Skip to main content

Web Services security not working on GF v3

Please note these java.net forums are being decommissioned and use the new and improved forums at https://community.oracle.com/community/java.
No replies
sebsto
Offline
Joined: 2004-10-02

Dear All,

I am deploying web services and securing them with OpenSSO STS (or OpenAM).
I have a GF instance for my web service provider
I have a GF instance for OpenSSO STS
and a web service client in command line

Everything is OK when deploying on GF v2.

Same code is not working when deployed under GF v3. Web Service Provider is unable to verify SOAP's message XML signature.
See exception below.

Is this a known problem with GF v3 ? A regression ?
Thanks for your help

com.sun.org.apache.xml.internal.security.signature.XMLSignatureException: Unknown transformation. No handler installed for URI http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-sec...
Original Exception was com.sun.org.apache.xml.internal.security.transforms.TransformationException: Unknown transformation. No handler installed for URI http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-sec...
Original Exception was com.sun.org.apache.xml.internal.security.transforms.InvalidTransformException: Unknown transformation. No handler installed for URI http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-sec...
at com.sun.org.apache.xml.internal.security.signature.Reference.getContentsAfterTransformation(Unknown Source)
at com.sun.org.apache.xml.internal.security.signature.Reference.dereferenceURIandPerformTransforms(Unknown Source)
at com.sun.org.apache.xml.internal.security.signature.Reference.calculateDigest(Unknown Source)
at com.sun.org.apache.xml.internal.security.signature.Reference.verify(Unknown Source)
at com.sun.org.apache.xml.internal.security.signature.Manifest.verifyReferences(Unknown Source)
at com.sun.org.apache.xml.internal.security.signature.SignedInfo.verify(Unknown Source)
at com.sun.org.apache.xml.internal.security.signature.XMLSignature.checkSignatureValue(Unknown Source)
at com.sun.identity.wss.xmlsig.WSSSignatureProvider.verifyWSSSignature(WSSSignatureProvider.java:1038)
at com.sun.identity.saml.xmlsig.XMLSignatureManager.verifyWSSSignature(XMLSignatureManager.java:759)
at com.sun.identity.wss.security.handler.SecureSOAPMessage.verifySignature(SecureSOAPMessage.java:1059)
at com.sun.identity.wss.security.handler.SOAPRequestHandler.validateRequest(SOAPRequestHandler.java:325)
at com.sun.identity.wssagents.jaxws.server.ServerHandler.handleMessage(ServerHandler.java:113)
at com.sun.identity.wssagents.jaxws.server.ServerHandler.handleMessage(ServerHandler.java:47) <<<<<------------ This is OpenSSO WSS Handler
at com.sun.xml.ws.handler.HandlerProcessor.callHandleMessage(HandlerProcessor.java:284)
at com.sun.xml.ws.handler.HandlerProcessor.callHandlersRequest(HandlerProcessor.java:135)
at com.sun.xml.ws.handler.ServerSOAPHandlerTube.callHandlersOnRequest(ServerSOAPHandlerTube.java:134)
at com.sun.xml.ws.handler.HandlerTube.processRequest(HandlerTube.java:116)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:629)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:588)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:573)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:470)
at com.sun.xml.ws.api.pipe.helper.AbstractTubeImpl.process(AbstractTubeImpl.java:112)
at org.glassfish.webservices.MonitoringPipe.process(MonitoringPipe.java:138)
at com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:115)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:629)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:588)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:573)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:470)
at com.sun.xml.ws.api.pipe.helper.AbstractTubeImpl.process(AbstractTubeImpl.java:112)
at com.sun.enterprise.security.webservices.CommonServerSecurityPipe.processRequest(CommonServerSecurityPipe.java:195)
at com.sun.enterprise.security.webservices.CommonServerSecurityPipe.process(CommonServerSecurityPipe.java:127)
at com.sun.xml.ws.api.pipe.helper.PipeAdapter.processRequest(PipeAdapter.java:115)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:629)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:588)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:573)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:470)
at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSEndpointImpl.java:295)
at com.sun.xml.ws.transport.http.HttpAdapter$HttpToolkit.handle(HttpAdapter.java:519)
at com.sun.xml.ws.transport.http.HttpAdapter.handle(HttpAdapter.java:288)
at com.sun.xml.ws.transport.http.servlet.ServletAdapter.handle(ServletAdapter.java:143)
at org.glassfish.webservices.JAXWSServlet.doPost(JAXWSServlet.java:149)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:754)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:847)
at org.apache.catalina.core.StandardWrapper.service(StandardWrapper.java:1523)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:279)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:188)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:641)
at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:97)
at com.sun.enterprise.web.PESessionLockingStandardPipeline.invoke(PESessionLockingStandardPipeline.java:85)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:185)
at org.apache.catalina.connector.CoyoteAdapter.doService(CoyoteAdapter.java:325)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:226)
at com.sun.enterprise.v3.services.impl.ContainerMapper.service(ContainerMapper.java:165)
at com.sun.grizzly.http.ProcessorTask.invokeAdapter(ProcessorTask.java:791)
at com.sun.grizzly.http.ProcessorTask.doProcess(ProcessorTask.java:693)
at com.sun.grizzly.http.ProcessorTask.process(ProcessorTask.java:954)
at com.sun.grizzly.http.DefaultProtocolFilter.execute(DefaultProtocolFilter.java:170)
at com.sun.grizzly.DefaultProtocolChain.executeProtocolFilter(DefaultProtocolChain.java:135)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:102)
at com.sun.grizzly.DefaultProtocolChain.execute(DefaultProtocolChain.java:88)
at com.sun.grizzly.http.HttpProtocolChain.execute(HttpProtocolChain.java:76)
at com.sun.grizzly.ProtocolChainContextTask.doCall(ProtocolChainContextTask.java:53)
at com.sun.grizzly.SelectionKeyContextTask.call(SelectionKeyContextTask.java:57)
at com.sun.grizzly.ContextTask.run(ContextTask.java:69)
at com.sun.grizzly.util.AbstractThreadPool$Worker.doWork(AbstractThreadPool.java:330)
at com.sun.grizzly.util.AbstractThreadPool$Worker.run(AbstractThreadPool.java:309)
at java.lang.Thread.run(Thread.java:680)