axis-java-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From amiteshksingh <amiteshksi...@live.com>
Subject Issue in SignedSupportingTokens with IssuedToken requesting for SAML
Date Sun, 26 Jul 2009 00:48:32 GMT

Hi,
I am not finding any sample which desribes the use of signed supporting
token uses issued token and requesting for SAML. 

I would appreciate, if anybody can provide that one.

I am using the below policy

<sp:SignedSupportingTokens
xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
					<wsp:Policy>
						<sp:IssuedToken
sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient">
							<Issuer xmlns="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy">
								<Address
xmlns="http://www.w3.org/2005/08/addressing">http://localhost:8090/axis2/services/STS</Address>
							    <Metadata xmlns="http://www.w3.org/2005/08/addressing">
                                    <mex:Metadata
                                       
xmlns:mex="http://schemas.xmlsoap.org/ws/2004/09/mex"
                                       
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance">
                                        <mex:MetadataSection
Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex">
                                            <mex:MetadataReference>
                                                <Address
                                                   
xmlns="http://www.w3.org/2005/08/addressing">http://localhost:8090/axis2/services/mex</Address>
                                            </mex:MetadataReference>
                                        </mex:MetadataSection>
                                    </mex:Metadata>
                                </Metadata>
		</Issuer>
		<sp:RequestSecurityTokenTemplate>
			<t:TokenType
xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</t:TokenType>
			<t:KeyType
xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">http://schemas.xmlsoap.org/ws/2005/02/trust/PublicKey</t:KeyType>
			<t:KeySize
xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust">256</t:KeySize>
			<t:CanonicalizationAlgorithm 
xmlns:t="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://www.w3.org/2001/10/xml-exc-c14n#</t:CanonicalizationAlgorithm>

                                <t:EncryptionAlgorithm
xmlns:t="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://www.w3.org/2001/04/xmlenc#aes256-cbc</t:EncryptionAlgorithm>

                                <t:EncryptWith
xmlns:t="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://www.w3.org/2001/04/xmlenc#aes256-cbc</t:EncryptWith>

                                <t:SignWith
xmlns:t="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://www.w3.org/2000/09/xmldsig#hmac-sha1</t:SignWith>

		</sp:RequestSecurityTokenTemplate>

	<wsp:Policy>
		<sp:RequireDerivedKeys/> 
								<sp:RequireInternalReference/>
	</wsp:Policy>
	</sp:IssuedToken>
											</wsp:Policy>
</sp:SignedSupportingTokens>

but I am not able to get the saml assetion. I am getting the below error

Exception in thread "main" org.apache.axis2.AxisFault: Error in signature
with a custom token
	at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:70)
	at org.apache.axis2.engine.Phase.invoke(Phase.java:317)
	at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264)
	at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:429)
	at
org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:401)
	at
org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228)
	at
org.apache.axis2.client.OperationClient.execute(OperationClient.java:163)
	at
org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:548)
	at
org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:528)
	at com.accenture.apsp.security.Client.main(Client.java:82)
Caused by: org.apache.rampart.RampartException: Error in signature with a
custom token
	at
org.apache.rampart.builder.BindingBuilder.doSymmSignature(BindingBuilder.java:683)
	at
org.apache.rampart.builder.SymmetricBindingBuilder.doSignBeforeEncrypt(SymmetricBindingBuilder.java:504)
	at
org.apache.rampart.builder.SymmetricBindingBuilder.build(SymmetricBindingBuilder.java:90)
	at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:144)
	at org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:64)
	... 9 more
Caused by: org.apache.ws.security.WSSecurityException: Signature creation
failed; nested exception is: 
	org.apache.xml.security.signature.XMLSignatureException: Id not found
Original Exception was
org.apache.xml.security.signature.ReferenceNotInitializedException: Id not
found
Original Exception was
org.apache.xml.security.signature.ReferenceNotInitializedException: Id not
found
Original Exception was
org.apache.xml.security.signature.ReferenceNotInitializedException: Id not
found
Original Exception was
org.apache.xml.security.utils.resolver.ResourceResolverException: Id not
found
	at
org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:683)
	at
org.apache.rampart.builder.BindingBuilder.doSymmSignature(BindingBuilder.java:665)
	... 13 more
Caused by: org.apache.xml.security.signature.XMLSignatureException: Id not
found
Original Exception was
org.apache.xml.security.signature.ReferenceNotInitializedException: Id not
found
Original Exception was
org.apache.xml.security.signature.ReferenceNotInitializedException: Id not
found
Original Exception was
org.apache.xml.security.signature.ReferenceNotInitializedException: Id not
found
Original Exception was
org.apache.xml.security.utils.resolver.ResourceResolverException: Id not
found
	at org.apache.xml.security.signature.XMLSignature.sign(Unknown Source)
	at
org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:677)
	... 14 more
-- 
View this message in context: http://www.nabble.com/Issue-in-SignedSupportingTokens-with-IssuedToken-requesting-for-SAML-tp24663093p24663093.html
Sent from the Axis - User mailing list archive at Nabble.com.


Mime
View raw message