On Fri, Jun 27, 2008 at 7:53 AM, Tim Williams <[EMAIL PROTECTED]> wrote:
> So I've essentially taken Rampart sample6 and split it across three
> machines with my own web service instead of SimpleService. Here's
> what happens:
>
> 1) client makes Mex request to Service : Service responds.
>
> 2) Client makes token request to STS - STS responds
>
> 3) Client attempts to make the actual call the Service.
>
> Service then responds with "axisFault: Missing wsse:Security header in
> request"
>
> The server logs show something different:
>
> ERROR org.apache.ws.security.components.crypto.CryptoFactory -
> Unable to instantiate (1):
> org.apache.ws.security.components.crypto.Merlin
> java.lang.reflect.InvocationTargetException
>
> So, I checked and made sure I had BouncyCastle jar in lib directory.
> I check that security provider is updated (though I haven't a clue why
> i'm doing this). And, now, I've run out of things to check. i'd
> appreciate any help.
This one turned out to be a keystore problem. Need to always double
check their locations! Anyway, so I've gotten a bit further and now
get another exception.
2008-06-27 09:39:20,915 [http-8080-1] ERROR
org.apache.axis2.transport.http.AxisServlet -
java.lang.NoClassDefFoundError
at javax.crypto.Cipher.getInstance(DashoA12275)
Google turns up several references to this problem and they all lead
back to the bouncy castle/java.security thing. I have double checked
that. One thing about my environment is that it's Solaris, and the
apps are being run from different zones. I made the java.security
change in the global zone and when I log into each zone it seems the
settings are indeed there. The thing is, the STS (also in a zone) is
having no trouble issuing/signing tokens and it's under the same
configuration. I'll keep poking around but would greatly appreciate
any pointers.
Thanks,
--tim
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
