I am facing issue with jClouds AzureBlob API with put operation
context = new BlobStoreContextFactory().createContext(
this.storageType,
this.storageAccount,
this.primaryAccessKey);
BlobStore blobStore = context.getBlobStore();
Blob blob = blobStore.blobBuilder(fileName).payload(content).build(); //$NON-NLS-1$
blobStore.putBlob(this.containerName, blob);
I am setting primary access key from manage access key -> Primary access key for my storage account.
It gives me following error
org.jclouds.http.HttpResponseException: java.lang.RuntimeException: Unexpected error: java.security.InvalidAlgorithmParameterException: the trustAnchors parameter must be non-empty connecting to PUT https://mypackages.blob.core.windows.net/mycontainer/ERROR/error_20130717022518962.xml HTTP/1.1
at org.jclouds.http.internal.BaseHttpCommandExecutorService$HttpResponseCallable.call(BaseHttpCommandExecutorService.java:173)
at org.jclouds.http.internal.BaseHttpCommandExecutorService$HttpResponseCallable.call(BaseHttpCommandExecutorService.java:130)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)[:1.6.0_43]
at java.util.concurrent.FutureTask.run(FutureTask.java:138)[:1.6.0_43]
at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:895)[:1.6.0_43]
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:918)[:1.6.0_43]
at java.lang.Thread.run(Thread.java:662)[:1.6.0_43]
at org.jclouds.concurrent.config.ExecutorServiceModule$DescribingExecutorService.submit(ExecutorServiceModule.java:184)
at org.jclouds.http.internal.BaseHttpCommandExecutorService.submit(BaseHttpCommandExecutorService.java:127)
at org.jclouds.http.TransformingHttpCommandExecutorServiceImpl.submit(TransformingHttpCommandExecutorServiceImpl.java:54)
at org.jclouds.http.TransformingHttpCommandImpl.execute(TransformingHttpCommandImpl.java:73)
at org.jclouds.rest.internal.AsyncRestClientProxy.createListenableFutureForHttpRequestMappedToMethodAndArgs(AsyncRestClientProxy.java:198)
at org.jclouds.rest.internal.AsyncRestClientProxy.invoke(AsyncRestClientProxy.java:134)
at com.sun.proxy.$Proxy295.putBlob(Unknown Source)
at sun.reflect.GeneratedMethodAccessor107.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[:1.6.0_43]
at java.lang.reflect.Method.invoke(Method.java:597)[:1.6.0_43]
at org.jclouds.concurrent.internal.SyncProxy.invoke(SyncProxy.java:137)
at com.sun.proxy.$Proxy296.putBlob(Unknown Source)
at org.jclouds.azureblob.blobstore.AzureBlobStore.putBlob(AzureBlobStore.java:194)
at sun.reflect.GeneratedMethodAccessor105.invoke(Unknown Source)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[:1.6.0_43]
at java.lang.reflect.Method.invoke(Method.java:597)[:1.6.0_43]
at com.google.inject.internal.DelegatingInvocationHandler.invoke(DelegatingInvocationHandler.java:37)
at com.sun.proxy.$Proxy287.putBlob(Unknown Source)
In above stack trace "ERROR/error_20130717022518962.xml " is the file I am trying to put on the blob storage.
Any clue, how to resolve this?
This issue has been resolved, actually code which is invoking ReST PUT for azure blob storage.
was somehow not able to load java default trust-store.
By adding below line to load default cacert
System.setProperty("javax.net.ssl.trustStore",PATH_TO_CACERT);
System.setProperty("javax.net.ssl.trustStorePassword",PASSWORD);
Related
I'm trying to write a Java application for digitally signing documents using a bit4Id miniLector token.
I'm in a Linux development environment.
The token is correctly installed, I can sign my documents also with the app downloaded from the manufacturer, but I have to write a new one for other purposes. The driver used is located at
/usr/lib/x86_64-linux-gnu/engines-1.1/pkcs11.so
I'm stuck with this error:
/usr/lib/jvm/jdk1.8.0_111/bin/java ...
Exception in thread "main" java.security.ProviderException: Initialization failed
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:376)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:103)
at com.itextpdf.samples.signatures.chapter02.C2_01_SignHelloWorld.main
(C2_01_SignHelloWorld.java:83)
Caused by: java.io.IOException: ERROR: C_GetFunctionList == NULL
at sun.security.pkcs11.wrapper.PKCS11.connect(Native Method)
at sun.security.pkcs11.wrapper.PKCS11.<init>(PKCS11.java:138)
at sun.security.pkcs11.wrapper.PKCS11.getInstance(PKCS11.java:151)
at sun.security.pkcs11.SunPKCS11.<init>(SunPKCS11.java:313)
... 2 more
The provider is listed in $JAVA_HOME/jre/lib/security/java.security file as:
security.provider.10=sun.security.pkcs11.SunPKCS11
The code behaving this way is this:
String configFile = "/opt/bar/cfg/pkcs11.cfg";
Provider provider = new sun.security.pkcs11.SunPKCS11(configFile); <-- line 83
The needed libraries are all imported by my IDE and I have no compile/link errors.
I didn't find this exact type of error in hours of googling.
If you need any further information let me know, any kind help is very appreciated, thanks.
For visual clarity I add all missing information with respect to the original question here below
Updates
Content of the pkcs11.cfg file:
$ cat /opt/bar/cfg/pkcs11.cfg
name="bit4id miniLector-EVO"
library=/usr/lib/x86_64-linux-gnu/engines-1.1/pkcs11.so
Ok, I got it.
The problem is the driver.
Replacing
/usr/lib/x86_64-linux-gnu/engines-1.1/pkcs11.so
with
/opt/Firma4NG/System/Firma4NG_Linux/Firma4/drivers/mu-x64/libbit4xpki.so
that is one of the manufacturer's driver, now I can go further and, for example, dumping all info about the card:
Information for provider SunPKCS11-bit4id miniLector-EVO
Library info:
cryptokiVersion: 2.20
manufacturerID: bit4id srl
flags: 0
libraryDescription: bit4id PKCS#11
libraryVersion: 1.02
...
This question can be closed.
I am trying to create an application which uses jira for authentication. I am using Jira Rest api for the same. In the documentation it says to use the same public key and consumer-key to create application link as given in the doc. This works fine, and I am able to create access-token. But in java code as mentioned in this, I am not sure what should be given for private_key. I tried two methods-
Generated a random private key using rsa and provided it in place of private_key which didn't work. It gave exception telling length too long. I tried for 2048, 1024, 512, 256 and 128 bits. Everything gave same error.
Application link:
Consumer-key: hardcoded-consumer
Consumer Name: hardcoded-consumer
Public Key:
MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZDzGUGk6rElyPm0iOua0lWg84nOlhQN1gmTFTIu5WFyQFHZF6OA4HX7xATttQZ6N21yKMakuNdRvEudyN/coUqe89r3Ae+rkEIn4tCxGpJWX205xVF3Cgsn8ICj6dLUFQPiWXouoZ7HG0sPKhCLXXOvUXmekivtyx4bxVFD9Zy4SQ7IHTx0V0pZYGc6r1gF0LqRmGVQDaQSbivigH4mlVwoAO9Tfccf+V00hYuSvntU+B1ZygMw2rAFLezJmnftTxPuehqWu9xS5NVsPsWgBL7LOi3oY8lhzOYjbMKDWM6zUtpOmWJA52cVJW6zwxCxE28/592IARxlJcq14tjwYwIDAQAB
Generated private and public key pair and provided the same in application link and in code respectively. But in this case, I am unable to create access token. It is giving -
Application link:
Consumer-key: hardcoded-consumer
Consumer Name: hardcoded-consumer
Public Key:
MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQC0YjCwIfYoprq/FQO6lb3asXrx LlJFuCvtinTF5p0GxvQGu5O3gYytUvtC2JlYzypSRjVxwxrsuRcP3e641SdASwfr mzyvIgP08N4S0IFzEURkV1wp/IpH7kH41EtbmUmrXSwfNZsnQRE5SYSOhh+LcK2w yQkdgcMv11l4KoBkcwIDAQAB
Exception in thread "main" java.lang.reflect.InvocationTargetException
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:62)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
at java.lang.reflect.Method.invoke(Method.java:497)
at com.simontuffs.onejar.Boot.run(Boot.java:340)
at com.simontuffs.onejar.Boot.main(Boot.java:166)
Caused by: java.lang.RuntimeException: Failed to obtain request token
at com.atlassian.oauth.client.example.AtlassianOAuthClient.getRequestToken(AtlassianOAuthClient.java:66)
at com.atlassian.oauth.client.example.JIRAOAuthClient.main(JIRAOAuthClient.java:52)
... 6 more
Caused by: net.oauth.OAuthProblemException: signature_invalid
at net.oauth.client.OAuthResponseMessage.toOAuthProblemException(OAuthResponseMessage.java:83)
at net.oauth.client.OAuthClient.invoke(OAuthClient.java:306)
at net.oauth.client.OAuthClient.invoke(OAuthClient.java:260)
at net.oauth.client.OAuthClient.getRequestTokenResponse(OAuthClient.java:190)
at com.atlassian.oauth.client.example.AtlassianOAuthClient.getRequestToken(AtlassianOAuthClient.java:57)
Can someone explain me what should be done? Am I missing something here?
And also what is the difference between shared key, consumer key and public key?
Thanks in advance
The exception occurs due to ending with "/" in JIRA base URL (caused by net.oauth.OAuthProblemException: signature_invalid).
The correct request is:
java -jar rest-oauth-client-1.0.one-jar.jar requestToken https://jira_base_server_url http://your_redirctedUrl
I somehow fixed the issue by using the public that is provided in the documentation and the private key as given in the example
But still, I was unable to create an application link with private and public key generated by me.
I am trying to upload a file to S3 and urlencode the filename with Amazon SDK's ObjectMetadata.setContentDisposition(). The filename can contain any UTF-8 character and spaces. Right now the filename breaks on spaces and I get an error when using special case characters.
The code snippet where I use it is as follows:
ObjectMetadata fileMetadata = new ObjectMetadata();
fileMetadata.setContentLength(file.length());
fileMetadata.setContentType(metaContentType);
fileMetadata.addUserMetadata("Filename", metaFileName);
fileMetadata.setContentDisposition("attachment; filename*=UTF-8 " + URLEncoder.encode(metaFileName,"UTF-8"));
Unfortunately this does not work as excpected as I am getting the exception: "AmazonS3Exception: Status Code: 403, AWS Service: Amazon S3, AWS Request ID: 3F2C3AE3420561BA, AWS Error Code: SignatureDoesNotMatch, AWS Error Message: The request signature we calculated does not match the signature you provided. Check your key and signing method.".
The full stacktrace:
at services.AWS_S3_Uploader.AWS_S3_Upload.service(AWS_S3_Upload.java:281)
at com.sonicsw.xqimpl.service.ServiceMessageHandler.callService(ServiceMessageHandler.java:461)
at com.sonicsw.xqimpl.service.ServiceMessageHandler.handleMessageCommon(ServiceMessageHandler.java:273)
at com.sonicsw.xqimpl.service.ServiceMessageHandler.handleMessage(ServiceMessageHandler.java:136)
at com.sonicsw.xqimpl.service.XQDispatcher.onMessage(XQDispatcher.java:460)
at com.sonicsw.esb.itinerary.model.EsbStepNode.doExecute(EsbStepNode.java:296)
at com.sonicsw.esb.itinerary.model.EsbStepNode.execute(EsbStepNode.java:180)
at com.sonicsw.esb.process.model.impl.DefaultActivityNode.offerIncoming(DefaultActivityNode.java:140)
at com.sonicsw.esb.itinerary.engine.ItineraryEngine.executeProcess(ItineraryEngine.java:338)
at com.sonicsw.esb.itinerary.engine.ItineraryEngine.handleToken(ItineraryEngine.java:181)
at com.sonicsw.esb.itinerary.engine.ItineraryEngine.handleMessage(ItineraryEngine.java:171)
at com.sonicsw.xqimpl.endpoint.container.EndpointContextContainer.onMessage(EndpointContextContainer.java:116)
at com.sonicsw.xq.connector.jms.JMSEndpointMessageListener.onMessage(JMSEndpointMessageListener.java:259)
at progress.message.jimpl.Session.deliver(Session.java:3086)
at progress.message.jimpl.Session.run(Session.java:2489)
at progress.message.jimpl.Session$SessionThread.run(Session.java:2881)
Caused by: java.lang.Exception: AmazonServiceException
at services.AWS_S3_Uploader.AWS_S3.logAmazonServiceException(AWS_S3.java:340)
at services.AWS_S3_Uploader.AWS_S3.uploadObject(AWS_S3.java:280)
at services.AWS_S3_Uploader.AWS_S3_Upload.service(AWS_S3_Upload.java:263)
... 15 more
Caused by: AmazonS3Exception: Status Code: 403, AWS Service: Amazon S3, AWS Request ID: 3F2C3AE3420561BA, AWS Error Code: SignatureDoesNotMatch, AWS Error Message: The request signature we calculated does not match the signature you provided. Check your key and signing method., S3 Extended Request ID: 0AlM9giKI8hRMWG0Xc84lxXSJ8ZwUPB2DjHKddwa1oVZ4AWUzlyko7jEko9MEtwkd5Tc7xocFJw=
at com.amazonaws.http.AmazonHttpClient.handleErrorResponse(AmazonHttpClient.java:644)
at com.amazonaws.http.AmazonHttpClient.executeHelper(AmazonHttpClient.java:338)
at com.amazonaws.http.AmazonHttpClient.execute(AmazonHttpClient.java:190)
at com.amazonaws.services.s3.AmazonS3Client.invoke(AmazonS3Client.java:2979)
at com.amazonaws.services.s3.AmazonS3Client.putObject(AmazonS3Client.java:1159)
at com.amazonaws.services.s3.transfer.internal.UploadCallable.uploadInOneChunk(UploadCallable.java:97)
at com.amazonaws.services.s3.transfer.internal.UploadCallable.call(UploadCallable.java:89)
at com.amazonaws.services.s3.transfer.internal.UploadMonitor.upload(UploadMonitor.java:179)
at com.amazonaws.services.s3.transfer.internal.UploadMonitor.call(UploadMonitor.java:137)
at com.amazonaws.services.s3.transfer.internal.UploadMonitor.call(UploadMonitor.java:48)
at java.util.concurrent.FutureTask.run(FutureTask.java:262)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:745)
I am using:
Java 1.6
aws-java-sdk-1.10.2.jar
All help and suggestions are welcome.
If more information is needed, then just ask.
Br.
I don't know whether that's the reason, but the encoding used for filename* is incorrect. See http://greenbytes.de/tech/webdav/rfc6266.html#disposition.parameter.filename for the specification.
I am trying to use the Firebird embeded DB together with Hibernate, but I get the following error when trying to create the database:
Caused by: org.firebirdsql.jdbc.FBSQLException: GDS Exception. 335544344. I/O error during "CreateFile (open)" operation for file "D:\DB\FIREBIRD.FDB"
Error while trying to open file
null
at org.firebirdsql.jdbc.FBDataSource.getConnection(FBDataSource.java:123)
at org.firebirdsql.jdbc.AbstractDriver.connect(AbstractDriver.java:126)
at org.hibernate.service.jdbc.connections.internal.DriverManagerConnectionProviderImpl.getConnection(DriverManagerConnectionProviderImpl.java:204)
at org.hibernate.internal.AbstractSessionImpl$NonContextualJdbcConnectionAccess.obtainConnection(AbstractSessionImpl.java:292)
at org.hibernate.engine.jdbc.internal.LogicalConnectionImpl.obtainConnection(LogicalConnectionImpl.java:214)
... 32 more
Caused by: org.firebirdsql.gds.GDSException: I/O error during "CreateFile (open)" operation for file "D:\DB\FIREBIRD.FDB"
Error while trying to open file
null
at org.firebirdsql.gds.impl.jni.JniGDSImpl.native_isc_attach_database(Native Method)
at org.firebirdsql.gds.impl.jni.BaseGDSImpl.iscAttachDatabase(BaseGDSImpl.java:158)
at org.firebirdsql.jca.FBManagedConnection.<init>(FBManagedConnection.java:105)
at org.firebirdsql.jca.FBManagedConnectionFactory.createManagedConnection(FBManagedConnectionFactory.java:490)
at org.firebirdsql.jca.FBStandAloneConnectionManager.allocateConnection(FBStandAloneConnectionManager.java:69)
at org.firebirdsql.jdbc.FBDataSource.getConnection(FBDataSource.java:120)
... 36 more
What I have done until now:
I've set the hibernate configuration.
Driver = "org.firebirdsql.jdbc.FBDriver",
Dialect = "org.hibernate.dialect.FirebirdDialect",
Url = "jdbc:firebirdsql:embedded:D:\DB\FIREBIRD.FDB",
I have added the jaybird-full jar to my classpath.
I have added jaybird22.dll, fbembed.dll (the whole folder) to my path.
The dlls seem to be loaded since if I delete the dlls I get and exception telling me that jaybird22.dll cannot be found.
Any idea what could be wrong ?
It seems the step I was missing was creating the database file manually:
FBManager manager = new FBManager(GDSType.getType("EMBEDDED"));
manager.start();
manager.createDatabase(myDbFile, username, password);
manager.stop();
I'm running the following tutorial:
http://download.oracle.com/javase/6/docs/technotes/guides/security/jgss/tutorials/BasicClientServer.html
I'm getting the following prompts:
Connected to server localhost/127.0.0.1
Kerberos username [login]: {I enter my username here}
Kerberos password for login: {I enter my password here}
I get the following error:
Can you ascertain the root cause of this?
Exception in thread "main" GSSException: No valid credentials provided (Mechanism level: Attempt to obtain new INITIATE credentials failed! (null))
at sun.security.jgss.krb5.Krb5InitCredential.getTgt(Krb5InitCredential.java:333)
at sun.security.jgss.krb5.Krb5InitCredential.getInstance(Krb5InitCredential.java:128)
at sun.security.jgss.krb5.Krb5MechFactory.getCredentialElement(Krb5MechFactory.java:106)
at sun.security.jgss.krb5.Krb5MechFactory.getMechanismContext(Krb5MechFactory.java:172)
at sun.security.jgss.GSSManagerImpl.getMechanismContext(GSSManagerImpl.java:209)
at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:195)
at sun.security.jgss.GSSContextImpl.initSecContext(GSSContextImpl.java:162)
at demo.SampleClient.main(SampleClient.java:145)
Caused by: javax.security.auth.login.LoginException: Message stream modified (41)
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:696)
at com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.java:542)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at javax.security.auth.login.LoginContext.invoke(LoginContext.java:769)
at javax.security.auth.login.LoginContext.access$000(LoginContext.java:186)
at javax.security.auth.login.LoginContext$5.run(LoginContext.java:706)
at java.security.AccessController.doPrivileged(Native Method)
at javax.security.auth.login.LoginContext.invokeCreatorPriv(LoginContext.java:703)
at javax.security.auth.login.LoginContext.login(LoginContext.java:575)
at sun.security.jgss.GSSUtil.login(GSSUtil.java:246)
at sun.security.jgss.krb5.Krb5Util.getTicket(Krb5Util.java:136)
at sun.security.jgss.krb5.Krb5InitCredential$1.run(Krb5InitCredential.java:328)
at java.security.AccessController.doPrivileged(Native Method)
at sun.security.jgss.krb5.Krb5InitCredential.getTgt(Krb5InitCredential.java:325)
... 7 more
Caused by: KrbException: Message stream modified (41)
at sun.security.krb5.KrbKdcRep.check(KrbKdcRep.java:53)
at sun.security.krb5.KrbAsRep.<init>(KrbAsRep.java:96)
at sun.security.krb5.KrbAsReq.getReply(KrbAsReq.java:449)
at sun.security.krb5.Credentials.sendASRequest(Credentials.java:410)
at sun.security.krb5.Credentials.acquireTGT(Credentials.java:378)
at com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(Krb5LoginModule.java:662)
... 23 more
I got exceptions “Message stream modified (41)”, when the Kerberos realm didn’t match. The realm (in system property java.security.krb5.realm) has to match exactly, including upper/lower case.
I'm wondering if this is a possibility (ie even if registry key is set, locked out for local administrators):
http://cr.openjdk.java.net/~weijun/special/krb5winguide-2/raw_files/new/kwin
Known Issues
If an AD account is also added into local administrator group on the
client PC, Microsoft restricts such client from getting the session key
for tickets (even if you set the allowtgtsessionkey registry key to 1).
The workaround is: Just forget you're a logged in user, call kinit.exe.
Do not depends on LSA credential cache.
I cannot confirm that issue. I do have admin rights on my machine and still are able to obtain the session key from the LSA. You should enable full debug ouput on JGSS and the Krb5LoginModule. Share your krb5.ini and login.conf too. I hope your are aware that the above example cannot work because your client cannot obtain a ticket for a local host. It has to be a FQDN with an appropriate SPN set in the Active Directory.