Signature Attachment not found

[AlexandruCiobanu]

Hi Phillip,

I'm experiencing a very odd error: I have setup phase4 peppol server webapp with a custom part that stores the files to specific locations and return AS4MessageProcessorResult.createSuccess() when done processing. I also setup an oxalis server and tried sending a message from oxalis to phase4 server. ON the oxalis side I get the below error. I also tried in testbed and the testbed fails sending the message to phase4. With the local oxalis I see that the underlying error is that attachment not found thing. It seems to be a signature attachment. Is there anything I can do to solve this somehow? I should mention that teh transaction is processed correctly by teh phase4 server and I can see all generated files; it seems the signal message response has some sort of issue.

2020-06-20 14:54:18,789 ERROR [eu.sendregning.oxalis.Main] Execution failed: no.difi.oxalis.as4.lang.OxalisAs4TransmissionException: Failed to send message
java.util.concurrent.ExecutionException: no.difi.oxalis.as4.lang.OxalisAs4TransmissionException: Failed to send message
        at java.base/java.util.concurrent.FutureTask.report(FutureTask.java:122)
        at java.base/java.util.concurrent.FutureTask.get(FutureTask.java:191)
        at eu.sendregning.oxalis.Main.main(Main.java:225)
Caused by: no.difi.oxalis.as4.lang.OxalisAs4TransmissionException: Failed to send message
        at no.difi.oxalis.as4.outbound.As4MessageSender.invoke(As4MessageSender.java:108)
        at no.difi.oxalis.as4.outbound.As4MessageSender.send(As4MessageSender.java:89)
        at no.difi.oxalis.as4.outbound.As4MessageSenderFacade.send(As4MessageSenderFacade.java:20)
        at no.difi.oxalis.api.outbound.MessageSender.send(MessageSender.java:59)
        at no.difi.oxalis.outbound.transmission.DefaultTransmitter.perform(DefaultTransmitter.java:149)
        at no.difi.oxalis.outbound.transmission.DefaultTransmitter.transmit(DefaultTransmitter.java:93)
        at eu.sendregning.oxalis.TransmissionTask.performTransmission(TransmissionTask.java:166)
        at eu.sendregning.oxalis.TransmissionTask.call(TransmissionTask.java:94)
        at eu.sendregning.oxalis.TransmissionTask.call(TransmissionTask.java:48)
        at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
        at java.base/java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:514)
        at java.base/java.util.concurrent.FutureTask.run(FutureTask.java:264)
        at java.base/java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
        at java.base/java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
        at java.base/java.lang.Thread.run(Thread.java:844)
Caused by: javax.xml.ws.soap.SOAPFaultException: javax.xml.crypto.dsig.TransformException: Attachment not found
        at org.apache.cxf.jaxws.DispatchImpl.mapException(DispatchImpl.java:285)
        at org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:330)
        at org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:241)
        at no.difi.oxalis.as4.outbound.As4MessageSender.invoke(As4MessageSender.java:105)
        ... 14 common frames omitted
Caused by: org.apache.cxf.binding.soap.SoapFault: javax.xml.crypto.dsig.TransformException: Attachment not found
        at org.apache.cxf.ws.security.wss4j.WSS4JUtils.createSoapFault(WSS4JUtils.java:236)
        at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:376)
        at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:212)
        at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:123)
        at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:76)
        at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
        at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:829)
        at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1693)
        at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1570)
        at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1371)
        at org.apache.cxf.ext.logging.LoggingOutputStream.postClose(LoggingOutputStream.java:53)
        at org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:228)
        at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
        at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:671)
        at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:63)
        at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:308)
        at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530)
        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:441)
        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:356)
        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:314)
        at org.apache.cxf.endpoint.ClientImpl.invokeWrapped(ClientImpl.java:349)
        at org.apache.cxf.jaxws.DispatchImpl.invoke(DispatchImpl.java:322)
        ... 16 common frames omitted
Caused by: org.apache.wss4j.common.ext.WSSecurityException: javax.xml.crypto.dsig.TransformException: Attachment not found
        at org.apache.wss4j.dom.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:399)
        at org.apache.wss4j.dom.processor.SignatureProcessor.handleToken(SignatureProcessor.java:232)
        at org.apache.wss4j.dom.engine.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:340)
        at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:320)
        ... 36 common frames omitted
Caused by: javax.xml.crypto.dsig.XMLSignatureException: javax.xml.crypto.dsig.TransformException: Attachment not found
        at org.apache.jcp.xml.dsig.internal.dom.DOMReference.transform(DOMReference.java:541)
        at org.apache.jcp.xml.dsig.internal.dom.DOMReference.validate(DOMReference.java:383)
        at org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.validate(DOMXMLSignature.java:277)
        at org.apache.wss4j.dom.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:372)
        ... 39 common frames omitted
Caused by: javax.xml.crypto.dsig.TransformException: Attachment not found
        at org.apache.wss4j.dom.transform.AttachmentContentSignatureTransform.attachmentRequestCallback(AttachmentContentSignatureTransform.java:141)
        at org.apache.wss4j.dom.transform.AttachmentContentSignatureTransform.transform(AttachmentContentSignatureTransform.java:120)
        at org.apache.jcp.xml.dsig.internal.dom.DOMTransform.transform(DOMTransform.java:169)
        at org.apache.jcp.xml.dsig.internal.dom.DOMReference.transform(DOMReference.java:453)
        ... 42 common frames omitted

[phax]

Hi @AlexandruCiobanu , do you eventually have the message that phase4 is receiving and the response send back available and you can send these 2 files to me by email? I guess it has something to do with the signed ID parts... BR, Philip

[AlexandruCiobanu]

I have them and can send. What is the email?

[AlexandruCiobanu]

nevermind, found it. Sent you the emai

[phax]

Got the mail and I think I know what it is. When you build the results, you somehow add the "attachments" from the original request (the one with ID "15c20b22-c320-4ad3-ab5f-9bd9b6822fb4@ip-10-10-136-128.eu-west-1.compute.internal") to the response. So please check where you add attachments to AS4MessageProcessorResult using the factory method createSuccessExt. Don't add attachments to the response signal message in case of Peppol.

[AlexandruCiobanu]

Sorry for bothering you with this. I found that I was setting createSuccess in phase4 webapp but apparently I did not do it in phase4-peppol-webapp.

[phax]

Okay. And that issue with the attachments was understandable? Could you reproduce the error?

[AlexandruCiobanu]

Seems it was due to the attachments being returned in signal message. Testbed passed after I removed that part. Thank you for all the help!