search

javaee / metro-wsit

https://javaee.github.io/metro-wsit/
Other
9 stars 24 forks source link

client side Internal error in security processing of .Net 3.0 transacted web service #420

Open glassfishrobot opened 17 years ago

glassfishrobot commented 17 years ago

Following stack trace is from Java web service client accessing .Net 3.0 WCF sample for WS-Atomic Transaction. Here is path to MS web service in sample that comes with .Net 3.0 RTM.

Will attach the Java web service client to bug report. MS service is found in WCFSamples\TechnologySamples\Basic\Binding\WS\TransactionFlow\CS\service.

Java web service client was configured with keystore/truststore updated with copyv3 certificates.

Summary of stack trace: (full stack trace at end of report)

WSITPVD0012: Internal Error: Could not detect whether Reliable Messaging is enabled or not. java.lang.NullPointerException at com.sun.xml.ws.security.impl.policyconv.BindingProcessor.addPrimaryTargets (BindingProcessor.java:167) at com.sun.xml.ws.security.impl.policyconv.SymmetricBindingProcessor.process (SymmetricBindingProcessor.java:123) at com.sun.xml.ws.security.impl.policyconv.XWSSPolicyGenerator.process (XWSSPolicyGenerator.java:149)

Possible problem: Unsure if need to configure trust store. If need to, could not figure out from quick check in tutorial how to do it. In any event, error message does not state that web service requires trust store to be configured.

To run submitted bug case successfully, one does need to do following ssl security for WS-AT/Coordination protcol messages to work.

To configure https security for MS WS-AT, see .Net 3.0 WS-AT configuration at http://msdn2.microsoft.com/en-us/library/ms733943.aspx.

To configure https security for Sun Client, the machine involved must have static ip address and fully qualified dns name. To export the Sun Client security certificate to be imported into .Net 3.0 WS-AT security run % keytool -export -keystore /domains/domain1/config/keystore.jks - alias s1as -file

Follow directions in .Net 3.0 instructions on how to import this security certificate and use it .Net 3.0 WS-AT configuration. The .Net 3.0 security certificate for WS-AT endpoint must be exported and imported into glassfish truststore using following commaind.

%keytool -import -keystore /domains/domain1/config/cacerts.jks - alias someName -file

Full stack trace:

WSITPVD0012: Internal Error: Could not detect whether Reliable Messaging is enabled or not. java.lang.NullPointerException at com.sun.xml.ws.security.impl.policyconv.BindingProcessor.addPrimaryTargets (BindingProcessor.java:167) at com.sun.xml.ws.security.impl.policyconv.SymmetricBindingProcessor.process (SymmetricBindingProcessor.java:123) at com.sun.xml.ws.security.impl.policyconv.XWSSPolicyGenerator.process (XWSSPolicyGenerator.java:149) at com.sun.xml.ws.security.impl.policyconv.XWSSPolicyGenerator.process (XWSSPolicyGenerator.java:119) at com.sun.xml.wss.provider.wsit.WSITAuthContextBase.constructPolicyHolder (WSITAuthContextBase.java:837) at com.sun.xml.wss.provider.wsit.WSITClientAuthContext.addIncomingProtocolPolicy (WSITClientAuthContext.java:393) at com.sun.xml.wss.provider.wsit.WSITAuthContextBase.buildProtocolPolicy (WSITAuthContextBase.java:790) at com.sun.xml.wss.provider.wsit.WSITAuthContextBase.collectPolicies (WSITAuthContextBase.java:332) at com.sun.xml.wss.provider.wsit.WSITAuthContextBase. (WSITAuthContextBase.java:278) at com.sun.xml.wss.provider.wsit.WSITClientAuthContext. (WSITClientAuthContext.java:112) at com.sun.xml.wss.provider.wsit.WSITClientAuthConfig.getAuthContext (WSITClientAuthConfig.java:116) at com.sun.enterprise.security.jmac.config.PipeHelper.getClientAuthContext (PipeHelper.java:102) at com.sun.enterprise.webservice.ClientSecurityPipe.process (ClientSecurityPipe.java:143) at com.sun.xml.ws.tx.client.TxClientPipe.process(TxClientPipe.java:228) at com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest (PipeAdapter.java:79) at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:559) at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:518) at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:503) at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:400) at com.sun.xml.ws.client.Stub.process(Stub.java:228) at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:120) at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke (SyncMethodHandler.java:226) at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke (SyncMethodHandler.java:206) at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:103) at $Proxy91.add(Unknown Source) at calculator.client.CalculatorClientServlet.processRequest (CalculatorClientServlet.java:82) at calculator.client.CalculatorClientServlet.doGet (CalculatorClientServlet.java:208) at javax.servlet.http.HttpServlet.service(HttpServlet.java:705) at javax.servlet.http.HttpServlet.service(HttpServlet.java:818) at org.apache.catalina.core.ApplicationFilterChain.servletService (ApplicationFilterChain.java:398) at org.apache.catalina.core.StandardWrapperValve.invoke (StandardWrapperValve.java:277) at org.apache.catalina.core.StandardContextValve.invokeInternal (StandardContextValve.java:255) at org.apache.catalina.core.StandardContextValve.invoke (StandardContextValve.java:188) at org.apache.catalina.core.StandardPipeline.doInvoke (StandardPipeline.java:611) at org.apache.catalina.core.StandardPipeline.doInvoke (StandardPipeline.java:564) at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:81) at org.apache.catalina.core.StandardHostValve.invoke (StandardHostValve.java:207) at org.apache.catalina.core.StandardPipeline.doInvoke (StandardPipeline.java:611) at org.apache.catalina.core.StandardPipeline.doInvoke (StandardPipeline.java:564) at org.apache.catalina.core.StandardPipeline.invoke (StandardPipeline.java:558) at org.apache.catalina.core.ContainerBase.invoke (ContainerBase.java:1067) at org.apache.catalina.core.StandardEngineValve.invoke (StandardEngineValve.java:137) at org.apache.catalina.core.StandardPipeline.doInvoke (StandardPipeline.java:611) at org.apache.catalina.core.StandardPipeline.doInvoke (StandardPipeline.java:564) at org.apache.catalina.core.StandardPipeline.invoke (StandardPipeline.java:558) at org.apache.catalina.core.ContainerBase.invoke (ContainerBase.java:1067) at org.apache.coyote.tomcat5.CoyoteAdapter.service (CoyoteAdapter.java:249) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter (DefaultProcessorTask.java:618) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess (DefaultProcessorTask.java:549) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process (DefaultProcessorTask.java:790) at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask (DefaultReadTask.java:326) at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask (DefaultReadTask.java:248) at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask (DefaultReadTask.java:199) at com.sun.enterprise.web.portunif.PortUnificationPipeline$PUTask.doTask (PortUnificationPipeline.java:328) at com.sun.enterprise.web.connector.grizzly.TaskBase.run (TaskBase.java:252) at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run (SSLWorkerThread.java:93) SEC2004: Container-auth: wss: Error securing request java.lang.RuntimeException: WSITPVD0012: Internal Error: Could not detect whether Reliable Messaging is enabled or not. at com.sun.xml.wss.provider.wsit.WSITAuthContextBase. (WSITAuthContextBase.java:286) at com.sun.xml.wss.provider.wsit.WSITClientAuthContext. (WSITClientAuthContext.java:112) at com.sun.xml.wss.provider.wsit.WSITClientAuthConfig.getAuthContext (WSITClientAuthConfig.java:116) at com.sun.enterprise.security.jmac.config.PipeHelper.getClientAuthContext (PipeHelper.java:102) at com.sun.enterprise.webservice.ClientSecurityPipe.process (ClientSecurityPipe.java:143) at com.sun.xml.ws.tx.client.TxClientPipe.process(TxClientPipe.java:228) at com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest (PipeAdapter.java:79) at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:559) at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:518) at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:503) at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:400) at com.sun.xml.ws.client.Stub.process(Stub.java:228) at com.sun.xml.ws.client.sei.SEIStub.doProcess(SEIStub.java:120) at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke (SyncMethodHandler.java:226) at com.sun.xml.ws.client.sei.SyncMethodHandler.invoke (SyncMethodHandler.java:206) at com.sun.xml.ws.client.sei.SEIStub.invoke(SEIStub.java:103) at $Proxy91.add(Unknown Source) at calculator.client.CalculatorClientServlet.processRequest (CalculatorClientServlet.java:82) at calculator.client.CalculatorClientServlet.doGet (CalculatorClientServlet.java:208) at javax.servlet.http.HttpServlet.service(HttpServlet.java:705) at javax.servlet.http.HttpServlet.service(HttpServlet.java:818) at org.apache.catalina.core.ApplicationFilterChain.servletService (ApplicationFilterChain.java:398) at org.apache.catalina.core.StandardWrapperValve.invoke (StandardWrapperValve.java:277) at org.apache.catalina.core.StandardContextValve.invokeInternal (StandardContextValve.java:255) at org.apache.catalina.core.StandardContextValve.invoke (StandardContextValve.java:188) at org.apache.catalina.core.StandardPipeline.doInvoke (StandardPipeline.java:611) at org.apache.catalina.core.StandardPipeline.doInvoke (StandardPipeline.java:564) at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:81) at org.apache.catalina.core.StandardHostValve.invoke (StandardHostValve.java:207) at org.apache.catalina.core.StandardPipeline.doInvoke (StandardPipeline.java:611) at org.apache.catalina.core.StandardPipeline.doInvoke (StandardPipeline.java:564) at org.apache.catalina.core.StandardPipeline.invoke (StandardPipeline.java:558) at org.apache.catalina.core.ContainerBase.invoke (ContainerBase.java:1067) at org.apache.catalina.core.StandardEngineValve.invoke (StandardEngineValve.java:137) at org.apache.catalina.core.StandardPipeline.doInvoke (StandardPipeline.java:611) at org.apache.catalina.core.StandardPipeline.doInvoke (StandardPipeline.java:564) at org.apache.catalina.core.StandardPipeline.invoke (StandardPipeline.java:558) at org.apache.catalina.core.ContainerBase.invoke (ContainerBase.java:1067) at org.apache.coyote.tomcat5.CoyoteAdapter.service (CoyoteAdapter.java:249) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter (DefaultProcessorTask.java:618) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess (DefaultProcessorTask.java:549) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process (DefaultProcessorTask.java:790) at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask (DefaultReadTask.java:326) at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask (DefaultReadTask.java:248) at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.doTask (DefaultReadTask.java:199) at com.sun.enterprise.web.portunif.PortUnificationPipeline$PUTask.doTask (PortUnificationPipeline.java:328) at com.sun.enterprise.web.connector.grizzly.TaskBase.run (TaskBase.java:252) at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run (SSLWorkerThread.java:93) Caused by: java.lang.NullPointerException at com.sun.xml.ws.security.impl.policyconv.BindingProcessor.addPrimaryTargets (BindingProcessor.java:167) at com.sun.xml.ws.security.impl.policyconv.SymmetricBindingProcessor.process (SymmetricBindingProcessor.java:123) at com.sun.xml.ws.security.impl.policyconv.XWSSPolicyGenerator.process (XWSSPolicyGenerator.java:149) at com.sun.xml.ws.security.impl.policyconv.XWSSPolicyGenerator.process (XWSSPolicyGenerator.java:119) at com.sun.xml.wss.provider.wsit.WSITAuthContextBase.constructPolicyHolder (WSITAuthContextBase.java:837) at com.sun.xml.wss.provider.wsit.WSITClientAuthContext.addIncomingProtocolPolicy (WSITClientAuthContext.java:393) at com.sun.xml.wss.provider.wsit.WSITAuthContextBase.buildProtocolPolicy (WSITAuthContextBase.java:790) at com.sun.xml.wss.provider.wsit.WSITAuthContextBase.collectPolicies (WSITAuthContextBase.java:332) at com.sun.xml.wss.provider.wsit.WSITAuthContextBase. (WSITAuthContextBase.java:278) ... 47 more

Environment

Operating System: All Platform: All

Affected Versions

[current]

glassfishrobot commented 17 years ago

Reported by jfialli@java.net

glassfishrobot commented 17 years ago

jfialli@java.net said: Created an attachment (id=283) Test Case: Java Web Service client of MS .Net 3.0 sample. Deploy in glassfish

glassfishrobot commented 17 years ago

jfialli@java.net said: Created an attachment (id=284) WSDL for .Net 3.0 transacted service

glassfishrobot commented 17 years ago

jfialli@java.net said: One last addition to report, here are messages from wsimport

parsing WSDL...

[WARNING] SOAP port "WSAtomicTransaction_endpoint": uses a non-standard SOAP 1.2 binding. line 1 of file:/C:/at/tango/wstx/samples/ms/CalculatorClient/CalculatorClient/src/conf/xml resources/web-service references/service/wsdl/localhost_8000/ServiceModelSamples/service.wsdl

[WARNING] SOAP port "OleTransactions_endpoint": uses a non-standard SOAP 1.2 binding. line 1 of file:/C:/at/tango/wstx/samples/ms/CalculatorClient/CalculatorClient/src/conf/xml resources/web-service references/service/wsdl/localhost_8000/ServiceModelSamples/service.wsdl

glassfishrobot commented 17 years ago

jfialli@java.net said: One last addition to report, here are messages from wsimport

parsing WSDL...

[WARNING] SOAP port "WSAtomicTransaction_endpoint": uses a non-standard SOAP 1.2 binding. line 1 of file:/C:/at/tango/wstx/samples/ms/CalculatorClient/CalculatorClient/src/conf/xml resources/web-service references/service/wsdl/localhost_8000/ServiceModelSamples/service.wsdl

[WARNING] SOAP port "OleTransactions_endpoint": uses a non-standard SOAP 1.2 binding. line 1 of file:/C:/at/tango/wstx/samples/ms/CalculatorClient/CalculatorClient/src/conf/xml resources/web-service references/service/wsdl/localhost_8000/ServiceModelSamples/service.wsdl

glassfishrobot commented 17 years ago

jfialli@java.net said: One last addition to report, here are messages from wsimport

parsing WSDL...

[WARNING] SOAP port "WSAtomicTransaction_endpoint": uses a non-standard SOAP 1.2 binding. line 1 of file:/C:/at/tango/wstx/samples/ms/CalculatorClient/CalculatorClient/src/conf/xml resources/web-service references/service/wsdl/localhost_8000/ServiceModelSamples/service.wsdl

[WARNING] SOAP port "OleTransactions_endpoint": uses a non-standard SOAP 1.2 binding. line 1 of file:/C:/at/tango/wstx/samples/ms/CalculatorClient/CalculatorClient/src/conf/xml resources/web-service references/service/wsdl/localhost_8000/ServiceModelSamples/service.wsdl

glassfishrobot commented 17 years ago

jfialli@java.net said: Correction to intial submission for following comment:

Possible problem: Unsure if need to configure trust store. If need to, could not figure out from quick check in tutorial how to do it. In any event, error message does not state that web service requires trust store to be configured.

CORRECTION: I meant "Secure Token Service", not "trust store". Configuring trust store happened as part of running copyv3 and verification step proved that worked just fine.

glassfishrobot commented 17 years ago

jfialli@java.net said: Update title to state that internal error is from Java web service client.

glassfishrobot commented 17 years ago

venu@java.net said: started looking into this issue.

glassfishrobot commented 17 years ago

jfialli@java.net said: Source for Java Web Service Client of .Net 3.0 TransactionFlow sample checked in internally.

set CVSROOT=:pserver:jf39279@sunsw.sfbay.sun.com:/sw/wpts cvs co tango/wstx/samples/ms/CalculatorClient

glassfishrobot commented 17 years ago

venu@java.net said: SPNegoContext token is not supported in this release of WSIT,is in the plan for next release. Changed the category.

glassfishrobot commented 17 years ago

venu@java.net said: Status got changed by mistake.

glassfishrobot commented 17 years ago

File: CalculatorClient.war Attached By: jfialli@java.net

glassfishrobot commented 17 years ago

File: service.wsdl Attached By: jfialli@java.net

glassfishrobot commented 17 years ago

Was assigned to venu@java.net

glassfishrobot commented 7 years ago

This issue was imported from java.net JIRA WSIT-420