Announcement Announcement Module
Collapse
No announcement yet.
XWS Security client with Websphere exception on XPath.setNameSpaceContext() Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • XWS Security client with Websphere exception on XPath.setNameSpaceContext()

    I've been tasked with incorporating XWS within our existing Websphere 6.1 environment which currently uses Spring-WS for web service clients.

    The following exception is being thrown upon calling XWSSProcessor's secureOutboundMessage method from the callback's doWithMessage method:
    java.lang.VerifyError: javax/xml/xpath/XPath.setNamespaceContext(Ljavax/xml/namespace/NamespaceContextV
    at com.sun.xml.wss.impl.SecurableSoapMessage.getEleme ntByWsuId(SecurableSoapMessage.java:553)
    at com.sun.xml.wss.impl.SecurableSoapMessage.getEleme ntById(SecurableSoapMessage.java:591)
    at com.sun.xml.wss.impl.dsig.DSigResolver.dereference Fragment(DSigResolver.java:275)

    Spring is 1.5.
    The XWS-related jars were copied from JWSDP 2.0 and are as follows:
    wss-provider-update.jar
    xmlsec.jar
    xws-security-jaxrpc.jar
    wxs-service.jar
    To get a clean compile I had to also download xercesImpl-1.5.jar from a Maven location.
    There is a bouncy castle jar (bcprov-jdk15-1.43.jar) that at some time in the past was included in our app.

    I'm wondering if I don't have something configured properly, since xws jars etc have been manually copied.

    The related code and configuration file content are attached.
    The code (i.e. the SSL-related), other than this explicit callback, works with other web services. But those web services do not require BinarySecurityToken/Signature.

    Any help would be GREATLY appreciated.

  • #2
    I'm updating my post. I created a standalone Java app and starting with the spring 2.5.6 and spring-ws 1.5.8 jars, added others to get clean compile. The jars I added were mostly from the Spring-ws-1.5.8-with-dependencies rather than WSDP 2.0. This cleared the isssue and allowed the WS security elements to be created in the SOAP header.
    Unfortunately, the SSL portion of code (the endpoint is https) is failing because the KeyStore can't be read (I'm thinking it might be due to 2048 encryption): "DerInputStream.getLength(): lengthTag=127, too big."

    Comment

    Working...
    X