[jira] [Created] (CXF-6864) STS Demo - Invalid Key

Fri, 08 Apr 2016 03:03:49 -0700 

Charles Moulliard created CXF-6864:
--------------------------------------

             Summary: STS Demo - Invalid Key
                 Key: CXF-6864
                 URL: https://issues.apache.org/jira/browse/CXF-6864
             Project: CXF
          Issue Type: Bug
    Affects Versions: 3.0.9
            Reporter: Charles Moulliard

The STS Demo packaged within the distribution of CXF 3.0.9 doesn't work

When the client issues the request to get the token from the STS server, the 
following error is reported 

Server

{code}
Apr 08, 2016 11:57:04 AM org.eclipse.jetty.server.AbstractConnector doStart
INFO: Started SelectChannelConnector@localhost:8080
Server ready...
Apr 08, 2016 11:57:42 AM 
org.apache.cxf.services.SecurityTokenService.UT_Port.STS
INFO: Inbound Message
----------------------------
ID: 1
Address: http://localhost:8080/SecurityTokenService/UT?wsdl
Http-Method: GET
Content-Type:
Headers: {Accept=[*/*], Cache-Control=[no-cache], connection=[keep-alive], 
Content-Type=[null], Host=[localhost:8080], Pragma=[no-cache], 
User-Agent=[Apache CXF 3.0.9]}
--------------------------------------
{code}

Client
{code}
WARNING: Interceptor for 
{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService#{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Issue
 has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: Illegal key size
        at 
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:388)
        at 
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.handleBinding(SymmetricBindingHandler.java:124)
        at 
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessageInternal(PolicyBasedWSS4JOutInterceptor.java:210)
        at 
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:115)
        at 
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:102)
        at 
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
        at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
        at 
org.apache.cxf.ws.security.trust.AbstractSTSClient.issue(AbstractSTSClient.java:849)
        at 
org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:61)
        at 
org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:55)
        at 
org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:51)
        at 
org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.getTokenFromSTS(IssuedTokenInterceptorProvider.java:397)
        at 
org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.issueToken(IssuedTokenInterceptorProvider.java:531)
        at 
org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.handleMessage(IssuedTokenInterceptorProvider.java:165)
        at 
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
        at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
        at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
        at 
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138)
        at com.sun.proxy.$Proxy49.greetMe(Unknown Source)
        at demo.wssec.client.Client.main(Client.java:77)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:497)
        at org.codehaus.mojo.exec.ExecJavaMojo$1.run(ExecJavaMojo.java:291)
        at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.cxf.ws.policy.PolicyException: Illegal key size
        at 
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractCommonBindingHandler.policyNotAsserted(AbstractCommonBindingHandler.java:117)
        at 
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryptionDerived(SymmetricBindingHandler.java:492)
        at 
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryption(SymmetricBindingHandler.java:509)
        at 
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:381)
        ... 31 more
Caused by: org.apache.wss4j.common.ext.WSSecurityException: Illegal key size
Original Exception was 
org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size
Original Exception was java.security.InvalidKeyException: Illegal key size
        at 
org.apache.wss4j.dom.message.WSSecEncrypt.encryptElement(WSSecEncrypt.java:704)
        at 
org.apache.wss4j.dom.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:446)
        at 
org.apache.wss4j.dom.message.WSSecDKEncrypt.encryptForExternalRef(WSSecDKEncrypt.java:137)
        at 
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryptionDerived(SymmetricBindingHandler.java:485)
        ... 33 more
Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Illegal 
key size
Original Exception was java.security.InvalidKeyException: Illegal key size
        at 
org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1183)
        at 
org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1128)
        at 
org.apache.xml.security.encryption.XMLCipher.encryptElementContent(XMLCipher.java:901)
        at 
org.apache.xml.security.encryption.XMLCipher.doFinal(XMLCipher.java:1032)
        at 
org.apache.wss4j.dom.message.WSSecEncrypt.encryptElement(WSSecEncrypt.java:701)
        ... 36 more
Caused by: java.security.InvalidKeyException: Illegal key size
        at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
        at javax.crypto.Cipher.implInit(Cipher.java:805)
        at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
        at javax.crypto.Cipher.init(Cipher.java:1396)
        at javax.crypto.Cipher.init(Cipher.java:1327)
        at 
org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1181)
        ... 40 more

Apr 08, 2016 11:57:42 AM org.apache.cxf.phase.PhaseInterceptorChain 
doDefaultLogging
WARNING: Interceptor for 
{http://apache.org/hello_world_soap_http}SOAPService#{http://apache.org/hello_world_soap_http}greetMe
 has thrown exception, unwinding now
org.apache.cxf.interceptor.Fault: Illegal key size
        at 
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:388)
        at 
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.handleBinding(SymmetricBindingHandler.java:124)
        at 
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessageInternal(PolicyBasedWSS4JOutInterceptor.java:210)
        at 
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:115)
        at 
org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JOutInterceptor$PolicyBasedWSS4JOutInterceptorInternal.handleMessage(PolicyBasedWSS4JOutInterceptor.java:102)
        at 
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
        at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
        at 
org.apache.cxf.ws.security.trust.AbstractSTSClient.issue(AbstractSTSClient.java:849)
        at 
org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:61)
        at 
org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:55)
        at 
org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:51)
        at 
org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.getTokenFromSTS(IssuedTokenInterceptorProvider.java:397)
        at 
org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.issueToken(IssuedTokenInterceptorProvider.java:531)
        at 
org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.handleMessage(IssuedTokenInterceptorProvider.java:165)
        at 
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
        at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
        at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
        at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
        at 
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138)
        at com.sun.proxy.$Proxy49.greetMe(Unknown Source)
        at demo.wssec.client.Client.main(Client.java:77)
        at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
        at 
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
        at 
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
        at java.lang.reflect.Method.invoke(Method.java:497)
        at org.codehaus.mojo.exec.ExecJavaMojo$1.run(ExecJavaMojo.java:291)
        at java.lang.Thread.run(Thread.java:745)
Caused by: org.apache.cxf.ws.policy.PolicyException: Illegal key size
        at 
org.apache.cxf.ws.security.wss4j.policyhandlers.AbstractCommonBindingHandler.policyNotAsserted(AbstractCommonBindingHandler.java:117)
        at 
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryptionDerived(SymmetricBindingHandler.java:492)
        at 
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryption(SymmetricBindingHandler.java:509)
        at 
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doSignBeforeEncrypt(SymmetricBindingHandler.java:381)
        ... 31 more
Caused by: org.apache.wss4j.common.ext.WSSecurityException: Illegal key size
Original Exception was 
org.apache.xml.security.encryption.XMLEncryptionException: Illegal key size
Original Exception was java.security.InvalidKeyException: Illegal key size
        at 
org.apache.wss4j.dom.message.WSSecEncrypt.encryptElement(WSSecEncrypt.java:704)
        at 
org.apache.wss4j.dom.message.WSSecEncrypt.doEncryption(WSSecEncrypt.java:446)
        at 
org.apache.wss4j.dom.message.WSSecDKEncrypt.encryptForExternalRef(WSSecDKEncrypt.java:137)
        at 
org.apache.cxf.ws.security.wss4j.policyhandlers.SymmetricBindingHandler.doEncryptionDerived(SymmetricBindingHandler.java:485)
        ... 33 more
Caused by: org.apache.xml.security.encryption.XMLEncryptionException: Illegal 
key size
Original Exception was java.security.InvalidKeyException: Illegal key size
        at 
org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1183)
        at 
org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1128)
        at 
org.apache.xml.security.encryption.XMLCipher.encryptElementContent(XMLCipher.java:901)
        at 
org.apache.xml.security.encryption.XMLCipher.doFinal(XMLCipher.java:1032)
        at 
org.apache.wss4j.dom.message.WSSecEncrypt.encryptElement(WSSecEncrypt.java:701)
        ... 36 more
Caused by: java.security.InvalidKeyException: Illegal key size
        at javax.crypto.Cipher.checkCryptoPerm(Cipher.java:1039)
        at javax.crypto.Cipher.implInit(Cipher.java:805)
        at javax.crypto.Cipher.chooseProvider(Cipher.java:864)
        at javax.crypto.Cipher.init(Cipher.java:1396)
        at javax.crypto.Cipher.init(Cipher.java:1327)
        at 
org.apache.xml.security.encryption.XMLCipher.encryptData(XMLCipher.java:1181)
        ... 40 more
{code}



--
This message was sent by Atlassian JIRA
(v6.3.4#6332)

Reply via email to