I have a problem about running config server in my spring boot microservice example.
After I defined the dependency shown below, I tried to encrypt the password.
<dependency>
<groupId>com.github.ulisesbocchio</groupId>
<artifactId>jasypt-spring-boot-starter</artifactId>
</dependency>
Next, I want to test if it works or not through this code snippet shown below.
public static void main(String[] args) {
StandardPBEStringEncryptor standardPBEStringEncryptor = new StandardPBEStringEncryptor();
standardPBEStringEncryptor.setPassword("demo-password");
standardPBEStringEncryptor.setAlgorithm("PBEWithHMACSHA512AndAES_256");
standardPBEStringEncryptor.setIvGenerator(new RandomIvGenerator());
String result = standardPBEStringEncryptor.encrypt("spring-cloud-password");
System.out.println(result);
System.out.println(standardPBEStringEncryptor.decrypt(result));
}
Then I copied it and pasted it wrapping with ENC(encrpted-password) in yml file.
Here is the yml file shown below
spring:
application:
name: configserver
cloud:
config:
server:
git:
uri: Github-repo-address
username: Github-username
password: github-token
clone-on-start: true
default-label: main
fail-fast: true
security:
user:
name: spring-cloud-user
password: ENC(YcplhYriW9Uwo+pByJxBl04lqiQKGEIbBgVeIXn+DBITIHV9IUVenfknA2VHFswkm144fSrQRqjxZ17+g+z3GA==)
jasypt:
encryptor:
password: ${PASSWORD}
I get ${PASSWORD} from program arguments part.
Next, I run the app but I got this issue shown below.
com.ulisesbocchio.jasyptspringboot.exception.DecryptionException: Unable to decrypt: ENC(YcplhYriW9Uwo+pByJxBl04lqiQKGEIbBgVeIXn+DBITIHV9IUVenfknA2VHFswkm144fSrQRqjxZ17+g+z3GA==). Decryption of Properties failed, make sure encryption/decryption passwords match
at com.ulisesbocchio.jasyptspringboot.resolver.DefaultPropertyResolver.lambda$resolvePropertyValue$0(DefaultPropertyResolver.java:46)
at java.base/java.util.Optional.map(Optional.java:260)
at com.ulisesbocchio.jasyptspringboot.resolver.DefaultPropertyResolver.resolvePropertyValue(DefaultPropertyResolver.java:40)
at com.ulisesbocchio.jasyptspringboot.resolver.DefaultLazyPropertyResolver.resolvePropertyValue(DefaultLazyPropertyResolver.java:50)
at com.ulisesbocchio.jasyptspringboot.EncryptablePropertySource.getProperty(EncryptablePropertySource.java:20)
at com.ulisesbocchio.jasyptspringboot.caching.CachingDelegateEncryptablePropertySource.getProperty(CachingDelegateEncryptablePropertySource.java:41)
at com.ulisesbocchio.jasyptspringboot.wrapper.EncryptableMapPropertySourceWrapper.getProperty(EncryptableMapPropertySourceWrapper.java:31)
at org.springframework.cloud.bootstrap.encrypt.EnvironmentDecryptApplicationInitializer.merge(EnvironmentDecryptApplicationInitializer.java:236)
at org.springframework.cloud.bootstrap.encrypt.EnvironmentDecryptApplicationInitializer.merge(EnvironmentDecryptApplicationInitializer.java:207)
at org.springframework.cloud.bootstrap.encrypt.EnvironmentDecryptApplicationInitializer.decrypt(EnvironmentDecryptApplicationInitializer.java:189)
at org.springframework.cloud.bootstrap.encrypt.EnvironmentDecryptApplicationInitializer.initialize(EnvironmentDecryptApplicationInitializer.java:124)
at org.springframework.cloud.bootstrap.BootstrapApplicationListener$DelegatingEnvironmentDecryptApplicationInitializer.initialize(BootstrapApplicationListener.java:441)
at org.springframework.boot.SpringApplication.applyInitializers(SpringApplication.java:626)
at org.springframework.boot.SpringApplication.prepareContext(SpringApplication.java:370)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:314)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1237)
at org.springframework.boot.SpringApplication.run(SpringApplication.java:1226)
at com.microservices.demo.config.server.ConfigServer.main(ConfigServer.java:11)
Caused by: org.jasypt.exceptions.EncryptionOperationNotPossibleException: null
at org.jasypt.encryption.pbe.StandardPBEByteEncryptor.decrypt(StandardPBEByteEncryptor.java:1169)
at org.jasypt.encryption.pbe.StandardPBEStringEncryptor.decrypt(StandardPBEStringEncryptor.java:738)
at org.jasypt.encryption.pbe.PooledPBEStringEncryptor.decrypt(PooledPBEStringEncryptor.java:511)
at com.ulisesbocchio.jasyptspringboot.encryptor.DefaultLazyEncryptor.decrypt(DefaultLazyEncryptor.java:57)
at com.ulisesbocchio.jasyptspringboot.resolver.DefaultPropertyResolver.lambda$resolvePropertyValue$0(DefaultPropertyResolver.java:44)
... 17 common frames omitted
How can I fix it?
Edited I passed the value as shown below
Program Arguments -> -Djasypt.encryptor.password='Demo_Pwd!2020'
1.Make sure that the jasypt.encryptor.password property in your application.yml file is set to the same value as the demo-password that you used when encrypting the spring-cloud-password in your main method.
2.Make sure that you are passing the correct value for the PASSWORD program argument when running your application.
3.Make sure that you are using the correct algorithm when encrypting and decrypting the password. In your main method, you are using the "PBEWithHMACSHA512AndAES_256" algorithm, but it's not clear if this is the same algorithm that is being used by Jasypt in your application.
4.Make sure that you are using the correct value for the encrypted password in your application.yml file. It's possible that the value you have pasted there is incorrect or has been modified in some way.
Related
I'm trying to write a Java application for digitally signing documents using a bit4Id miniLector token.
I'm in a Linux development environment.
The token is correctly installed, I can sign my documents also with the app downloaded from the manufacturer, but I have to write a new one for other purposes. The driver used is located at
/usr/lib/x86_64-linux-gnu/engines-1.1/pkcs11.so
I'm stuck with this error:
/usr/lib/jvm/jdk1.8.0_111/bin/java ...
Exception in thread "main" java.security.ProviderException: Initialization failed
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:376)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:103)
at com.itextpdf.samples.signatures.chapter02.C2_01_SignHelloWorld.main
(C2_01_SignHelloWorld.java:83)
Caused by: java.io.IOException: ERROR: C_GetFunctionList == NULL
at sun.security.pkcs11.wrapper.PKCS11.connect(Native Method)
at sun.security.pkcs11.wrapper.PKCS11.<init>(PKCS11.java:138)
at sun.security.pkcs11.wrapper.PKCS11.getInstance(PKCS11.java:151)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:313)
... 2 more
The provider is listed in $JAVA_HOME/jre/lib/security/java.security file as:
security.provider.10=sun.security.pkcs11.SunPKCS11
The code behaving this way is this:
String configFile = "/opt/bar/cfg/pkcs11.cfg";
Provider provider = new sun.security.pkcs11.SunPKCS11(configFile); <-- line 83
The needed libraries are all imported by my IDE and I have no compile/link errors.
I didn't find this exact type of error in hours of googling.
If you need any further information let me know, any kind help is very appreciated, thanks.
For visual clarity I add all missing information with respect to the original question here below
Updates
Content of the pkcs11.cfg file:
$ cat /opt/bar/cfg/pkcs11.cfg
name="bit4id miniLector-EVO"
library=/usr/lib/x86_64-linux-gnu/engines-1.1/pkcs11.so
Ok, I got it.
The problem is the driver.
Replacing
/usr/lib/x86_64-linux-gnu/engines-1.1/pkcs11.so
with
/opt/Firma4NG/System/Firma4NG_Linux/Firma4/drivers/mu-x64/libbit4xpki.so
that is one of the manufacturer's driver, now I can go further and, for example, dumping all info about the card:
Information for provider SunPKCS11-bit4id miniLector-EVO
Library info:
cryptokiVersion: 2.20
manufacturerID: bit4id srl
flags: 0
libraryDescription: bit4id PKCS#11
libraryVersion: 1.02
...
This question can be closed.
I'm having trouble using the javax.mail package on AWS Lambda.
When trying to get the content of an email, the getContent() method returns a MimeMultipart object when run locally. When run mounted to the AWS lambda java8 docker image, it returns IMAPInputStream.
I've seen solutions to this that involve setting the class loader on the current thread like so: Thread.currentThread().setContextClassLoader(this.class.getClassLoader());
However, this did not work for me. The classloader when running locally differs from the classloader when running against the lambda java8 docker image.
Local: sun.misc.Launcher$AppClassLoader
Docker: java.net.URLClassLoader
I tried explicitly loading the class using the system class loader sun.misc.Launcher$AppClassLoader like this:
Class c = java.lang.ClassLoader.getSystemClassLoader().loadClass("helpers.MailReader");
MailReader mail = (MailReader)c.newInstance();
This works fine when run locally, but again fails against the docker image with this:
java.lang.ClassNotFoundException: helpers.MailReader
So there is something different about the system class loader across the environments.
I don't know that much about Java, and it seems like I'm just missing something simple and making this more complicated than it is.
What could be the difference in environments that could produce this?
EDIT: Debug output from javax.activation.debug:
MailcapCommandMap: load HOME
new MailcapFile: file /home/sbx_user1051/.mailcap
MailcapCommandMap: load SYS
new MailcapFile: file /usr/lib/jvm/java-1.8.0-openjdk-1.8.0.141-1.b16.32.amzn1.x86_64/jre/lib/mailcap
MailcapCommandMap: load JAR
MailcapCommandMap: getResources
MailcapCommandMap: URL file:/var/task/META-INF/mailcap
new MailcapFile: InputStream
parse: text/plain;; x-java-content-handler=com.sun.mail.handlers.text_plain
Type: text/plain
Command: content-handler, Class: com.sun.mail.handlers.text_plain
parse: text/html;; x-java-content-handler=com.sun.mail.handlers.text_html
Type: text/html
Command: content-handler, Class: com.sun.mail.handlers.text_html
parse: text/xml;; x-java-content-handler=com.sun.mail.handlers.text_xml
Type: text/xml
Command: content-handler, Class: com.sun.mail.handlers.text_xml
parse: multipart/*;; x-java-content-handler=com.sun.mail.handlers.multipart_mixed; x-java-fallback-entry=true
Type: multipart/*
Command: content-handler, Class: com.sun.mail.handlers.multipart_mixed
parse: message/rfc822;; x-java-content-handler=com.sun.mail.handlers.message_rfc822
Type: message/rfc822
Command: content-handler, Class: com.sun.mail.handlers.message_rfc822
MailcapCommandMap: successfully loaded mailcap file from URL: file:/var/task/META-INF/mailcap
MailcapCommandMap: load DEF
new MailcapFile: InputStream
parse: image/gif;; x-java-view=com.sun.activation.viewers.ImageViewer
Type: image/gif
Command: view, Class: com.sun.activation.viewers.ImageViewer
parse: image/jpeg;; x-java-view=com.sun.activation.viewers.ImageViewer
Type: image/jpeg
Command: view, Class: com.sun.activation.viewers.ImageViewer
parse: text/*;; x-java-view=com.sun.activation.viewers.TextViewer
Type: text/*
Command: view, Class: com.sun.activation.viewers.TextViewer
parse: text/*;; x-java-edit=com.sun.activation.viewers.TextEditor
Type: text/*
Command: edit, Class: com.sun.activation.viewers.TextEditor
Merging commands for type text/*
MailcapCommandMap: successfully loaded mailcap file: /META-INF/mailcap.default
MailcapCommandMap: createDataContentHandler for multipart/alternative
search DB #1
search DB #2
search fallback DB #1
got content-handler
class com.sun.mail.handlers.multipart_mixed
Can't load DCH com.sun.mail.handlers.multipart_mixed; Exception: java.lang.ClassNotFoundException: com/sun/mail/handlers/multipart_mixed
search fallback DB #2
No solutions I found online related to this have helped
I am trying to create a spring cloud config server with following properties in my spring boot project.
spring.cloud.config.server.git.uri=git#bitbucket.org:user/config-server.git
spring.cloud.config.server.git.ignoreLocalSshSettings=true
spring.cloud.config.server.git.privateKey=-----BEGIN RSA PRIVATE KEY-----\nMIIEpAIBAAKCAQEAsuJNmk0OKZpaZRTu8V0tZ/r/lEz386PZrwV6uQFudkr3kvUEKBY4K+/5Hx8uMrdlUG0sZ3Pn3qaYQYoK2gWqOwBEhOcpZo1sDYvSQHNWLsl5BD/YEwbctrfGUrVJquhqW/lLh1GexjkbKxMfTZapHpxX8rNor+uo/H9tS5i+EvllVzj8phsMRKN3Iv+YlRPCTRvfEiw22b6dLPyiRNSSpLs3DnaOAPxynjgK5KM+XeuWqR0BQ+BURZQVTf7aN1S9ocbrcXrikv7Vg3/tQuLX3wjAH+TI/NGMyPEj4N96SYlmXxPGHgL0gr9tJgTJWpiGrRxdUwXw8gXoLjegY8sqxQIDAQABAoIBACIJeWagvs8ftY+COizm49rjIXpgYtWTGbp5um41XYVYol7uDApsn+eMU8SeNDYmOzrgaxCMN1RgMpxV3da6OTfcxyzap0ACLMsvDaSBzaY9Y69xTnXgWmLR+QSHxiqk6ofxmXN4DlP9TbQWgWBMCIXwjbN6e7LtjkvtGyjFOXV2eR19EFfw/rgnVN1CVurDp/IhhldZSz1UleXF9WK64s3lfNK7UD/12GbubcQPYgtJdQmzH4wzbievSjufVtN4qO5aWifQWjASlyCuauohXIBjUZzfvUQYkNmkjzVsvJQZ9Etx6w/CG/py2zvGfssXqoKgDvVPaYtJhrA2MooV98kCgYEA6N++PEcCYNFEBnzhaMBwYBKXxMzvsiyWnUSRsGXRYl26CwIZgye5MgeTHGPAaMZm2BiM6fP02YXH5gi9FtWruHg+5v+bLZDXuaPSiVL/Qby9lbgTe6w1l0y5agdipNZiocjgzdko26eePQqYbigcWHBiQ0DXFq8zMkjRF0bflocCgYEAxKX+whNGWrS8qb/LvNgTS3IJvQy0zsY0ntaPbAwW0vnuhEdSGcSRNwwDeaQMtkAdeboR2fwO59wjrp2KogZ60jATB/jyLvGMlLlWhNBPMBvPX8cWMgOrQRxbrP+h09TRmrgmb8GFzy984M9jb1MI+n9acalvYQq3FCF99vBR+1MCgYAlMGYO9kAY+hJk/th4hBLuJMn78cZtq9U5tFOX2grALLujOmicm2Fl7fO+WufFU7nk1LbcPctiWYz83XRlCyZrRTi2Zyd+9VyeFt1udMSy2NNl74mc/HlqeiQ6HIfSTzJdJ9lOxllSCsiocuK45MryDLCEkPxIcR4574sErprSTQKBgQDCk/lrcYUI1ZNkZ4oh9q/I1DL8o+j4PLjufiF16NRgt7shmiyLoKuLi1CY+RE2+GPyAYIOblEVbQbFjc8SGVVISxdZqSOB/bJ7qpQIYNIqKSpde/HjVSwMBhJUMLGgmBE6hYJKzHMpmbR4Ad1C1yeoLYGBvASgQej7e1RXll2YTwKBgQC7pCTX1a68Cq01gK/4k/Zz9YMAhiqJxx2RuCN9APtBgTT8qMjUE0pyqBS40l8KVRUhQQQIs8ybhaiiuFR1V0JJPph35PER6zRgTeN3X97qcFcR66wIb3pd0HCApd13eQEC4opk++dAzDC2L+Wp5MJulqZQucufdC+qhA38cj3/GA==-----END RSA PRIVATE KEY-----
spring.cloud.config.server.git.cloneOnStart=true
spring.cloud.config.server.git.hostKey=AAAAB3NzaC1yc2EAAAADAQABAAABAQCy4k2aTQ4pmlplFO7xXS1n+v+UTPfzo9mvBXq5AW52SveS9QQoFjgr7/kfHy4yt2VQbSxnc+fepphBigraBao7AESE5ylmjWwNi9JAc1YuyXkEP9gTBty2t8ZStUmq6Gpb+UuHUZ7GORsrEx9NlqkenFfys2iv66j8f21LmL4S+WVXOPymGwxEo3ci/5iVE8JNG98SLDbZvp0s/KJE1JKkuzcOdo4A/HKeOArkoz5d65apHQFD4FRFlBVN/to3VL2hxutxeuKS/tWDf+1C4tffCMAf5Mj80YzI8SPg33pJiWZfE8YeAvSCv20mBMlamIatHF1TBfDyBeguN6BjyyrF Zombie#DESKTOP-1T6OJ80
spring.cloud.config.server.git.hostKeyAlgorithm=ssh-rsa
Generated keys using sh-keygen utility in git bash.
I paste id_rsa.pub file content in bitbucket ssh key section.
While running this spring boot application, I am getting below exception
Caused by: java.lang.IllegalArgumentException: Bad Base64 input character at 379 : 64 (decimal)
at org.eclipse.jgit.util.Base64.decode(Base64.java:276) ~[org.eclipse.jgit-4.11.0.201803080745-r.jar:4.11.0.201803080745-r]
at org.eclipse.jgit.util.Base64.decode(Base64.java:298) ~[org.eclipse.jgit-4.11.0.201803080745-r.jar:4.11.0.201803080745-r]
at org.springframework.cloud.config.server.ssh.PropertyBasedSshSessionFactory.createSession(PropertyBasedSshSessionFactory.java:80) ~[spring-cloud-config-server-2.0.0.BUILD-SNAPSHOT.jar:2.0.0.BUILD-SNAPSHOT]
at org.eclipse.jgit.transport.JschConfigSessionFactory.createSession(JschConfigSessionFactory.java:199) ~[org.eclipse.jgit-4.11.0.201803080745-r.jar:4.11.0.201803080745-r]
at org.eclipse.jgit.transport.JschConfigSessionFactory.getSession(JschConfigSessionFactory.java:129) ~[org.eclipse.jgit-4.11.0.201803080745-r.jar:4.11.0.201803080745-r]
at org.eclipse.jgit.transport.SshTransport.getSession(SshTransport.java:140) ~[org.eclipse.jgit-4.11.0.201803080745-r.jar:4.11.0.201803080745-r]
at org.eclipse.jgit.transport.TransportGitSsh$SshFetchConnection.<init>(TransportGitSsh.java:280) ~[org.eclipse.jgit-4.11.0.201803080745-r.jar:4.11.0.201803080745-r]
... 122 common frames omitted
Is there anything wrong with the configuration or any encoding is required while passing host key?
Do not include the Zombie#DESKTOP-1T6OJ80 part in the hostkey. It should be only the Base64 part, and it's objecting to the #.
And, as #Konrad points out in a comment, if these are your keys, they are no longer usable and you must generate new keys.
I am trying to create an application which uses jira for authentication. I am using Jira Rest api for the same. In the documentation it says to use the same public key and consumer-key to create application link as given in the doc. This works fine, and I am able to create access-token. But in java code as mentioned in this, I am not sure what should be given for private_key. I tried two methods-
Generated a random private key using rsa and provided it in place of private_key which didn't work. It gave exception telling length too long. I tried for 2048, 1024, 512, 256 and 128 bits. Everything gave same error.
Application link:
Consumer-key: hardcoded-consumer
Consumer Name: hardcoded-consumer
Public Key:
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZDzGUGk6rElyPm0iOua0lWg84nOlhQN1gmTFTIu5WFyQFHZF6OA4HX7xATttQZ6N21yKMakuNdRvEudyN/coUqe89r3Ae+rkEIn4tCxGpJWX205xVF3Cgsn8ICj6dLUFQPiWXouoZ7HG0sPKhCLXXOvUXmekivtyx4bxVFD9Zy4SQ7IHTx0V0pZYGc6r1gF0LqRmGVQDaQSbivigH4mlVwoAO9Tfccf+V00hYuSvntU+B1ZygMw2rAFLezJmnftTxPuehqWu9xS5NVsPsWgBL7LOi3oY8lhzOYjbMKDWM6zUtpOmWJA52cVJW6zwxCxE28/592IARxlJcq14tjwYwIDAQAB
Generated private and public key pair and provided the same in application link and in code respectively. But in this case, I am unable to create access token. It is giving -
Application link:
Consumer-key: hardcoded-consumer
Consumer Name: hardcoded-consumer
Public Key:
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0YjCwIfYoprq/FQO6lb3asXrx LlJFuCvtinTF5p0GxvQGu5O3gYytUvtC2JlYzypSRjVxwxrsuRcP3e641SdASwfr mzyvIgP08N4S0IFzEURkV1wp/IpH7kH41EtbmUmrXSwfNZsnQRE5SYSOhh+LcK2w yQkdgcMv11l4KoBkcwIDAQAB
Exception in thread "main" java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at com.simontuffs.onejar.Boot.run(Boot.java:340)
at com.simontuffs.onejar.Boot.main(Boot.java:166)
Caused by: java.lang.RuntimeException: Failed to obtain request token
at com.atlassian.oauth.client.example.AtlassianOAuthClient.getRequestToken(AtlassianOAuthClient.java:66)
at com.atlassian.oauth.client.example.JIRAOAuthClient.main(JIRAOAuthClient.java:52)
... 6 more
Caused by: net.oauth.OAuthProblemException: signature_invalid
at net.oauth.client.OAuthResponseMessage.toOAuthProblemException(OAuthResponseMessage.java:83)
at net.oauth.client.OAuthClient.invoke(OAuthClient.java:306)
at net.oauth.client.OAuthClient.invoke(OAuthClient.java:260)
at net.oauth.client.OAuthClient.getRequestTokenResponse(OAuthClient.java:190)
at com.atlassian.oauth.client.example.AtlassianOAuthClient.getRequestToken(AtlassianOAuthClient.java:57)
Can someone explain me what should be done? Am I missing something here?
And also what is the difference between shared key, consumer key and public key?
Thanks in advance
The exception occurs due to ending with "/" in JIRA base URL (caused by net.oauth.OAuthProblemException: signature_invalid).
The correct request is:
java -jar rest-oauth-client-1.0.one-jar.jar requestToken https://jira_base_server_url http://your_redirctedUrl
I somehow fixed the issue by using the public that is provided in the documentation and the private key as given in the example
But still, I was unable to create an application link with private and public key generated by me.
I'm trying to get an instance of org.apache.ws.security.components.crypto.Merlin using org.apache.ws.security.components.crypto.CryptoFactory specifically the CryptoFactory.getInstance(properties) method.
This will consistantly throw
java.lang.RuntimeException: org.apache.ws.security.components.crypto.Merlin cannot create instance
which evantually is caused by
java.security.UnrecoverableKeyException: Password verification failed
The password on the keystore file has been checked with the keytool on the command line and is correct.
the keystore is generated via the following process:
Which is in the root directory of the eclipse porject.
The test applciation is as follows:
public class App {
public static void main(String[] args) throws CredentialException,
IOException {
System.out.println("Starting");
Properties p = new Properties();
p.setProperty("org.apache.ws.security.crypto.merlin.keystore.password",
"password");
p.setProperty("org.apache.ws.security.crypto.provider",
"org.apache.ws.security.components.crypto.Merlin");
p.setProperty("org.apache.ws.security.crypto.merlin.keystore.type",
"jks");
p.setProperty("org.apache.ws.security.crypto.merlin.file", "./testkeystore.jks");
Crypto crypto = CryptoFactory.getInstance(p);
System.out.println(" Complete ");
}
}
and the following exception is generated:
Exception in thread "main" java.lang.RuntimeException: org.apache.ws.security.components.crypto.Merlin cannot create instance
at org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:225)
at org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:180)
at org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:73)
at com.restart.test.cryptotest2.App.main(App.java:22)
Caused by: java.lang.reflect.InvocationTargetException
at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method)
at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57)
at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45)
at java.lang.reflect.Constructor.newInstance(Constructor.java:525)
at org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:211)
... 3 more
Caused by: org.apache.ws.security.components.crypto.CredentialException: Failed to load credentials.
at org.apache.ws.security.components.crypto.AbstractCrypto.load(AbstractCrypto.java:174)
at org.apache.ws.security.components.crypto.AbstractCrypto.<init>(AbstractCrypto.java:135)
at org.apache.ws.security.components.crypto.Merlin.<init>(Merlin.java:71)
... 8 more
Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:772)
at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55)
at java.security.KeyStore.load(KeyStore.java:1214)
at org.apache.ws.security.components.crypto.AbstractCrypto.load(AbstractCrypto.java:168)
... 10 more
Caused by: java.security.UnrecoverableKeyException: Password verification failed
at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:770)
... 13 more
The password as indicated in the cmd window is set to "password" , but by all accounts the application is rejecting it, I can change the password using keytool -storepasswd with no issues, So i know the the password I am providing is correct; can anyone suggest what may be going wrong here? I've been trying to debug this unsuccessfully for full a day now.
If there is any additional information I can provide please let me know.
edit --
the folloing maven dependency is required to build this test:
<dependency>
<groupId>org.apache.ws.security</groupId>
<artifactId>wss4j</artifactId>
<version>1.5.8</version>
<scope>provided</scope>
</dependency>
After reading the comments from User I built it against a different version of the JDK/JRE and it worked, after downloading the sources for rt.java and stepping through I found that the CryptoBase class was instantiating two JavaKeyStores, the first (being my .jks file) which instantiated fine, but the second was the cacerts keystore in jre\lib\security> which did not have the default password of changeit which was causing the failure;
I have now changed the password on the jre keystore and I'm working fine in my original jre/jdk.
I think your problem is related with libraries because stacktrace says
'org.apache.ws.security.components.crypto.Merlin cannot create instance'
it means you don't have (o have an incorrect version) of WSS4J library.