Groups > Weblogic > WebLogic security > Err: Server requires encryption but no encryption key was was




Err: Server requires encryption but no encryption key was
was

Err: Server requires encryption but no encryption key was was
Fri, 21 Mar 2008 11:05:54 -070 
What is the root of the exception '[b]Server requires encryption but no
encryption key was was available for server[/b]'?

1. The exception is being thrown by the WSSEClientHandler, so the request hasn't
actually be sent to the server yet (I think!).

2. I'm running [b]WebLogic Server 8.1 SP4[/b].

3. The Exception:
<Mar 21, 2008 10:43:04 AM MDT> <Info> <WebService>
<BEA-220024> <Handler
weblogic.webservice.core.handler.WSSEClientHandler threw an exception from its
handleRequest method. The exception was:
[b]weblogic.xml.security.SecurityConfigurationException: Server requires
encryption but no encryption key was was available for server.[/b]> 
Exception in thread "main" java.rmi.RemoteException: SOAP
Fault:javax.xml.rpc.soap.SOAPFaultException: Exception during processing:
weblogic.xml.security.SecurityConfigurationException: Server requires encryption
but no encryption key was was available for server (see Fault Detail for
stacktrace)
Detail:
<detail>
 <bea_fault:stacktrace  
xmlns:bea_fault="http://www.bea.com/servers/wls70/webservice/fault/1.0.0&qu
ot;>weblogic.xml.security.SecurityConfigurationException: Server requires
encryption but no encryption key was was available for server
	at
weblogic.webservice.core.handler.WSSEClientHandler.processSpecs(WSSEClientHandle
r.java:351)
	at
weblogic.webservice.core.handler.WSSEClientHandler.handleRequest(WSSEClientHandl
er.java:100)
	at
weblogic.webservice.core.HandlerChainImpl.handleRequest(HandlerChainImpl.java:14
3)
	at weblogic.webservice.core.ClientDispatcher.send(ClientDispatcher.java:231)
	at
weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:143)
	at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
	at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:443)
	at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:303)
	at
sandbox.phil.wsdl.auth.rpc.RPCAuthenticationServicePort_Stub.authenticate(RPCAut
henticationServicePort_Stub.java:27)
	at sandbox.phil.wsdl.auth.ClientRefactored.example(ClientRefactored.java:104)
	at sandbox.phil.wsdl.auth.ClientRefactored.main(ClientRefactored.java:59)
</bea_fault:stacktrace>
</detail>; nested exception is: 
	javax.xml.rpc.soap.SOAPFaultException: Exception during processing:
weblogic.xml.security.SecurityConfigurationException: Server requires encryption
but no encryption key was was available for server (see Fault Detail for
stacktrace)
	at
sandbox.phil.wsdl.auth.rpc.RPCAuthenticationServicePort_Stub.authenticate(RPCAut
henticationServicePort_Stub.java:32)
	at sandbox.phil.wsdl.auth.ClientRefactored.example(ClientRefactored.java:104)
	at sandbox.phil.wsdl.auth.ClientRefactored.main(ClientRefactored.java:59)
Caused by: javax.xml.rpc.soap.SOAPFaultException: Exception during processing:
weblogic.xml.security.SecurityConfigurationException: Server requires encryption
but no encryption key was was available for server (see Fault Detail for
stacktrace)
	at
weblogic.webservice.core.ClientDispatcher.receive(ClientDispatcher.java:313)
	at
weblogic.webservice.core.ClientDispatcher.dispatch(ClientDispatcher.java:144)
	at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:457)
	at weblogic.webservice.core.DefaultOperation.invoke(DefaultOperation.java:443)
	at weblogic.webservice.core.rpc.StubImpl._invoke(StubImpl.java:303)
	at
sandbox.phil.wsdl.auth.rpc.RPCAuthenticationServicePort_Stub.authenticate(RPCAut
henticationServicePort_Stub.java:27)
	... 2 more


4. Log output prior to the exception
This class: sandbox.phil.wsdl.auth.ClientRefactored
getCertificate() exit. X509Certificate = [
[
  Version: V1
  Subject: CN=phil polasek, OU=aspen, O=jeppesen, L=denver, ST=colorado, C=us
  Signature Algorithm: SHA1withDSA, OID = 1.2.840.10040.4.3

  Key:  Sun DSA Public Key
    Parameters:DSA
	p:     fd7f5381 1d751229 52df4a9c 2eece4e7 f611b752 3cef4400 c31e3f80 b6512669
    455d4022 51fb593d 8d58fabf c5f5ba30 f6cb9b55 6cd7813b 801d346f f26660b7
    6b9950a5 a49f9fe8 047b1022 c24fbba9 d7feb7c6 1bf83b57 e7c6a8a6 150f04fb
    83f6d3c5 1ec30235 54135a16 9132f675 f3ae2b61 d72aeff2 2203199d d14801c7
	q:     9760508f 15230bcc b292b982 a2eb840b f0581cf5
	g:     f7e1a085 d69b3dde cbbcab5c 36b857b9 7994afbb fa3aea82 f9574c0b 3d078267
    5159578e bad4594f e6710710 8180b449 167123e8 4c281613 b7cf0932 8cc8a6e1
    3c167a8b 547c8d28 e0a3ae1e 2bb3a675 916ea37f 0bfa2135 62f1fb62 7a01243b
    cca4f1be a8519089 a883dfe1 5ae59f06 928b665e 807b5525 64014c3b fecf492a

  y:
    3356a255 847127cd cdbe7da1 f16bd421 df4a3dda 27ad1d92 5bee8f46 52019aab
    5a010c9c b743109a af68a003 7d22a469 d8b12878 b264f3f9 e09fa023 af037575
    102eabda d45fb050 0f371dca 66f404b5 7db12a93 0f0f9d40 5a849a60 2c95caad
    2112e666 f68b95a4 cecdbcce db254ecb f34c07c6 9fb3fcd7 87fcfdc6 d8934a7d

  Validity: [From: Fri Mar 21 07:31:30 MDT 2008,
               To: Thu Jun 19 07:31:30 MDT 2008]
  Issuer: CN=phil polasek, OU=aspen, O=jeppesen, L=denver, ST=colorado, C=us
  SerialNumber: [    47e3b8b2]

]
  Algorithm: [SHA1withDSA]
  Signature:
0000: 30 2C 02 14 23 98 5D 12   6E B8 85 EC 0B C5 6A 0A  0,..#.].n.....j.
0010: 93 D2 61 31 42 3F C0 C9   02 14 5E 3D C1 D2 4B 07  ..a1B?....^=..K.
0020: D3 DF 57 AB 8F 53 66 FC   11 E2 69 9A B8 C3        ..W..Sf...i...

]
getPrivateKey() exit. Key = Sun DSA Private Key 
parameters:DSA
	p:     fd7f5381 1d751229 52df4a9c 2eece4e7 f611b752 3cef4400 c31e3f80 b6512669
    455d4022 51fb593d 8d58fabf c5f5ba30 f6cb9b55 6cd7813b 801d346f f26660b7
    6b9950a5 a49f9fe8 047b1022 c24fbba9 d7feb7c6 1bf83b57 e7c6a8a6 150f04fb
    83f6d3c5 1ec30235 54135a16 9132f675 f3ae2b61 d72aeff2 2203199d d14801c7
	q:     9760508f 15230bcc b292b982 a2eb840b f0581cf5
	g:     f7e1a085 d69b3dde cbbcab5c 36b857b9 7994afbb fa3aea82 f9574c0b 3d078267
    5159578e bad4594f e6710710 8180b449 167123e8 4c281613 b7cf0932 8cc8a6e1
    3c167a8b 547c8d28 e0a3ae1e 2bb3a675 916ea37f 0bfa2135 62f1fb62 7a01243b
    cca4f1be a8519089 a883dfe1 5ae59f06 928b665e 807b5525 64014c3b fecf492a

x:     597fe815 fb61365a a946b416 500f656a d82a697d

authenticating with guy16.name16


5. Client code:
    private static final String CLIENT_KEYSTORE = "C:\\Documents and
Settings\\philip.polasek\\PhilsSandboxClient.jks";
    private static final String KEYSTORE_PASS = "password";
    private static final String CLIENT_KEYNAME = "wsdlkey";
    private static final String CLIENT_KEYPASS = "wsdlkeypasswd";
    private static final String AUTHENTICATION_USER = "wsdl_user_1";
    private static final String AUTHENTICATION_USER_PASS =
"wsdl_user_1";

    public void example(String wsdlURI) throws Exception
    {
        // Setup the global JAXM message factory
        System.setProperty("javax.xml.soap.MessageFactory",
                "weblogic.webservice.core.soap.MessageFactoryImpl");
        // Setup the global JAX-RPC service factory
        System.setProperty("javax.xml.rpc.ServiceFactory",
"weblogic.webservice.core.rpc.ServiceFactoryImpl");

        // added for more debugging info
        System.setProperty("weblogic.xml.encryption.verbose",
"true");
        System.setProperty("weblogic.xml.signature.verbose", 
"true");

        System.out.println("This class: " +
this.getClass().getName());

        RPCAuthenticationService authService = null;
        RPCAuthenticationServicePort authPort = null;

        // if (wsdlURI == null)
        // {
            authService = new RPCAuthenticationService_Impl();
        // }
        // else
        // {
        //     authService = new RPCAuthenticationService_Impl(wsdlURI);
        // }

        authPort = authService.getRPCAuthenticationServicePort();

        WebServiceContext context = authService.context();

        X509Certificate clientcert = getCertificate(CLIENT_KEYNAME,
CLIENT_KEYSTORE);

        PrivateKey clientprivate = (PrivateKey) getPrivateKey(CLIENT_KEYNAME,
CLIENT_KEYPASS, CLIENT_KEYSTORE);

        WebServiceSession session = context.getSession();

        session.setAttribute(WSSEClientHandler.CERT_ATTRIBUTE, clientcert);
        session.setAttribute(WSSEClientHandler.KEY_ATTRIBUTE, clientprivate);

        UserInfo ui = new UserInfo(AUTHENTICATION_USER,
AUTHENTICATION_USER_PASS);
        session.setAttribute(WSSEClientHandler.REQUEST_USERINFO, ui);

        System.out.println("authenticating with guy16.name16");
        System.out.println("result = " +
authPort.authenticate("guy16.name16", "Ggnam555!"));

        System.out.println("authenticating with any.one");
        System.out.println("result = " +
authPort.authenticate("any.one", "Any1.two2"));
    }


6. Client key store is valid and contains this data:
C:\Documents and Settings\philip.polasek>keytool -list -keystore
[b]PhilsSandboxClient.jks[/b]
Enter keystore password:  password

Keystore type: jks
Keystore provider: SUN

Your keystore contains 1 entry

[b]wsdlkey[/b], Mar 21, 2008, keyEntry,
Certificate fingerprint (MD5): 10:45:00:EE:CD:26:7A:3C:DD:5E:A5:42:3A:D7:74
Post Reply
about | contact