Solution for Invalid Security Exception?

Home » Forums » Project: WSO2 Enterprise Service Bus (WSO2 ESB)
cgrill's picture
Submitted by cgrill on December 5, 2008 - 03:42

Hi,

I have a strange problem with the esb. I created a ws-client which connects to a proxy service on the esb. The communication is secured with wsse using signature and encryption (configured policies, keystores, pwcallbackhandlers, included necessary jars on both sides). This is working fine right now. When I take the same ws-client and point it to another proxy-service on the esb, using exactly the same security configuration (policies, keystores, ...) I am getting this exception on the esb-side:
2008-12-05 11:45:31,510  [HttpServerWorker-8] ERROR AxisEngine InvalidSecurity
org.apache.axis2.AxisFault: InvalidSecurity
        at org.apache.rampart.handler.PostDispatchVerificationHandler.invoke(PostDispatchVerificationHandler.java:148)
        at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
        at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
        at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163)
        at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275)
        at org.apache.synapse.transport.nhttp.ServerWorker.processPost(ServerWorker.java:253)
        at org.apache.synapse.transport.nhttp.ServerWorker.run(ServerWorker.java:194)
        at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:650)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:675)
        at java.lang.Thread.run(Thread.java:595)
2008-12-05 11:45:31,511  [HttpServerWorker-8] ERROR ServerWorker Error processing POST request
org.apache.axis2.AxisFault: InvalidSecurity
        at org.apache.rampart.handler.PostDispatchVerificationHandler.invoke(PostDispatchVerificationHandler.java:148)
        at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
        at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
        at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:163)
        at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275)
        at org.apache.synapse.transport.nhttp.ServerWorker.processPost(ServerWorker.java:253)
        at org.apache.synapse.transport.nhttp.ServerWorker.run(ServerWorker.java:194)
        at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:650)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:675)
        at java.lang.Thread.run(Thread.java:595)
I think this exception is well known, as I already saw forum topics dealing with it and according problems.
I also sniffed the ws-requests with the help of Wireshark and the strange thing is that they are identical except for some timestamps, hashes, and such. As I already said in one case, everything works fine, in the second case (request sent to other proxy-service) I am experiencing the error. Any ideas? Attached you find the sniffed requests and the relevant configurations.
Regards, Clemens

AttachmentSize
request_working_fine.txt5.91 KB
request_causing_exception.txt5.9 KB
config_proxy_working_fine.txt978 bytes
config_proxy_throwing_exception.txt3.09 KB
client_policy_for_both.txt3.62 KB
esb_policy_for_both.txt3 KB
‹ Simple proxy service (sic) Problem while trying to consume proxy service behind proxy server ›
asankha's picture

Hi Clemens This seems

Submitted by asankha on December 5, 2008 - 04:31.
Hi Clemens This seems similar to http://wso2.org/node/4027 Also check: http://wso2.org/forum/thread/4448#comment-7450 I think the problem is with the client for which you haven't attached the code :) cheers asankha http://esbmagic.blogspot.com
cgrill's picture

Here is the client source...

Submitted by cgrill on December 9, 2008 - 02:13.
Hi Asankha, the client calling the two proxy services is the same one. In one case, the first proxy service is set as endpoint, in the second case the second proxy service on esb is set. The keystore to use for the client is set as command line option. The keystore is found by the client. The invalid security exception is raised on esb side. Any help would be really appreciated. regards, Clemens
hoschip's picture

Problem solved?

Submitted by hoschip on August 27, 2009 - 05:10.
Hi Clemens, i've got the same problem. Did you find the answer meanwhile? Regards, Harri
santhoshkotte.yahoo.com's picture

Invalid Security

Submitted by santhoshkotte.y... on December 31, 2009 - 01:43.
Is the problem solved ? I face the same error. org.apache.axis2.AxisFault: InvalidSecurity at org.apache.rampart.handler.PostDispatchVerificationHandler.invoke(PostDispatchVerificationHandler.java:143)
library project main code
Popular Content
Learn Cloud
Learn
Cloud

How to deploy a web application in StratosLive using Carbon Studio
The WSO2 Application Server is a reliable application server that can host your enterprise web applications. The WSO2 Application Server as a Service is offered in StratosLive, the WSO2 Platform as a Service. This article explains how a simple web application can be developed and deployed from Carbon Studio to the WSO2 Application Server...
more>

Latest Webinar
KPI definition with Business Activity Monitor 2.0
Different groups within an organization need to monitor different Key Performance Indicators (KPIs) - An operations team will be interested in the response times of business services and loads of each service,..
Thursday, February 9th 2012, 09.00 AM (PST)
Register Now!

Thursday, February 9th 2012, 10.00 AM (GMT)
Register Now!