I am facing an issue with invoking webService template with ws security using keystores and interceptors, it returns org.apache.wss4j.common.ext.WSSecurityException: Callback supplied no password for: 1 javax.security.auth.callback.UnsupportedCallbackException
where 1 is the key store alias.. bellow is the code I am using followed with the exception
public class SOAPConnector extends WebServiceGatewaySupport {
public Object callWebService() throws Exception {
KeyStore encryptionKeyStore = KeyStore.getInstance("JKS");
InputStream fis = new FileInputStream("C:\\Ahmed\\keyStore\\eip_stg_server_message_signature.jks");
encryptionKeyStore.load(fis, "changeit".toCharArray());
KeyStore signitureKeyStore = KeyStore.getInstance("JCEKS");
InputStream fis2 = new FileInputStream("C:\\Ahmed\\keyStore\\keystore2022_testing.jks");
signitureKeyStore.load(fis2, "changeit".toCharArray());
fis.close();
fis2.close();
CryptoFactoryBean cryptoFactoryBean = new CryptoFactoryBean();
Properties cryptoFactoryBeanConfig = new Properties();
cryptoFactoryBeanConfig.setProperty("org.apache.ws.security.crypto.provider", "org.apache.ws.security.components.crypto.Merlin");
cryptoFactoryBeanConfig.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", "jceks");
cryptoFactoryBeanConfig.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", "changeit");
// from the class path
cryptoFactoryBeanConfig.setProperty("org.apache.ws.security.crypto.merlin.file", "C:\\Ahmed\\keyStore\\keystore2022_testing.jks");
cryptoFactoryBean.setConfiguration(cryptoFactoryBeanConfig);
cryptoFactoryBean.afterPropertiesSet();
CryptoFactoryBean cryptoFactoryBean2 = new CryptoFactoryBean();
Properties cryptoFactoryBeanConfig2 = new Properties();
cryptoFactoryBeanConfig.setProperty("org.apache.ws.security.crypto.provider", "org.apache.ws.security.components.crypto.Merlin");
cryptoFactoryBeanConfig.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", "jks");
cryptoFactoryBeanConfig.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", "changeit");
// from the class path
cryptoFactoryBeanConfig.setProperty("org.apache.ws.security.crypto.merlin.file", "C:\\Ahmed\\keyStore\\eip_stg_server_message_signature.jks");
cryptoFactoryBean2.setConfiguration(cryptoFactoryBeanConfig);
cryptoFactoryBean2.afterPropertiesSet();
Wss4jSecurityInterceptor interceptor = new Wss4jSecurityInterceptor();
interceptor.setSecurementActions("Signature Encrypt Timestamp");
interceptor.setSecurementPassword("changeit");
interceptor.setSecurementSignatureUser("1");
interceptor.setSecurementSignatureKeyIdentifier("DirectReference");
interceptor.setSecurementEncryptionKeyIdentifier("DirectReference");
interceptor.setSecurementSignatureCrypto(cryptoFactoryBean.getObject());
interceptor.setSecurementEncryptionCrypto(cryptoFactoryBean2.getObject());
interceptor.setSecurementEncryptionUser("eip stg server message signature (device ca - 2)");
//timeStamp
interceptor.setTimestampPrecisionInMilliseconds(false);
interceptor.setFutureTimeToLive(10000);
interceptor.setSecurementTimeToLive(10000);
interceptor.setValidationActions("Signature Encrypt Timestamp");
interceptor.setValidationTimeToLive(10000);
interceptor.setValidationSignatureCrypto(cryptoFactoryBean2.getObject());
interceptor.setValidationDecryptionCrypto(cryptoFactoryBean.getObject());
KeyStoreCallbackHandler ks = new KeyStoreCallbackHandler();
ks.setPrivateKeyPassword("changeit");
ks.setKeyStore(signitureKeyStore);
interceptor.setValidationCallbackHandler(ks);
WebServiceTemplate template = getWebServiceTemplate();
template.setInterceptors(new ClientInterceptor[]{interceptor});
String requestXml = "xml request";
StreamSource source = new StreamSource(new StringReader(requestXml));
StreamResult result = new StreamResult(System.out);
String uri = "url";
SoapActionCallback requestCallback = new SoapActionCallback("action_name");
try {
template.sendSourceAndReceiveToResult(uri, source, requestCallback, result);
}
catch (SoapFaultException sfe) {
throw new Exception("SoapFaultException", sfe);
}
catch (WebServiceTransportException wste) {
throw new Exception("WebServiceTransportException", wste);
}
return null;
}
it returns UnsupportedCallbackException following is error details
Original Exception was org.apache.wss4j.common.ext.WSSecurityException: Callback supplied no password for: 1
Original Exception was javax.security.auth.callback.UnsupportedCallbackException
<?xml version="1.0" encoding="UTF-8"?><soapenv:Fault xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"><faultcode>soapenv:Client</faultcode><faultstring xml:lang="en">Callback supplied no password for: 1; nested exception is org.apache.wss4j.common.ext.WSSecurityException: Callback supplied no password for: 1
Original Exception was org.apache.wss4j.common.ext.WSSecurityException: Callback supplied no password for: 1
Original Exception was javax.security.auth.callback.UnsupportedCallbackException</faultstring></soapenv:Fault>null
org.springframework.web.client.HttpServerErrorException$InternalServerError: 500 Server Error
Process finished with exit code 0
I'm not sure what I am missing here can any one relate please?
PS. I am using the same key stores with soap ui and it works fine
