In each and every WSO2 product, "Security" plays a major role. Any web service hosted in a WSO2 server can be secured with a pre-defined security policy.
It is not enough if only the service is secured. The client who invokes that service too should be adhered to that particular security policy which is applied on the service.
I too once wanted to invoke the secured Hello Service hosted in WSO2 BPS via a secured client.
There is a good blog that I came across where I could get my requirement fulfilled.
http://pathberiya.blogspot.com/2009/10/simple-way-to-secure-your-bpel-services.html
When I tried to run the client after starting up the server I came across the following error.
It is not enough if only the service is secured. The client who invokes that service too should be adhered to that particular security policy which is applied on the service.
I too once wanted to invoke the secured Hello Service hosted in WSO2 BPS via a secured client.
There is a good blog that I came across where I could get my requirement fulfilled.
http://pathberiya.blogspot.com/2009/10/simple-way-to-secure-your-bpel-services.html
When I tried to run the client after starting up the server I came across the following error.
org.apache.axis2.AxisFault: The signature or decryption was invalid; nested exception is:
org.apache.xml.security.
Original Exception was java.security.
at org.apache.axis2.util.Utils.
at org.apache.axis2.description.
at org.apache.axis2.description.
at org.apache.axis2.description.
at org.apache.axis2.client.
at org.apache.axis2.client.
at org.apache.axis2.client.
at SecurityClient.
at SecurityClient.main(
Exception in thread "main" java.lang.NullPointerException
at SecurityClient.main(
org.apache.xml.security.
Original Exception was java.security.
at org.apache.axis2.util.Utils.
at org.apache.axis2.description.
at org.apache.axis2.description.
at org.apache.axis2.description.
at org.apache.axis2.client.
at org.apache.axis2.client.
at org.apache.axis2.client.
at SecurityClient.
at SecurityClient.main(
Exception in thread "main" java.lang.NullPointerException
at SecurityClient.main(
Also I found a simple solution to resolve this.
- Download Java Cryptography Extension (JCE) Unlimited Strength Jurisdiction Policy Files that is compatible with your Java version.
- In the JAVA_HOME/jre/lib/security directory (JAVA_HOME - the directory that you have installed JAVA), you will see local_policy.jar and US_export_policy.jar
- Replace the two jars with the new JCE jars that you downloaded.
- Restart the server and run the client again
Enjoy a secured life!! :)
I am getting following error while running client(policy/sample05 (rampart)) AXIS2 1.6.0 and rampart 1.6
ReplyDeleteException in thread "main" org.apache.axis2.AxisFault: 1
at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:531)
at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:375)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:421)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:555)
at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:531)
at org.apache.rampart.samples.policy.sample05.Client.main(Client.java:83)
any help appreciated.