cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From danlee100 <danlee1...@yahoo.com>
Subject Re: General security error (Provided SAML token does not contain a suitable key)
Date Tue, 15 Nov 2011 17:36:54 GMT
Here is the SAML token that is causing the error "General security error
(Provided SAML token does not contain a suitable key)".


<?xml version="1.0"?>
<saml:Assertion xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
MajorVersion="1" MinorVersion="1"
AssertionID="_2bea327c-8791-4bd2-9f98-5690c0c6a83b" Issuer="BLISTS"
IssueInstant="2011-11-09T22:47:38.202Z">
  <saml:Conditions NotBefore="2011-11-09T22:47:38.124Z"
NotOnOrAfter="2011-11-09T23:47:38.124Z">
    <saml:AudienceRestrictionCondition>
     
<saml:Audience>http://66.211.102.200/gen4/services/AssessmentDataService</saml:Audience>
    </saml:AudienceRestrictionCondition>
  </saml:Conditions>
  <saml:AttributeStatement>
    <saml:Subject>
      <saml:SubjectConfirmation>
       
<saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:holder-of-key</saml:ConfirmationMethod>
        <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
          <trust:BinarySecret
xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512">sYjbfcODXJg0oBL0EPlCMlUJ2SZnjk/51e2rDs+2e+E=</trust:BinarySecret>
        </KeyInfo>
      </saml:SubjectConfirmation>
    </saml:Subject>
    <saml:Attribute AttributeName="Name"
AttributeNamespace="http://www.bli.org/claims">
      <saml:AttributeValue>roccbufalino1</saml:AttributeValue>
    </saml:Attribute>
    <saml:Attribute AttributeName="IDNamespace"
AttributeNamespace="http://www.bli.org/claims">
     
<saml:AttributeValue>http://www.bli.org/Rocketship/</saml:AttributeValue>
    </saml:Attribute>
    <saml:Attribute AttributeName="ID"
AttributeNamespace="http://www.bli.org/claims">
      <saml:AttributeValue>123111111111111111111</saml:AttributeValue>
    </saml:Attribute>
  </saml:AttributeStatement>
  <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#">
    <ds:SignedInfo>
      <ds:CanonicalizationMethod
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
      <ds:SignatureMethod
Algorithm="http://www.w3.org/2001/04/xmldsig-more#rsa-sha256"/>
      <ds:Reference URI="#_2bea327c-8791-4bd2-9f98-5690c0c6a83b">
        <ds:Transforms>
          <ds:Transform
Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"/>
          <ds:Transform
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"/>
        </ds:Transforms>
        <ds:DigestMethod
Algorithm="http://www.w3.org/2001/04/xmlenc#sha256"/>
       
<ds:DigestValue>1cIz27KwzN0gwLkDSLolHTxaAMQ19YsVcF3eV1sA/68=</ds:DigestValue>
      </ds:Reference>
    </ds:SignedInfo>
   
<ds:SignatureValue>t1vCq6MWMWupEDcfv/8b+FOCcb8bi7gIbBNM9XCLsIjm20xMPla5u43DjPaRb2+rPdnlVeNt/s/8Id/zxvPmBqIohdJY3ZeAC0/i+DLV+8tMdA/q6azSUjgZHKniUtqPjH6B5aLYm3niwkqivwhWCcl3txVjfbtjoxDTUmMendaDxZ80zHmIy73vzf1nNo+SokdGvwEbQY8RKSYXnUoXXP2oAkyUSG2efr/41eXkeOd+nLdCWLKEhDJCWYNEs1KlneJclh9Fu15DRmnihjeV3eFDFy1xmIXQ8IiVI+78CYvcPN7HMDSKOkDSQs3DmNQaamlxTYkMN0AMYwwEhcyWsA==</ds:SignatureValue>
    <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#">
      <X509Data>
       
<X509Certificate>MIIC5DCCAcygAwIBAgIQbDQulAkeX7ROQqIwV6TAHDANBgkqhkiG9w0BAQUFADAWMRQwEgYDVQQDEwtTVFNUZXN0Q2VydDAeFw0xMTAzMzAxNTA4NDJaFw0xMjAzMjkyMTA4NDJaMBYxFDASBgNVBAMTC1NUU1Rlc3RDZXJ0MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu56LAvEEYI7mI85ufyLS8MjuU5uPlgH9FUtE/YxPNIwsRe8+GZcXWHefuU0MV6m06K4GMeUq2i4E0ciKTsqnQhs0eqHt3WgH8uaF7DAz6sxzLpbUYWG7sGq0v3oanYv0S3+cfWyERvwYpdTmzqRRTNLRv371FIycc13LF67ZvpXZKEl0rkSfL8p6O6KHPQz5CduP3N+/3pjTsKsl/iNjM8K3Vi1MCb5lWeCBBig7yT9ICwWCkkDJpGJsksCanw8uM4eoRP3aY41EtPnA8Gvt5qVTMnn2JJGgxklegVUmsYtbBiziJCNWIa9loTEg5MbrzhQ5WSptV4HTviCSFqAPgwIDAQABoy4wLDALBgNVHQ8EBAMCBPAwHQYDVR0OBBYEFCAC194orTY0yHGxY/O+5fm+GHtjMA0GCSqGSIb3DQEBBQUAA4IBAQC4fo83cVW+Q8kNhn9bWSh9hOynuv1mTNPtgAxS37fifziexnK+LYe4uQNzAuGlgusxwQS1izSP5S3dRyOjzqrT+H4ZBeWwX9rTkmlyOtnGQIwyA5jwDeRqcPMgU9XJf5NwA2W88lJDTijRNIG6RCBQcusflqc4/DvYZmRlRX8XGjgOwf4Zw4pATMfA67CG/NDJXPbTHqTbJihdWjJXQODjocU1KabAXlIxPkwJFh8cf1dRDvYN3xVOmjgHpQ82G6RA4TXdTJKcU0yO8PHsVrOGmjYjDbVgThHRdzLvpBZG6ZD0O/i8C2gavoguIgRBnBCT4b4DEDLfVnebApzIFnVl</X509Certificate>
      </X509Data>
    </KeyInfo>
  </ds:Signature>
</saml:Assertion>


--
View this message in context: http://cxf.547215.n5.nabble.com/Re-General-security-error-Provided-SAML-token-does-not-contain-a-suitable-key-tp4990489p4995094.html
Sent from the cxf-dev mailing list archive at Nabble.com.

Mime
View raw message