cxf-issues mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Glen Mazza (JIRA)" <j...@apache.org>
Subject [jira] [Commented] (CXF-4457) Extend WS-SecureConversation to support SAML Assertions for authentication
Date Mon, 10 Jun 2013 21:00:21 GMT

    [ https://issues.apache.org/jira/browse/CXF-4457?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13679903#comment-13679903
] 

Glen Mazza commented on CXF-4457:
---------------------------------

No, it doesn't work, using the testcase above (cxf_sts_sample with WSP WSDL changed as described--the
same WS-SecConv WSDL that metro_sts_tutorial uses) I get this message from the initial call
from the WSC to the STS (WSP not even accessed before this error): 

Exception in thread "main" javax.xml.ws.soap.SOAPFaultException: Action http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/SCT
not supported
	at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:155)
	at $Proxy26.doubleIt(Unknown Source)
	at client.WSClient.doubleIt(WSClient.java:18)
	at client.WSClient.main(WSClient.java:11)
Caused by: org.apache.cxf.binding.soap.SoapFault: Action http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/SCT
not supported

However, my cxf_sts_sample works fine without a change (i.e., no WS-SecConv.)  Does my client
config (https://github.com/gmazza/blog-samples/blob/master/cxf_sts_tutorial/client/src/main/resources/cxf.xml)
need to change as a result of using WS-SecConv?  With Metro at least, only the WSP WSDL needs
changing.
                
> Extend WS-SecureConversation to support SAML Assertions for authentication
> --------------------------------------------------------------------------
>
>                 Key: CXF-4457
>                 URL: https://issues.apache.org/jira/browse/CXF-4457
>             Project: CXF
>          Issue Type: Improvement
>          Components: WS-* Components
>            Reporter: Glen Mazza
>
> Hi, as shown for GlassFish Metro:
> https://gist.github.com/3191480 
> Support the following authentication mechanism:
> 1.) The WSC gets a SAML assertion from the STS.
> 2.) The WSC sends that SAML assertion to the WSP to get the SCT from the WSP
> 3.) All subsequent real calls for doubled numbers between WSC and WSP use the SCT and
not the SAML assertion.
> Here is a Netbeans-generated WSDL for this scenario:
> https://github.com/gmazza/blog-samples/blob/master/cxf_sts_tutorial/service/src/main/resources/DoubleItSecrConv.txt
> A sample testcase that can be used (steps to use: update WSP WSDL with the one above,
run mvn clean install tomcat7:redeploy from base folder, then mvn exec:exec from client folder):
https://github.com/gmazza/blog-samples/tree/master/cxf_sts_tutorial

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Mime
View raw message