cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "satyanarayana (JIRA)" <j...@apache.org>
Subject [jira] [Created] (FEDIZ-40) Can CXF Fediz IDP & RP work with SAML1.1 ?
Date Fri, 21 Dec 2012 10:41:12 GMT
satyanarayana created FEDIZ-40:
----------------------------------

             Summary: Can CXF Fediz IDP & RP work with SAML1.1 ? 
                 Key: FEDIZ-40
                 URL: https://issues.apache.org/jira/browse/FEDIZ-40
             Project: CXF-Fediz
          Issue Type: Bug
          Components: Examples
    Affects Versions: 1.0.1
         Environment: Apache Tomcat/7
OS Name: Windows XP
Architecture: x86
            Reporter: satyanarayana
             Fix For: 1.0.1


Hi,
I have tried to run the RP application configured in tomcat 7 and also configured our ADFS
server as IDP which serves STS tokens. As per WS-federation protocol, the control got redirected
to IDP/STS for authentication & in return RP received the STS. The received STS token
is SAML 1.1 version. While processing the SAML 1.1 assertion token we are getting below error
where as the same code with SAML 2.0 assertion token it works well (we have IDP/STS configured
into tomcat 7 as suggested in fediz tomcat IDP configuration).

For RP we used the same versions of jars as provided in the apache fediz release 1.0.2 

Note:As per the below reference URL, following features are supported by the Fediz plugin
1.0
WS-Federation 1.0/1.1/1.2
SAML 1.1/2.0 Tokens
For ur Reference: http://owulff.blogspot.in/2011/11/configure-tomcat-for-federation-part.html


Error:
Dec 10, 2012 3:10:46 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator auth
enticate
INFO: Trusted issuer: .*CN=www.sts.com.*
Dec 10, 2012 3:10:46 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator auth
enticate
FINE: Truststore file: D:\FasiSSOTesting\tomcat-rp\conf\tomcat-rp.jks
Dec 10, 2012 3:10:46 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator auth
enticate
FINE: Truststore password: tompass
Dec 10, 2012 3:10:47 PM org.apache.coyote.http11.Http11Processor process
SEVERE: Error processing request
java.lang.NullPointerException
        at org.apache.ws.security.saml.ext.OpenSAMLUtil.fromDom(OpenSAMLUtil.jav
a:83)
        at org.apache.ws.security.saml.ext.AssertionWrapper.<init>(AssertionWrap
per.java:137)
        at org.apache.cxf.fediz.core.saml.SAMLTokenValidator.validateAndProcessT
oken(SAMLTokenValidator.java:90)
        at org.apache.cxf.fediz.core.FederationProcessorImpl.processSignInReques
t(FederationProcessorImpl.java:155)
        at org.apache.cxf.fediz.core.FederationProcessorImpl.processRequest(Fede
rationProcessorImpl.java:75)
        at org.apache.cxf.fediz.tomcat.FederationAuthenticator.authenticate(Fede
rationAuthenticator.java:448)
        at org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
torBase.java:544)
        at org.apache.cxf.fediz.tomcat.FederationAuthenticator.invoke(Federation
Authenticator.java:235)
        at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:151)
        at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:100)
        at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:
929)
        at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:118)
        at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:405)
        at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
:269)
        at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(
AbstractProtocol.java:515)
        at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoin
t.java:302)
        at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown Source
)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
        at java.lang.Thread.run(Unknown Source)


--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message