springweb-servicessoapcxfwss4j

WSEncryptBody/WSSignEnvelope: Element to encrypt/sign not found


I am trying to connect to a secured soap web service, It uses x.509 certificate authentication. I have .p12 client key and a .pfx server key. Please find the following configurations and codes.

The error I am getting is - Element to encrypt/sign not found: http://www.w3.org/2005/08/addressing, Action

My POM;

<groupId>test-pps-2</groupId>
<artifactId>test-pps-2</artifactId>
<version>1.0-SNAPSHOT</version>

<properties>
    <cxf.version>2.6.0</cxf.version>
    <spring.version>3.2.4.RELEASE</spring.version>
    <wss4j.version>1.6.19</wss4j.version>
</properties>

<dependencies>
    <dependency>
        <groupId>org.apache.cxf</groupId>
        <artifactId>cxf-rt-frontend-jaxws</artifactId>
        <version>${cxf.version}</version>
    </dependency>
    <dependency>
        <groupId>org.apache.cxf</groupId>
        <artifactId>cxf-rt-transports-http</artifactId>
        <version>${cxf.version}</version>
    </dependency>
    <!-- Jetty is needed if you're are not using the CXFServlet -->
    <dependency>
        <groupId>org.apache.cxf</groupId>
        <artifactId>cxf-rt-transports-http-jetty</artifactId>
        <version>${cxf.version}</version>
    </dependency>
    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-context</artifactId>
        <version>${spring.version}</version>
    </dependency>
    <dependency>
        <groupId>org.springframework</groupId>
        <artifactId>spring-beans</artifactId>
        <version>${spring.version}</version>
    </dependency>
    <dependency>
        <groupId>org.apache.cxf</groupId>
        <artifactId>cxf-rt-ws-security</artifactId>
        <version>${cxf.version}</version>
    </dependency>
    <dependency>
        <groupId>org.apache.ws.security</groupId>
        <artifactId>wss4j</artifactId>
        <version>${wss4j.version}</version>
    </dependency>
</dependencies>

<build>
    <plugins>
        <plugin>
            <groupId>org.apache.cxf</groupId>
            <artifactId>cxf-codegen-plugin</artifactId>
            <version>${cxf.version}</version>
            <executions>
                <execution>
                    <id>generate-sources</id>
                    <phase>generate-sources</phase>
                    <configuration>
                        <sourceRoot>${project.build.directory}/generated/</sourceRoot>
                        <wsdlOptions>
                            <wsdlOption>
                                <wsdl>${basedir}/src/main/resources/WSDL.wsdl</wsdl>
                                <serviceName>PPS</serviceName>
                            </wsdlOption>
                        </wsdlOptions>
                    </configuration>
                    <goals>
                        <goal>wsdl2java</goal>
                    </goals>
                </execution>
            </executions>
        </plugin>
    </plugins>
</build>

And my WSS4JOutInterceptor;

    <bean class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor" id="outbound-security">
    <constructor-arg>
        <map>
            <entry key="action" value="Signature Encrypt"/>
            <entry key="user" value="clientUser"/>
            <entry key="signatureUser" value="clientUser"/>
            <entry key="signaturePropFile" value="clientKeystore.properties"/>
            <entry key="useSingleCertificate" value="false"/>
            <entry key="encryptionPropFile" value="serviceKeystore.properties"/>
            <entry key="signatureKeyIdentifier" value="DirectReference"/>
            <entry key="encryptionUser" value="imsinterop"/>
            <entry key="encryptionKeyIdentifier" value="IssuerSerial"/>
            <entry key="passwordCallbackClass" value="pps.ClientPasswordCallback"/>
            <entry key="signatureParts" value="{Element}{http://schemas.xmlsoap.org/soap/envelope/}Body;
                        {Element}{http://www.w3.org/2005/08/addressing}Action;
                        {Element}{http://www.w3.org/2005/08/addressing}MessageID;
                        {Element}{http://www.w3.org/2005/08/addressing}To;"/>
            <entry key="encryptionParts" value="{Content}{http://schemas.xmlsoap.org/soap/envelope/}Body"/>
            <entry key="encryptionSymAlgorithm" value="http://www.w3.org/2001/04/xmlenc#aes128-cbc"/>
            <entry key="encryptionKeyTransportAlgorithm" value=" http://www.w3.org/2001/04/xmlenc#rsa-1_5"/>
            <entry key="signatureAlgorithm" value="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/>
            <entry key="signatureCanonicalizationAlgorithm" value="http://www.w3.org/2001/10/xml-exc-c14n#"/>
        </map>
    </constructor-arg>
</bean>

When I am trying connect to the service, I get following error

org.apache.ws.security.WSSecurityException: General security error (WSEncryptBody/WSSignEnvelope: Element to encrypt/sign not found: http://www.w3.org/2005/08/addressing, Action)

I want to how to correct this issue. Thank you.


Solution

  • It looks like you need to enable WS-Addressing, as the header to sign is not being found: http://cxf.apache.org/docs/ws-addressing.html