I am trying to get an instance of org.apache.ws.security.components.crypto.Merlin using org.apache.ws.security.components.crypto.CryptoFactory , specifically the CryptoFactory.getInstance(properties) method.
It will constantly throw
java.lang.RuntimeException: org.apache.ws.security.components.crypto.Merlin cannot create instance
which is usually caused
java.security.UnrecoverableKeyException: Password verification failed
The password in the keystore file has been verified using keytool on the command line and is correct.
The keystore is created using the following process:
which is located in the root directory of eclipse.
The test application is as follows:
public class App { public static void main(String[] args) throws CredentialException, IOException { System.out.println("Starting"); Properties p = new Properties(); p.setProperty("org.apache.ws.security.crypto.merlin.keystore.password", "password"); p.setProperty("org.apache.ws.security.crypto.provider", "org.apache.ws.security.components.crypto.Merlin"); p.setProperty("org.apache.ws.security.crypto.merlin.keystore.type", "jks"); p.setProperty("org.apache.ws.security.crypto.merlin.file", "./testkeystore.jks"); Crypto crypto = CryptoFactory.getInstance(p); System.out.println(" Complete "); } }
and the following exception is thrown:
Exception in thread "main" java.lang.RuntimeException: org.apache.ws.security.components.crypto.Merlin cannot create instance at org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:225) at org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:180) at org.apache.ws.security.components.crypto.CryptoFactory.getInstance(CryptoFactory.java:73) at com.restart.test.cryptotest2.App.main(App.java:22) Caused by: java.lang.reflect.InvocationTargetException at sun.reflect.NativeConstructorAccessorImpl.newInstance0(Native Method) at sun.reflect.NativeConstructorAccessorImpl.newInstance(NativeConstructorAccessorImpl.java:57) at sun.reflect.DelegatingConstructorAccessorImpl.newInstance(DelegatingConstructorAccessorImpl.java:45) at java.lang.reflect.Constructor.newInstance(Constructor.java:525) at org.apache.ws.security.components.crypto.CryptoFactory.loadClass(CryptoFactory.java:211) ... 3 more Caused by: org.apache.ws.security.components.crypto.CredentialException: Failed to load credentials. at org.apache.ws.security.components.crypto.AbstractCrypto.load(AbstractCrypto.java:174) at org.apache.ws.security.components.crypto.AbstractCrypto.<init>(AbstractCrypto.java:135) at org.apache.ws.security.components.crypto.Merlin.<init>(Merlin.java:71) ... 8 more Caused by: java.io.IOException: Keystore was tampered with, or password was incorrect at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:772) at sun.security.provider.JavaKeyStore$JKS.engineLoad(JavaKeyStore.java:55) at java.security.KeyStore.load(KeyStore.java:1214) at org.apache.ws.security.components.crypto.AbstractCrypto.load(AbstractCrypto.java:168) ... 10 more Caused by: java.security.UnrecoverableKeyException: Password verification failed at sun.security.provider.JavaKeyStore.engineLoad(JavaKeyStore.java:770) ... 13 more
The password specified in the cmd window is set to "password", but the application rejects it for all accounts, I can change the password using keytool -storepasswd without problems, so I know the password that I provide correctly; can anyone suggest what might be wrong here? I tried to debug this unsuccessfully for the whole day.
If there is any additional information that I can provide, let me know.
edit -
The following maven dependency is required to build this test:
<dependency> <groupId>org.apache.ws.security</groupId> <artifactId>wss4j</artifactId> <version>1.5.8</version> <scope>provided</scope> </dependency>