Announcement Announcement Module
Collapse
No announcement yet.
Spring WS Security with WSS4J: Looking for external properties file error Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • Spring WS Security with WSS4J: Looking for external properties file error

    Hi all,
    I am trying to implement Spring WS Security for a SOAP web service using a WSS4J interceptor. When my client sends a signed/encrypted message, my web service throws the following error, looking for an external "crypto property file" for decryption:

    Code:
    WARN [org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor] - <Could not validate request: General security error (WSSecurityEngine: No crypto property file supplied for decryption); nested exception is org.apache.ws.security.WSSecurityException: General security error (WSSecurityEngine: No crypto property file supplied for decryption)>
    According to the Spring documentation (section 7.3.1), the WSS4J interceptor is not supposed to need an external configuration file.

    Here is my Spring config:

    Code:
    <sws:interceptors>
    
            <bean id="loggingInterceptor"
                  class="org.springframework.ws.server.endpoint.interceptor.PayloadLoggingInterceptor">
                <property name="logRequest" value="true"/>
                <property name="logResponse" value="true"/>
            </bean>
    
            <bean class="org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor">
                <property name="validationActions" value="Encrypt Signature"/>
                <property name="validationSignatureCrypto">
                    <bean class="org.springframework.ws.soap.security.wss4j.support.CryptoFactoryBean">
                        <property name="keyStorePassword" value="${conedws.trustStorePassword}"/>
                        <property name="keyStoreLocation" value="${conedws.trustStoreLocation}"/>
                    </bean>
                </property>
    
                <property name="securementActions" value="Encrypt Signature"/>
                <property name="securementSignatureCrypto">
                    <bean class="org.springframework.ws.soap.security.wss4j.support.CryptoFactoryBean">
                        <property name="keyStorePassword" value="${conedws.keyStorePassword}"/>
                        <property name="keyStoreLocation" value="${conedws.keyStoreLocation}"/>
                    </bean>
                </property>
            </bean>
    
        </sws:interceptors>
    Am I missing something in my configuration? Thanks in advance!

  • #2
    OK I figured it out, I was missing some additional config properties for encryption/decryption. Corrected Spring config is:

    Code:
    <bean class="org.springframework.ws.soap.security.wss4j.Wss4jSecurityInterceptor">
                <property name="validationActions" value="Encrypt Signature"/>
                <property name="validationSignatureCrypto">
                    <bean class="org.springframework.ws.soap.security.wss4j.support.CryptoFactoryBean">
                        <property name="keyStorePassword" value="${conedws.trustStoreLocation}"/>
                        <property name="keyStoreLocation" value="${conedws.trustStoreLocation}"/>
                    </bean>
                </property>
                <property name="validationDecryptionCrypto">
                    <bean class="org.springframework.ws.soap.security.wss4j.support.CryptoFactoryBean">
                        <property name="keyStorePassword" value="${conedws.keyStorePassword}"/>
                        <property name="keyStoreLocation" value="${conedws.keyStoreLocation}"/>
                    </bean>
                </property>
    
                <property name="securementActions" value="Encrypt Signature"/>
                <property name="securementSignatureCrypto">
                    <bean class="org.springframework.ws.soap.security.wss4j.support.CryptoFactoryBean">
                        <property name="keyStorePassword" value="${conedws.keyStorePassword}"/>
                        <property name="keyStoreLocation" value="${conedws.keyStoreLocation}"/>
                    </bean>
                </property>
                <property name="securementEncryptionCrypto">
                    <bean class="org.springframework.ws.soap.security.wss4j.support.CryptoFactoryBean">
                        <property name="keyStorePassword" value="${conedws.trustStorePassword}"/>
                        <property name="keyStoreLocation" value="${conedws.trustStoreLocation}"/>
                    </bean>
                </property>
            </bean>

    Comment

    Working...
    X