Thanks for the reply kumar.
No luck by restarting tomcat one more time, and the jks-files seem fine
when inspected whith keytool.
I promise that the keystore and truststore files are located in the
directory "/opt/jwsdp-1.4/xws-security/etc/" as specified in the
connector.
I've also tried as sugested by Vishal to change the path to
"/usr/local/tomcat-jwsdp-1.4/xws-security/etc/" where the files are also
located.
One more funny thing is that when i write "
https://localhost:8443" i am
asked to accept a certificate with the name xws-security-server. So it seems
tomcat can find the server-keystore at least.
Here comes the full StackTrace from tomcats logfile launcher.server.log:
Oct 7, 2004 2:01:08 PM com.sun.xml.wss.filter.ImportCertificateTokenFilter
process
SEVERE: WSS0156: Exception [ java.lang.NullPointerException: the keystore
parameter must be non-null ] while validating certificate
Oct 7, 2004 2:01:09 PM com.sun.xml.rpc.server.StreamingHandler handle
SEVERE: JAXRPCTIE01: caught exception while handling request: com.sun.xml.wss.XWSSecurityException:
java.lang.NullPointerException
com.sun.xml.wss.XWSSecurityException: java.lang.NullPointerException
at com.sun.xml.wss.impl.DefaultSecurityEnvironmentImpl.getCertificate(DefaultSecurityEnvironmentImpl.java:454)
at com.sun.xml.wss.keyinfo.DirectReferenceStrategy.findCertificate(DirectReferenceStrategy.java:126)
at com.sun.xml.wss.keyinfo.DirectReferenceStrategy.getAssociatedCertificate(DirectReferenceStrategy.java:100)
at com.sun.xml.wss.filter.ExportEncryptedKeyFilter.process(ExportEncryptedKeyFilter.java:175)
at com.sun.xml.wss.SecureCorrespondent.filterMessage(SecureCorrespondent.java:30)
at com.sun.xml.wss.SecureCorrespondent.filterMessageInContext(SecureCorrespondent.java:42)
at com.sun.xml.wss.SecurityAnnotator.annotateHeader(SecurityAnnotator.java:36)
at com.sun.xml.rpc.security.SecurityPluginUtil.postResponseWritingHook(SecurityPluginUtil.java:195)
at simple.PingPort_Tie.postResponseWritingHook(PingPort_Tie.java:254)
at com.sun.xml.rpc.server.StreamingHandler.handle(StreamingHandler.java:412)
at com.sun.xml.rpc.server.http.JAXRPCServletDelegate.doPost(JAXRPCServletDelegate.java:443)
at com.sun.xml.rpc.server.http.JAXRPCServlet.doPost(JAXRPCServlet.java:86)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:763)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:856)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:237)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:157)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:214)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:198)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:152)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:137)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:104)
at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:535)
at org.apache.catalina.core.StandardValveContext.invokeNext(StandardValveContext.java:102)
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:520)
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:929)
at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:160)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:790)
at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:709)
at org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:572)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:644)
at java.lang.Thread.run(Thread.java:534)
Caused by: java.lang.NullPointerException
at com.sun.xml.wss.impl.DefaultSecurityEnvironmentImpl.getCertificate(DefaultSecurityEnvironmentImpl.java:438)
... 39 more
>Hi anders,
>
> See my comments inline.
>
>> I have copy-pasted the connector from the README file so i now have the
>> following connectors:
>>
>> <Connector className="org.apache.coyote.tomcat5.CoyoteConnector"
>> acceptCount="100" connectionTimeout="20000"
>> disableUploadTimeout="true"
>> port="8080" redirectPort="8443">
>> </Connector>
>>
>> <!-- Define a SSL Coyote HTTP/1.1 Connector on port 8443 -->
>> <Connector className="org.apache.coyote.tomcat5.CoyoteConnector"
>> port="8443" minProcessors="5" maxProcessors="75"
>> enableLookups="true" disableUploadTimeout="true"
>> acceptCount="100" debug="0" scheme="https" secure="true"
>> keystoreFile=
>> "/opt/jwsdp-1.4/xws-security/etc/server-keystore.jks"
>> truststoreFile=
>> "/opt/jwsdp-1.4/xws-security/etc/server-truststore.jks">
>> </Connector>
>>
>> When i try to run the sample with the encrypt-client/encrypt-server setup
>> and
>> endpoint.port=8443 i get the following exception:
>
>>
>> deploy-tomcat:
>> [echo] Deploying war for simple to tomcat
>>
>> BUILD FAILED
>> file:/usr/local/tomcat-jwsdp-1.4/xws-security/samples/simple/build.xml:209:
>>
>> java.io.IOException: Error writing to server
>>
>>
>> Then i try the same setup with endpoint.port=8080.
>> Everything seems to work - the client sends the encrypted message but
>> then
>>
>> i get an exception in the serverlog:
>>
>> Oct 5, 2004 4:14:09 PM
>> com.sun.xml.wss.filter.ImportCertificateTokenFilter
>> process
>> SEVERE: WSS0156: Exception [ java.lang.NullPointerException: the keystore
>> parameter must be non-null ] while validating certificate
>>
> The fact that keystore parameter is being obtained as NULL seems to
>indicate that the following things might be the problem.
>
>1. After you copy paste the connector element, Tomcat needs to shutdown
>and restarted again and then the client program should be run. (See if
>this helps).
>
>2. If (1) is not helping, then see if the keystores and truststores
>are indeed located at the places specified.
>
>> /opt/jwsdp-1.4/xws-security/etc/server-keystore.jks>
>> /opt/jwsdp-1.4/xws-security/etc/server-truststore.jks
>
>
>3. If the keystore and truststore are indeed located at the path, then
a
>3rd thing (which is most likely not the case, given the Exception string
>) is to check if the keystore and truststore files are not corrupted for
>some reason.
>
>run the following command
>
>> keytool -list -storepass changeit -keystore server-keystore.jks
>
>and you should something like following
>
>> Keystore type: jks
>> Keystore provider: SUN
>> Your keystore contains 1 entr
>> s1as, Apr 11, 2004, keyEntry,
>> Certificate fingerprint (MD5):
>> E0:34:4B:2C:87:1C:20:B2:1A:89:F6:E2:18:25:C9:58
>repeat the same for the truststore. If you get some other
>message/exception then it could be that your keystores are corrupted.
>Which platform are you running on is it WIN2K ?.
>
>
>4. If 1,2,3 are of no help, then i presume there would have been a
>larger StackTrace in your Server Log. Can you send us the whole
>StackTrace (if any). Then we will be able to help you.
>
>regards,
>kumar
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe_at_jax-rpc.dev.java.net
For additional commands, e-mail: users-help_at_jax-rpc.dev.java.net