Announcement Announcement Module
Collapse
No announcement yet.
server is not decrypting the SOAP reqeust Page Title Module
Move Remove Collapse
X
Conversation Detail Module
Collapse
  • Filter
  • Time
  • Show
Clear All
new posts

  • server is not decrypting the SOAP reqeust

    Hi,

    I am developing web services using spring framework and i am using XwsSecurityInterceptor to secure my web service.
    When client is sending the SOAP request, it is encrypting the SOAP request and sending it to the server. But at the server side PayloadRootAnnotationMethodEndpointMapping is not able to locate the endpoint.

    Following are the debug statements:

    Code:
    11:40:14,455 DEBUG [org.springframework.ws.server.endpoint.mapping.PayloadRootAnnotationMethodEndpointMapping] Looking up endpoint for [{http://www.w3.org/2001/04/xmlenc#}EncryptedData]
    11:40:14,455 DEBUG [org.springframework.ws.soap.server.SoapMessageDispatcher] Endpoint mapping [org.springframework.ws.server.endpoint.mapping.PayloadRootAnnotationMethodEndpointMapping@11c135c] has no mapping for request
    11:40:14,455 WARN  [org.springframework.ws.server.EndpointNotFound] No endpoint mapping found for [SaajSoapMessage {http://www.w3.org/2001/04/xmlenc#}EncryptedData]
    Looks like the SOAP request is not decrypted at server side. But i have configured the XwsSecurityInterceptor at server side also. I am not sure what is missing at server side.
    I am completely new to web services and spring-ws framework. Can anyone help me in resolving this issue.

    client side configuration details:
    Code:
    	<bean id="userProfileService" class="com.ko.userprofile.consumer.soap.impl.UserProfileServiceImpl">      
    	    <property name="defaultUri" value="https://localhost:8443/userprofile-ws/services/userprofile" />
    	    <property name="marshaller" ref="marshaller" />
    	    <property name="unmarshaller" ref="marshaller" />
    	    <property name="messageSender" ref="httpMessageSender" />
    		<property name="interceptors">
    			<list>
    				<ref bean="wsSecurityInterceptor" />
    			</list>
    		</property>
    	</bean>
    
        <bean id="marshaller" class="org.springframework.oxm.xmlbeans.XmlBeansMarshaller" />
        
        <bean id="httpMessageSender" class="org.springframework.ws.transport.http.CommonsHttpMessageSender" />
    	
    	<bean id="wsSecurityInterceptor" class="org.springframework.ws.soap.security.xwss.XwsSecurityInterceptor">
    	    <property name="policyConfiguration" value="src/test/resources/xwssPolicy.xml"/>
    	    <property name="callbackHandlers">
    	        <list>
    	            <ref bean="keyStoreHandler"/>
    	        </list>
    	    </property>
    	</bean>
    
        <bean id="keyStoreHandler" class="org.springframework.ws.soap.security.xwss.callback.KeyStoreCallbackHandler">
            <property name="trustStore" ref="trustStore"/>
            <property name="privateKeyPassword" value="<<password>>" />
        </bean>
    
        <bean id="trustStore" class="org.springframework.ws.soap.security.support.KeyStoreFactoryBean">
            <property name="location" value="src/test/resources/up_keystore.jks"/>
            <property name="password" value="<<password>>"/>
        </bean>
    server side configuration:
    Code:
        <bean class="org.springframework.ws.server.endpoint.adapter.GenericMarshallingMethodEndpointAdapter">
            <property name="marshaller" ref="marshaller" />
            <property name="unmarshaller" ref="marshaller" />
        </bean>
    
        <bean id="marshaller" class="org.springframework.oxm.xmlbeans.XmlBeansMarshaller">
            <description>
                The XMLBeans Marshaller is used by the endpoints.
            </description>
        </bean>
    
    	<bean class="org.springframework.ws.server.endpoint.mapping.PayloadRootAnnotationMethodEndpointMapping">
    		<property name="interceptors">
    			<list>
    				<ref bean="wsSecurityInterceptor" />
    			</list>
    		</property>
    	</bean>
    
        <bean id="userprofile" class="org.springframework.ws.wsdl.wsdl11.SimpleWsdl11Definition">    	
        	<constructor-arg value="classpath:/soap/UserProfile.wsdl"/> 
        </bean>
    
    	<bean id="wsSecurityInterceptor" class="org.springframework.ws.soap.security.xwss.XwsSecurityInterceptor">
    		<property name="policyConfiguration" value="classpath:xwssPolicy.xml"/>
    		<property name="callbackHandler" ref="keyStoreHandler"/>
    		<property name="validateRequest" value="false" />
    	</bean>
    	
    	<bean id="keyStoreHandler" class="org.springframework.ws.soap.security.xwss.callback.KeyStoreCallbackHandler">
    		<property name="trustStore" ref="trustStore"/>
    	</bean>
    	
    	<bean id="trustStore" class="org.springframework.ws.soap.security.support.KeyStoreFactoryBean">
    		<property name="location" value="classpath:up_keystore.jks"/>
    		<property name="password" value="<<password>>"/>
    	</bean>
    Last edited by l_satyadev; Sep 1st, 2010, 07:19 AM.

  • #2
    Hi l_satyadev,

    I am getting the same problem, may I have your solution? thanks~

    Comment


    • #3
      Originally posted by kelvinlaw View Post
      Hi l_satyadev,

      I am getting the same problem, may I have your solution? thanks~
      You cannot use payload mapping with an encrypted message. This is due to the fact that interception is done after the mapping. So, when the mapping occurs, the payload is still encrypted. This means the encrypted qname of the payload does not map to any values defined in your configuration. What is required in this case is a SOAP action mapping on the client.

      Comment

      Working...
      X