Announcement Announcement Module
No announcement yet.
Problems Signing Messages Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • Problems Signing Messages


    I am working with Spring-WS 1.5.0-m2 and am trying to send a Signed message from my client with a UsernameToken. I am using the XwsSecurityInterceptor for both the client and the service. I have successfully got the UsernameToken authentication working but when I try to Sign the message and send it to the server I get the error message below, on the client side.
    I am not an expert by any means when it comes to certificates, etc but I have carefully followed the reference manual and I cannot find where I have made a mistake. Does anyone have any idea what the problem might be? I have pasted my security policy file and spring configuration below the error message. If anyone has any idea I would be greatful for the help. Thanks.

    Feb 19, 2008 4:03:09 PM urityInterceptor handleSecurementException
    SEVERE: Could not secure response: com.sun.xml.wss.XWSSecurityException: java.lang.NullPointerException: signingKey cannot be null; nested exception i
    s com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.XWSSecurityException: java.lang.NullPointerException: signingKey cannot be null itySecurementException: com.sun.xml.wss.XWSSecurityException: java.lang.NullPointerException: signin
    gKey cannot be null; nested exception is com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.XWSSecurityException: java.lang.NullPointerException: s
    igningKey cannot be null
    at ityInterceptor.secureMessage(XwsSecurityIntercepto
    at urityInterceptor.handleRequest(AbstractWsSecurityI
    at ate.doSendAndReceive(
    at ate.sendAndReceive(
    at ate.marshalSendAndReceive( 295)
    at ate.marshalSendAndReceive( 283)
    at ate.marshalSendAndReceive( 275)
    at )
    Caused by: com.sun.xml.wss.XWSSecurityException: com.sun.xml.wss.XWSSecurityException: java.lang.NullPointerException: signingKey cannot be null
    at com.sun.xml.wss.impl.misc.XWSSProcessor2_0Impl.sec ureOutboundMessage(
    at ityInterceptor.secureMessage(XwsSecurityIntercepto
    ... 7 more
    Caused by: com.sun.xml.wss.XWSSecurityException: java.lang.NullPointerException: signingKey cannot be null
    at com.sun.xml.wss.impl.dsig.SignatureProcessor.sign(
    at com.sun.xml.wss.impl.filter.SignatureFilter.proces s(
    at com.sun.xml.wss.impl.HarnessUtil.processWSSPolicy(
    at com.sun.xml.wss.impl.HarnessUtil.processDeep(Harne
    at com.sun.xml.wss.impl.SecurityAnnotator.processMess agePolicy(
    at com.sun.xml.wss.impl.SecurityAnnotator.secureMessa ge(
    at com.sun.xml.wss.impl.misc.XWSSProcessor2_0Impl.sec ureOutboundMessage(
    ... 8 more

    <!-- Security Policy File -->
    <?xml version="1.0" encoding="UTF-8"?>
    <xwss:SecurityConfiguration xmlns:xwss="">	
    	<xwss:Sign id="signature">
    		<xwss:X509Token certificateAlias="mykey"/>
    	<xwss:UsernameToken useNonce="true"	digestPassword="true" />
    <!-- Spring client configuration -->
    <?xml version="1.0" encoding="UTF-8"?>
    <beans xmlns=""
    	<bean id="policyService"
    		<property name="defaultUri"
    			value="http://localhost:8081/PolicyService/ws/PolicyService" />
    		<property name="marshaller" ref="jibxMarsheller" />
    		<property name="unmarshaller" ref="jibxMarsheller" />
    		<property name="faultMessageResolver">
    				<property name="unmarshaller" ref="jibxMarsheller" />
    		<property name="interceptors">
    				<ref bean="wsSecurityInterceptor" />
    	<!-- Marshellers and Unmarshellers for PolicyService binding file -->
    	<!-- The targetClass is used to locate the binding file to be loaded. Once the file is loaded all classes defined
    		in the binding file are loaded. Therefore, only one jibx marsheller needs to be defined per binding file. -->
    	<bean id="jibxMarsheller"
    		<property name="targetClass"
    			value="" />
    	<!-- WS-Security Interceptor -->
    	<bean id="wsSecurityInterceptor"
    		<property name="policyConfiguration"
    			value="classpath:securityPolicy.xml" />
    		<property name="callbackHandlers">
    				<ref bean="usernamePasswordHandler" />
    				<ref bean="signatureKeyStoreHandler" />				
    	<!-- Authentication CallbackHandler -->
    	<bean id="usernamePasswordHandler"
    		<property name="username" value="swanjr" />
    		<property name="password" value="1234" />
    	<!-- KeyStoreCallbackHandler -->
    	<bean id="signatureKeyStoreHandler"
    		<property name="keyStore" ref="keyStore" />
    		<property name="privateKeyPassword" value="123456" />
    	<!-- Signature Keystore -->
    	<bean id="keyStore"
    		<property name="location" value="classpath:keystore.jks" />
    		<property name="password" value="234567" />

  • #2
    Try to define your alias on your 'signatureKeyStoreHandler':
    <bean id="signatureKeyStoreHandler" class="">
    	<property name="keyStore" ref="keyStore"></property>
    	<property name="privateKeyPassword" value="123456"></property>
    	<property name="defaultAlias" value="mykey"></property>
    instead in your security policy file.


    • #3
      Still not working

      I declared my alias in the spring context file instead of the security policy file but I get the same error. Thanks for the reply, though.


      • #4

        I figured out what the problem was. I mistakenly created the certificate in the truststore on the service side and exported it to the keystore on the client side instead of the other way around. Thanks for the help.