SoapFault MustUnderstand headers, CXF WSS4J No crypto property file supplied

Question

My SOAP server is receiving a SOAP message with must understand headers set to 1.

In order to understand the header I am using a wss4j interceptor.

My sign.properties file is:

org.apache.ws.security.crypto.provider=org.apache.wss4j.common.crypto.Merlin
org.apache.ws.security.crypto.merlin.truststore.type=jks
org.apache.ws.security.crypto.merlin.truststore.password=changeit    
org.apache.ws.security.crypto.merlin.truststore.file=keystore/truststore.jks

My Endpoint xml:

    <jaxws:inInterceptors>
        <bean class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
            <constructor-arg>
                <map>
                    <entry key="action" value="Timestamp Signature"/>
                    <entry key="signaturePropFile" value="XXXXXX/WEB-INF/classes/etc/sign.properties"/>
                    <entry key="passwordCallbackClass" value="XX.XX.XX.XXXXXX.lifecycleapp.UTPasswordCallback"/>
                </map>
            </constructor-arg>
        </bean>
    </jaxws:inInterceptors>  

However I am getting the error "org.apache.wss4j.common.ext.WSSecurityException: No crypto property file supplied to verify signature"

I am assuming it is something as simple as not correctly addressing the signaturePropFile but I have tried giving the full file path but that has returned the same result.

Any help would be greatly appreciated.

Answer 1

Start by enabling DEBUG/FINE logging. It will tell you exactly what the problem is....likely that it can't load the path you have given. I would suggest trying the following instead:

<entry key="signaturePropFile" value="classes/etc/sign.properties"/>

Colm.