM2R+4tW30YevBNsYAG4iHh/UsZfa7lbQvjlJf5tj [java] EZK7FITTaHdJHi3oMqV1ehimnM/yc+8VkZrEexFEimlb9LDr5v5FrYQM2pALF2i5Y/lLaaz1Y5R0
[java] 0b+L3cvCUg/ELAiGuzo=</xenc:CipherValue> [java] </xenc:CipherData> [java] <xenc:ReferenceList> [java] <xenc:DataReference URI="#XWSSGID-1156293250554-1156326986"/> [java] </xenc:ReferenceList> [java] </xenc:EncryptedKey> [java] <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary " ValueType=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="XWSSGID-11562932492161020574501">MIID5jCCA0+gAwIBAgIBLjANBgkqhkiG9w0BAQQFADCBiTELMAkGA1UEBhMCR0IxEjAQBgNVBAoT
[java] CU5ldXJvR3JpZDEaMBgGA1UECxMRTmV1cm9HcmlkIFJvb3QgQ0ExGjAYBgNVBAMTEU5ldXJvR3Jp [java] ZCBSb290IENBMS4wLAYJKoZIhvcNAQkBFh9kb3VnbGFzLnJ1c3NlbGxAY29tbGFiLm94LmFjLnVr [java] MB4XDTA2MDUxNTEyMjUyNVoXDTExMDQxOTEyMjUyNVowgcYxCzAJBgNVBAYTAkdCMQ8wDQYDVQQI
[java] EwZMb25kb24xDzANBgNVBAcTBkxvbmRvbjESMBAGA1UEChMJTmV1cm9HcmlkMRAwDgYDVQQLEwd0 [java] b29sa2l0MQ8wDQYDVQQLEwZzdGFiYW4xEDAOBgNVBAsTB2Rldm5vZGUxHDAaBgNVBAMTE3N0YWJh [java] bi5jcy51Y2wuYWMudWsxLjAsBgkqhkiG9w0BCQEWH2RvdWdsYXMucnVzc2VsbEBjb21sYWIub3gu
[java] YWMudWswgZ8wDQYJKoZIhvcNAQEBBQADgY0AMIGJAoGBAM36v0pg9vdIadMzeDw1DzJUM5iqaH0U [java] b3f+9ZYJ4gbS8I/6FcjYghSli1kmYamMP8237Hy9yQduuQqBBpt1IRWv6Co9V4zxjDhvuR4Nz8vf [java] ak2JiLKpIapBghgQl3JE6peOs+qjKqpIFUCBszqi53fOIixEACW00iB+UNdHbIs/AgMBAAGjggEd
[java] MIIBGTAJBgNVHRMEAjAAMCwGCWCGSAGG+EIBDQQfFh1PcGVuU1NMIEdlbmVyYXRlZCBDZXJ0aWZp [java] Y2F0ZTAdBgNVHQ4EFgQUsW6PQ3k0X12Yb7coZwQfK6/ITlAwgb4GA1UdIwSBtjCBs4AUeLHwdzoh [java] 7zBxuKap0vr0OfHSMS+hgY+kgYwwgYkxCzAJBgNVBAYTAkdCMRIwEAYDVQQKEwlOZXVyb0dyaWQx
[java] GjAYBgNVBAsTEU5ldXJvR3JpZCBSb290IENBMRowGAYDVQQDExFOZXVyb0dyaWQgUm9vdCBDQTEu [java] MCwGCSqGSIb3DQEJARYfZG91Z2xhcy5ydXNzZWxsQGNvbWxhYi5veC5hYy51a4IJAOniA67yX9GI [java] MA0GCSqGSIb3DQEBBAUAA4GBAIi09XHfHk3m3c0l9XgGB40x/OX4ex8tEbkUyyzdEqKoMjmk9EWk
[java] Kbbb1bcHO57lQlShcmYBSb+N2lNAQHcpH68S+wnxJFX9Wxm4cIPiygfkMB/ExpeLSIq0JnETi2No [java] o7k9GNR/8UAgiU2ivyDyadfH/m2JFz7b3noWK76q9H5o</wsse:BinarySecurityToken> [java] <ds:Signature xmlns:ds=" http://www.w3.org/2000/09/xmldsig#"> [java] <ds:SignedInfo> [java] <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n# "> [java] <InclusiveNamespaces xmlns=" http://www.w3.org/2001/10/xml-exc-c14n#" PrefixList="wsse enc env ns0 xsd xsi"/> [java] </ds:CanonicalizationMethod> [java] <ds:SignatureMethod Algorithm=" http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> [java] <ds:Reference URI="#XWSSGID-1156293249919-146152565"> [java] <ds:DigestMethod Algorithm=" http://www.w3.org/2000/09/xmldsig#sha1"/> [java] <ds:DigestValue>cW+0UL5wvZfoho2RrvV42eUMBcA=</ds:DigestValue> [java] </ds:Reference> [java] <ds:Reference URI="#XWSSGID-1156293249928-805531228"> [java] <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1 "/> [java] <ds:DigestValue>H4FCkXMQL+ArFPabY/mH9444qb0=</ds:DigestValue> [java] </ds:Reference> [java] </ds:SignedInfo> [java] <ds:SignatureValue>NKJSZQO5RFWmTwchPsWElhicbVpD2hjdwyMgym39nG4a0F1KdFuKFlQIKs+Ej6bKM1UF+giXpm8A [java] lAEfFniQOkUis7mo+iqggKxoxmNttUuxOzWMIShgiYnMdCq5HnwLlPWInfr/+eDJcKngk/4OhoR1 [java] o264Beby5KykLagMJNg=</ds:SignatureValue> [java] <ds:KeyInfo> [java] <wsse:SecurityTokenReference xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd " wsu:Id="XWSSGID-1156293249867-2107232820"> [java] <wsse:Reference URI="#XWSSGID-11562932492161020574501" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3 "/> [java] </wsse:SecurityTokenReference> [java] </ds:KeyInfo> [java] </ds:Signature> [java] <wsu:Timestamp xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd " wsu:Id="XWSSGID-1156293249928-805531228"> [java] <wsu:Created>2006-08-23T00:34:09Z</wsu:Created> [java] <wsu:Expires>2006-08-23T00:34:14Z</wsu:Expires> [java] </wsu:Timestamp> [java] </wsse:Security> [java] </env:Header> [java] <env:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd " wsu:Id="XWSSGID-1156293249919-146152565"> [java] <xenc:EncryptedData xmlns:xenc=" http://www.w3.org/2001/04/xmlenc#" Id="XWSSGID-1156293250554-1156326986" Type=" http://www.w3.org/2001/04/xmlenc#Content"> [java] <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#tripledes-cbc "/> [java] <xenc:CipherData> [java] <xenc:CipherValue>OxTkxYfHYTykLATwz06pKW9VIhqMr6Kq2JGk9iDUqPOUaVObrgQlDt1PbY25bDt34f4u16a5J2E5 [java] FWrDYrWJHe1vNISD5Zuk7r2QctI+w3zdlCh/XSCHI9/2xxYsjxn7yJ7Ir3qqLF998UQ3V0b/nDUB
[java] XYebV4BEV7trnkReapvyFrIYmt+tocRMcXT0qewTlrc0w73+Yi1DQmXnodFEthT88iCLq9FEWv0U [java] s/E2L8dj0Rw+LNAAhhPNkE/kDjExxabYv5RSMJrZNHs7zBbwQBVPJcGD3z7ykQ/fS4HJMLpXz795 [java] Jr5P59RHrFtgTOUYf0K+FgqxbnaP015lBQrqMURJnek4qApj8O9pajsRvlrPNvYUL1VOWI6D13Q2
[java] OsrYkUGn6tfMs+MniWCxkyX3I+D84MefkcYxdWeLCrMuxwfGh0syziX1RbafYJZsvpCTGkiitURM [java] 4HJx5oY2X5xvIfv+L3TzStNi9BILAVE/i6TUPMan6rAeEHKMEzj6s08Ro6B4k69kXe1vmFKA5wSg [java] BhPByvjfIuf2odi3JnE1auUyaywMqNZsbnfKtdr7Sknf</xenc:CipherValue> [java] </xenc:CipherData> [java] </xenc:EncryptedData> [java] </env:Body> [java] </env:Envelope> [java] ==== Sending Message End ====
[java] 23-Aug-2006 01:34:12 com.sun.xml.wss.impl.filter.DumpFilterprocess [java] INFO: ==== Received Message Start ==== [java] <?xml version="1.0" encoding="UTF-8"?> [java] <env:Envelope xmlns:env=" http://schemas.xmlsoap.org/soap/envelope/" xmlns:enc=" http://schemas.xmlsoap.org/soap/encoding/" xmlns:ns0=" http://xmlsoap.org/Ping" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance"> [java] <env:Body> [java] <env:Fault> [java] <faultcode xmlns:ans1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd ">ans1:InvalidSecurityToken</faultcode> [java] <faultstring>Certificate validation failed</faultstring> [java] </env:Fault> [java] </env:Body> [java] </env:Envelope> [java] ==== Received Message End ====
[java] Exception in thread "main" javax.xml.rpc.soap.SOAPFaultException: Message does not conform to configured policy [ EncryptionPolicy(P) SignaturePolicy(P) TimestampPolicy(S) ]: No Security Header found [java] at com.sun.xml.rpc.security.SecurityPluginUtil.getSOAPFaultException ( SecurityPluginUtil.java:409) [java] at com.sun.xml.rpc.security.SecurityPluginUtil._preHandlingHook( SecurityPluginUtil.java:182) [java] at easy.PingPort_Ping_Stub._preHandlingHook(PingPort_Ping_Stub.java:252)
[java] at com.sun.xml.rpc.client.StreamingSender._send( StreamingSender.java:107) [java] at easy.PingPort_Ping_Stub.ping(PingPort_Ping_Stub.java:128) [java] at easy.TestClient.main(TestClient.java :34) [java] Java Result: 1
BUILD SUCCESSFUL Total time: 40 seconds
I checked my keystores for both client and server,it seems ok.
My client and server configurations are attached.So I would appreciate if somebody can tell me which certificate is causing problem i.e which store is causing problem.Thanks for any help.
Kash