Wednesday, March 30, 2011

org.apache.axis2.AxisFault: The signature or decryption was invalid; nested exception is: org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size

In each and every WSO2 product, "Security" plays a major role. Any web service hosted in a WSO2 server can be secured with a pre-defined security policy.

It is not enough if only the service is secured. The client who invokes that service too should be adhered to that particular security policy which is applied on the service.

I too once wanted to invoke the secured Hello Service hosted in WSO2 BPS via a secured client.
There is a good blog that I came across where I could get my requirement fulfilled.
http://pathberiya.blogspot.com/2009/10/simple-way-to-secure-your-bpel-services.html

When I tried to run the client after starting up the server I came across the following error.
org.apache.axis2.AxisFault: The signature or decryption was invalid; nested exception is: 
org.apache.xml.security.
encryption.XMLEncryptionException: Illegal key size
Original Exception was java.security.
InvalidKeyException: Illegal key size
at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:527)
at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:375)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:421)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:555)
at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:531)
at SecurityClient.runSecurityClient(SecurityClient.java:86)
at SecurityClient.main(SecurityClient.java:30)
Exception in thread "main" java.lang.NullPointerException
at SecurityClient.main(SecurityClient.java:34)

Also I found a simple solution to resolve this. 
  1. Download  Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files that is compatible with your Java version. 
  2. In the JAVA_HOME/jre/lib/security directory (JAVA_HOME - the directory that you have installed JAVA), you will see local_policy.jar and US_export_policy.jar 
  3. Replace the two jars with the new JCE jars that you downloaded.
  4. Restart the server and run the client again
This will resolve your error.

Enjoy a secured life!!  :)

1 comment:

  1. I am getting following error while running client(policy/sample05 (rampart)) AXIS2 1.6.0 and rampart 1.6

    Exception in thread "main" org.apache.axis2.AxisFault: 1
    at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:531)
    at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:375)
    at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:421)
    at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
    at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
    at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:555)
    at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:531)
    at org.apache.rampart.samples.policy.sample05.Client.main(Client.java:83)

    any help appreciated.

    ReplyDelete