cxf-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: KerberosTokenTest
Date Wed, 24 Apr 2013 09:03:00 GMT
The tests that are failing are all the tests that require you to perform an
additional step. Uncomment the following bean + reference in the server.xml:

 <!-- <bean id="kerberosTicketDecoderImpl"

class="org.apache.cxf.systest.ws.kerberos.server.KerberosTokenDecoderImpl"/>-->

<!--<property name="kerberosTokenDecoder"
ref="kerberosTicketDecoderImpl"/>-->

Then you need to download the KerberosTokenDecoderImpl referenced in my
blog entry and put it in that directory.

See section 1.1 here:

http://coheigea.blogspot.ie/2011/10/using-kerberos-with-web-services-part.html

Colm.


On Wed, Apr 24, 2013 at 8:10 AM, Jim Ma <mail2jimma@gmail.com> wrote:

> Hi Colm,
> After corrected  my localhost setting and re-configured the kerberos
> server , I got 6 tests passed. And there are still 7 failures (attached
> please see the test log):
>
> Tests in error:
>   KerberosTokenTest.testKerberosOverSymmetricProtection:285 » SOAPFault
> The sign...
>   KerberosTokenTest.testKerberosOverTransportEndorsing:235 » SOAPFault The
> signa...
>   KerberosTokenTest.testKerberosOverSymmetricEndorsingEncrypted:400 »
> SOAPFault ...
>   KerberosTokenTest.testKerberosOverAsymmetricEndorsing:260 » SOAPFault
> The sign...
>   KerberosTokenTest.testKerberosOverAsymmetricSignedEndorsing:341 »
> SOAPFault Th...
>   KerberosTokenTest.testKerberosOverSymmetricDerivedProtection:311 »
> SOAPFault G...
>   KerberosTokenTest.testKerberosOverSymmetricSignedEndorsingEncrypted:430
> » SOAPFault
>
>
>
> Looks the kerberos server works. What else do you think I need to check ?
>
> Thanks,
> Jim
>
>
> On Tue, Apr 23, 2013 at 5:16 PM, Jim Ma <mail2jimma@gmail.com> wrote:
>
>> Yes. I ran it with "mvn test -Dtest=KerberosTokenTest
>> -Djava.security.auth.login.config=src/test/resources/kerberos.jaas" under
>> trunk/systests/ws-security.  It might be something wrong with my
>> environment. Let me have a look.
>> Thanks,
>> Jim
>>
>>
>> On Tue, Apr 23, 2013 at 5:11 PM, Colm O hEigeartaigh <coheigea@apache.org
>> > wrote:
>>
>>>
>>> How are you running the test? Are you passing
>>> "-Djava.security.auth.login.config=src/test/resources/kerberos.jaas"? It
>>> works fine for me on trunk with both JDK 1.6 + 1.7.
>>>
>>> Colm.
>>>
>>>
>>> On Tue, Apr 23, 2013 at 7:56 AM, Jim Ma <mail2jimma@gmail.com> wrote:
>>>
>>>> Hi Colm,
>>>>
>>>> After I setup the Kerboros server and ran the KerberosTokenTest
>>>> following
>>>> the guide, I hit this No CallbackHandler error. It looks we didn't pass
>>>> the
>>>> handler to KerberosClient.  I ran it with JDK7, is there anything else I
>>>> need to configure?
>>>>
>>>>
>>>> testKerberosOverTransport(org.apache.cxf.systest.ws.kerberos.KerberosTokenTest)
>>>>   Time elapsed: 0.434 sec  <<< ERROR!
>>>> javax.xml.ws.soap.SOAPFaultException: General security error (An error
>>>> occurred
>>>>  in trying to obtain a TGT: No CallbackHandler available to garner
>>>> authenticati
>>>> on information from the user)
>>>>     at
>>>> com.sun.security.auth.module.Krb5LoginModule.promptForPass(Krb5Login
>>>> Module.java:856)
>>>>     at
>>>> com.sun.security.auth.module.Krb5LoginModule.attemptAuthentication(K
>>>> rb5LoginModule.java:715)
>>>>     at
>>>> com.sun.security.auth.module.Krb5LoginModule.login(Krb5LoginModule.j
>>>> ava:580)
>>>>     at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
>>>>     at
>>>> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl
>>>> .java:57)
>>>>     at
>>>> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcce
>>>> ssorImpl.java:43)
>>>>     at java.lang.reflect.Method.invoke(Method.java:601)
>>>>     at
>>>> javax.security.auth.login.LoginContext.invoke(LoginContext.java:784)
>>>>     at
>>>> javax.security.auth.login.LoginContext.access$000(LoginContext.java:203)
>>>>     at
>>>> javax.security.auth.login.LoginContext$4.run(LoginContext.java:698)
>>>>     at
>>>> javax.security.auth.login.LoginContext$4.run(LoginContext.java:696)
>>>>     at java.security.AccessController.doPrivileged(Native Method)
>>>>     at
>>>> javax.security.auth.login.LoginContext.invokePriv(LoginContext.java:695)
>>>>     at
>>>> javax.security.auth.login.LoginContext.login(LoginContext.java:594)
>>>>     at
>>>>
>>>> org.apache.ws.security.message.token.KerberosSecurity.retrieveServiceTicket(KerberosSecurity.java:133)
>>>>     at
>>>>
>>>> org.apache.cxf.ws.security.kerberos.KerberosClient.requestSecurityToken(KerberosClient.java:135)
>>>>     at
>>>>
>>>> org.apache.cxf.ws.security.policy.interceptors.KerberosTokenInterceptorProvider$KerberosTokenOutInterceptor.handleMessage(Ke
>>>> rberosTokenInterceptorProvider.java:114)
>>>>     at
>>>>
>>>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)
>>>>     at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:530)
>>>>     at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:463)
>>>>     at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:366)
>>>>     at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:319)
>>>>     at
>>>> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
>>>>     at
>>>> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:133)
>>>>     at com.sun.proxy.$Proxy43.doubleIt(Unknown Source)
>>>>     at
>>>>
>>>> org.apache.cxf.systest.ws.kerberos.KerberosTokenTest.testKerberosOverTransport(KerberosTokenTest.java:92)
>>>>
>>>>
>>>> Thanks,
>>>> Jim
>>>>
>>>
>>>
>>>
>>> --
>>> Colm O hEigeartaigh
>>>
>>> Talend Community Coder
>>> http://coders.talend.com
>>>
>>
>>
>


-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message