Xws-security returns always HTTP 200

Hi,
I am using libraries of JWSDP 2.0, jaxws and xws-security.
My web service was generated from a WSDL schema and works so
far fine. I need to secure the transportation with a xml signature.
For that I am using the xws libraries.
My problem is that xws-security and jaxws returns always HTTP 200. I
would expect a negative HTTP status code if the signature validation
fails, such as HTTP 401 or HTTP 500 or whatever.
Is this a bug or any idea what my problem might be ?
Thanks,
Simel.

Similar Messages

[svn:bz-trunk] 10570: Bug: BLZ-428 - pinging endpoint Returns a HTTP: Status 200 in ie8

Revision: 10570
Author:   [email protected]
Date:     2009-09-24 07:53:33 -0700 (Thu, 24 Sep 2009)
Log Message:
Bug: BLZ-428 - pinging endpoint Returns a HTTP: Status 200 in ie8
QA: Yes - please make sure IE8 works with AMF.
Doc: No
Details: AMF does not work all the time in IE8 due to some IE8 and/or Flash Player bug. Setting the Content-Type in HTTP responses to text seem to resolve the issue. We're adding a temporary solution to change the Content-Type when IE8 is being used. This is not on by default though, user has to opt-in with this configuration option in channel definiton:
Ticket Links:
    http://bugs.adobe.com/jira/browse/BLZ-428
Modified Paths:
    blazeds/trunk/modules/core/src/flex/messaging/endpoints/BaseHTTPEndpoint.java

Xws-security and fault messages

Hi,
I have a problem with xws-security and fault messages.
It seems that the security policy is not applied to fault messages. This results in a "javax.xml.rpc.soap.SOAPFaultException: Message does not conform to configured policy: No Security Header found" exception whenever a fault message is thrown.
As a result I can not use any meaningful application-specific fault messages as they violate the security policy. Is this correct? Surely a fault message is a SOAP message just like any other and should have the security policy applied to it as usual, or am i missing something here?
If anyone can shed any light on this i'd really appreciate it.

XWS-Security is not integrated with Sun Java Studio Enterprise. However, if you would like to implement message level security in a web service in the Java Studion Enterprise environment, you may find this article useful:
http://developers.sun.com/prodtech/javatools/jsenterprise/downloads/ea/jse8/reference/techart/security.html
Rico

No SOAP Envelope but 1 {'}Values; HTTP 200 OK

Hi Experts,
I am configuring a scneario IDOC to SOAP , Asynchronous call to an https url that is available through internet.
When I try to post message to this url. I am getting following error:
SOAP: call failed: java.io.IOException: No SOAP Envelope but 1 {'}Values; HTTP 200 OK
in SOAP Adapter Log. Due to this error the message is set to NDLV.
I am using PI7.1
My Receiver Channel configurations are as contain
the third party url https://target with username password authentication. I have also imported client certificates.
Webservice host says its a problem with PI system and SAP says that its issue with Webservice.
Please let me know how can I resolve this issue. Am I missing something in my configuration. This is kind of a burning issue currently any help will be appreciated.
Regards,
Raj

Hi Raj,
This looks strange. If the error text is telling the truth, your SSL connection was working and you could even reach some service that returned HTTP 200 OK. But this service didn't return a SOAP response. I don't know what 1 {*} Values means. It sounds broken to me. You can open a ticket.
But the reason why you didn't get a valid SOAP response (either a good one or a fault) is probably that your target URL is incorrect. Verify the URL and run the scenario with the relevant components (refer to the SOAP adapter FAQ note) on DEBUG. The default trace file should give you more information about this apparently corrupted response.
Best regards, Yza

Oracle ADF Secured App Gives HTTP 401 Error

I am new to Oracle ADF Framework. I develop on JDeveloper 11g R2 with Weblogic 10.3.5.0. I developed an project like described in a Firebox training video on Youtube link: [http://bit.ly/HT1HZ9] . You can download my project from http://db.tt/Y8J3fj3y
The video was about creating a custome login page. You have to create login,error anad the target pages. When you try to open target page login page comes then you enter your credentials. After success yoou should be directed to the target page. I used a backing bean to process credentials but instead of redirected to target page the response page gives:
Error 401--Unauthorized From RFC 2068 Hypertext Transfer Protocol -- HTTP/1.1: 10.4.2 401 Unauthorized
And the weblogic console this error:
Target URL -- http://127.0.0.1:7101/Deneme-ViewController-context-root/faces/protectedPage.jspx
<ViewHandlerImpl> <_checkTimestamp> Apache Trinidad is running with time-stamp checking enabled. This should not be used in a production environment. See the org.apache.myfaces.trinidad.CHECK_FILE_MODIFICATION property in WEB-INF/web.xml
<UIXEditableValue> <_isBeanValidationAvailable> A Bean Validation provider is not present, therefore bean validation is disabled
<LifecycleImpl> <_handleException> ADF_FACES-60098:Faces lifecycle receives unhandled exceptions in phase RENDER_RESPONSE 6
java.lang.IllegalStateException: Cannot forward a response that is already committed
at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:122)
at com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:546)
at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
at oracle.adfinternal.view.faces.config.rich.RecordRequestAttributesDuringDispatch.dispatch(RecordRequestAttributesDuringDispatch.java:44)
at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
at org.apache.myfaces.trinidadinternal.context.FacesContextFactoryImpl$OverrideDispatch.dispatch(FacesContextFactoryImpl.java:167)
at com.sun.faces.application.view.JspViewHandlingStrategy.executePageToBuildView(JspViewHandlingStrategy.java:363)
at com.sun.faces.application.view.JspViewHandlingStrategy.buildView(JspViewHandlingStrategy.java:154)
at org.apache.myfaces.trinidadinternal.application.ViewDeclarationLanguageFactoryImpl$ChangeApplyingVDLWrapper.buildView(ViewDeclarationLanguageFactoryImpl.java:341)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._renderResponse(LifecycleImpl.java:982)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:334)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:232)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:313)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:173)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:122)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:468)
at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:468)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:293)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:199)
at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
<Apr 18, 2012 3:21:24 PM EEST> <Error> <HTTP> <BEA-101020> <[ServletContext@28001210[app:Deneme module:Deneme-ViewController-context-root path:/Deneme-ViewController-context-root spec-version:2.5]] Servlet failed with Exception
java.lang.IllegalStateException: Cannot forward a response that is already committed
at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:122)
at com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:546)
at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
at oracle.adfinternal.view.faces.config.rich.RecordRequestAttributesDuringDispatch.dispatch(RecordRequestAttributesDuringDispatch.java:44)
Truncated. see log file for complete stacktrace
>
<Apr 18, 2012 3:21:24 PM EEST> <Notice> <Diagnostics> <BEA-320068> <Watch 'UncheckedException' with severity 'Notice' on server 'DefaultServer' has triggered at Apr 18, 2012 3:21:24 PM EEST. Notification details:
WatchRuleType: Log
WatchRule: (SEVERITY = 'Error') AND ((MSGID = 'WL-101020') OR (MSGID = 'WL-101017') OR (MSGID = 'WL-000802') OR (MSGID = 'BEA-101020') OR (MSGID = 'BEA-101017') OR (MSGID = 'BEA-000802'))
WatchData: DATE = Apr 18, 2012 3:21:24 PM EEST SERVER = DefaultServer MESSAGE = [ServletContext@28001210[app:Deneme module:Deneme-ViewController-context-root path:/Deneme-ViewController-context-root spec-version:2.5]] Servlet failed with Exception
java.lang.IllegalStateException: Cannot forward a response that is already committed
at weblogic.servlet.internal.RequestDispatcherImpl.forward(RequestDispatcherImpl.java:122)
at com.sun.faces.context.ExternalContextImpl.dispatch(ExternalContextImpl.java:546)
at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
at oracle.adfinternal.view.faces.config.rich.RecordRequestAttributesDuringDispatch.dispatch(RecordRequestAttributesDuringDispatch.java:44)
at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
at javax.faces.context.ExternalContextWrapper.dispatch(ExternalContextWrapper.java:93)
at org.apache.myfaces.trinidadinternal.context.FacesContextFactoryImpl$OverrideDispatch.dispatch(FacesContextFactoryImpl.java:167)
at com.sun.faces.application.view.JspViewHandlingStrategy.executePageToBuildView(JspViewHandlingStrategy.java:363)
at com.sun.faces.application.view.JspViewHandlingStrategy.buildView(JspViewHandlingStrategy.java:154)
at org.apache.myfaces.trinidadinternal.application.ViewDeclarationLanguageFactoryImpl$ChangeApplyingVDLWrapper.buildView(ViewDeclarationLanguageFactoryImpl.java:341)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._renderResponse(LifecycleImpl.java:982)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl._executePhase(LifecycleImpl.java:334)
at oracle.adfinternal.view.faces.lifecycle.LifecycleImpl.render(LifecycleImpl.java:232)
at javax.faces.webapp.FacesServlet.service(FacesServlet.java:313)
at weblogic.servlet.internal.StubSecurityHelper$ServletServiceAction.run(StubSecurityHelper.java:227)
at weblogic.servlet.internal.StubSecurityHelper.invokeServlet(StubSecurityHelper.java:125)
at weblogic.servlet.internal.ServletStubImpl.execute(ServletStubImpl.java:300)
at weblogic.servlet.internal.TailFilter.doFilter(TailFilter.java:26)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adf.model.servlet.ADFBindingFilter.doFilter(ADFBindingFilter.java:173)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.adfinternal.view.faces.webapp.rich.RegistrationFilter.doFilter(RegistrationFilter.java:122)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:468)
at oracle.adfinternal.view.faces.activedata.AdsFilter.doFilter(AdsFilter.java:60)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl$FilterListChain.doFilter(TrinidadFilterImpl.java:468)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl._doFilterImpl(TrinidadFilterImpl.java:293)
at org.apache.myfaces.trinidadinternal.webapp.TrinidadFilterImpl.doFilter(TrinidadFilterImpl.java:199)
at org.apache.myfaces.trinidad.webapp.TrinidadFilter.doFilter(TrinidadFilter.java:92)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.security.jps.ee.http.JpsAbsFilter$1.run(JpsAbsFilter.java:111)
at java.security.AccessController.doPrivileged(Native Method)
at oracle.security.jps.util.JpsSubject.doAsPrivileged(JpsSubject.java:313)
at oracle.security.jps.ee.util.JpsPlatformUtil.runJaasMode(JpsPlatformUtil.java:413)
at oracle.security.jps.ee.http.JpsAbsFilter.runJaasMode(JpsAbsFilter.java:94)
at oracle.security.jps.ee.http.JpsAbsFilter.doFilter(JpsAbsFilter.java:161)
at oracle.security.jps.ee.http.JpsFilter.doFilter(JpsFilter.java:71)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at oracle.dms.servlet.DMSServletFilter.doFilter(DMSServletFilter.java:136)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.RequestEventsFilter.doFilter(RequestEventsFilter.java:27)
at weblogic.servlet.internal.FilterChainImpl.doFilter(FilterChainImpl.java:56)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.wrapRun(WebAppServletContext.java:3715)
at weblogic.servlet.internal.WebAppServletContext$ServletInvocationAction.run(WebAppServletContext.java:3681)
at weblogic.security.acl.internal.AuthenticatedSubject.doAs(AuthenticatedSubject.java:321)
at weblogic.security.service.SecurityManager.runAs(SecurityManager.java:120)
at weblogic.servlet.internal.WebAppServletContext.securedExecute(WebAppServletContext.java:2277)
at weblogic.servlet.internal.WebAppServletContext.execute(WebAppServletContext.java:2183)
at weblogic.servlet.internal.ServletRequestImpl.run(ServletRequestImpl.java:1454)
at weblogic.work.ExecuteThread.execute(ExecuteThread.java:209)
at weblogic.work.ExecuteThread.run(ExecuteThread.java:178)
SUBSYSTEM = HTTP USERID = <WLS Kernel> SEVERITY = Error THREAD = [ACTIVE] ExecuteThread: '6' for queue: 'weblogic.kernel.Default (self-tuning)' MSGID = BEA-101020 MACHINE = Metasis-PC TXID = CONTEXTID = 922cea34c05f1394:4758d71c:136c5648195:-8000-0000000000000074 TIMESTAMP = 1334751684128
WatchAlarmType: AutomaticReset
WatchAlarmResetPeriod: 30000
>
<Apr 18, 2012 3:21:26 PM EEST> <Alert> <Diagnostics> <BEA-320016> <Creating diagnostic image in c:\users\metasis\appdata\roaming\jdeveloper\system11.1.2.1.38.60.81\defaultdomain\servers\defaultserver\adr\diag\ofm\defaultdomain\defaultserver\incident\incdir_39 with a lockout minute period of 1.>
My backing bean java code:
public String doLogin() {
String un = _username;
byte[] pw = _password.getBytes();
FacesContext ctx = FacesContext.getCurrentInstance();
HttpServletRequest request = (HttpServletRequest)ctx.getExternalContext().getRequest();
Subject mySubject;
try {
mySubject = Authentication.login(new URLCallbackHandler(un, pw));
ServletAuthentication.runAs(mySubject, request);
ServletAuthentication.generateNewSessionID(request);
String loginUrl = "/adfAuthentication?success_url=/faces/protectedPage.jspx";
HttpServletResponse response = (HttpServletResponse)ctx.getExternalContext().getResponse();
RequestDispatcher dispatcher = request.getRequestDispatcher(loginUrl);
dispatcher.forward(request, response);
//response.sendRedirect(loginUrl);
} catch (FailedLoginException e) {
FacesMessage msg = new FacesMessage(FacesMessage.SEVERITY_ERROR, "Invalid Username or Password", "Invalid Username or Password");
ctx.addMessage(null, msg);
} catch (Exception e) {
e.printStackTrace();
return null;
And before the application start there is an interesting error code:
[03:20:38 PM] Redeploying Application...
<CodebasePolicyHandler> <migrateDeploymentPolicies> Migration of codebase policy failed. Reason: oracle.security.jps.JpsException: java.lang.reflect.InvocationTargetException.
<AppPolicyHandler> <migrateAppPolicies> Migration of application policy failed. Reason: oracle.security.jps.JpsException: java.lang.reflect.InvocationTargetException.
[03:20:55 PM] Application Redeployed Successfully.
Thanx for the help!

Hi
i have created a similar adf project from the same site.
i am facing the same issue.
i deleted the anonymous role but i still get the HTTP 404 error
here is my jazn.data.xml file
Please help out on this
<?xml version = '1.0' encoding = 'UTF-8' standalone = 'yes'?>
<jazn-data xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:noNamespaceSchemaLocation="http://xmlns.oracle.com/oracleas/schema/jazn-data-11_0.xsd">
<jazn-realm default="jazn.com">
<realm>
<name>jazn.com</name>
<users>
<user>
<name>bob</name>
<credentials>{903}roINL8sMhkkl2tkXbhufyu80sTkEtEBXt79hzI/P3uI=</credentials>
</user>
<user>
<name>julie</name>
<credentials>{903}sS25AaE6ZE1B3sqmsWr0DmNcDbY+id0734qTxK6bam8=</credentials>
</user>
</users>
<roles>
<role>
<name>managerGroup</name>
<members>
<member>
<type>user</type>
<name>bob</name>
</member>
</members>
</role>
</roles>
</realm>
</jazn-realm>
<policy-store>
<applications>
<application>
<name>adf_security</name>
<app-roles>
<app-role>
<name>manager</name>
<class>oracle.security.jps.service.policystore.ApplicationRole</class>
<members>
<member>
<name>managerGroup</name>
<class>oracle.security.jps.internal.core.principals.JpsXmlEnterpriseRoleImpl</class>
</member>
</members>
</app-role>
</app-roles>
<jazn-policy>
<grant>
<grantee>
<principals>
<principal>
<name>manager</name>
<class>oracle.security.jps.service.policystore.ApplicationRole</class>
</principal>
</principals>
</grantee>
</grant>
</jazn-policy>
</application>
</applications>
</policy-store>
</jazn-data>
Thenx

XWS-Security, modify namespace location

Hi,
we are using JWSDP 2.0 and xws-security for sign our SOAP message.
We need to save the payload and the signature in a database and need
to to validate it on some occations. So have to save the <Signature>
Tag. The Problem is it is not valid due to missing namespace
declarations.
Is it possible to modify the placing of namespace, or to modifiy the
defining of namespaces as default ns ?
SECURITY INFO GENERATED BY XWSS:
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/w...">
---CUT HERE BEGIN---
<ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo> ... </ds:SignedInfo>
<ds:SignatureValue> ... </ds:SignatureValue>
<ds:KeyInfo>
<wsse:SecurityTokenReference
wsu:Id="XWSSGID-1168439423391-1452886180"
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<ds:X509Data> ...     </ds:X509Data>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
---CUT HERE END---
</wsse:Security>
===> IF WE CUT THE SINGATURE PART, THE NS-PREFIX wsse IS NOT BOUND
A BETTER SOLUTION WOULD BE:
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/w...">
---CUT HERE BEGIN---
<Signature xmlns="http://www.w3.org/2000/09/xmldsig#">
<SignedInfo> ...     </SignedInfo>
<SignatureValue> ... </SignatureValue>
<KeyInfo>
<SecurityTokenReference
xmlns="http://docs.oasis-open.org/w...">
<X509Data     xmlns="http://www.w3.org/2000/09/xmldsig#"> ... </X509Data>
</SecurityTokenReference>
</KeyInfo>
</Signature>
---CUT HERE END---
</wsse:Security>
Any idea how to resolve this problem ?
Thanks for help.
Simil.

no it is not possible to change the namespace

XWS-Security and Sun Java Studio Enterprise

Hi,
Does anyone knows whether XWS-Security API is integrated into Sun Java Studio Enterprise?
I can't find the information anywhere in the java site. If there happens to be one, could you let me know about it?
Thanks in advance :)

XWS-Security is not integrated with Sun Java Studio Enterprise. However, if you would like to implement message level security in a web service in the Java Studion Enterprise environment, you may find this article useful:
http://developers.sun.com/prodtech/javatools/jsenterprise/downloads/ea/jse8/reference/techart/security.html
Rico

JWSDP 1.6 xws-security Simple fails with "block not properly padded"

Environment:
- Windows 2000
- Tomcat50-jwsdp
- JAVA_HOME=C:/Progra~1/Java/jdk1.5.0_05
- Security environment handler: SecurityEnvironmentHandler.java supplied with JWSDP 1.6 (Hello, Ron!)
I get the following in the Tomcat Window:
==== Received Message End ====
Nov 13, 2005 10:38:56 AM com.sun.org.apache.xml.internal.security.encryption.XMLCipher decryptKey
INFO: Decryption of key type http://www.w3.org/2001/04/xmlenc#tripledes-cbc OK
Nov 13, 2005 10:38:56 AM com.sun.xml.wss.impl.apachecrypto.DecryptionProcessor decryptElementWithCipher
SEVERE: WSS_ENC0004: Exception [ Given final block not properly padded ] while trying to decrypt message
Nov 13, 2005 10:38:56 AM com.sun.xml.wss.impl.filter.DumpFilter process
INFO: ==== Sending Message Start ====
<?xml version="1.0" encoding="UTF-8"?>
<env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:enc="http://schemas.xmlsoap.org/soap/enco
ding/" xmlns:ns0="http://xmlsoap.org/Ping" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.or
g/2001/XMLSchema-instance">
<env:Body>
<env:Fault>
<faultcode xmlns:ans1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">ans1:Fail
edCheck</faultcode>
<faultstring>Unable to decrypt message</faultstring>
</env:Fault>
</env:Body>
</env:Envelope>
==== Sending Message End ====
Please help!
George

Hi, I got the xws-security/samples/simple application
working successfully with my own keystores. I have 2
questions regarding this sample application.
1) When running the application with the
encrypt-server.xml and encrypt-client.xml
configuration, why is it necessary to import the
client's certificate into the server's truststore and
the server's certificate into client's truststore when
their certificates have already been signed by a
trusted root CA (e.g. Verisign), whose certificate is
in both truststores? Shouldn't their certificates
containing their public keys get automatically
exchanged during the connection request? It's a pain
to publish a web service and expect a manual public
certificate import for each client wanting to use the
service.Certificates are sent only when the keyReferenceType is "Direct" which is the default. It's possible that our code is checking the certificate sent with one found in the KeyStore, but a quick scan of the code doesn't show it. If that's what's happening it's a bug. All of the other key reference strategies send only a referece to the sender's certificate in which case the reciever must have a copy of that certificate in its keystore.
2) I use Tomcat to run the sample application and did
set up the SSL connector to point to the keystores.
When the client connects to the server, it uses a
http endpoint not https. I'm aware that htpps is
needed for SSL support but not clear on where does
https come into play during the client's
request/server's response process.We share the SSL keystore so that certificates don't have to be stored in more than one place. The functionality of XWS-Security and SSL is logically the same so it make sense to use the same keystore. XWS-Security operates completely separately from the transport and never knows whether HTTPS is in use or not.
Phil Goodwin
Technical Lead
XWS-Security

HTTP Responses with Flex, how to transform http 500 into http 200

Hello
We have deployed a Web Service application in our WAS 7.10 SP6.
Our application is a standard java 5 app with annotations (ejbs exposed as web services).
When a web service call operation returns a java exception (any kind of exception), WAS returns http 500 to the client.
http 500 cannot be interpreted by a flex client (2.0, 3.0 no matter which version) because of an interaction between browser and flex runtime issue. Flex code can only obtain an i/o error when http 500 is returned by the server.
The usual way to solve this problem is to create a filter that transforms http 500 to http 200, but we don't know how to implement a filter for web services http responses in WAS 7.1 or 7.0
Other solutions involve using Adobe proxy, but in our case we can't use it.
Is there any other solution to this matter?

Hello
We have deployed a Web Service application in our WAS 7.10 SP6.
Our application is a standard java 5 app with annotations (ejbs exposed as web services).
When a web service call operation returns a java exception (any kind of exception), WAS returns http 500 to the client.
http 500 cannot be interpreted by a flex client (2.0, 3.0 no matter which version) because of an interaction between browser and flex runtime issue. Flex code can only obtain an i/o error when http 500 is returned by the server.
The usual way to solve this problem is to create a filter that transforms http 500 to http 200, but we don't know how to implement a filter for web services http responses in WAS 7.1 or 7.0
Other solutions involve using Adobe proxy, but in our case we can't use it.
Is there any other solution to this matter?

Jwsdp-1.4 xws-security

Hi, I got the xws-security/samples/simple application working successfully with my own keystores. I have 2 questions regarding this sample application.
1) When running the application with the encrypt-server.xml and encrypt-client.xml configuration, why is it necessary to import the client's certificate into the server's truststore and the server's certificate into client's truststore when their certificates have already been signed by a trusted root CA (e.g. Verisign), whose certificate is in both truststores? Shouldn't their certificates containing their public keys get automatically exchanged during the connection request? It's a pain to publish a web service and expect a manual public certificate import for each client wanting to use the service.
2) I use Tomcat to run the sample application and did set up the SSL connector to point to the keystores. When the client connects to the server, it uses a http endpoint not https. I'm aware that htpps is needed for SSL support but not clear on where does https come into play during the client's request/server's response process.

Hi, I got the xws-security/samples/simple application
working successfully with my own keystores. I have 2
questions regarding this sample application.
1) When running the application with the
encrypt-server.xml and encrypt-client.xml
configuration, why is it necessary to import the
client's certificate into the server's truststore and
the server's certificate into client's truststore when
their certificates have already been signed by a
trusted root CA (e.g. Verisign), whose certificate is
in both truststores? Shouldn't their certificates
containing their public keys get automatically
exchanged during the connection request? It's a pain
to publish a web service and expect a manual public
certificate import for each client wanting to use the
service.Certificates are sent only when the keyReferenceType is "Direct" which is the default. It's possible that our code is checking the certificate sent with one found in the KeyStore, but a quick scan of the code doesn't show it. If that's what's happening it's a bug. All of the other key reference strategies send only a referece to the sender's certificate in which case the reciever must have a copy of that certificate in its keystore.
2) I use Tomcat to run the sample application and did
set up the SSL connector to point to the keystores.
When the client connects to the server, it uses a
http endpoint not https. I'm aware that htpps is
needed for SSL support but not clear on where does
https come into play during the client's
request/server's response process.We share the SSL keystore so that certificates don't have to be stored in more than one place. The functionality of XWS-Security and SSL is logically the same so it make sense to use the same keystore. XWS-Security operates completely separately from the transport and never knows whether HTTPS is in use or not.
Phil Goodwin
Technical Lead
XWS-Security

Jwsdp-1.4/xws-security/samples/simple/build.xml:108: wsdeploy failed

Hi everyone,
I am trying to deploy the simple sample for xws-security in the JWSDP 1.4 on redhat 9.0, I have done all the configurations as suggested by the tutorial and the readme file in the sample. But when I tried to run the sample by running "asant run-sample", I got a "wsdeploy failed" error. It looks like the following and happened at the "process-war" stage: (The earlier targets including "clean", "prepare", "gen-server", "compile-server", " set-web-inf", "raw-war" etc. work fine).
[snip]
process-war:
[echo] Running wsdeploy...
[wsdeploy] Exception in thread "main" java.lang.NoSuchMethodError: org.apache.xml.dtm.ref.sax2dtm.SAX2DTM.<init>(Lorg/apache/xml/dtm/DTMManager;Ljavax/xml/transform/Source;ILorg/apache/xml/dtm/DTMWSFilter;Lorg/apache/xml/utils/XMLStringFactory;ZIZZ)V
[wsdeploy] at org.apache.xml.dtm.ref.sax2dtm.SAX2DTM2.<init>(SAX2DTM2.java:1901)
[wsdeploy] at org.apache.xalan.xsltc.dom.SAXImpl.<init>(SAXImpl.java:767)
[wsdeploy] at org.apache.xalan.xsltc.dom.XSLTCDTMManager.getDTM(XSLTCDTMManager.java:324)
[wsdeploy] at org.apache.xalan.xsltc.dom.XSLTCDTMManager.getDTM(XSLTCDTMManager.java:267)
[wsdeploy] at org.apache.xalan.xsltc.trax.TransformerImpl.getDOM(TransformerImpl.java:477)
[wsdeploy] at org.apache.xalan.xsltc.trax.TransformerImpl.transform(TransformerImpl.java:637)
[wsdeploy] at org.apache.xalan.xsltc.trax.TransformerImpl.transform(TransformerImpl.java:317)
[wsdeploy] at com.sun.xml.rpc.tools.wsdeploy.DeployTool.defineServletsAndListeners(DeployTool.java:553)
[wsdeploy] at com.sun.xml.rpc.tools.wsdeploy.DeployTool.run(DeployTool.java:255)
[wsdeploy] at com.sun.xml.rpc.util.ToolBase.run(ToolBase.java:43)
[wsdeploy] at com.sun.xml.rpc.tools.wsdeploy.Main.main(Main.java:22)
[wsdeploy] Command invoked: /work/nzw3/SUNWappserver/jdk/jre/bin/java -classpath /work/nzw3/SUNWappserver/lib/endorsed/dom.jar:/work/nzw3/SUNWappserver/lib/endorsed/xercesImpl.jar:/work/nzw3/SUNWappserver/lib/endorsed/xalan.jar:/work/nzw3/SUNWappserver/lib/ant/lib/xercesImpl.jar:/work/nzw3/SUNWappserver/lib/ant/lib/ant.jar:/work/nzw3/SUNWappserver/lib/ant/lib/xml-apis.jar:/work/nzw3/SUNWappserver/lib/ant/lib/optional.jar:/work/nzw3/SUNWappserver/lib/soapprocessor.jar:/work/nzw3/SUNWappserver/lib/jaxr-api.jar:/work/nzw3/SUNWappserver/lib/saaj-api.jar:/work/nzw3/SUNWappserver/lib/activation.jar:/work/nzw3/SUNWappserver/lib/security-plugin.jar:/work/nzw3/SUNWappserver/lib/jaxb-xjc.jar:/work/nzw3/SUNWappserver/lib/jax-qname.jar:/work/nzw3/SUNWappserver/lib/jhall.jar:/work/nzw3/SUNWappserver/lib/xmlsec.jar:/work/nzw3/SUNWappserver/lib/j2ee-svc.jar:/work/nzw3/SUNWappserver/lib/deployment/sun-as-jsr88-dm.jar:/work/nzw3/SUNWappserver/lib/jaxrpc-sec.jar:/work/nzw3/SUNWappserver/lib/mail.jar:/work/nzw3/SUNWappserver/lib/appserv-admin.jar:/work/nzw3/SUNWappserver/lib/jaxb-impl.jar:/work/nzw3/SUNWappserver/lib/appserv-cmp.jar:/work/nzw3/SUNWappserver/lib/appserv-jstl.jar:/work/nzw3/SUNWappserver/lib/jaxb-libs.jar:/work/nzw3/SUNWappserver/lib/jwsdp-tools-lib/jax-qname.jar:/work/nzw3/SUNWappserver/lib/jwsdp-tools-lib/namespace.jar:/work/nzw3/SUNWappserver/lib/jaxr-impl.jar:/work/nzw3/SUNWappserver/lib/xercesImpl.jar:/work/nzw3/SUNWappserver/lib/jaxrpc-spi.jar:/work/nzw3/SUNWappserver/lib/verifier/verifierhelp.jar:/work/nzw3/SUNWappserver/lib/xalan.jar:/work/nzw3/SUNWappserver/lib/appserv-upgrade.jar:/work/nzw3/SUNWappserver/lib/appserv-assemblytool.jar:/work/nzw3/SUNWappserver/lib/deployhelp.jar:/work/nzw3/SUNWappserver/lib/j2ee.jar:/work/nzw3/SUNWappserver/lib/xmldsig.jar:/work/nzw3/SUNWappserver/lib/commons-logging.jar:/work/nzw3/SUNWappserver/lib/saaj-impl.jar:/work/nzw3/SUNWappserver/lib/jaxrpc-impl.jar:/work/nzw3/SUNWappserver/lib/appserv-tags.jar:/work/nzw3/SUNWappserver/lib/appserv-ext.jar:/work/nzw3/SUNWappserver/lib/relaxngDatatype.jar:/work/nzw3/SUNWappserver/lib/admin-cli.jar:/work/nzw3/SUNWappserver/lib/jaxrpc-api.jar:/work/nzw3/SUNWappserver/lib/jsf-api.jar:/work/nzw3/SUNWappserver/lib/jaxb-api.jar:/work/nzw3/SUNWappserver/lib/install/applications/__cp/jdbc.jar:/work/nzw3/SUNWappserver/lib/install/applications/__ds/jdbc.jar:/work/nzw3/SUNWappserver/lib/install/applications/__xa/jdbc.jar:/work/nzw3/SUNWappserver/lib/install/applications/jmsra/imqjmsra.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/admin.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/cc.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/admingui-jsp.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/framework.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/jato.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/admin-en.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/admin-xml.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/framework-en.jar:/work/nzw3/SUNWappserver/lib/install/applications/admingui/adminGUI_war/WEB-INF/lib/help.jar:/work/nzw3/SUNWappserver/lib/install/applications/samples.jar:/work/nzw3/SUNWappserver/lib/install/applications/com_sun_web_ui/WEB-INF/lib/registrationservlet.jar:/work/nzw3/SUNWappserver/lib/install/applications/jaxr-ra/jaxr-ra.jar:/work/nzw3/SUNWappserver/lib/commons-launcher.jar:/work/nzw3/SUNWappserver/lib/jsf-impl.jar:/work/nzw3/SUNWappserver/lib/sun-appserv-ant.jar:/work/nzw3/SUNWappserver/lib/appserv-rt.jar:/work/nzw3/SUNWappserver/lib/xsdlib.jar:/work/nzw3/j2sdk1.4.2_04/lib/tools.jar com.sun.xml.rpc.tools.wsdeploy.Main -keep -tmpdir /work/nzw3/jwsdp-1.4/xws-security/samples/simple/build/server -o /work/nzw3/jwsdp-1.4/xws-security/samples/simple/dist/securesimple.war /work/nzw3/jwsdp-1.4/xws-security/samples/simple/dist/simple-portable.war
BUILD FAILED
file:/work/nzw3/jwsdp-1.4/xws-security/samples/simple/build.xml:108: wsdeploy failed
If anyone has any idea about this problem, please let me know.
Many thanks,
Jake

Hello again,
I got progress today, but still have some errors for the simple sample in the xws-security . (I am running on Redhat 9.0 and with Sun Java System Application Server 8) Looks like the sending message is ok, but at the receiving message stage, I got the following errors when running "asant run-sample":
[snip]
run-sample:
[echo] Running the simple.TestClient program....
[java] Service URL=http://giga15.ncl.ac.uk:8080/securesimple/Ping
[java] Sep 8, 2004 1:14:19 AM com.sun.xml.wss.filter.DumpFilter process
[java] INFO: ==== Sending Message Start ====
[java] <?xml version="1.0" encoding="UTF-8"?>
[java] <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:enc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:ns0="http://xmlsoap.org/Ping" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
[java] <env:Header>
[java] <wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" env:mustUnderstand="1">
[java] <wsse:BinarySecurityToken xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="Id4487442798885738858">MIIFKDCCBBCgAwIBAgICBl4wDQYJKoZIhvcNAQEEBQAwcDELMAkGA1UEBhMCVUsxETAPBgNVBAoT
[java] CGVTY2llbmNlMRIwEAYDVQQLEwlBdXRob3JpdHkxCzAJBgNVBAMTAkNBMS0wKwYJKoZIhvcNAQkB
[java] Fh5jYS1vcGVyYXRvckBncmlkLXN1cHBvcnQuYWMudWswHhcNMDQwMjEwMTQzMDUyWhcNMDUwMjA5
[java] MTQzMDUyWjBcMQswCQYDVQQGEwJVSzERMA8GA1UEChMIZVNjaWVuY2UxEjAQBgNVBAsTCU5ld2Nh
[java] c3RsZTEPMA0GA1UEBxMGTkVSZVNDMRUwEwYDVQQDEwxqYWtlIHpoZW5nd3UwgZ8wDQYJKoZIhvcN
[java] AQEBBQADgY0AMIGJAoGBAO7B3texMjuzdA6zT6/F/hx3U4a+iWglhNWptB3JerhHHu7El0HkWky0
[java] 9AzYVKZ7Y3n5qpgmSOe16a2MKySii5ud44DABj+3qkRBzkb/LDgNuF02X/XORbFbuZYEWwCHckZI
[java] xQ50vJpdxJQqLOwrhMP48RXNBzrdXo9iYfcWP5cnAgMBAAGjggJiMIICXjAMBgNVHRMBAf8EAjAA
[java] MBEGCWCGSAGG+EIBAQQEAwIFoDAOBgNVHQ8BAf8EBAMCA+gwLAYJYIZIAYb4QgENBB8WHVVLIGUt
[java] U2NpZW5jZSBVc2VyIENlcnRpZmljYXRlMB0GA1UdDgQWBBRlyb19GkybkmGa6QnQ9fPZ7mQ+NzCB
[java] mgYDVR0jBIGSMIGPgBQCOKsRo5aAiw3TFSsIpY4w2rLaqKF0pHIwcDELMAkGA1UEBhMCVUsxETAP
[java] BgNVBAoTCGVTY2llbmNlMRIwEAYDVQQLEwlBdXRob3JpdHkxCzAJBgNVBAMTAkNBMS0wKwYJKoZI
[java] hvcNAQkBFh5jYS1vcGVyYXRvckBncmlkLXN1cHBvcnQuYWMudWuCAQAwKQYDVR0SBCIwIIEeY2Et
[java] b3BlcmF0b3JAZ3JpZC1zdXBwb3J0LmFjLnVrMBkGA1UdIAQSMBAwDgYMKwYBBAHZLwEBAQEEMD0G
[java] CWCGSAGG+EIBBAQwFi5odHRwOi8vY2EuZ3JpZC1zdXBwb3J0LmFjLnVrL2NnaS1iaW4vaW1wb3J0
[java] Q1JMMD0GCWCGSAGG+EIBAwQwFi5odHRwOi8vY2EuZ3JpZC1zdXBwb3J0LmFjLnVrL2NnaS1iaW4v
[java] aW1wb3J0Q1JMMDwGCWCGSAGG+EIBBwQvFi1odHRwOi8vY2EtcmVuZXcuZ3JpZC1zdXBwb3J0LmFj
[java] LnVrL3JlbmV3Lmh0bWwwPwYDVR0fBDgwNjA0oDKgMIYuaHR0cDovL2NhLmdyaWQtc3VwcG9ydC5h
[java] Yy51ay9jZ2ktYmluL2ltcG9ydENSTDANBgkqhkiG9w0BAQQFAAOCAQEAgdN714aoC53Wef9JGaDD
[java] PDJkmgmwVbL8ZuovBpORFsgy2GOPgIdtw15qTQx1NFbsFqW2I7d/9AteeXAk3sUGUODOvq8loeYB
[java] iA+QofduwJ0VWO8TZ0e+7+J3cDQKbsukptRJd2L2W8PeCNPojCRkfiV/nT6BiF5yjh4Ui5e+pWGw
[java] t3oN1qFDZViCFOTiB6Koi0MB+cu47gOEIxBQfP8jTEyf/SSy4RzjI+7C1LpDYCZpO/jqXMb67j9b
[java] KdcmlWhMrzNOyRDM7A11rt5nBMABgRVAJsdBZIDevfKJ/kRGxUHGHqf8Pg+3qK22mNwMN8U2plr7
[java] TgORAx6aOn4EQP2AzA==</wsse:BinarySecurityToken>
[java] <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
[java] <ds:SignedInfo>
[java] <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
[java] <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
[java] <ds:Reference URI="#Id5553294937503469412">
[java] <ds:Transforms>
[java] <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
[java] </ds:Transforms>
[java] <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
[java] <ds:DigestValue>AcRqiIoxfOWauZ/FDnng4D1C5WU=</ds:DigestValue>
[java] </ds:Reference>
[java] </ds:SignedInfo>
[java] <ds:SignatureValue>
[java] omVS7TF+IqESZuMcRdsFfet8INaU4J9Vall1oGaPMRoEkc9xks+YK2ew4nG7hSekITwJrQLx42hH
[java] Vb6HvEdWgsIrjOJslqQILQkYU7qdoptb6OEgY5lHQpjUJaTKNn4krsDXgpwZieQE45Gcu/zuP4eY
[java] v8yMhUwVUE8xHy+6dLs=
[java] </ds:SignatureValue>
[java] <ds:KeyInfo>
[java] <wsse:SecurityTokenReference>
[java] <wsse:Reference URI="#Id4487442798885738858" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
[java] </wsse:SecurityTokenReference>
[java] </ds:KeyInfo>
[java] </ds:Signature>
[java] </wsse:Security>
[java] </env:Header>
[java] <env:Body xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" wsu:Id="Id5553294937503469412">
[java] <ns0:Ping>
[java] <ns0:ticket>SUNW</ns0:ticket>
[java] <ns0:text>Hello !</ns0:text>
[java] </ns0:Ping>
[java] </env:Body>
[java] </env:Envelope>
[java] ==== Sending Message End ====
[java] Sep 8, 2004 1:14:23 AM com.sun.xml.wss.filter.DumpFilter process
[java] INFO: ==== Received Message Start ====
[java] <?xml version="1.0" encoding="UTF-8"?>
[java] <env:Envelope xmlns:env="http://schemas.xmlsoap.org/soap/envelope/" xmlns:enc="http://schemas.xmlsoap.org/soap/encoding/" xmlns:ns0="http://xmlsoap.org/Ping" xmlns:xsd="http://www.w3.org/2001/XMLSchema" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
[java] <env:Body>
[java] <env:Fault>
[java] <faultcode xmlns:ans1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">ans1:InvalidSecurityToken</faultcode>
[java] <faultstring>Certificate validation failed</faultstring>
[java] </env:Fault>
[java] </env:Body>
[java] </env:Envelope>
[java] ==== Received Message End ====
[java] Sep 8, 2004 1:14:23 AM com.sun.xml.wss.filter.ProcessSecurityHeaderFilter process
[java] WARNING: Message does not contain wsse:Security header
[java] Exception in thread "main" javax.xml.rpc.soap.SOAPFaultException: Certificate validation failed
[java] at com.sun.xml.rpc.client.StreamingSender._raiseFault(StreamingSender.java:515)
[java] at com.sun.xml.rpc.client.StreamingSender._send(StreamingSender.java:294)
[java] at simple.PingPort_Stub.ping(PingPort_Stub.java:80)
[java] at simple.TestClient.main(TestClient.java:37)
[java] Java Result: 1
I don't know if I have configured anything wrong. Basically, i just want to sign the outgoing soap message with my own p12 format certificate, hence I have chosen the following in the $JWSDP_HOME/xws-security/samples/simple/build.properties :
client.security.config=config/sign-client.xml
server.security.config=config/dump-server.xml
Also, according to the last section of the jWSDP release notes at http://java.sun.com/webservices/docs/1.4/ReleaseNotes.html#KnownIssues
I added these two changes,
1. In the <jwsdp.home>/xws-security/samples/buildconfig/sjsas-config.xml file, delete the original .... app.classpath element definition and replace it with the following definition:
<path id="app.classpath">
<fileset dir="${sjsas.home}/lib/endorsed">
<include name="dom.jar"/>
</fileset>
<fileset dir="${sjsas.home}/lib">
<include name="*.jar"/>
</fileset>
<fileset dir="${javahome}/lib">
<include name="tools.jar"/>
</fileset>
</path>
2. In the <as.home>/domains/domain1/config/server.policy file, add the following configurations to the server.policy file, for the securesimple sample and pingservice samples, respectively.
// These permissions apply to securesimple webapp grant codeBase "file:${com.sun.aas.instanceRoot}/applications/j2ee-modules/securesimple/WEB-INF/-" {
permission javax.security.auth.AuthPermission "modifyPrincipals";
permission javax.security.auth.AuthPermission "modifyPublicCredentials"; permission javax.security.auth.AuthPermission "modifyPrivateCredentials";
permission javax.security.auth.AuthPermission "getSubject";
permission javax.security.auth.PrivateCredentialPermission "javax.security.auth.x500.X500PrivateCredential * \"*\"","read";
permission java.security.SecurityPermission "putProviderProperty.BC";
Moreover, has the sent message really been signed correctly? how can I tell the message has been signed by my own certificate? I have done the following:
1. In the $JWSDP_HOME/xws-security/samples/simple/config/sign-client.xml, change to
<xwss:SecurityConfiguration
xmlns:xwss="http://com.sun.xml.wss.configuration" dumpMessages="true">
<xwss:Sign/>
</xwss:SecurityConfiguration>
2. In the $JWSDP_HOME/xws-security/samples/simple/config/build.xml, change to something like the following in the run-sample target,
<sysproperty key="javax.net.ssl.keyStore" value="/work/nzw3/jakenew.p12"/>
<sysproperty key="javax.net.ssl.keyStorePassword" value="jake"/>
<sysproperty key="javax.net.ssl.keyStoreType" value="pkcs12"/>
I didn't change anything about truststore.
What was the problem? What have I done wrong?
Many thanks,
Jake

SOAP Response change from http 200 to http 204

Hello
I must change for a application, that call a webservice on the pi, change the
SOAP Response from HTTP 200 OK to HTTP 204. I think that must chnage on the SOAP Adapter and wei can't change in the messages or mapping. Also wit a Fault Messages is this not runnig.
What is with BPM, have any body do somthing with that.
Regards Tom

Hello Stefan
This thrid Application need this response. We cann't change this. We spaek with this product manager, but he want change this. He want this when the interface is async, that application now no conntent come back.
Regards Tom

SOAP Adapter XI 3.0 - HTTP 200 response fails

We have a scenario where a request message is sent successfully to a URL by the SOAP Adapter.
However, the response message has an HTTP response of 200 (meaning ok) which is not handled correctly by the
SOAP Adapter.
The error text shown in SXMB_MONI is:
com.sap.aii.af.ra.ms.api.DeliveryException: Failed to call the endpoint HTTP 200 OK
Is there something I am missing in the configuration to allow HTTP responses in the SOAP Adapter ? It is very odd that the SOAP Request works fine, but the SOAP Response does not.
Any ideas anyone ?
Kind regards
Colin.

Hi Bill
1. synchronous out / in
2. yes
3. working fine
following the way out to the elocateserver system is working fine.
The soap is working and the responce from the elocteserver is fine . But when the message is pick put the Timeout show up.
below is the Responce from elocateserver to xi
Hope this will help you
thanks olaf
Help
!http://sapnt09:50200/sap/public/icman/img/theme.jpg|alt=SAP|width=122 height=61 border=0 |src=http://sapnt09:50200/sap/public/icman/img/theme.jpg!
500 Connection timed out
Connection timed out (-5)
Error:
-5
Version:
6040
Component:
ICM
Date/Time:
Sat Oct 16 06:13:25 2004
Module:
icxxthr.c
Line:
2556
Server:
sapnt09_M64_02
Detail:
Connection to partner timed out
© 2001-2003, SAP AG

SOAP to SOAP / HTTP 200 error

Hi
I have the following scenario   SOAP to SOAP and am getting a HTTP 200 error.
com.sap.engine.interfaces.messaging.api.exception.MessagingException: java.io.IOException: No SOAP Envelope but 1 definitions; HTTP 200
I have configured a sender SOAP channel with default values (Nothing is checked).   My receiver channel is configured in a similar manner. The SOAP action is specified. I have tested the receiver webservice in WSNavigator and successfully can get it to call.   The webservice was created from a function module that has used the create webservice functionality, and then endpoints created in SOAMANAGER.
There are no mappings in this scenario.
When I right click on the sender agreement and get the WSDL, I take that URL and place it into the WSNAVIGATOR tool. I supply the same values that I did when I called the service directly.   When I execute, the error above appears in SXMB_MONI.
Ideas?

Here is the error. There is no principle propagation and the user is setup in the BI system.
<?xml version="1.0" encoding="UTF-8" standalone="yes" ?>
- 
- <SAP:Error xmlns:SAP="http://sap.com/xi/XI/Message/30" xmlns:SOAP="http://schemas.xmlsoap.org/soap/envelope/" SOAP:mustUnderstand="1">
<SAP:Category>XIAdapterFramework</SAP:Category>
<SAP:Code area="MESSAGE">GENERAL</SAP:Code>
<SAP:P1 />
<SAP:P2 />
<SAP:P3 />
<SAP:P4 />
<SAP:AdditionalText>com.sap.engine.interfaces.messaging.api.exception.MessagingException: java.io.IOException: No SOAP Envelope but 1 definitions; HTTP 200 OK</SAP:AdditionalText>
<SAP:Stack />
<SAP:Retry>M</SAP:Retry>
</SAP:Error>
Edited by: Mike Marowski on Feb 18, 2010 12:12 AM

PO 7.4: NW BPM: HTTP Error response for SOAP request or invalid content-type.HTTP 200 OK

Hi Experts
I am trying to call NW BPM scenario(File to BPM) from PI, and using below adapter config.
I am getting below error.
Failed to call the endpoint: Error in call over HTTP: HTTP 200 OK
SOAP: Call failed: java.io.IOException: HTTP Error response for SOAP request or invalid content-type.; HTTP 200 OK
SOAP: Error occurred: com.sap.engine.interfaces.messaging.api.exception.MessagingException: java.io.IOException: HTTP Error response for SOAP request or invalid content-type.; HTTP 200 OK
MP: exception caught with cause com.sap.engine.interfaces.messaging.api.exception.MessagingException: java.io.IOException: HTTP Error response for SOAP request or invalid content-type.; HTTP 200 OK
Transmitting the message to endpoint <local> using connection File_http://sap.com/xi/XI/System failed, due to: com.sap.engine.interfaces.messaging.api.exception.MessagingException: java.io.IOException: HTTP Error response for SOAP request or invalid content-type.; HTTP 200 OK
Any idea how to fix this issue?
Thanks,
Sandeep Maurya.

Hi Sandeep,
Test the URL from your browser and check the proxy settings as well.
Refer the below links
SOAP: call failed: java.io.IOException: invalid content type for SOAP: TEXT
SOAP: Call failed: java.io.IOException: Failed to get the input stream from socket: java.net.SocketException: Connection…
Regards
Bhargava Krishna

Xws-security returns always HTTP 200

Similar Messages

Maybe you are looking for