Announcement Announcement Module
No announcement yet.
wss4jinterceptor: keystore cannot be read in weblogic 10.3 Page Title Module
Move Remove Collapse
Conversation Detail Module
  • Filter
  • Time
  • Show
Clear All
new posts

  • wss4jinterceptor: keystore cannot be read in weblogic 10.3

    I am using following stack to build a secure web service with spring:
    spring 2.5.6
    spring web services 1.5.8

    I created a keystore using java keytool and am using the file for securing the web service calls using wss4j.
    <bean id="wsDigCerSecurityInterceptor"
    class=" Wss4jSecurityInterceptor">
    <property name="validationActions" value="Signature" />
    <property name="validationSignatureCrypto">
    class=" support.CryptoFactoryBean">
    <property name="keyStorePassword" value="keystorepassword" />
    <property name="keyStoreLocation"><value>classpath:/keystore.jks</value></property>

    Everything works fine when i deploy it on Apache Tomcat 6.0.18
    But when i deploy the war on weblogic 10R3, I get the exception
    PropertyAccessException 1: org.springframework.beans.MethodInvocationExceptio n: Property 'keyStoreLocation' threw exception; nested exception is class path resource [keystore.jks] cannot be resolved to absolute file path because it does not reside in the file system: zip:/bea/user_projects/domains/cluster_domain/servers/ManagedServer_2/tmp/_WL_user/csfwl/fste1z/war/WEB-INF/lib/_wl_cls_gen.jar!/keystore.jks

    Any help with this is appreciated.

  • #2

    Anyone with an answer for this issue ? How is it possible on Weblogic to set the keyStoreLocation ?

    Weblogic builds a jar out of classes dir (_wl_cls_gen.jar) but the keyStoreLocation setter cannot read the jks from the jar. Where must the jks reside in order to be visible and how to set the definition path for keyStoreLocation to pick up the file ?


    • #3
      No one faced this problem ?

      As far as I can see, this issue makes the usage of spring-ws stack on weblogic impossible. How was the testing done ? Only with username/password ? no encryption at all ?


      • #4
        The solution for me was to make another CryptoFactoryBean in which I searched for the jks in a different location.

        1. I've put the jks in WEB-INF instead of WEB-INF/classes
        2. in setKeyStoreLocation I obtained the root of the classpath (which is 'classes' directory) and stepped up one level in the search for the jks.

        Below is the code:
        public void setKeyStoreLocation(Resource location) throws IOException {
        		File keyStoreFile = null;
        		if (location.exists()) {
        			keyStoreFile = location.getFile();
        		else {
        			// if the resource is not found, search in /WEB-INF directory - one level up
        			// root of classpath is the 'classes' directory
        			log.debug("keyStoreLocation resource not found in classpath. Searching one level up from 'classes' directory");
        			String path = this.getClass().getResource("/").getPath();
        			String root = "/classes";
        			int index = path.lastIndexOf(root);
        			path = path.substring(0, index);
        			log.debug("resource " + location.getFilename() + " searched in path [" + path + "]");
        			path += "/" + location.getFilename();
        			keyStoreFile = new File(path);
        			if (keyStoreFile != null && keyStoreFile.exists()) {
        				log.debug("resource found in [" + keyStoreFile.getAbsolutePath() + "]");
        			else {
        				log.debug("resource not found .. bummer");
        		this.configuration.setProperty("", keyStoreFile.getPath());
        The bean definition:
        <bean id="cryptoFactory" class="a.b.c.CustomCryptoFactoryBean">
        	<property name="keyStorePassword" value="password" />
        	<property name="keyStoreLocation" value="classpath:keystore.jks" />