Server-side requestSecurityToken() Exception

Hello everyone,

I'm trying to make my Axis2 service, protected by WSAS IS, perform an Axis2 Client action, requesting a Security Token to the local WSAS IS under which my service is deployed.
In doing so I've passed a valid repository in order to obtain a valid ConfigurationContext but then, when I call the STSClient function requestSecurityToken() through the following code:

            ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem(wso2RepositoryPath);

            STSClient stsClient = new STSClient(ctx);

            stsClient.setRstTemplate(getRSTTemplate());
            stsClient.setAction(RahasConstants.WST_NS_05_02 + RahasConstants.RST_ACTION_SCT);

            Policy stsPolicy = loadPolicy(wso2STSPolicy);
            Policy servicePolicy = loadPolicy(wso2ServicePolicy);

            Token responseToken = stsClient.requestSecurityToken(servicePolicy, stsEpr, stsPolicy, serviceEpr);

I get the exception:

[2009-10-29 11:30:39,469] ERROR -  errorInObtainingToken
org.apache.axis2.AxisFault: Cannot load password callback class: PWCBHandler
    at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:70)
    at org.apache.axis2.engine.Phase.invoke(Phase.java:318)
    at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:256)
    at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:421)
    at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
    at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
    at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
    at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:549)
    at org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:146)
    at SecurityManagerServer.getToken(SecurityManagerServer.java:814)
    at SecurityManagerServer.getEncodedReqRep(SecurityManagerServer.java:260)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:585)
    at org.apache.axis2.receivers.RawXMLINOutMessageReceiver.invokeBusinessLogic(RawXMLINOutMessageReceiver.java:97)
    at org.apache.axis2.receivers.AbstractInOutSyncMessageReceiver.invokeBusinessLogic(AbstractInOutSyncMessageReceiver.java:42)
    at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:114)
    at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:178)
    at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:167)
    at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:142)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.eclipse.equinox.http.servlet.internal.ServletRegistration.handleRequest(ServletRegistration.java:90)
    at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:111)
    at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:67)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.wso2.carbon.bridge.BridgeServlet.service(BridgeServlet.java:135)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:870)
    at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
    at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
    at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
    at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
    at java.lang.Thread.run(Thread.java:595)
Caused by: org.apache.rampart.RampartException: Cannot load password callback class: PWCBHandler
    at org.apache.rampart.util.RampartUtil.getPasswordCB(RampartUtil.java:139)
    at org.apache.rampart.util.RampartUtil.getPasswordCB(RampartUtil.java:115)
    at org.apache.rampart.builder.BindingBuilder.getSignatureBuider(BindingBuilder.java:263)
    at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:626)
    at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:413)
    at org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricBindingBuilder.java:93)
    at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:147)
    at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:64)
    ... 42 more
Caused by: java.lang.ClassNotFoundException: PWCBHandler
    at org.eclipse.osgi.internal.loader.BundleLoader.findClassInternal(BundleLoader.java:489)
    at org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:405)
    at org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:393)
    at org.eclipse.osgi.internal.baseadaptor.DefaultClassLoader.loadClass(DefaultClassLoader.java:105)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:251)
    at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:319)
    at java.lang.Class.forName0(Native Method)
    at java.lang.Class.forName(Class.java:164)
    at org.apache.ws.security.util.Loader.loadClass(Loader.java:200)
    at org.apache.ws.security.util.Loader.loadClass(Loader.java:163)
    at org.apache.rampart.util.RampartUtil.getPasswordCB(RampartUtil.java:137)
    ... 49 more
SecurityManagerException: Unable to obtain the security token from local STS!
    at SecurityManagerServer.getToken(SecurityManagerServer.java:830)
    at SecurityManagerServer.getEncodedReqRep(SecurityManagerServer.java:260)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:585)
    at org.apache.axis2.receivers.RawXMLINOutMessageReceiver.invokeBusinessLogic(RawXMLINOutMessageReceiver.java:97)
    at org.apache.axis2.receivers.AbstractInOutSyncMessageReceiver.invokeBusinessLogic(AbstractInOutSyncMessageReceiver.java:42)
    at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:114)
    at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:178)
    at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:167)
    at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:142)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.eclipse.equinox.http.servlet.internal.ServletRegistration.handleRequest(ServletRegistration.java:90)
    at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:111)
    at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:67)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.wso2.carbon.bridge.BridgeServlet.service(BridgeServlet.java:135)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:870)
    at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
    at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
    at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
    at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
    at java.lang.Thread.run(Thread.java:595)
Caused by: org.apache.rahas.TrustException: Error in obtaining token from : "http://localhost:9763/services/wso2carbon-sts/"
    at org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:152)
    at SecurityManagerServer.getToken(SecurityManagerServer.java:814)
    ... 33 more
Caused by: org.apache.axis2.AxisFault: Cannot load password callback class: PWCBHandler
    at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:70)
    at org.apache.axis2.engine.Phase.invoke(Phase.java:318)
    at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:256)
    at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:421)
    at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
    at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
    at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
    at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:549)
    at org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:146)
    ... 34 more
Caused by: org.apache.rampart.RampartException: Cannot load password callback class: PWCBHandler
    at org.apache.rampart.util.RampartUtil.getPasswordCB(RampartUtil.java:139)
    at org.apache.rampart.util.RampartUtil.getPasswordCB(RampartUtil.java:115)
    at org.apache.rampart.builder.BindingBuilder.getSignatureBuider(BindingBuilder.java:263)
    at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:626)
    at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:413)
    at org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricBindingBuilder.java:93)
    at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:147)
    at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:64)
    ... 42 more
Caused by: java.lang.ClassNotFoundException: PWCBHandler
    at org.eclipse.osgi.internal.loader.BundleLoader.findClassInternal(BundleLoader.java:489)
    at org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:405)
    at org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:393)
    at org.eclipse.osgi.internal.baseadaptor.DefaultClassLoader.loadClass(DefaultClassLoader.java:105)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:251)
    at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:319)
    at java.lang.Class.forName0(Native Method)
    at java.lang.Class.forName(Class.java:164)
    at org.apache.ws.security.util.Loader.loadClass(Loader.java:200)
    at org.apache.ws.security.util.Loader.loadClass(Loader.java:163)
    at org.apache.rampart.util.RampartUtil.getPasswordCB(RampartUtil.java:137)
    ... 49 more

How can I make my PWCBHandler class visible to my .aar?!
   
Thanks
--
Francesco Stampacchia

_______________________________________________
Carbon-dev mailing list
Carbon-dev@...
https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev

Hi Francesco,

The issue is in your rampart-config corresponding to the STS policy. There you have to specify the full qualified class name of the Password Callback Handler class.

<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
                ...
                <ramp:passwordCallbackClass>org.wso2.carbon.sts.test.PWCBHandler</ramp:passwordCallbackClass>
        ...
</ramp:RampartConfig>

Thanks.
/thilina

On Thu, Oct 29, 2009 at 4:05 PM, Francesco Stampacchia <stampacchiafrancesco@...> wrote:

Hello everyone,

I'm trying to make my Axis2 service, protected by WSAS IS, perform an Axis2 Client action, requesting a Security Token to the local WSAS IS under which my service is deployed.
In doing so I've passed a valid repository in order to obtain a valid ConfigurationContext but then, when I call the STSClient function requestSecurityToken() through the following code:

            ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem(wso2RepositoryPath);

            STSClient stsClient = new STSClient(ctx);

            stsClient.setRstTemplate(getRSTTemplate());
            stsClient.setAction(RahasConstants.WST_NS_05_02 + RahasConstants.RST_ACTION_SCT);

            Policy stsPolicy = loadPolicy(wso2STSPolicy);
            Policy servicePolicy = loadPolicy(wso2ServicePolicy);

            Token responseToken = stsClient.requestSecurityToken(servicePolicy, stsEpr, stsPolicy, serviceEpr);

I get the exception:

[2009-10-29 11:30:39,469] ERROR -  errorInObtainingToken
org.apache.axis2.AxisFault: Cannot load password callback class: PWCBHandler
    at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:70)
    at org.apache.axis2.engine.Phase.invoke(Phase.java:318)
    at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:256)
    at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:421)
    at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
    at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
    at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
    at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:549)
    at org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:146)
    at SecurityManagerServer.getToken(SecurityManagerServer.java:814)
    at SecurityManagerServer.getEncodedReqRep(SecurityManagerServer.java:260)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:585)
    at org.apache.axis2.receivers.RawXMLINOutMessageReceiver.invokeBusinessLogic(RawXMLINOutMessageReceiver.java:97)
    at org.apache.axis2.receivers.AbstractInOutSyncMessageReceiver.invokeBusinessLogic(AbstractInOutSyncMessageReceiver.java:42)
    at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:114)
    at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:178)
    at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:167)
    at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:142)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.eclipse.equinox.http.servlet.internal.ServletRegistration.handleRequest(ServletRegistration.java:90)
    at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:111)
    at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:67)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.wso2.carbon.bridge.BridgeServlet.service(BridgeServlet.java:135)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:870)
    at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
    at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
    at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
    at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
    at java.lang.Thread.run(Thread.java:595)
Caused by: org.apache.rampart.RampartException: Cannot load password callback class: PWCBHandler
    at org.apache.rampart.util.RampartUtil.getPasswordCB(RampartUtil.java:139)
    at org.apache.rampart.util.RampartUtil.getPasswordCB(RampartUtil.java:115)
    at org.apache.rampart.builder.BindingBuilder.getSignatureBuider(BindingBuilder.java:263)
    at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:626)
    at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:413)
    at org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricBindingBuilder.java:93)
    at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:147)
    at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:64)
    ... 42 more
Caused by: java.lang.ClassNotFoundException: PWCBHandler
    at org.eclipse.osgi.internal.loader.BundleLoader.findClassInternal(BundleLoader.java:489)
    at org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:405)
    at org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:393)
    at org.eclipse.osgi.internal.baseadaptor.DefaultClassLoader.loadClass(DefaultClassLoader.java:105)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:251)
    at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:319)
    at java.lang.Class.forName0(Native Method)
    at java.lang.Class.forName(Class.java:164)
    at org.apache.ws.security.util.Loader.loadClass(Loader.java:200)
    at org.apache.ws.security.util.Loader.loadClass(Loader.java:163)
    at org.apache.rampart.util.RampartUtil.getPasswordCB(RampartUtil.java:137)
    ... 49 more
SecurityManagerException: Unable to obtain the security token from local STS!
    at SecurityManagerServer.getToken(SecurityManagerServer.java:830)
    at SecurityManagerServer.getEncodedReqRep(SecurityManagerServer.java:260)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:585)
    at org.apache.axis2.receivers.RawXMLINOutMessageReceiver.invokeBusinessLogic(RawXMLINOutMessageReceiver.java:97)
    at org.apache.axis2.receivers.AbstractInOutSyncMessageReceiver.invokeBusinessLogic(AbstractInOutSyncMessageReceiver.java:42)
    at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:114)
    at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:178)
    at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:167)
    at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:142)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.eclipse.equinox.http.servlet.internal.ServletRegistration.handleRequest(ServletRegistration.java:90)
    at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:111)
    at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:67)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.wso2.carbon.bridge.BridgeServlet.service(BridgeServlet.java:135)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:870)
    at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
    at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
    at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
    at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
    at java.lang.Thread.run(Thread.java:595)
Caused by: org.apache.rahas.TrustException: Error in obtaining token from : "http://localhost:9763/services/wso2carbon-sts/"
    at org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:152)
    at SecurityManagerServer.getToken(SecurityManagerServer.java:814)
    ... 33 more
Caused by: org.apache.axis2.AxisFault: Cannot load password callback class: PWCBHandler
    at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:70)
    at org.apache.axis2.engine.Phase.invoke(Phase.java:318)
    at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:256)
    at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:421)
    at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
    at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
    at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
    at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:549)
    at org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:146)
    ... 34 more
Caused by: org.apache.rampart.RampartException: Cannot load password callback class: PWCBHandler
    at org.apache.rampart.util.RampartUtil.getPasswordCB(RampartUtil.java:139)
    at org.apache.rampart.util.RampartUtil.getPasswordCB(RampartUtil.java:115)
    at org.apache.rampart.builder.BindingBuilder.getSignatureBuider(BindingBuilder.java:263)
    at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:626)
    at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:413)
    at org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricBindingBuilder.java:93)
    at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:147)
    at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:64)
    ... 42 more
Caused by: java.lang.ClassNotFoundException: PWCBHandler
    at org.eclipse.osgi.internal.loader.BundleLoader.findClassInternal(BundleLoader.java:489)
    at org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:405)
    at org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:393)
    at org.eclipse.osgi.internal.baseadaptor.DefaultClassLoader.loadClass(DefaultClassLoader.java:105)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:251)
    at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:319)
    at java.lang.Class.forName0(Native Method)
    at java.lang.Class.forName(Class.java:164)
    at org.apache.ws.security.util.Loader.loadClass(Loader.java:200)
    at org.apache.ws.security.util.Loader.loadClass(Loader.java:163)
    at org.apache.rampart.util.RampartUtil.getPasswordCB(RampartUtil.java:137)
    ... 49 more

How can I make my PWCBHandler class visible to my .aar?!
   
Thanks
--
Francesco Stampacchia

_______________________________________________
Carbon-dev mailing list
Carbon-dev@...
https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev

--

Thilina Mahesh Buddhika
WSO2 Inc. ; http://wso2.com
thilinab@...
http://thilinamb.com

_______________________________________________
Carbon-dev mailing list
Carbon-dev@...
https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev

Thanks Thilina,

I've tried, but it seems that I'm not able to find the correct path.
My .aar comes with the following folder tree

Service.aar contains

/...
    |
    Server.class
    ServerException.class
    ServerConstants.class
    PWCBHandler.class
    META-INF/...
                       |
                       services.xml
                       MANIFEST.MF
                       log4j.properties                     
   

What path should I pass in my loadPolicy() method in order to have in my policy the correct PWBCHandler class?!
By now I'm passing it with:

        rc = new RampartConfig();

        rc.setUser("client");
        rc.setEncryptionUser("wso2carbon");
        rc.setPwCbClass(PWCBHandler.class.getName());

Thanks

2009/10/29 Thilina Mahesh Buddhika <thilinab@...>

Hi Francesco,

The issue is in your rampart-config corresponding to the STS policy. There you have to specify the full qualified class name of the Password Callback Handler class.

<ramp:RampartConfig xmlns:ramp="http://ws.apache.org/rampart/policy">
                ...
                <ramp:passwordCallbackClass>org.wso2.carbon.sts.test.PWCBHandler</ramp:passwordCallbackClass>
        ...
</ramp:RampartConfig>

Thanks.
/thilina

On Thu, Oct 29, 2009 at 4:05 PM, Francesco Stampacchia <stampacchiafrancesco@...> wrote:

Hello everyone,

I'm trying to make my Axis2 service, protected by WSAS IS, perform an Axis2 Client action, requesting a Security Token to the local WSAS IS under which my service is deployed.
In doing so I've passed a valid repository in order to obtain a valid ConfigurationContext but then, when I call the STSClient function requestSecurityToken() through the following code:

            ConfigurationContext ctx = ConfigurationContextFactory.createConfigurationContextFromFileSystem(wso2RepositoryPath);

            STSClient stsClient = new STSClient(ctx);

            stsClient.setRstTemplate(getRSTTemplate());
            stsClient.setAction(RahasConstants.WST_NS_05_02 + RahasConstants.RST_ACTION_SCT);

            Policy stsPolicy = loadPolicy(wso2STSPolicy);
            Policy servicePolicy = loadPolicy(wso2ServicePolicy);

            Token responseToken = stsClient.requestSecurityToken(servicePolicy, stsEpr, stsPolicy, serviceEpr);

I get the exception:

[2009-10-29 11:30:39,469] ERROR -  errorInObtainingToken
org.apache.axis2.AxisFault: Cannot load password callback class: PWCBHandler
    at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:70)
    at org.apache.axis2.engine.Phase.invoke(Phase.java:318)
    at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:256)
    at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:421)
    at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
    at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
    at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
    at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:549)
    at org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:146)
    at SecurityManagerServer.getToken(SecurityManagerServer.java:814)
    at SecurityManagerServer.getEncodedReqRep(SecurityManagerServer.java:260)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:585)
    at org.apache.axis2.receivers.RawXMLINOutMessageReceiver.invokeBusinessLogic(RawXMLINOutMessageReceiver.java:97)
    at org.apache.axis2.receivers.AbstractInOutSyncMessageReceiver.invokeBusinessLogic(AbstractInOutSyncMessageReceiver.java:42)
    at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:114)
    at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:178)
    at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:167)
    at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:142)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.eclipse.equinox.http.servlet.internal.ServletRegistration.handleRequest(ServletRegistration.java:90)
    at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:111)
    at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:67)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.wso2.carbon.bridge.BridgeServlet.service(BridgeServlet.java:135)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:870)
    at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
    at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
    at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
    at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
    at java.lang.Thread.run(Thread.java:595)
Caused by: org.apache.rampart.RampartException: Cannot load password callback class: PWCBHandler
    at org.apache.rampart.util.RampartUtil.getPasswordCB(RampartUtil.java:139)
    at org.apache.rampart.util.RampartUtil.getPasswordCB(RampartUtil.java:115)
    at org.apache.rampart.builder.BindingBuilder.getSignatureBuider(BindingBuilder.java:263)
    at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:626)
    at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:413)
    at org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricBindingBuilder.java:93)
    at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:147)
    at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:64)
    ... 42 more
Caused by: java.lang.ClassNotFoundException: PWCBHandler
    at org.eclipse.osgi.internal.loader.BundleLoader.findClassInternal(BundleLoader.java:489)
    at org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:405)
    at org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:393)
    at org.eclipse.osgi.internal.baseadaptor.DefaultClassLoader.loadClass(DefaultClassLoader.java:105)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:251)
    at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:319)
    at java.lang.Class.forName0(Native Method)
    at java.lang.Class.forName(Class.java:164)
    at org.apache.ws.security.util.Loader.loadClass(Loader.java:200)
    at org.apache.ws.security.util.Loader.loadClass(Loader.java:163)
    at org.apache.rampart.util.RampartUtil.getPasswordCB(RampartUtil.java:137)
    ... 49 more
SecurityManagerException: Unable to obtain the security token from local STS!
    at SecurityManagerServer.getToken(SecurityManagerServer.java:830)
    at SecurityManagerServer.getEncodedReqRep(SecurityManagerServer.java:260)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
    at java.lang.reflect.Method.invoke(Method.java:585)
    at org.apache.axis2.receivers.RawXMLINOutMessageReceiver.invokeBusinessLogic(RawXMLINOutMessageReceiver.java:97)
    at org.apache.axis2.receivers.AbstractInOutSyncMessageReceiver.invokeBusinessLogic(AbstractInOutSyncMessageReceiver.java:42)
    at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:114)
    at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:178)
    at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:167)
    at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:142)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.eclipse.equinox.http.servlet.internal.ServletRegistration.handleRequest(ServletRegistration.java:90)
    at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:111)
    at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:67)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.wso2.carbon.bridge.BridgeServlet.service(BridgeServlet.java:135)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
    at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:870)
    at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
    at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
    at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
    at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
    at java.lang.Thread.run(Thread.java:595)
Caused by: org.apache.rahas.TrustException: Error in obtaining token from : "http://localhost:9763/services/wso2carbon-sts/"
    at org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:152)
    at SecurityManagerServer.getToken(SecurityManagerServer.java:814)
    ... 33 more
Caused by: org.apache.axis2.AxisFault: Cannot load password callback class: PWCBHandler
    at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:70)
    at org.apache.axis2.engine.Phase.invoke(Phase.java:318)
    at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:256)
    at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:421)
    at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:402)
    at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
    at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
    at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:549)
    at org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:146)
    ... 34 more
Caused by: org.apache.rampart.RampartException: Cannot load password callback class: PWCBHandler
    at org.apache.rampart.util.RampartUtil.getPasswordCB(RampartUtil.java:139)
    at org.apache.rampart.util.RampartUtil.getPasswordCB(RampartUtil.java:115)
    at org.apache.rampart.builder.BindingBuilder.getSignatureBuider(BindingBuilder.java:263)
    at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignature(AsymmetricBindingBuilder.java:626)
    at org.apache.rampart.builder.AsymmetricBindingBuilder.doSignBeforeEncrypt(AsymmetricBindingBuilder.java:413)
    at org.apache.rampart.builder.AsymmetricBindingBuilder.build(AsymmetricBindingBuilder.java:93)
    at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:147)
    at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:64)
    ... 42 more
Caused by: java.lang.ClassNotFoundException: PWCBHandler
    at org.eclipse.osgi.internal.loader.BundleLoader.findClassInternal(BundleLoader.java:489)
    at org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:405)
    at org.eclipse.osgi.internal.loader.BundleLoader.findClass(BundleLoader.java:393)
    at org.eclipse.osgi.internal.baseadaptor.DefaultClassLoader.loadClass(DefaultClassLoader.java:105)
    at java.lang.ClassLoader.loadClass(ClassLoader.java:251)
    at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:319)
    at java.lang.Class.forName0(Native Method)
    at java.lang.Class.forName(Class.java:164)
    at org.apache.ws.security.util.Loader.loadClass(Loader.java:200)
    at org.apache.ws.security.util.Loader.loadClass(Loader.java:163)
    at org.apache.rampart.util.RampartUtil.getPasswordCB(RampartUtil.java:137)
    ... 49 more

How can I make my PWCBHandler class visible to my .aar?!
   
Thanks
--
Francesco Stampacchia

_______________________________________________
Carbon-dev mailing list
Carbon-dev@...
https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev

--

Thilina Mahesh Buddhika
WSO2 Inc. ; http://wso2.com
thilinab@...
http://thilinamb.com

_______________________________________________
Carbon-dev mailing list
Carbon-dev@...
https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev

--
Francesco Stampacchia