Details
-
Bug
-
Status: Open
-
Critical
-
Resolution: Unresolved
-
1.7.0, 1.7.7
-
None
-
None
-
Apache Tomcat 9
Description
I created a secured (sign body) Axis2 Web Service and generated .aar archive which I deployed to Axis2 Container (.war in Apache Tomcat). I then used Java2WSDL to generate a client stub. I finally created the class below that uses the client stub.
In a nutshell the main method of the class calls consecutively the first then the second method of the service. I create a separate service stub for each call, using serviceStub() method and configure correctly the rampart security policy using getRampartConfig() method.
package tn.nat.cnss.client; import java.util.Properties; import java.rmi.RemoteException; import org.apache.axis2.AxisFault; import org.apache.axis2.context.ConfigurationContext; import org.apache.axis2.context.ConfigurationContextFactory; import org.apache.axis2.transport.http.HTTPConstants; import org.apache.neethi.Policy; import org.apache.rampart.policy.model.CryptoConfig; import org.apache.rampart.policy.model.RampartConfig; import tn.nat.cnss.client.Sample2SignBodyServiceStub.ArrayOfString; import tn.nat.cnss.client.Sample2SignBodyServiceStub.Operation1; import tn.nat.cnss.client.Sample2SignBodyServiceStub.Operation2; import tn.nat.cnss.client.Sample2SignBodyServiceStub.Operation1Response; import tn.nat.cnss.client.Sample2SignBodyServiceStub.Operation2Response; import tn.nat.cnss.client.Sample2SignBodyServiceStub.ServiceRequestOperation1; import tn.nat.cnss.client.Sample2SignBodyServiceStub.ServiceRequestOperation2; public class Sample2SignBodyServiceClient { private static Policy getRampartConfig() { RampartConfig rampartConfig = new RampartConfig(); rampartConfig.setUser("clientkey"); rampartConfig.setPwCbClass("tn.nat.cnss.client.PasswordCallBackHandler"); CryptoConfig sigCrypto = new CryptoConfig(); sigCrypto.setProvider("org.apache.ws.security.components.crypto.Merlin"); Properties props = new Properties(); props.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", "JKS"); props.setProperty("org.apache.ws.security.crypto.merlin.file","keys/client.jks"); props.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", "clientStorePW"); sigCrypto.setProp(props); rampartConfig.setSigCryptoConfig(sigCrypto); Policy policy = new Policy(); policy.addAssertion(rampartConfig); return policy; } private static Sample2SignBodyServiceStub serviceStub() throws AxisFault { org.apache.log4j.Logger.getRootLogger().setLevel(org.apache.log4j.Level.OFF); ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem("client-repo", null); Sample2SignBodyServiceStub serviceStub = new Sample2SignBodyServiceStub(ctx,"http://localhost:8080/axis2/services/Sample2SignBodyService"); serviceStub._getServiceClient().engageModule("rampart"); Policy rampartConfig = getRampartConfig(); serviceStub._getServiceClient().getAxisService().getPolicySubject().attachPolicy(rampartConfig); serviceStub._getServiceClient().getOptions().setTimeOutInMilliSeconds(300000); serviceStub._getServiceClient().getOptions().setProperty(HTTPConstants.SO_TIMEOUT, new Integer(300000)); serviceStub._getServiceClient().getOptions().setProperty(HTTPConstants.CONNECTION_TIMEOUT, new Integer(300000)); return serviceStub; } public static Operation1Response operation1(String...parameters) throws RemoteException, AxisFault { Sample2SignBodyServiceStub serviceStub = serviceStub(); ServiceRequestOperation1 req = new ServiceRequestOperation1(); req.setParam1(parameters[0]); req.setParam2(parameters[1]); req.setParam3(parameters[2]); Operation1 operation = new Operation1(); operation.setServiceRequestOperation1(req); Operation1Response resp = serviceStub.operation1(operation); serviceStub._getServiceClient().cleanupTransport(); serviceStub._getServiceClient().cleanup(); serviceStub.cleanup(); return resp; } public static Operation2Response operation2(String...parameters) throws RemoteException, AxisFault { Sample2SignBodyServiceStub serviceStub = serviceStub(); ServiceRequestOperation2 req = new ServiceRequestOperation2(); req.setParam1(parameters[0]); req.setParam2(parameters[1]); Operation2 operation = new Operation2(); operation.setServiceRequestOperation2(req); Operation2Response resp = serviceStub.operation2(operation); serviceStub._getServiceClient().cleanupTransport(); serviceStub._getServiceClient().cleanup(); serviceStub.cleanup(); return resp; } public static void main(String[] args) throws Exception { Operation1Response operation1Response = operation1("0", "99999", "99999"); System.out.println("operation1: Debut Execution"); System.out.println(operation1Response.get_return().getResult()); System.out.println("Nombre de colonnes: " + operation1Response.get_return().getNumberColumns()); System.out.println("Nombre de lignes: " + operation1Response.get_return().getNumberLines()); for (ArrayOfString array : operation1Response.get_return().getDataSet()) { for (String s : array.localArray) { System.out.print(s + "\t"); } System.out.println(); } System.out.println("operation1: Fin Execution"); Operation2Response operation2Response = operation2("0", "99999"); System.out.println("operation2: Debut Execution"); System.out.println(operation2Response.get_return().getResult()); System.out.println("Nombre de colonnes: " + operation2Response.get_return().getNumberColumns()); System.out.println("Nombre de lignes: " + operation2Response.get_return().getNumberLines()); for (ArrayOfString array : operation2Response.get_return().getDataSet()) { for (String s : array.localArray) { System.out.print(s + "\t"); } System.out.println(); } System.out.println("operation2: Fin Execution"); } }
The problem is that execution leads to the intermittent error below. By intermittent I mean that sometimes both operation calls execute properly, but some other times only the first call or none.
org.apache.axis2.AxisFault: Rampart policy configuration missing
at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:76)
at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:335)
at org.apache.axis2.engine.Phase.invoke(Phase.java:308)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:250)
at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:415)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:399)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:225)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:150)
at tn.nat.cnss.client.Sample4SignEncryptBodyServiceSSLStub.operation2(Sample4SignEncryptBodyServiceSSLStub.java:307)
at tn.nat.cnss.client.Sample4SignEncryptBodyServiceSSLClient.operation2(Sample4SignEncryptBodyServiceSSLClient.java:121)
at tn.nat.cnss.client.Sample4SignEncryptBodyServiceSSLClient.main(Sample4SignEncryptBodyServiceSSLClient.java:162)
Caused by: org.apache.rampart.RampartException: Rampart policy configuration missing
at org.apache.rampart.builder.BindingBuilder.getSignatureBuilder(BindingBuilder.java:277)
at org.apache.rampart.builder.BindingBuilder.getSignatureBuilder(BindingBuilder.java:250)
at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:760)
at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:417)
at org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricBindingBuilder.java:88)
at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:147)
at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:65)
... 10 more
I use Axis2 version 1.7.0 and Apache Tomcat 9.0 with Java 8.