cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Colm O hEigeartaigh (JIRA)" <j...@apache.org>
Subject [jira] Commented: (CXF-3156) Have web service client cache SAML tokens used in SOAP calls
Date Mon, 20 Dec 2010 17:42:01 GMT

    [ https://issues.apache.org/jira/browse/CXF-3156?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12973273#action_12973273
] 

Colm O hEigeartaigh commented on CXF-3156:
------------------------------------------


I have fixed this problem in WSS4J:

https://issues.apache.org/jira/browse/WSS-260

Colm.

> Have web service client cache SAML tokens used in SOAP calls
> ------------------------------------------------------------
>
>                 Key: CXF-3156
>                 URL: https://issues.apache.org/jira/browse/CXF-3156
>             Project: CXF
>          Issue Type: Wish
>            Reporter: Glen Mazza
>         Attachments: 20101129DoubleItMetroWSTrust.zip
>
>
> Metro web service providers (and perhaps others) return references to SAML Tokens provided
by the client during the SOAP call, but do not return the tokens themselves (nor is apparent
that they should.)  Presently Metro clients but not CXF clients can process these responses.
 A CXF client attempting to process a Metro response (sample one here[1]) returns this error,
saying it cannot find the token:
> [INFO] Nov 29, 2010 3:14:33 PM org.apache.cxf.service.factory.ReflectionServiceFactoryBean
buildServiceFromWSDL
> [INFO] INFO: Creating Service {http://www.example.org/contract/DoubleIt}DoubleItService
from WSDL: file:/media/NewDriveExt3/soperawork/DoubleItMetroWSTrust/client-cxf/src/main/resources/DoubleItService.wsdl
> [INFO] Nov 29, 2010 3:14:34 PM org.apache.cxf.ws.policy.AssertionBuilderRegistryImpl
build
> [INFO] WARNING: No assertion builder for type {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}RequireInternalReference
registered.
> [INFO] Nov 29, 2010 3:14:35 PM org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor handleMessage
> [INFO] WARNING: 
> [INFO] org.apache.ws.security.WSSecurityException: Referenced security token could not
be retrieved (Reference "#uuid-88b8189f-9616-48f4-9ea8-ac2b7703baed")
> [INFO] 	at org.apache.ws.security.message.token.SecurityTokenReference.getKeyIdentifierTokenElement(SecurityTokenReference.java:200)
> [INFO] 	at org.apache.ws.security.processor.ReferenceListProcessor.getKeyFromSecurityTokenReference(ReferenceListProcessor.java:356)
> [INFO] 	at org.apache.ws.security.processor.ReferenceListProcessor.decryptDataRefEmbedded(ReferenceListProcessor.java:162)
> [INFO] 	at org.apache.ws.security.processor.ReferenceListProcessor.handleReferenceList(ReferenceListProcessor.java:113)
> [INFO] 	at org.apache.ws.security.processor.ReferenceListProcessor.handleToken(ReferenceListProcessor.java:76)
> [INFO] 	at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:328)
> [INFO] 	at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:245)
> [INFO] 	at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:208)
> [INFO] 	at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:78)
> [INFO] 	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247)
> [INFO] 	at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:733)
> [INFO] 	at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:2201)
> [INFO] 	at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:2071)
> [INFO] 	at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1925)
> [INFO] 	at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
> [INFO] 	at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:662)
> [INFO] 	at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
> [INFO] 	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247)
> [INFO] 	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
> [INFO] 	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
> [INFO] 	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
> [INFO] 	at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
> [INFO] 	at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
> [INFO] 	at $Proxy24.doubleIt(Unknown Source)
> [INFO] 	at client.WSClient.doubleIt(WSClient.java:17)
> [INFO] 	at client.WSClient.main(WSClient.java:11)
> [INFO] Nov 29, 2010 3:14:35 PM org.apache.cxf.phase.PhaseInterceptorChain doDefaultLogging
> [INFO] WARNING: Interceptor for {http://www.example.org/contract/DoubleIt}DoubleItService#{http://www.example.org/contract/DoubleIt}DoubleIt
has thrown exception, unwinding now
> [INFO] org.apache.cxf.binding.soap.SoapFault: Referenced security token could not be
retrieved (Reference "#uuid-88b8189f-9616-48f4-9ea8-ac2b7703baed")
> [INFO] 	at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:597)
> [INFO] 	at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:268)
> [INFO] 	at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:78)
> [INFO] 	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247)
> [INFO] 	at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:733)
> [INFO] 	at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:2201)
> [INFO] 	at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:2071)
> [INFO] 	at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1925)
> [INFO] 	at org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
> [INFO] 	at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:662)
> [INFO] 	at org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
> [INFO] 	at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:247)
> [INFO] 	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:516)
> [INFO] 	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:313)
> [INFO] 	at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:265)
> [INFO] 	at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:73)
> [INFO] 	at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:124)
> [INFO] 	at $Proxy24.doubleIt(Unknown Source)
> [INFO] 	at client.WSClient.doubleIt(WSClient.java:17)
> [INFO] 	at client.WSClient.main(WSClient.java:11)
> Part of the problem MAY be that Metro prefixes the Assertion key with a "#" indicating
the token is within the message body.  A bug report has been sent to them on this issue[2],
however I believe CXF would presently fail even if the "#" was not there, as the client-side
storage/retrieval of SAML tokens is not yet in place.
> [1] https://issues.apache.org/jira/secure/attachment/12460040/WSS238Results.txt
> [2] http://java.net/jira/browse/WSIT-1490

-- 
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.


Mime
View raw message