Я получаю исключение BadPaddingException при попытке запросить новый токен из STS с помощью клиента CXF (v 3.0.6), настроенного в Spring XML.
Я могу получить токен с первой попытки и использоватьэто вызвать целевой веб-сервис несколько раз успешно, но когда токен истекает, я не могу получить новый. Я получаю исключение BadPaddingException при расшифровке ответа STS.
Я установил для свойства «AllowRenewing» STSClient значение false, поскольку вызываемый STS не позволяет обновлять.
Вот мойSpring-конфигурация клиента CXF
<util:properties id="signatureProperties">
<!-- keystore -->
<prop key="org.apache.ws.security.crypto.provider">org.apache.ws.security.components.crypto.Merlin</prop>
<prop key="org.apache.ws.security.crypto.merlin.keystore.type">jks</prop>
<prop key="org.apache.ws.security.crypto.merlin.file">${SMDB_KEYSTORE_PATH}</prop>
<prop key="org.apache.ws.security.crypto.merlin.keystore.alias">${SMDB_KEYSTORE_ALIAS}</prop>
<prop key="org.apache.ws.security.crypto.merlin.keystore.password">${SMDB_KEYSTORE_PASSWORD}</prop>
<!-- truststore -->
<prop key="org.apache.ws.security.crypto.merlin.truststore.type">jks</prop>
<prop key="org.apache.ws.security.crypto.merlin.truststore.alias">${SMDB_TRUSTSTORE_SERVICE_ALIAS}</prop>
<prop key="org.apache.ws.security.crypto.merlin.truststore.file">${SMDB_TRUSTSTORE_PATH}</prop>
<prop key="org.apache.ws.security.crypto.merlin.truststore.password">${SMDB_TRUSTSTORE_PASSWORD}</prop>
</util:properties>
<util:properties id="stsEncryptionProperties">
<prop key="org.apache.ws.security.crypto.merlin.keystore.type">jks</prop>
<!--prop key="org.apache.ws.security.crypto.merlin.keystore.provider">SunPKCS11</prop-->
<prop key="org.apache.ws.security.crypto.merlin.keystore.password">${SMDB_TRUSTSTORE_PASSWORD}</prop>
<prop key="org.apache.ws.security.crypto.merlin.file">${SMDB_TRUSTSTORE_PATH}</prop>
<prop key="org.apache.ws.security.crypto.merlin.keystore.alias">${SMDB_TRUSTSTORE_STS_ALIAS}</prop>
</util:properties>
<jaxws:client name="{http://smdb.dst.dk/api/external/v1/}SoapBinding_ISecureIndsaetData"
createdFromAPI="true"
wsdlLocation="wsdl/smdb-secureindsaetdata.wsdl"
address="${SMDB_INSERT_DATA_WEBSERVICE_URL}">
<jaxws:properties>
<entry key="ws-security.sts.applies-to" value="${SMDB_STS_APPLIES_TO}" />
<entry key="ws-security.encryption.username" value="${SMDB_TRUSTSTORE_SERVICE_ALIAS}" />
<entry key="ws-security.encryption.properties" value-ref="signatureProperties" />
<entry key="ws-security.signature.username" value="${SMDB_KEYSTORE_ALIAS}" />
<entry key="ws-security.signature.properties" value-ref="signatureProperties" />
<entry key="ws-security.callback-handler" value-ref="clientCallbackHandler" />
<!-- the response from the STS is not BSP 1.1 compliant (missing c14n transform in the signature) -->
<entry key="ws-security.is-bsp-compliant" value="false" />
<entry key="ws-security.sts.client">
<bean class="com.systematic.cura.integration.smdb.security.DigstSTSClient">
<constructor-arg ref="cxf" />
<property name="wsdlLocation" value="wsdl/sts.wsdl" />
<property name="serviceName" value="{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService" />
<property name="endpointName" value="{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}STS_Port" />
<property name="endpointAddress" value="https://${SMDB_STS_SERVICE_HOST}:${SMDB_STS_SERVICE_PORT}/SecurityTokenService.svc" />
<property name="allowRenewing" value="false"/>
<property name="enableLifetime" value="true"/>
<property name="ttl" value="60"/>
<property name="properties">
<map>
<entry key="ws-security.signature.username" value="${SMDB_KEYSTORE_ALIAS}" />
<entry key="ws-security.signature.properties" value-ref="signatureProperties" />
<entry key="ws-security.asymmetric.signature.algorithm" value="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256" />
<entry key="ws-security.encryption.username" value="${SMDB_TRUSTSTORE_STS_ALIAS}" />
<entry key="ws-security.encryption.properties" value-ref="stsEncryptionProperties" />
</map>
</property>
</bean>
</entry>
</jaxws:properties>
</jaxws:client>
Я получаю следующую ошибку:
2019-10-08 09:36:20.500 INFO class=o.a.c.s.S.S.STS thread="smdb-scheduler_Worker-4" Inbound Message
----------------------------
ID: 3
Response-Code: 200
Encoding: UTF-8
Content-Type: text/xml; charset=utf-8
Headers: {Content-Length=[16558], content-type=[text/xml; charset=utf-8], Date=[Tue, 08 Oct 2019 07:36:20 GMT], Server=[Microsoft-IIS/10.0], X-Powered-By=[ASP.NET], X-served-by=[001]}
Payload: <S11:Envelope xmlns:S11="http://schemas.xmlsoap.org/soap/envelope/" xmlns:wsa="http://www.w3.org/2005/08/addressing" xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd" xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><S11:Header><wsa:Action wsu:Id="action">http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</wsa:Action><wsa:MessageID wsu:Id="messageid">uuid:0311ce73-d06c-4b7c-9aeb-df3c58880b1d</wsa:MessageID><wsa:RelatesTo wsu:Id="relatesto">uuid:9abfda57-0eb4-474b-8de1-eeb217ab173c</wsa:RelatesTo><wsse:Security S11:mustUnderstand="1"><wsu:Timestamp wsu:Id="sec_timestamp"><wsu:Created>2019-10-08T07:36:20.452Z</wsu:Created><wsu:Expires>2019-10-08T07:37:20.086Z</wsu:Expires></wsu:Timestamp><Signature xmlns="http://www.w3.org/2000/09/xmldsig#"><SignedInfo><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></CanonicalizationMethod><SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"></SignatureMethod><Reference URI="#action"><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod><DigestValue>EsbIUxpFxODWjQNQay887WVHi0rRyqunTS6rvEEwU8k=</DigestValue></Reference><Reference URI="#messageid"><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod><DigestValue>MBQpLzrEtwy7YVe+pWYGhOa5x3NyqibYX/grvREIjRU=</DigestValue></Reference><Reference URI="#relatesto"><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod><DigestValue>fhLVST5j8jwSDU0cA7le7YqkkpXQo71uTBD0/crLqUQ=</DigestValue></Reference><Reference URI="#sec_timestamp"><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod><DigestValue>U0Fs+DT+n5mWHq9pNYQ5dtCye/LTdI+fAZHopJvdpz0=</DigestValue></Reference><Reference URI="#body"><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod><DigestValue>+h4qIDCdWOy8++pYKI3iKRtc1rhcIx1GJNzEWS6YYac=</DigestValue></Reference></SignedInfo><SignatureValue>Ps+39jnZeJES04GElgbWqlfR1LohFUDjobuhH+QHZutYz7TSSTwaiStGsN4bnMo0qF079V6TyrU5qfp709jxzi3pzAC/5EMnWbGdv755G55h9w1opFTABbJGz3z2XGXrzgdisp/GxDmRyiZ93GMxhDHY/sx8M3f5HaYhj9dAUlrjUAhZHxq7m5zzdcvm5Bd8u18YXd6iiugqGN0hKf1WybaxAcHODMe//I9zJUF8SadRVU54Q9NBpYup7ow3NLfdZ8QgxzuOTwwHpchhOQUyn7D33xAtxSF3iw0Ah59anE/QYuLRiG8C4Cam7L9U5zUEkaaa8Vv+aSz8X4G//YZMRg==</SignatureValue></Signature></wsse:Security></S11:Header><S11:Body wsu:Id="body"><RequestSecurityTokenResponseCollection xmlns="http://docs.oasis-open.org/ws-sx/ws-trust/200512"><RequestSecurityTokenResponse Context="urn:uuid:2790a13e-76e4-4bf3-b48f-dab9d5f166b7"><TokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</TokenType><AppliesTo xmlns="http://schemas.xmlsoap.org/ws/2002/12/policy"><EndpointReference xmlns="http://www.w3.org/2005/08/addressing"><Address>https://sts.saml.test.smdb.dst.dk/</Address></EndpointReference></AppliesTo><RequestedSecurityToken><EncryptedAssertion xmlns="urn:oasis:names:tc:SAML:2.0:assertion"><xenc:EncryptedData Type="http://www.w3.org/2001/04/xmlenc#Element" wsu:Id="encryptedassertion" xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"><xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/><KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#"><e:EncryptedKey xmlns:e="http://www.w3.org/2001/04/xmlenc#"><e:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"><DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/></e:EncryptionMethod><KeyInfo><o:SecurityTokenReference xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><X509Data><X509IssuerSerial><X509IssuerName>CN=TRUST2408 Systemtest XIX CA, O=TRUST2408, C=DK</X509IssuerName><X509SerialNumber>1478018816</X509SerialNumber></X509IssuerSerial></X509Data></o:SecurityTokenReference></KeyInfo><e:CipherData><e:CipherValue>U2aYJQ5NdZObrbSbdQe1xjyE9VszM3XnXTFe4oPK4fLf7HXqz2//yeBSeOXKjqW2pFII1Xo5uFfQFT2zNjPZ7Zfk+blo6x33OOAfmKGhy304NZ9TxQJa6skoQQZC8pgHtGNo/yoA3n8sbT+iYi2vFtnRqLOhp1r5TwwoDoeKui+C9IcxcwSw86+aYYHvHEoi33rikrOXRX0TC5/COo7vFY/EIGnWI1/7dOoG8ird5av9AlnKBVjNvyEsjPS8pjHAbKwBx4liLGW4lDY1GOCnUajogamLgABMM3dpg3lU8Gm5HX3p9Gu8UPVRsBUD4nUSKAq9qEX1USUYa2cQdefB0w==</e:CipherValue></e:CipherData></e:EncryptedKey></KeyInfo><xenc:CipherData><xenc:CipherValue>FCMNCuFPUQ0P/aPDjBUw6mTml+C5jrY8F696IFpAVM91z7koHwkCK+SH9...</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></EncryptedAssertion></RequestedSecurityToken><wst:RequestedAttachedReference xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"><wsse:SecurityTokenReference><wsse:Reference URI="#encryptedassertion"/></wsse:SecurityTokenReference></wst:RequestedAttachedReference><wst:RequestedUnattachedReference xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"><wsse:SecurityTokenReference><wsse:Reference URI="#encryptedassertion"/></wsse:SecurityTokenReference></wst:RequestedUnattachedReference><Lifetime><Created xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2019-10-08T07:36:20.452Z</Created><Expires xmlns="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd">2019-10-08T07:37:20.086Z</Expires></Lifetime></RequestSecurityTokenResponse></RequestSecurityTokenResponseCollection></S11:Body></S11:Envelope>
--------------------------------------
2019-10-08 09:36:20.506 FINE class=o.a.c.w.s.w.WSS4JInInterceptor thread="smdb-scheduler_Worker-4" WSS4JInInterceptor: enter handleMessage()
2019-10-08 09:36:20.510 DEBUG class=o.a.j.x.d.i.d.DOMSignatureMethod thread="smdb-scheduler_Worker-4" Signature provider:SunRsaSign version 1.8
2019-10-08 09:36:20.511 DEBUG class=o.a.j.x.d.i.d.DOMSignatureMethod thread="smdb-scheduler_Worker-4" Verifying with key: Sun RSA public key, 2048 bits
modulus: 1777916757386031245861122923257003193285780018460556568365356826910491627286858802420774031270781...
public exponent: 65537
2019-10-08 09:36:20.511 DEBUG class=o.a.j.x.d.i.d.DOMSignatureMethod thread="smdb-scheduler_Worker-4" JCA Algorithm: SHA256withRSA
2019-10-08 09:36:20.511 DEBUG class=o.a.j.x.d.i.d.DOMSignatureMethod thread="smdb-scheduler_Worker-4" Signature Bytes length: 256
2019-10-08 09:36:20.511 DEBUG class=o.a.j.x.d.i.d.ApacheCanonicalizer thread="smdb-scheduler_Worker-4" Created transform for algorithm: http://www.w3.org/2001/10/xml-exc-c14n#
2019-10-08 09:36:20.511 DEBUG class=o.a.j.x.d.i.d.ApacheCanonicalizer thread="smdb-scheduler_Worker-4" isNodeSet() = true
2019-10-08 09:36:20.512 DEBUG class=o.a.j.x.d.i.d.DOMSignedInfo thread="smdb-scheduler_Worker-4" Canonicalized SignedInfo:
2019-10-08 09:36:20.512 DEBUG class=o.a.j.x.d.i.d.DOMSignedInfo thread="smdb-scheduler_Worker-4" <SignedInfo xmlns="http://www.w3.org/2000/09/xmldsig#"><CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"></CanonicalizationMethod><SignatureMethod Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"></SignatureMethod><Reference URI="#action"><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod><DigestValue>EsbIUxpFxODWjQNQay887WVHi0rRyqunTS6rvEEwU8k=</DigestValue></Reference><Reference URI="#messageid"><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod><DigestValue>MBQpLzrEtwy7YVe+pWYGhOa5x3NyqibYX/grvREIjRU=</DigestValue></Reference><Reference URI="#relatesto"><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod><DigestValue>fhLVST5j8jwSDU0cA7le7YqkkpXQo71uTBD0/crLqUQ=</DigestValue></Reference><Reference URI="#sec_timestamp"><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod><DigestValue>U0Fs+DT+n5mWHq9pNYQ5dtCye/LTdI+fAZHopJvdpz0=</DigestValue></Reference><Reference URI="#body"><Transforms><Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"></Transform></Transforms><DigestMethod Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"></DigestMethod><DigestValue>+h4qIDCdWOy8++pYKI3iKRtc1rhcIx1GJNzEWS6YYac=</DigestValue></Reference></SignedInfo>
2019-10-08 09:36:20.512 DEBUG class=o.a.j.x.d.i.d.DOMSignedInfo thread="smdb-scheduler_Worker-4" Data to be signed/verified:PFNpZ25lZEluZm8geG1sbnM9Imh0dHA6Ly93d3cudzMub3JnLzIwMDAvMDkveG1sZHNpZyMiPjxDYW5vbmljYWxpemF0aW9uTWV0a...
2019-10-08 09:36:20.517 WARNING class=o.a.c.p.PhaseInterceptorChain thread="smdb-scheduler_Worker-4" Interceptor for {http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService#{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Issue has thrown exception, unwinding now: org.apache.cxf.binding.soap.SoapFault: The signature or decryption was invalid
at org.apache.cxf.ws.security.wss4j.WSS4JUtils.createSoapFault(WSS4JUtils.java:268)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:333)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:190)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:127)
at org.apache.cxf.ws.security.wss4j.PolicyBasedWSS4JInInterceptor.handleMessage(PolicyBasedWSS4JInInterceptor.java:112)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:802)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1644)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1532)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1330)
at org.apache.cxf.io.CacheAndWriteOutputStream.postClose(CacheAndWriteOutputStream.java:56)
at org.apache.cxf.io.CachedOutputStream.close(CachedOutputStream.java:215)
at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:652)
at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
at org.apache.cxf.ws.security.trust.AbstractSTSClient.issue(AbstractSTSClient.java:848)
at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:61)
at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:55)
at org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:51)
at org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.getTokenFromSTS(IssuedTokenInterceptorProvider.java:397)
at org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.issueToken(IssuedTokenInterceptorProvider.java:528)
at org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.renewToken(IssuedTokenInterceptorProvider.java:429)
at org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.handleMessage(IssuedTokenInterceptorProvider.java:167)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:307)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:516)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:425)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:326)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:279)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:138)
at com.sun.proxy.$Proxy123.indsaetAnmodning(Unknown Source)
at com.systematic.cura.integration.smdb.webserviceclient.SmdbInsertDataClient.submit(SmdbInsertDataClient.java:69)
at com.systematic.cura.integration.smdb.webserviceclient.SmdbInsertDataClient$$FastClassBySpringCGLIB$$cc38b014.invoke(<generated>)
at org.springframework.cglib.proxy.MethodProxy.invoke(MethodProxy.java:204)
at org.springframework.aop.framework.CglibAopProxy$CglibMethodInvocation.invokeJoinpoint(CglibAopProxy.java:738)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:157)
at org.springframework.aop.aspectj.AspectJAfterThrowingAdvice.invoke(AspectJAfterThrowingAdvice.java:62)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at org.springframework.aop.interceptor.ExposeInvocationInterceptor.invoke(ExposeInvocationInterceptor.java:92)
at org.springframework.aop.framework.ReflectiveMethodInvocation.proceed(ReflectiveMethodInvocation.java:179)
at org.springframework.aop.framework.CglibAopProxy$DynamicAdvisedInterceptor.intercept(CglibAopProxy.java:673)
at com.systematic.cura.integration.smdb.webserviceclient.SmdbInsertDataClient$$EnhancerBySpringCGLIB$$dbe21249.submit(<generated>)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:498)
at org.apache.camel.component.bean.MethodInfo.invoke(MethodInfo.java:472)
at org.apache.camel.component.bean.MethodInfo$1.doProceed(MethodInfo.java:291)
at org.apache.camel.component.bean.MethodInfo$1.proceed(MethodInfo.java:264)
at org.apache.camel.component.bean.BeanProcessor.process(BeanProcessor.java:178)
at org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:77)
at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:97)
at com.systematic.cura.integration.common.logging.FlowIdInterceptor.lambda$wrapProcessorInInterceptors$0(FlowIdInterceptor.java:33)
at org.apache.camel.util.AsyncProcessorConverterHelper$ProcessorToAsyncProcessorBridge.process(AsyncProcessorConverterHelper.java:61)
at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:110)
at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:110)
at org.apache.camel.processor.CamelInternalProcessor.process(CamelInternalProcessor.java:198)
at org.apache.camel.processor.Pipeline.process(Pipeline.java:120)
at org.apache.camel.processor.Pipeline.process(Pipeline.java:83)
at org.apache.camel.processor.TryProcessor.process(TryProcessor.java:113)
at org.apache.camel.processor.TryProcessor.process(TryProcessor.java:84)
at org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:77)
at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:97)
at com.systematic.cura.integration.common.logging.FlowIdInterceptor.lambda$wrapProcessorInInterceptors$0(FlowIdInterceptor.java:33)
at org.apache.camel.util.AsyncProcessorConverterHelper$ProcessorToAsyncProcessorBridge.process(AsyncProcessorConverterHelper.java:61)
at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:110)
at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:110)
at org.apache.camel.processor.CamelInternalProcessor.process(CamelInternalProcessor.java:198)
at org.apache.camel.processor.Pipeline.process(Pipeline.java:120)
at org.apache.camel.processor.Pipeline.process(Pipeline.java:83)
at org.apache.camel.processor.CamelInternalProcessor.process(CamelInternalProcessor.java:198)
at org.apache.camel.component.direct.DirectProducer.process(DirectProducer.java:62)
at org.apache.camel.processor.SendProcessor.process(SendProcessor.java:145)
at org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:77)
at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:97)
at com.systematic.cura.integration.common.logging.FlowIdInterceptor.lambda$wrapProcessorInInterceptors$0(FlowIdInterceptor.java:33)
at org.apache.camel.util.AsyncProcessorConverterHelper$ProcessorToAsyncProcessorBridge.process(AsyncProcessorConverterHelper.java:61)
at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:110)
at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:110)
at org.apache.camel.processor.RedeliveryErrorHandler.process(RedeliveryErrorHandler.java:541)
at org.apache.camel.processor.CamelInternalProcessor.process(CamelInternalProcessor.java:198)
at org.apache.camel.processor.RedeliveryErrorHandler.process(RedeliveryErrorHandler.java:541)
at org.apache.camel.processor.CamelInternalProcessor.process(CamelInternalProcessor.java:198)
at org.apache.camel.processor.MulticastProcessor.doProcessSequential(MulticastProcessor.java:695)
at org.apache.camel.processor.MulticastProcessor.doProcessSequential(MulticastProcessor.java:623)
at org.apache.camel.processor.MulticastProcessor.process(MulticastProcessor.java:247)
at org.apache.camel.processor.Splitter.process(Splitter.java:114)
at org.apache.camel.management.InstrumentationProcessor.process(InstrumentationProcessor.java:77)
at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:97)
at com.systematic.cura.integration.common.logging.FlowIdInterceptor.lambda$wrapProcessorInInterceptors$0(FlowIdInterceptor.java:33)
at org.apache.camel.util.AsyncProcessorConverterHelper$ProcessorToAsyncProcessorBridge.process(AsyncProcessorConverterHelper.java:61)
at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:110)
at org.apache.camel.processor.DelegateAsyncProcessor.process(DelegateAsyncProcessor.java:110)
at org.apache.camel.processor.RedeliveryErrorHandler.process(RedeliveryErrorHandler.java:541)
at org.apache.camel.processor.CamelInternalProcessor.process(CamelInternalProcessor.java:198)
at org.apache.camel.processor.Pipeline.process(Pipeline.java:120)
at org.apache.camel.processor.Pipeline.process(Pipeline.java:83)
at org.apache.camel.processor.CamelInternalProcessor.process(CamelInternalProcessor.java:198)
at org.apache.camel.processor.loadbalancer.QueueLoadBalancer.process(QueueLoadBalancer.java:44)
at org.apache.camel.util.AsyncProcessorHelper.process(AsyncProcessorHelper.java:109)
at org.apache.camel.processor.loadbalancer.LoadBalancerSupport.process(LoadBalancerSupport.java:97)
at org.apache.camel.component.quartz2.CamelJob.execute(CamelJob.java:58)
at org.quartz.core.JobRunShell.run(JobRunShell.java:202)
at org.quartz.simpl.SimpleThreadPool$WorkerThread.run(SimpleThreadPool.java:573)
Caused by: org.apache.wss4j.common.ext.WSSecurityException: The signature or decryption was invalid
at org.apache.wss4j.dom.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:450)
at org.apache.wss4j.dom.processor.SignatureProcessor.handleToken(SignatureProcessor.java:224)
at org.apache.wss4j.dom.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:428)
at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessageInternal(WSS4JInInterceptor.java:278)
... 107 more
Однако отладка показывает, что источником ошибки является BadPaddingException из класса RSAPadding в rtФайл .jar моего jdk (jdk1.8.0_221).
javax.crypto.BadPaddingException: Decryption error
at sun.security.rsa.RSAPadding.unpadV15(RSAPadding.java:383)
at sun.security.rsa.RSAPadding.unpad(RSAPadding.java:294)
at sun.security.rsa.RSASignature.engineVerify(RSASignature.java:194)
at java.security.Signature$Delegate.engineVerify(Signature.java:1222)
at java.security.Signature.verify(Signature.java:655)
at org.apache.jcp.xml.dsig.internal.dom.DOMSignatureMethod.verify(DOMSignatureMethod.java:238)
at org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature$DOMSignatureValue.validate(DOMXMLSignature.java:562)
at org.apache.jcp.xml.dsig.internal.dom.DOMXMLSignature.validate(DOMXMLSignature.java:254)
at org.apache.wss4j.dom.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:419)
at org.apache.wss4j.dom.processor.SignatureProcessor.handleToken(SignatureProcessor.java:224)
Я пытался добавить отладку ssl и отладку ws-security, но я не вижу никакой разницы между первым и вторым вызовомк СС.
Может кто-нибудь помочь мне разобраться?