I try to intercept encrypted soap message in wildfly 10 with soapUI. Deployment is successful.
First below pics are outgoing ws-security configuration which includes signature and encryption.
* Signature
Keystore - client keystore
Alias - alias of client's private key
Password - password of client's private key
Key Identifier Type - X.509
Parts - arg0 (Name), Body (Encode)
* Encryption
Keystore - client keystore
Alias - alias of server's public key
Password - Empty (no password required for public key)
Key Identifier Type - X.509
Parts - arg0 (Name), Body (Content)
The final pic shows incoming WS-Security Configuration.
Decrypt Keystore - client keystore
Signature Keystore - client keystore
Password - password of client's private key
But the returned response is soap-fault like following
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<soap:Fault>
<faultcode xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">ns1:InvalidSecurity</faultcode>
<faultstring>An error was discovered processing the <wsse:Security> header</faultstring>
</soap:Fault>
</soap:Body>
</soap:Envelope>
Is there some process which I missed?
Update
This is soap request
<soapenv:Envelope xmlns:soap="http://soap.aaa.com/" xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wsse:Security xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">
<wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3" wsu:Id="374FDD240DA4088CF9146901568147641">
MIICxzCCAa+gAwIBAgIENlXkmDANBgkqUg35Lpg==
</wsse:BinarySecurityToken>
<xenc:EncryptedKey Id="EK-374FDD240DA4088CF9146901568147640" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#">
<xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<wsse:SecurityTokenReference><wsse:Reference URI="#374FDD240DA4088CF9146901568147641" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
<xenc:CipherData>
<xenc:CipherValue>gBZkBwQh+A==
</xenc:CipherValue>
</xenc:CipherData>
<xenc:ReferenceList>
<xenc:DataReference URI="#ED-374FDD240DA4088CF9146901568147642"/>
</xenc:ReferenceList>
</xenc:EncryptedKey>
<wsse:BinarySecurityToken EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509PKIPathv1" wsu:Id="X509-374FDD240DA4088CF9146901568146635">MIICzTCCAskwggGxo
</wsse:BinarySecurityToken>
<ds:Signature Id="SIG-374FDD240DA4088CF9146901568146639" xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="soap soapenv" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:CanonicalizationMethod>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
<ds:Reference URI="#id-374FDD240DA4088CF9146901568146638">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#">
<ec:InclusiveNamespaces PrefixList="soap soapenv" xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"/>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/>
<ds:DigestValue>EiWlHfC/AfhBC2bOo2R6CHDe06s=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>WSnRVBSZlF2XXxvkH0Udi8gsRwvsKzJ9KnjXPZIbz/msx5VpjhgcTVOgPQW1myUVVwSD20XQ==
</ds:SignatureValue>
<ds:KeyInfo Id="KI-374FDD240DA4088CF9146901568146636">
<wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509PKIPathv1" wsu:Id="STR-374FDD240DA4088CF9146901568146637" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd">
<wsse:Reference URI="#X509-374FDD240DA4088CF9146901568146635" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509PKIPathv1"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
<soap:sayHello>
<!--Optional:-->
<arg0 wsu:Id="id-374FDD240DA4088CF9146901568146638" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"><xenc:EncryptedData Id="ED-374FDD240DA4088CF9146901568147642" Type="http://www.w3.org/2001/04/xmlenc#Content" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/><ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"><wsse:SecurityTokenReference wsse11:TokenType="http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd" xmlns:wsse11="http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd"><wsse:Reference URI="#EK-374FDD240DA4088CF9146901568147640"/></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>A9cCXThSZz8lZzPSZftZUXB40KLM08w3Ck6+sc8dAbg=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></arg0>
</soap:sayHello>
</soapenv:Body>
</soapenv:Envelope>
UPDATE more
This is my original SOAP message
<soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/" xmlns:soap="http://soap.aaa.com/">
<soapenv:Header/>
<soapenv:Body>
<soap:sayHello>
<!--Optional:-->
<arg0>Jina</arg0>
</soap:sayHello>
</soapenv:Body>
</soapenv:Envelope>
And Belows are my modified WSS configuration
Signature
Keystore : client keystore jks file
Alias : client key alias
Password : client private key password
Key Identifier Type : X.509
Parts : sayHello(Name), http://soap.aaa.com/ (Namespace), Element (Encode)
Encryption
Keystore : client keystore jks file
Alias : service key alias
Password : empty
Key Identifier Type : X.509
Parts : sayHello (Name), http://soap.aaa.com/ (Namespace), Content (Encode)
*Ingoing WS-Security Configuration
Decrypt Keystore : client keystore jks file
Signature Keystore : client keystore jks file
Password - password of client's private key
This configuration throws no soap exception in SoapUI side. In SoapUI log only this message is shown
Sun Jul 24 08:59:51 KST 2016:DEBUG:Attempt 1 to execute request
Sun Jul 24 08:59:51 KST 2016:DEBUG:Sending request: POST /SOAPSecurityWeb/HelloWorld HTTP/1.1
Sun Jul 24 08:59:52 KST 2016:DEBUG:Receiving response: HTTP/1.1 500 Internal Server Error
Sun Jul 24 08:59:52 KST 2016:DEBUG:Connection can be kept alive indefinitely
Sun Jul 24 08:59:52 KST 2016:INFO:Got response for [HelloWorldServiceSoapBinding.sayHello:Request 1] in 326ms (361 bytes)
The soap error response from SOAP service is like below
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<soap:Fault>
<faultcode xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">ns1:InvalidSecurity</faultcode>
<faultstring>An error was discovered processing the <wsse:Security> header</faultstring>
</soap:Fault>
</soap:Body>
</soap:Envelope>
And in WS service side this exception is displayed
09:37:54,340 WARNING [org.apache.cxf.phase.PhaseInterceptorChain] (default task-2) Interceptor for {http://soap.aaa.com/}HelloWorldService has thrown exception, unwinding now: org.apache.cxf.binding.soap.SoapFault: An error was discovered processing the <wsse:Security> header
at org.apache.cxf.ws.security.wss4j.WSS4JUtils.createSoapFault(WSS4JUtils.java:216)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:329)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:184)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:79)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:66)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:251)
at org.jboss.wsf.stack.cxf.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:108)
at org.jboss.wsf.stack.cxf.transport.ServletHelper.callRequestHandler(ServletHelper.java:134)
at org.jboss.wsf.stack.cxf.CXFServletExt.invoke(CXFServletExt.java:88)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:293)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:212)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at org.jboss.wsf.stack.cxf.CXFServletExt.service(CXFServletExt.java:136)
at org.jboss.wsf.spi.deployment.WSFServlet.service(WSFServlet.java:140)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)
at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64)
at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:60)
at io.undertow.servlet.handlers.security.CachedAuthenticatedSessionHandler.handleRequest(CachedAuthenticatedSessionHandler.java:77)
at io.undertow.security.handlers.NotificationReceiverHandler.handleRequest(NotificationReceiverHandler.java:50)
at io.undertow.security.handlers.AbstractSecurityContextAssociationHandler.handleRequest(AbstractSecurityContextAssociationHandler.java:43)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at org.wildfly.extension.undertow.security.jacc.JACCContextIdHandler.handleRequest(JACCContextIdHandler.java:61)
Caused by: org.apache.wss4j.common.ext.WSSecurityException: An error was discovered processing the <wsse:Security> header
at org.apache.wss4j.common.crypto.AlgorithmSuiteValidator.checkSymmetricEncryptionAlgorithm(AlgorithmSuiteValidator.java:149)
at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.decryptDataRef(EncryptedKeyProcessor.java:550)
And more the following exception are thrown when the SoapUI 5.2.1 starting, Do you think these exceptions are related with this issues?
Sun Jul 24 09:34:33 KST 2016:ERROR:An error occurred [com.eviware.soapui.plugins.auto.factories.AutoDiscoveryMethodFactory], see error log for details
Sun Jul 24 09:34:33 KST 2016:ERROR:An error occurred [com.eviware.soapui.plugins.auto.factories.AutoImportMethodFactory], see error log for details
Sun Jul 24 09:34:33 KST 2016:ERROR:An error occurred [com.eviware.soapui.plugins.auto.factories.AutoDiscoveryMethodFactory], see error log for details
Sun Jul 24 09:34:33 KST 2016:ERROR:An error occurred [com.eviware.soapui.plugins.auto.factories.AutoImportMethodFactory], see error log for details
UPDATE LAST
I deployed the same SOAP service on both Wildfly 8.2 and Wildfly 10. But the different exceptions are thrown.
Wildfly 10 :
15:44:53,834 WARNING [org.apache.cxf.phase.PhaseInterceptorChain] (default task-2) Interceptor for {http://soap.aaa.com/}HelloWorldService has thrown exception, unwinding now: org.apache.cxf.binding.soap.SoapFault: A security error was encountered when verifying the message
at org.apache.cxf.ws.security.wss4j.WSS4JUtils.createSoapFault(WSS4JUtils.java:216)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:329)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:184)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:79)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:66)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:251)
at org.jboss.wsf.stack.cxf.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:108)
at org.jboss.wsf.stack.cxf.transport.ServletHelper.callRequestHandler(ServletHelper.java:134)
at org.jboss.wsf.stack.cxf.CXFServletExt.invoke(CXFServletExt.java:88)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:293)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:212)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at org.jboss.wsf.stack.cxf.CXFServletExt.service(CXFServletExt.java:136)
at org.jboss.wsf.spi.deployment.WSFServlet.service(WSFServlet.java:140)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)
at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
Caused by: org.apache.wss4j.common.ext.WSSecurityException: Cannot find key for alias: [myclientkey]
Original Exception was org.apache.wss4j.common.ext.WSSecurityException: Cannot find key for alias: [myclientkey]
at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.getAsymmetricDecryptedBytes(EncryptedKeyProcessor.java:301)
at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:194)
at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:76)
at org.apache.wss4j.dom.engine.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:344)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:280)
... 42 more
Caused by: org.apache.wss4j.common.ext.WSSecurityException: Cannot find key for alias: [myclientkey]
at org.apache.wss4j.common.crypto.Merlin.getPrivateKey(Merlin.java:632)
at org.apache.wss4j.dom.processor.EncryptedKeyProcessor.getAsymmetricDecryptedBytes(EncryptedKeyProcessor.java:259)
... 46 more
SOAP fault :
<faultcode xmlns:ns1="http://ws.apache.org/wss4j">ns1:SecurityError</faultcode>
<faultstring>A security error was encountered when verifying the message</faultstring>
Wildfly 8.2 :
WARNING [org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor] (default task-2) : org.apache.ws.security.WSSecurityException: The signature or decryption was invalid
at org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:163) [wss4j-1.6.17.jar:1.6.17]
at org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:66) [wss4j-1.6.17.jar:1.6.17]
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:402) [wss4j-1.6.17.jar:1.6.17]
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:272) [cxf-rt-ws-security-2.7.13.jar:2.7.13]
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:121) [cxf-rt-ws-security-2.7.13.jar:2.7.13]
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:106) [cxf-rt-ws-security-2.7.13.jar:2.7.13]
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272) [cxf-api-2.7.13.jar:2.7.13]
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) [cxf-api-2.7.13.jar:2.7.13]
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:241) [cxf-rt-transports-http-2.7.13.jar:2.7.13]
at org.jboss.wsf.stack.cxf.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:97)
at org.jboss.wsf.stack.cxf.transport.ServletHelper.callRequestHandler(ServletHelper.java:131)
at org.jboss.wsf.stack.cxf.CXFServletExt.invoke(CXFServletExt.java:88)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:286) [cxf-rt-transports-http-2.7.13.jar:2.7.13]
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:206) [cxf-rt-transports-http-2.7.13.jar:2.7.13]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
at org.jboss.wsf.stack.cxf.CXFServletExt.service(CXFServletExt.java:136)
at org.jboss.wsf.spi.deployment.WSFServlet.service(WSFServlet.java:140) [jbossws-spi-2.3.1.Final.jar:2.3.1.Final]
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790) [jboss-servlet-api_3.1_spec-1.0.0.Final.jar:1.0.0.Final]
at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:86) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
at io.undertow.servlet.handlers.security.ServletConfidentialityConstraintHandler.handleRequest(ServletConfidentialityConstraintHandler.java:64) [undertow-servlet-1.1.8.Final.jar:1.1.8.Final]
at io.undertow.security.handlers.AuthenticationMechanismsHandler.handleRequest(AuthenticationMechanismsHandler.java:58) [undertow-core-1.1.8.Final.jar:1.1.8.Final]
Caused by: org.apache.ws.security.WSSecurityException: Cannot find key for alias: [myclientkey]
at org.apache.ws.security.components.crypto.Merlin.getPrivateKey(Merlin.java:651) [wss4j-1.6.17.jar:1.6.17]
at org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:142) [wss4j-1.6.17.jar:1.6.17]
... 43 more
15:46:03,174 WARNING [org.apache.cxf.phase.PhaseInterceptorChain] (default task-2) Interceptor for {http://soap.aaa.com/}HelloWorldService has thrown exception, unwinding now: org.apache.cxf.binding.soap.SoapFault: The signature or decryption was invalid
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:863) [cxf-rt-ws-security-2.7.13.jar:2.7.13]
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:329) [cxf-rt-ws-security-2.7.13.jar:2.7.13]
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:121) [cxf-rt-ws-security-2.7.13.jar:2.7.13]
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:106) [cxf-rt-ws-security-2.7.13.jar:2.7.13]
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272) [cxf-api-2.7.13.jar:2.7.13]
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121) [cxf-api-2.7.13.jar:2.7.13]
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:241) [cxf-rt-transports-http-2.7.13.jar:2.7.13]
at org.jboss.wsf.stack.cxf.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:97)
at org.jboss.wsf.stack.cxf.transport.ServletHelper.callRequestHandler(ServletHelper.java:131)
at org.jboss.wsf.stack.cxf.CXFServletExt.invoke(CXFServletExt.java:88)
Caused by: org.apache.ws.security.WSSecurityException: The signature or decryption was invalid
at org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:163) [wss4j-1.6.17.jar:1.6.17]
at org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:66) [wss4j-1.6.17.jar:1.6.17]
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:402) [wss4j-1.6.17.jar:1.6.17]
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:272) [cxf-rt-ws-security-2.7.13.jar:2.7.13]
... 40 more
Caused by: org.apache.ws.security.WSSecurityException: Cannot find key for alias: [myclientkey]
at org.apache.ws.security.components.crypto.Merlin.getPrivateKey(Merlin.java:651) [wss4j-1.6.17.jar:1.6.17]
at org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:142) [wss4j-1.6.17.jar:1.6.17]
... 43 more
SOAP fault :
<faultcode xmlns:ns1="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd">ns1:FailedCheck</faultcode>
<faultstring>The signature or decryption was invalid</faultstring>
Do you have any idea? If you don't mind I can make another thread on this site with the wildfly version you want.
Related
I'm checking Mule with SoapUI and face an issue path parameter must start with /.
Error message on Mule
WARN 2022-01-23 00:01:02,491 [http.listener.03 SelectorRunner] org.glassfish.grizzly.filterchain.DefaultFilterChain: GRIZZLY0013: Exception during FilterChain execution
java.lang.IllegalArgumentException: path parameter must start with /
at org.mule.runtime.api.util.Preconditions.checkArgument(Preconditions.java:25) ~[mule-api-1.4.0-20211227.jar:?]
at org.mule.service.http.impl.service.util.DefaultRequestMatcherRegistry.lambda$new$1(DefaultRequestMatcherRegistry.java:69) ~[mule-service-http-1.6.3.jar:1.6.3]
at com.github.benmanes.caffeine.cache.LocalLoadingCache.lambda$newMappingFunction$2(LocalLoadingCache.java:140) ~[caffeine-2.8.0.jar:?]
at com.github.benmanes.caffeine.cache.BoundedLocalCache.lambda$doComputeIfAbsent$14(BoundedLocalCache.java:2379) ~[caffeine-2.8.0.jar:?]
at java.util.concurrent.ConcurrentHashMap.compute(ConcurrentHashMap.java:1853) ~[?:1.8.0_282]
at com.github.benmanes.caffeine.cache.BoundedLocalCache.doComputeIfAbsent(BoundedLocalCache.java:2377) ~[caffeine-2.8.0.jar:?]
at com.github.benmanes.caffeine.cache.BoundedLocalCache.computeIfAbsent(BoundedLocalCache.java:2360) ~[caffeine-2.8.0.jar:?]
at com.github.benmanes.caffeine.cache.LocalCache.computeIfAbsent(LocalCache.java:108) ~[caffeine-2.8.0.jar:?]
at com.github.benmanes.caffeine.cache.LocalLoadingCache.get(LocalLoadingCache.java:54) ~[caffeine-2.8.0.jar:?]
at org.mule.service.http.impl.service.util.DefaultRequestMatcherRegistry.find(DefaultRequestMatcherRegistry.java:260) ~[mule-service-http-1.6.3.jar:1.6.3]
at org.mule.service.http.impl.service.server.HttpListenerRegistry.getRequestHandler(HttpListenerRegistry.java:109) ~[mule-service-http-1.6.3.jar:1.6.3]
at org.mule.service.http.impl.service.server.grizzly.GrizzlyRequestDispatcherFilter.handleRead(GrizzlyRequestDispatcherFilter.java:123) ~[mule-service-http-1.6.3.jar:1.6.3]
at org.glassfish.grizzly.filterchain.ExecutorResolver$9.execute(ExecutorResolver.java:119) ~[grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeFilter(DefaultFilterChain.java:284) ~[grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.filterchain.DefaultFilterChain.executeChainPart(DefaultFilterChain.java:201) ~[grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.filterchain.DefaultFilterChain.execute(DefaultFilterChain.java:133) [grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.filterchain.DefaultFilterChain.process(DefaultFilterChain.java:112) [grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.ProcessorExecutor.execute(ProcessorExecutor.java:77) [grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.nio.transport.TCPNIOTransport.fireIOEvent(TCPNIOTransport.java:540) [grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.strategies.AbstractIOStrategy.fireIOEvent(AbstractIOStrategy.java:112) [grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.mule.service.http.impl.service.server.grizzly.ExecutorPerServerAddressIOStrategy.run0(ExecutorPerServerAddressIOStrategy.java:99) [mule-service-http-1.6.3.jar:1.6.3]
at org.mule.service.http.impl.service.server.grizzly.ExecutorPerServerAddressIOStrategy.executeIoEvent(ExecutorPerServerAddressIOStrategy.java:74) [mule-service-http-1.6.3.jar:1.6.3]
at org.glassfish.grizzly.strategies.AbstractIOStrategy.executeIoEvent(AbstractIOStrategy.java:89) [grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.nio.SelectorRunner.iterateKeyEvents(SelectorRunner.java:415) [grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.nio.SelectorRunner.iterateKeys(SelectorRunner.java:384) [grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.nio.SelectorRunner.doSelect(SelectorRunner.java:348) [grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at org.glassfish.grizzly.nio.SelectorRunner.run(SelectorRunner.java:279) [grizzly-framework-2.3.36-MULE-024.jar:2.3.36-MULE-024]
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511) [?:1.8.0_282]
at java.util.concurrent.FutureTask.run(FutureTask.java:266) [?:1.8.0_282]
at org.mule.service.scheduler.internal.AbstractRunnableFutureDecorator.doRun(AbstractRunnableFutureDecorator.java:113) [mule-service-scheduler-1.4.1/:?]
at org.mule.service.scheduler.internal.RunnableFutureDecorator.run(RunnableFutureDecorator.java:54) [mule-service-scheduler-1.4.1/:?]
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) [?:1.8.0_282]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624) [?:1.8.0_282]
at java.lang.Thread.run(Thread.java:748) [?:1.8.0_282]
Steps
Find WSDL here (https://www.dataaccess.com/webservicesserver/numberconversion.wso?WSDL)
[Mule4.4] Create Listener and SOAP Router.
HTTP Listener config: port = 1081
SOAP configuration: Wsdl location = (URL in Step 1.)
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<mule xmlns="http://www.mulesoft.org/schema/mule/core" xmlns:apikit-soap="http://www.mulesoft.org/schema/mule/apikit-soap" xmlns:ee="http://www.mulesoft.org/schema/mule/ee/core" xmlns:http="http://www.mulesoft.org/schema/mule/http" xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xsi:schemaLocation="http://www.mulesoft.org/schema/mule/core http://www.mulesoft.org/schema/mule/core/current/mule.xsd http://www.mulesoft.org/schema/mule/http http://www.mulesoft.org/schema/mule/http/current/mule-http.xsd http://www.mulesoft.org/schema/mule/apikit-soap http://www.mulesoft.org/schema/mule/apikit-soap/current/mule-apikit-soap.xsd http://www.mulesoft.org/schema/mule/ee/core http://www.mulesoft.org/schema/mule/ee/core/current/mule-ee.xsd">
<http:listener-config name="api-httpListenerConfig">
<http:listener-connection host="0.0.0.0" port="1081"/>
</http:listener-config>
<apikit-soap:config httpStatusVarName="httpStatus" name="soapkit-config" port="NumberConversionSoap" service="NumberConversion" wsdlLocation="https://www.dataaccess.com/webservicesserver/numberconversion.wso?WSDL"/>
<flow name="api-main">
<http:listener config-ref="api-httpListenerConfig" path="/NumberConversion/NumberConversionSoap">
<http:response statusCode="#[attributes.additionalTransportData.statusCode default 200]">
<http:body>#[payload]</http:body>
<http:headers>#[attributes.protocolHeaders default {}]</http:headers>
</http:response>
<http:error-response statusCode="#[attributes.additionalTransportData.statusCode default 500]">
<http:body>#[payload]</http:body>
<http:headers>#[attributes.protocolHeaders default {}]</http:headers>
</http:error-response>
</http:listener>
<apikit-soap:router config-ref="soapkit-config">
<apikit-soap:attributes><![CDATA[#[%dw 2.0
output application/java
---
{
headers: attributes.headers,
method: attributes.method,
queryString: attributes.queryString
}]]]></apikit-soap:attributes>
</apikit-soap:router>
</flow>
<flow name="NumberToWords:\soapkit-config">
<ee:transform>
<ee:message>
<ee:set-payload>
<![CDATA[%dw 2.0
output application/java
ns soap http://schemas.xmlsoap.org/soap/envelope
---
{
body: {
soap#Fault: {
faultcode: "soap:Server",
faultstring: "Operation [NumberToWords:\soapkit-config] not implemented"
}
} write "application/xml"
}]]>
</ee:set-payload>
</ee:message>
</ee:transform>
</flow>
<flow name="NumberToDollars:\soapkit-config">
<ee:transform>
<ee:message>
<ee:set-payload>
<![CDATA[%dw 2.0
output application/java
ns soap http://schemas.xmlsoap.org/soap/envelope
---
{
body: {
soap#Fault: {
faultcode: "soap:Server",
faultstring: "Operation [NumberToDollars:\soapkit-config] not implemented"
}
} write "application/xml"
}]]>
</ee:set-payload>
</ee:message>
</ee:transform>
</flow>
</mule>
[SoapUI5.7] Create a new SOAP API with the URL in Step 1. Then create a new request (https://0.0.0.0:1081/NumberConversion/NumberConversionSoap) and run it. The message at the bottom says "failed to respond"
[Mule4.4] See the message.
Notes
I confirm Listener's Path starts with "/".
It is a warning not an error. It is most likely harmless. Ensure you are using the last version of Studio and cumulative patches for Mule 4.4. There is something strange in the log though. It looks to be executing an HTTP service for Mule 4.3 (mule-service-http-1.6.3) which is not a right version for Mule 4. May be the project is being executed in Mule 4.3? Check the log when the application is starting and the run configuration to be sure.
Details : I have created on flow in MuleESB which is calling a web-service without any parameter just sending it username, password and token in a property and it is working fine.
But the second API I want to post some parameters while calling soap request but I don't know how to use it I tried to pass through set payload but no response.
<http:listener-config name="HTTP_Listener_Configuration" host="0.0.0.0" port="8081" doc:name="HTTP Listener Configuration"/>
<http:request-config name="HTTP_Request_Configuration" host="webservicehostadd" port="443" doc:name="HTTP Request Configuration">
<http:basic-authentication username="username" password="pass"/>
</http:request-config>
<ws:consumer-config name="Web_Service_Consumer" wsdlLocation="https://xxxx/1.0?wsdl" service="xxx" port="xxxx" serviceAddress="https://xxxxx/1.0" connectorConfig="HTTP_Request_Configuration" doc:name="Web Service Consumer"/>
<flow name="mycustomflow">
<http:listener config-ref="HTTP_Listener_Configuration" path="/TEST" doc:name="HTTP"/>
<set-property propertyName="APIKey" value="xxx-xxx-xxx-xxx-xxx" doc:name="Property"/>
<dw:transform-message doc:name="Transform Message" metadata:id="xxx-xxx-xxx-xxx-xxxxxxxx">
<dw:input-payload mimeType="application/xml"/>
<dw:set-payload><![CDATA[%dw 1.0
%output application/xml
%namespace ns0 http://localhost/getDetails:getDetailsWSD
---
{
ns0#getDetails: {
getDetailsOrder: {
ID: payload.ns0#getDetails.getDetailsOrder.ID,
AllData: payload.ns0#getDetails.getDetailsOrder.AllData
}
}
}]]></dw:set-payload>
</dw:transform-message>
<ws:consumer config-ref="Web_Service_Consumer" operation="employeeDetails" doc:name="Web Service Consumer"/>
</flow>
It showed the below error:
Exception while executing:
[row,col]: [1,1]
Unexpected character '{' (code 123) in prolog; expected '<'
at [row,col {unknown-source}]: [1,1].
Updated answer:
<dw:transform-message metadata:id="XXXXX" doc:name="Transform Message">
<dw:set-payload><![CDATA[
%output application/xml skipNullOn="everywhere"
%namespace ns0 localhost/getDetails:getDetailsWSD
---
{
ns0#getDetails: {
getDetailsOrder: {
ID: payload.ns0#getDetails.getDetailsOrder.ID,
AllData: payload.ns0#getDetails.getDetailsOrder.AllData
}
}
}]]>
</dw:set-payload>
</dw:transform-message>
In your scenario: you are passing a body in XML format and sometimes an empty body in your Postman requests.
Passing an empty body results your payload to be {NullPayload}. To handle this, we have to remove explicitly defining the input mime type: <dw:input-payload mimeType="application/xml"/>.
In your transformation: ID: payload.ns0#getDetails.getDetailsOrder.ID,. You are retrieving a value from an empty payload and this will fail. To avoid failing, we have added: skipNullOn="everywhere". You can read more about it here.
I have tried the transformation myself which results to this:
<?xml version='1.0' encoding='UTF-8'?>
<ns0:getDetails xmlns:ns0="http://localhost/getDetails:getDetailsWSD">
<getDetailsOrder/>
</ns0:getDetails>
I think we are done with your initial issue regarding transformation of your empty payload. Your concern now is consuming the web service.
Thank you.
Wildfly10
CXF 3.1.6
SOAP Webservices
WSDL configuration of security policy is:
<wsp:Policy wsu:Id="UsernameTransportPolicy">
<wsp:ExactlyOne>
<wsp:All>
<sp:SupportingTokens
xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
<wsp:Policy>
<sp:UsernameToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
<sp:TextPassword />
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
</sp:SupportingTokens>
</wsp:All>
</wsp:ExactlyOne>
</wsp:Policy>
Handler configuration is:
<jaxws-config xmlns="urn:jboss:jbossws-jaxws-config:4.0"
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" xmlns:javaee="http://java.sun.com/xml/ns/javaee"
xsi:schemaLocation="urn:jboss:jbossws-jaxws-config:4.0 schema/jbossws-jaxws-config_4_0.xsd">
<endpoint-config>
<config-name>Custom-JAXWS-WS-SecurityEndpoint</config-name>
<property>
<property-name>ws-security.validate.token</property-name>
<property-value>true</property-value>
</property>
<property>
<property-name>ws-security.callback-handler</property-name>
<property-value>com.xxx.xxxx.security.ServerPasswordHandler
</property-value>
</property>
</endpoint-config>
</jaxws-config>
Handler code:
public class ServerPasswordHandler implements CallbackHandler
{
private static final Logger logger = Logger.getInstance(ServerPasswordHandler.class);
public void handle(Callback[] callbacks) throws IOException,
UnsupportedCallbackException
{
logger.debug("begin handle");
WSPasswordCallback pc = (WSPasswordCallback) callbacks[0];
String userId = "wsuser";
String password = "wspassword";
logger.debug("userId is["+userId+"]");
if (userId.equals(pc.getIdentifier()))
{
pc.setPassword(password);
logger.info("User ["+userId+"] is familiar.");
}
else
logger.error("Unknown user ["+userId+"]");
logger.debug("end handle");
}
}
Sending xml request as:
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"
xmlns:ser="http://service.dms.ctl.com/"
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soapenv:Header>
<wsse:Security soap:mustUnderstand='true'
xmlns:wsse='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd'
xmlns:wsu='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd'>
<wsse:UsernameToken wsu:Id='UsernameToken-3DAJDJSKJDHFJASDKJFKJ234JL2K3H2K3J42'>
<wsse:Username>wsuser</wsse:Username>
<wsse:Password Type='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText'>wspassword</wsse:Password>
</wsse:UsernameToken>
</wsse:Security>
</soapenv:Header>
<soapenv:Body>
.....
</soapenv:Body>
I am getting following error:
15:22:54,541 DEBUG [c.c.i.s.MessageInterceptor] handleMessage
15:22:56,684 DEBUG [c.c.i.s.ServerPasswordHandler] begin handle
15:22:56,685 DEBUG [c.c.i.s.ServerPasswordHandler] userId is[wsuser]
15:22:56,685 INFO [c.c.i.s.ServerPasswordHandler] User [wsuser] is familiar.
15:22:56,685 DEBUG [c.c.i.s.ServerPasswordHandler] end handle
15:23:18,609 SEVERE [o.a.c.w.p.PolicyVerificationInInterceptor] Inbound policy verification failed: These policy alternatives can not be satisfied:
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}TextPassword
15:23:18,609 WARNING [o.a.c.p.PhaseInterceptorChain] Interceptor for {http://service.xxx.xxx.com/}Adapter#{http://service.dms.ctl.com/}findAvailableCustomers has thrown exception, unwinding now: org.apache.cxf.ws.policy.PolicyException: These policy alternatives can not be satisfied:
{http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}TextPassword
at org.apache.cxf.ws.policy.AssertionInfoMap.checkEffectivePolicy(AssertionInfoMap.java:179)
at org.apache.cxf.ws.policy.PolicyVerificationInInterceptor.handle(PolicyVerificationInInterceptor.java:102)
at org.apache.cxf.ws.policy.AbstractPolicyInterceptor.handleMessage(AbstractPolicyInterceptor.java:44)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:121)
at org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:254)
at org.jboss.wsf.stack.cxf.RequestHandlerImpl.handleHttpRequest(RequestHandlerImpl.java:108)
at org.jboss.wsf.stack.cxf.transport.ServletHelper.callRequestHandler(ServletHelper.java:134)
at org.jboss.wsf.stack.cxf.CXFServletExt.invoke(CXFServletExt.java:88)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:299)
at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:218)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:707)
at org.jboss.wsf.stack.cxf.CXFServletExt.service(CXFServletExt.java:136)
at org.jboss.wsf.spi.deployment.WSFServlet.service(WSFServlet.java:140)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:790)
at io.undertow.servlet.handlers.ServletHandler.handleRequest(ServletHandler.java:85)
at io.undertow.servlet.handlers.security.ServletSecurityRoleHandler.handleRequest(ServletSecurityRoleHandler.java:62)
at io.undertow.servlet.handlers.ServletDispatchingHandler.handleRequest(ServletDispatchingHandler.java:36)
at org.wildfly.extension.undertow.security.SecurityContextAssociationHandler.handleRequest(SecurityContextAssociationHandler.java:78)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.servlet.handlers.security.SSLInformationAssociationHandler.handleRequest(SSLInformationAssociationHandler.java:131)
at io.undertow.servlet.handlers.security.ServletAuthenticationCallHandler.handleRequest(ServletAuthenticationCallHandler.java:57)
at io.undertow.server.handlers.PredicateHandler.handleRequest(PredicateHandler.java:43)
at io.undertow.security.handlers.AbstractConfidentialityHandler.handleRequest(AbstractConfidentialityHandler.java:46)
Looking at the source code, i see the exception being thrown at following :
try {
//Exception here
List<List<Assertion>> usedAlternatives = aim.checkEffectivePolicy(effectivePolicy.getPolicy());
if (usedAlternatives != null && !usedAlternatives.isEmpty() && message.getExchange() != null) {
message.getExchange().put("ws-policy.validated.alternatives", usedAlternatives);
}
} catch (PolicyException ex) {
LOG.log(Level.SEVERE, "Inbound policy verification failed: " + ex.getMessage());
//To check if there is ws addressing policy violation and throw WSA specific
//exception to pass jaxws2.2 tests
if (ex.getMessage().indexOf("Addressing") > -1) {
throw new Fault("A required header representing a Message Addressing Property "
+ "is not present", LOG)
.setFaultCode(new QName("http://www.w3.org/2005/08/addressing",
"MessageAddressingHeaderRequired"));
}
throw ex;
EDIT: Fixed minor debug message
I was able to fix this with information from various websites. First off, as mentioned in oasis-open, i removed following element as passwords are mandatory.
<wsp:Policy>
<sp:TextPassword />
</wsp:Policy>
But due to a bug that was mentioned cxf issue, UsernameToken needed a policy element so workaround was to keep an empty policy under usernametoken
<wsp:Policy>
<sp:UsernameToken
sp:IncludeToken="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient">
<wsp:Policy>
</wsp:Policy>
</sp:UsernameToken>
</wsp:Policy>
That fixed it.
"sp:TextPassword" is not a valid policy.
I'm trying the FHIR Connector with WSO2 EI 6.1.0
I'm following this documentation
The request for the create operation is:
{
"body": {
"base": "https://sqlonfhir-stu3.azurewebsites.net",
"type": "Patient",
"format": "json"
}
}
My proxy is:
<?xml version="1.0" encoding="UTF-8"?>
<proxy xmlns="http://ws.apache.org/ns/synapse"
name="fhirTest"
startOnLoad="true"
statistics="disable"
trace="disable"
transports="http,https">
<target>
<inSequence>
<property expression="json-eval($.body.base)"
name="base"
scope="default"
type="STRING"/>
<property expression="json-eval($.body.type)"
name="type"
scope="default"
type="STRING"/>
<property expression="json-eval($.body.format)"
name="format"
scope="default"
type="STRING"/>
<fhir.init>
<base>{$ctx:base}</base>
</fhir.init>
<fhir.create>
<type>{$ctx:type}</type>
<format>{$ctx:format}</format>
</fhir.create>
<send/>
</inSequence>
<outSequence/>
<faultSequence/>
</target>
<parameter name="ApplicationXMLBuilder.allowDTD">true</parameter>
<description/>
</proxy>
After the request the response is (the body is void):
HTTP/1.1 202 Accepted
X-Frame-Options: DENY
X-Content-Type-Options: nosniff
X-XSS-Protection: 1; mode=block
Content-Type: text/html;charset=UTF-8
Content-Length: 0
Date: Fri, 05 May 2017 14:09:01 GMT
Server: WSO2 Carbon Server
but I get the following exception: DOCTYPE is not allowed
log:
[2017-05-05 16:09:01,192] [] INFO - LogMediator To: /services/fhirTest,From: 192.168.81.118,Direction: request,base1 = https://sqlonfhir-stu3.azurewebsites.net
,type1 = Patient,format1 = json,Payload: {
"body": {
"base": "https://sqlonfhir-stu3.azurewebsites.net",
"type": "Patient",
"format": "json"
}
}
[2017-05-05 16:09:01,704] [] ERROR - RelayUtils Error while building Passthrough stream
org.apache.axiom.om.OMException: javax.xml.stream.XMLStreamException: DOCTYPE is not allowed
at org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:296)
at org.apache.axiom.om.impl.llom.OMDocumentImpl.getOMDocumentElement(OMDocumentImpl.java:109)
at org.apache.axiom.om.impl.builder.StAXOMBuilder.getDocumentElement(StAXOMBuilder.java:570)
at org.apache.axiom.om.impl.builder.StAXOMBuilder.getDocumentElement(StAXOMBuilder.java:566)
at org.apache.synapse.transport.passthru.util.DeferredMessageBuilder.getDocument(DeferredMessageBuilder.java:160)
at org.apache.synapse.transport.passthru.util.RelayUtils.builldMessage(RelayUtils.java:136)
at org.apache.synapse.transport.passthru.util.RelayUtils.buildMessage(RelayUtils.java:99)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.buildMessage(Axis2SynapseEnvironment.java:817)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.send(Axis2SynapseEnvironment.java:546)
at org.apache.synapse.mediators.builtin.SendMediator.mediate(SendMediator.java:118)
at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:97)
at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:281)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.mediateFromContinuationStateStack(Axis2SynapseEnvironment.java:775)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:282)
at org.apache.synapse.core.axis2.SynapseCallbackReceiver.handleMessage(SynapseCallbackReceiver.java:554)
at org.apache.synapse.core.axis2.SynapseCallbackReceiver.receive(SynapseCallbackReceiver.java:188)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ClientWorker.run(ClientWorker.java:262)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: javax.xml.stream.XMLStreamException: DOCTYPE is not allowed
at org.apache.axiom.util.stax.dialect.DisallowDoctypeDeclStreamReaderWrapper.next(DisallowDoctypeDeclStreamReaderWrapper.java:36)
at org.apache.axiom.om.impl.builder.StAXOMBuilder.parserNext(StAXOMBuilder.java:681)
at org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:214)
... 21 more
[2017-05-05 16:09:01,709] [] ERROR - Axis2SynapseEnvironment Error while building message
org.apache.axis2.AxisFault: Error while building Passthrough stream
at org.apache.synapse.transport.passthru.util.RelayUtils.handleException(RelayUtils.java:283)
at org.apache.synapse.transport.passthru.util.RelayUtils.builldMessage(RelayUtils.java:142)
at org.apache.synapse.transport.passthru.util.RelayUtils.buildMessage(RelayUtils.java:99)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.buildMessage(Axis2SynapseEnvironment.java:817)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.send(Axis2SynapseEnvironment.java:546)
at org.apache.synapse.mediators.builtin.SendMediator.mediate(SendMediator.java:118)
at org.apache.synapse.mediators.AbstractListMediator.mediate(AbstractListMediator.java:97)
at org.apache.synapse.mediators.base.SequenceMediator.mediate(SequenceMediator.java:281)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.mediateFromContinuationStateStack(Axis2SynapseEnvironment.java:775)
at org.apache.synapse.core.axis2.Axis2SynapseEnvironment.injectMessage(Axis2SynapseEnvironment.java:282)
at org.apache.synapse.core.axis2.SynapseCallbackReceiver.handleMessage(SynapseCallbackReceiver.java:554)
at org.apache.synapse.core.axis2.SynapseCallbackReceiver.receive(SynapseCallbackReceiver.java:188)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180)
at org.apache.synapse.transport.passthru.ClientWorker.run(ClientWorker.java:262)
at org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeWorkerPool.java:172)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1142)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:617)
at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.axiom.om.OMException: javax.xml.stream.XMLStreamException: DOCTYPE is not allowed
at org.apache.axiom.om.impl.builder.StAXOMBuilder.next(StAXOMBuilder.java:296)
at ...
[2017-05-05 16:11:03,952] [] WARN - SynapseCallbackReceiver Synapse received a response for the request with message Id : urn:uuid:c14afbec-7e12-4c9a-be5e-0746
53fed0e6 But a callback is not registered (anymore) to process this response
My questions are:
Has anyone been able to take the correct tests by following the guide?
How do I pass the other data to create the resource fhir (further base, type and format) as described here?
Thanks in advance
UPDATE: After I have enabled messageBuilder and messageFormatter (as suggested by Hariprasath) the previus error is resolved
but now I have an other error:
[2017-05-10 16:42:20,891] [] DEBUG - RelayUtils Content Type is application/fhir+json; charset=utf-8
[2017-05-10 16:42:20,893] [] ERROR - Axis2Sender Unexpected error during sending message out
java.lang.NullPointerException
at org.apache.coyote.http11.InternalNioOutputBuffer.addToBB(InternalNioOutputBuffer.java:211
This is because of the response is an HTML page(with the content-type is in text/html format). Usually, we need to enable the following formatter and builder to avoid this error and supports text/html format. Please add following message builders and formatters to the sections in /repository/conf/axis2/axis2.xml.
<messageBuilder contentType="text/html"
class="org.wso2.carbon.relay.BinaryRelayBuilder"/>
<messageFormatter contentType="text/html"
class="org.wso2.carbon.relay.ExpandingMessageFormatter"/>
Make sure that you add/enable builders and formatter for "text/html" in /repository/conf/axis2/axis2.xml file.
<messageFormatter contentType="text/html"
class="org.wso2.carbon.relay.ExpandingMessageFormatter"/>
[1] https://github.com/wso2-extensions/esb-connector-fhir/blob/master/src/test/INTEGRATION-TEST.txt
I want to consume a JAX-WS service method. the methode is named find and accept a String as argument.
this the Mule flow :
<flow name="InvokeAWebServiceFlow1" doc:name="InvokeAWebServiceFlow1">
<file:inbound-endpoint path="C:\MuleStudio\SandBox\input" pollingFrequency="3000" responseTimeout="10000" doc:name="File"/>
<file:file-to-string-transformer encoding="UTF-8" mimeType="text/xml" doc:name="File to String"/>
<cxf:jaxws-client port="douaneWSPort" serviceClass="WSDL.DouaneWS" doc:name="SOAP" enableMuleSoapHeaders="true" operation="find"/>
<echo-component doc:name="Echo"/>
<file:outbound-endpoint path="C:\MuleStudio\SandBox\output" outputPattern="#[function:datestamp:dd-MM-yy]_#[function:systime].xml" responseTimeout="10000" doc:name="File"/>
</flow>
I put a argument into a file, in this exampl the argument is "ctr1" after i put the file into the inbound endpoint, after that the file is transformed into a String and goes to the JAX-WS client, finally the respponse is written into an output file.
when I run the flow I get as an output :
<soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
<soap:Body>
<ns2:find xmlns:ns2="http://douane.ws/">
<id>ctr1</id>
</ns2:find>
</soap:Body>
</soap:Envelope>
the output is the SOAP the request instead of the expected SOAP Response, that should be somthing like:
<S:Envelope xmlns:S="http://schemas.xmlsoap.org/soap/envelope/">
<S:Body>
<ns2:findResponse xmlns:ns2="http://douane.ws/">
<return>
<quality>medium</quality>
<price>150</price>
<idProd>ctr1</idProd>
</return>
</ns2:findResponse>
</S:Body>
</S:Envelope
>
.
The error generate is
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+ Started app 'invokeawebservice' +
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
INFO 2013-05-14 11:13:15,024 [[invokeawebservice].connector.file.mule.default.receiver.01] org.mule.transport.file.FileMessageReceiver: Lock obtained on file: C:\MuleStudio\SandBox\input\input.txt
INFO 2013-05-14 11:13:15,155 [[invokeawebservice].InvokeAWebServiceFlow1.stage1.02] org.mule.component.simple.LogComponent:
********************************************************************************
* Message received in service: InvokeAWebServiceFlow1. Content is: *
* '<soap:Envelope *
* xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><ns2:find *
* xmlns:ns2...[100 of 173]' *
********************************************************************************
INFO 2013-05-14 11:13:15,184 [[invokeawebservice].connector.file.mule.default.dispatcher.01] org.mule.lifecycle.AbstractLifecycleManager: Initialising: 'connector.file.mule.default.dispatcher.2917880'. Object is: FileMessageDispatcher
INFO 2013-05-14 11:13:15,184 [[invokeawebservice].connector.file.mule.default.dispatcher.01] org.mule.lifecycle.AbstractLifecycleManager: Starting: 'connector.file.mule.default.dispatcher.2917880'. Object is: FileMessageDispatcher
INFO 2013-05-14 11:13:15,200 [[invokeawebservice].connector.file.mule.default.dispatcher.01] org.mule.transport.file.FileConnector: Writing file to: C:\MuleStudio\SandBox\output\14-05-13_1368522795199.xml
WARN 2013-05-14 11:13:15,261 [[invokeawebservice].InvokeAWebServiceFlow1.stage1.02] org.apache.cxf.phase.PhaseInterceptorChain: Interceptor for {http://douane.ws/}DouaneWSService#{http://douane.ws/}find has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: Unexpected wrapper element {http://douane.ws/}find found. Expected {http://douane.ws/}findResponse.
at org.apache.cxf.interceptor.DocLiteralInInterceptor.handleMessage(DocLiteralInInterceptor.java:106)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:799)
at org.mule.module.cxf.transport.MuleUniversalConduit.dispatchMuleMessage(MuleUniversalConduit.java:280)
at org.mule.module.cxf.transport.MuleUniversalConduit$2.handleMessage(MuleUniversalConduit.java:194)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:533)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:375)
at org.mule.module.cxf.CxfOutboundMessageProcessor.doSendWithClient(CxfOutboundMessageProcessor.java:235)
at org.mule.module.cxf.CxfOutboundMessageProcessor.process(CxfOutboundMessageProcessor.java:125)
at org.mule.execution.ExceptionToMessagingExceptionExecutionInterceptor.execute(ExceptionToMessagingExceptionExecutionInterceptor.java:27)
at org.mule.execution.MessageProcessorNotificationExecutionInterceptor.execute(MessageProcessorNotificationExecutionInterceptor.java:61)
at org.mule.execution.MessageProcessorExecutionTemplate.execute(MessageProcessorExecutionTemplate.java:47)
at org.mule.processor.chain.DefaultMessageProcessorChain.doProcess(DefaultMessageProcessorChain.java:95)
at org.mule.processor.chain.AbstractMessageProcessorChain.process(AbstractMessageProcessorChain.java:70)
at org.mule.execution.ExceptionToMessagingExceptionExecutionInterceptor.execute(ExceptionToMessagingExceptionExecutionInterceptor.java:27)
at org.mule.execution.MessageProcessorExecutionTemplate.execute(MessageProcessorExecutionTemplate.java:47)
at org.mule.processor.AbstractInterceptingMessageProcessorBase.processNext(AbstractInterceptingMessageProcessorBase.java:106)
at org.mule.interceptor.AbstractEnvelopeInterceptor.process(AbstractEnvelopeInterceptor.java:55)
at org.mule.processor.AsyncInterceptingMessageProcessor.processNextTimed(AsyncInterceptingMessageProcessor.java:122)
at org.mule.processor.AsyncInterceptingMessageProcessor$AsyncMessageProcessorWorker$1.process(AsyncInterceptingMessageProcessor.java:192)
at org.mule.processor.AsyncInterceptingMessageProcessor$AsyncMessageProcessorWorker$1.process(AsyncInterceptingMessageProcessor.java:185)
at org.mule.execution.ExecuteCallbackInterceptor.execute(ExecuteCallbackInterceptor.java:20)
at org.mule.execution.HandleExceptionInterceptor.execute(HandleExceptionInterceptor.java:34)
at org.mule.execution.HandleExceptionInterceptor.execute(HandleExceptionInterceptor.java:18)
at org.mule.execution.BeginAndResolveTransactionInterceptor.execute(BeginAndResolveTransactionInterceptor.java:58)
at org.mule.execution.ResolvePreviousTransactionInterceptor.execute(ResolvePreviousTransactionInterceptor.java:48)
at org.mule.execution.SuspendXaTransactionInterceptor.execute(SuspendXaTransactionInterceptor.java:54)
at org.mule.execution.ValidateTransactionalStateInterceptor.execute(ValidateTransactionalStateInterceptor.java:44)
at org.mule.execution.IsolateCurrentTransactionInterceptor.execute(IsolateCurrentTransactionInterceptor.java:44)
at org.mule.execution.ExternalTransactionInterceptor.execute(ExternalTransactionInterceptor.java:52)
at org.mule.execution.RethrowExceptionInterceptor.execute(RethrowExceptionInterceptor.java:32)
at org.mule.execution.RethrowExceptionInterceptor.execute(RethrowExceptionInterceptor.java:17)
at org.mule.execution.TransactionalErrorHandlingExecutionTemplate.execute(TransactionalErrorHandlingExecutionTemplate.java:113)
at org.mule.execution.TransactionalErrorHandlingExecutionTemplate.execute(TransactionalErrorHandlingExecutionTemplate.java:34)
at org.mule.processor.AsyncInterceptingMessageProcessor$AsyncMessageProcessorWorker.doRun(AsyncInterceptingMessageProcessor.java:184)
at org.mule.work.AbstractMuleEventWork.run(AbstractMuleEventWork.java:43)
at org.mule.work.WorkerContext.run(WorkerContext.java:311)
at java.util.concurrent.ThreadPoolExecutor.runWorker(Unknown Source)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
at java.lang.Thread.run(Unknown Source)
ERROR 2013-05-14 11:13:15,271 [[invokeawebservice].InvokeAWebServiceFlow1.stage1.02] org.mule.exception.DefaultMessagingExceptionStrategy:
********************************************************************************
Message : Unexpected wrapper element {http://douane.ws/}find found. Expected {http://douane.ws/}findResponse.. Failed to route event via endpoint: org.mule.module.cxf.CxfOutboundMessageProcessor. Message payload is of type: String
Code : MULE_ERROR--2
--------------------------------------------------------------------------------
Exception stack is:
1. Unexpected wrapper element {http://douane.ws/}find found. Expected {http://douane.ws/}findResponse. (org.apache.cxf.interceptor.Fault)
org.apache.cxf.interceptor.DocLiteralInInterceptor:106 (null)
2. Unexpected wrapper element {http://douane.ws/}find found. Expected {http://douane.ws/}findResponse.. Failed to route event via endpoint: org.mule.module.cxf.CxfOutboundMessageProcessor. Message payload is of type: String (org.mule.api.transport.DispatchException)
org.mule.module.cxf.CxfOutboundMessageProcessor:144 (http://www.mulesoft.org/docs/site/current3/apidocs/org/mule/api/transport/DispatchException.html)
--------------------------------------------------------------------------------
Root Exception stack trace:
org.apache.cxf.interceptor.Fault: Unexpected wrapper element {http://douane.ws/}find found. Expected {http://douane.ws/}findResponse.
at org.apache.cxf.interceptor.DocLiteralInInterceptor.handleMessage(DocLiteralInInterceptor.java:106)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:799)
+ 3 more (set debug level logging or '-Dmule.verbose.exceptions=true' for everything)
********************************************************************************
Any help ??
If the webservice you want to consume is hosted, let's say at http://domain.com/ws , than your configuration should look like this:
<flow name="InvokeAWebServiceFlow1" doc:name="InvokeAWebServiceFlow1">
<file:inbound-endpoint path="C:\MuleStudio\SandBox\input" pollingFrequency="3000" responseTimeout="10000" doc:name="File"/>
<file:file-to-string-transformer encoding="UTF-8" mimeType="text/xml" doc:name="File to String"/>
<cxf:jaxws-client port="douaneWSPort" serviceClass="WSDL.DouaneWS" doc:name="SOAP" enableMuleSoapHeaders="true" operation="find"/>
<http:outbound-endpoint address="http://domain.com/ws" />
<echo-component doc:name="Echo"/>
<file:outbound-endpoint path="C:\MuleStudio\SandBox\output" outputPattern="#[function:datestamp:dd-MM-yy]_#[function:systime].xml" responseTimeout="10000" doc:name="File"/>
</flow>
You can find more informations on the topic here