Uploaded image for project: 'WSS4J'
  1. WSS4J
  2. WSS-419

failing after redeploy The signature or decryption was invalid

    XMLWordPrintableJSON

    Details

    • Type: Bug
    • Status: Closed
    • Priority: Trivial
    • Resolution: Won't Fix
    • Affects Version/s: 1.6.9
    • Fix Version/s: None
    • Component/s: WSS4J Core
    • Labels:
    • Environment:

      Description

      I have a very curious situation.

      I made a JAX-WS application with WSS4J(1.6.9)

      When I first deploy the war. it works.
      When I redeploy the war glassfish shows this.

      SEVERE ... component referenced from annotation symbol cannot be found
      symbol: javax.jws.HandlerChain
      location: class kr.co.ticomms.corrs.service.test.SecureTestEndpoint|#]

      It's probably related to http://java.net/jira/browse/GLASSFISH-16875

      When I trying the endpiont, I got this.

      java.lang.RuntimeException: org.apache.ws.security.WSSecurityException: The signature or decryption was invalid
      at kr.co.ticomms.corrs.service.wss.UsernameTokenHandler.handleMessage(UsernameTokenHandler.java:253)
      at kr.co.ticomms.corrs.service.wss.UsernameTokenHandler.handleMessage(UsernameTokenHandler.java:47)
      at com.sun.xml.ws.handler.HandlerProcessor.callHandleMessage(HandlerProcessor.java:297)
      at com.sun.xml.ws.handler.HandlerProcessor.callHandlersRequest(HandlerProcessor.java:140)
      at com.sun.xml.ws.handler.ServerSOAPHandlerTube.callHandlersOnRequest(ServerSOAPHandlerTube.java:138)
      at com.sun.xml.ws.handler.HandlerTube.processRequest(HandlerTube.java:127)
      at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:961)
      at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:910)
      at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:873)
      at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:775)
      at com.sun.xml.ws.api.pipe.helper.AbstractTubeImpl.process(AbstractTubeImpl.java:116)
      at org.glassfish.webservices.MonitoringPipe.process(MonitoringPipe.java:142)
      at com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:119)
      at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:961)
      at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:910)
      at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:873)
      at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:775)
      at com.sun.xml.ws.api.pipe.helper.AbstractTubeImpl.process(AbstractTubeImpl.java:116)
      at com.sun.enterprise.security.webservices.CommonServerSecurityPipe.processRequest(CommonServerSecurityPipe.java:212)
      at com.sun.enterprise.security.webservices.CommonServerSecurityPipe.process(CommonServerSecurityPipe.java:144)
      at com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:119)
      at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:961)
      at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:910)
      at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:873)
      at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:775)
      at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:386)
      at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:640)
      at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:263)
      at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:163)
      at org.glassfish.webservices.JAXWSServlet.doPost(JAXWSServlet.java:145)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:688)
      at javax.servlet.http.HttpServlet.service(HttpServlet.java:770)
      at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1550)
      at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:281)
      at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:175)
      at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:655)
      at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:595)
      at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:161)
      at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:331)
      at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:231)
      at com.sun.enterprise.v3.services.impl.ContainerMapper$AdapterCallable.call(ContainerMapper.java:317)
      at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:195)
      at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:860)
      at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:757)
      at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:1056)
      at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:229)
      at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:137)
      at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:104)
      at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:90)
      at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:79)
      at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:54)
      at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:59)
      at com.sun.grizzly.ContextTask.run(ContextTask.java:71)
      at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:532)
      at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:513)
      at java.lang.Thread.run(Thread.java:722)
      Caused by: org.apache.ws.security.WSSecurityException: The signature or decryption was invalid
      at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:446)
      at org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:231)
      at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396)
      at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:303)
      at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:248)
      at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:202)
      at kr.co.ticomms.corrs.service.wss.UsernameTokenHandler.handleMessage(UsernameTokenHandler.java:248)
      ... 55 more
      Caused by: javax.xml.crypto.dsig.XMLSignatureException: java.lang.NullPointerException
      at org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature$DOMSignatureValue.validate(DOMXMLSignature.java:553)
      at org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.validate(DOMXMLSignature.java:254)
      at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:419)
      ... 61 more
      Caused by: java.lang.NullPointerException
      at org.apache.xml.security.utils.UnsyncBufferedOutputStream.<init>(UnsyncBufferedOutputStream.java:47)
      at org.apache.jcp.xml.dsig.internal.dom.DOMSignedInfo.canonicalize(DOMSignedInfo.java:216)
      at org.apache.jcp.xml.dsig.internal.dom.DOMHMACSignatureMethod.verify(DOMHMACSignatureMethod.java:164)
      at org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature$DOMSignatureValue.validate(DOMXMLSignature.java:550)
      ... 63 more

      #]

      Is this a GF's problem or is there any bootstrapping code in WSS4J?
      Every time I redeployed the war, I should restart the GlassFish.

        Attachments

          Activity

            People

            • Assignee:
              coheigea Colm O hEigeartaigh
              Reporter:
              jinahya Jin Kwon
            • Votes:
              0 Vote for this issue
              Watchers:
              2 Start watching this issue

              Dates

              • Created:
                Updated:
                Resolved: