Results 1 to 3 of 3

Thread: server is not decrypting the SOAP reqeust

  1. Sep 1st, 2010, 01:58 AM #1
    l_satyadev
    l_satyadev is offline Junior Member
    Join Date
    Apr 2009
    Posts
    1

    Unhappy server is not decrypting the SOAP reqeust

    Hi,

    I am developing web services using spring framework and i am using XwsSecurityInterceptor to secure my web service.
    When client is sending the SOAP request, it is encrypting the SOAP request and sending it to the server. But at the server side PayloadRootAnnotationMethodEndpointMapping is not able to locate the endpoint.

    Following are the debug statements:

    Code:
    11:40:14,455 DEBUG [org.springframework.ws.server.endpoint.mapping.PayloadRootAnnotationMethodEndpointMapping] Looking up endpoint for [{http://www.w3.org/2001/04/xmlenc#}EncryptedData]
11:40:14,455 DEBUG [org.springframework.ws.soap.server.SoapMessageDispatcher] Endpoint mapping [org.springframework.ws.server.endpoint.mapping.PayloadRootAnnotationMethodEndpointMapping@11c135c] has no mapping for request
11:40:14,455 WARN  [org.springframework.ws.server.EndpointNotFound] No endpoint mapping found for [SaajSoapMessage {http://www.w3.org/2001/04/xmlenc#}EncryptedData]
    Looks like the SOAP request is not decrypted at server side. But i have configured the XwsSecurityInterceptor at server side also. I am not sure what is missing at server side.
    I am completely new to web services and spring-ws framework. Can anyone help me in resolving this issue.

    client side configuration details:
    Code:
    	<bean id="userProfileService" class="com.ko.userprofile.consumer.soap.impl.UserProfileServiceImpl">      
	    <property name="defaultUri" value="https://localhost:8443/userprofile-ws/services/userprofile" />
	    <property name="marshaller" ref="marshaller" />
	    <property name="unmarshaller" ref="marshaller" />
	    <property name="messageSender" ref="httpMessageSender" />
		<property name="interceptors">
			<list>
				<ref bean="wsSecurityInterceptor" />
			</list>
		</property>
	</bean>

    <bean id="marshaller" class="org.springframework.oxm.xmlbeans.XmlBeansMarshaller" />
    
    <bean id="httpMessageSender" class="org.springframework.ws.transport.http.CommonsHttpMessageSender" />
	
	<bean id="wsSecurityInterceptor" class="org.springframework.ws.soap.security.xwss.XwsSecurityInterceptor">
	    <property name="policyConfiguration" value="src/test/resources/xwssPolicy.xml"/>
	    <property name="callbackHandlers">
	        <list>
	            <ref bean="keyStoreHandler"/>
	        </list>
	    </property>
	</bean>

    <bean id="keyStoreHandler" class="org.springframework.ws.soap.security.xwss.callback.KeyStoreCallbackHandler">
        <property name="trustStore" ref="trustStore"/>
        <property name="privateKeyPassword" value="<<password>>" />
    </bean>

    <bean id="trustStore" class="org.springframework.ws.soap.security.support.KeyStoreFactoryBean">
        <property name="location" value="src/test/resources/up_keystore.jks"/>
        <property name="password" value="<<password>>"/>
    </bean>
    server side configuration:
    Code:
        <bean class="org.springframework.ws.server.endpoint.adapter.GenericMarshallingMethodEndpointAdapter">
        <property name="marshaller" ref="marshaller" />
        <property name="unmarshaller" ref="marshaller" />
    </bean>

    <bean id="marshaller" class="org.springframework.oxm.xmlbeans.XmlBeansMarshaller">
        <description>
            The XMLBeans Marshaller is used by the endpoints.
        </description>
    </bean>

	<bean class="org.springframework.ws.server.endpoint.mapping.PayloadRootAnnotationMethodEndpointMapping">
		<property name="interceptors">
			<list>
				<ref bean="wsSecurityInterceptor" />
			</list>
		</property>
	</bean>

    <bean id="userprofile" class="org.springframework.ws.wsdl.wsdl11.SimpleWsdl11Definition">    	
    	<constructor-arg value="classpath:/soap/UserProfile.wsdl"/> 
    </bean>

	<bean id="wsSecurityInterceptor" class="org.springframework.ws.soap.security.xwss.XwsSecurityInterceptor">
		<property name="policyConfiguration" value="classpath:xwssPolicy.xml"/>
		<property name="callbackHandler" ref="keyStoreHandler"/>
		<property name="validateRequest" value="false" />
	</bean>
	
	<bean id="keyStoreHandler" class="org.springframework.ws.soap.security.xwss.callback.KeyStoreCallbackHandler">
		<property name="trustStore" ref="trustStore"/>
	</bean>
	
	<bean id="trustStore" class="org.springframework.ws.soap.security.support.KeyStoreFactoryBean">
		<property name="location" value="classpath:up_keystore.jks"/>
		<property name="password" value="<<password>>"/>
	</bean>
    Last edited by l_satyadev; Sep 1st, 2010 at 06:19 AM.
    Reply With Quote Reply With Quote
  2. Jun 6th, 2012, 05:04 AM #2
    kelvinlaw
    kelvinlaw is offline Junior Member
    Join Date
    Jun 2007
    Posts
    6

    Default

    Hi l_satyadev,

    I am getting the same problem, may I have your solution? thanks~
    Reply With Quote Reply With Quote
  3. Aug 8th, 2012, 04:19 PM #3
    jwarfield
    jwarfield is offline Junior Member
    Join Date
    Jun 2012
    Posts
    5

    Default

    Quote Originally Posted by kelvinlaw View Post
    Hi l_satyadev,

    I am getting the same problem, may I have your solution? thanks~
    You cannot use payload mapping with an encrypted message. This is due to the fact that interception is done after the mapping. So, when the mapping occurs, the payload is still encrypted. This means the encrypted qname of the payload does not map to any values defined in your configuration. What is required in this case is a SOAP action mapping on the client.
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Tags for this Thread

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  

Forum Rules