Unable to call WSS Web Service
Hi, I am trying to call a WSS enabled web service in soap ui. Service is deployed on jboss and created with jboss runtime. The jboss WSS configuration for this service is as below:: <k...
Forum Discussion
Hi,
I have got this from red hat jboss team.
Please have a look at this and help me solve this.
They Said:
I've determined that the most likely cause of this error is the "Id" attribute on the <ds:KeyInfo> element in your SOAP request. Looking at the error's stack trace:
2014-01-13 11:05:21,901 ERROR [org.jboss.ws.core.jaxws.handler.HandlerChainExecutor] (http-8003-4) Exception during handler processing
org.w3c.dom.DOMException: NOT_FOUND_ERR: An attempt is made to reference a node in a context where it does not exist.
at org.apache.xerces.dom.ElementImpl.setIdAttributeNode(Unknown Source)
at org.jboss.ws.core.soap.SOAPElementImpl.setIdAttributeNode(SOAPElementImpl.java:841)
at org.apache.xml.security.keys.KeyInfo.(KeyInfo.java:141)
at org.apache.xml.security.signature.XMLSignature.(XMLSignature.java:379)
at org.apache.xml.security.signature.XMLSignature.(XMLSignature.java:326)
at org.jboss.ws.extensions.security.element.Signature.(Signature.java:57)
at org.jboss.ws.extensions.security.element.SecurityHeader.(SecurityHeader.java:85)
at org.jboss.ws.extensions.security.SecurityDecoder.decode(SecurityDecoder.java:192)
at org.jboss.ws.extensions.security.WSSecurityDispatcher.decodeHeader(WSSecurityDispatcher.java:131)
at org.jboss.ws.extensions.security.WSSecurityDispatcher.decodeMessage(WSSecurityDispatcher.java:100)
We can see that JBossWS is processing the WS-Security header, specifically the signature. As it processes the signature, it appears it tries to set an ID attribute on a node (the top two stack frames), and this causes the error.
In addition, I ran an example with a similar WSS configuration, and I did not receive an error. Compare your request's KeyInfo:
<ds:KeyInfo Id="KI-DC79C9B83C2630465B138961511708968">
<wsse:SecurityTokenReference wsu:Id="STR-DC79C9B83C2630465B138961511708969">
<wsse:Reference URI="#X509-DC79C9B83C2630465B138961511708967" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
With my request:
<ds:KeyInfo>
<wsse:SecurityTokenReference wsu:Id='reference-12-1389829949906-1909374930'>
<wsse:Reference URI='#token-11-1389829949906-178868269' ValueType='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3'/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
I have got this from red hat jboss team.
Please have a look at this and help me solve this.
They Said:
I've determined that the most likely cause of this error is the "Id" attribute on the <ds:KeyInfo> element in your SOAP request. Looking at the error's stack trace:
2014-01-13 11:05:21,901 ERROR [org.jboss.ws.core.jaxws.handler.HandlerChainExecutor] (http-8003-4) Exception during handler processing
org.w3c.dom.DOMException: NOT_FOUND_ERR: An attempt is made to reference a node in a context where it does not exist.
at org.apache.xerces.dom.ElementImpl.setIdAttributeNode(Unknown Source)
at org.jboss.ws.core.soap.SOAPElementImpl.setIdAttributeNode(SOAPElementImpl.java:841)
at org.apache.xml.security.keys.KeyInfo.(KeyInfo.java:141)
at org.apache.xml.security.signature.XMLSignature.(XMLSignature.java:379)
at org.apache.xml.security.signature.XMLSignature.(XMLSignature.java:326)
at org.jboss.ws.extensions.security.element.Signature.(Signature.java:57)
at org.jboss.ws.extensions.security.element.SecurityHeader.(SecurityHeader.java:85)
at org.jboss.ws.extensions.security.SecurityDecoder.decode(SecurityDecoder.java:192)
at org.jboss.ws.extensions.security.WSSecurityDispatcher.decodeHeader(WSSecurityDispatcher.java:131)
at org.jboss.ws.extensions.security.WSSecurityDispatcher.decodeMessage(WSSecurityDispatcher.java:100)
We can see that JBossWS is processing the WS-Security header, specifically the signature. As it processes the signature, it appears it tries to set an ID attribute on a node (the top two stack frames), and this causes the error.
In addition, I ran an example with a similar WSS configuration, and I did not receive an error. Compare your request's KeyInfo:
<ds:KeyInfo Id="KI-DC79C9B83C2630465B138961511708968">
<wsse:SecurityTokenReference wsu:Id="STR-DC79C9B83C2630465B138961511708969">
<wsse:Reference URI="#X509-DC79C9B83C2630465B138961511708967" ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3"/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>
With my request:
<ds:KeyInfo>
<wsse:SecurityTokenReference wsu:Id='reference-12-1389829949906-1909374930'>
<wsse:Reference URI='#token-11-1389829949906-178868269' ValueType='http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3'/>
</wsse:SecurityTokenReference>
</ds:KeyInfo>