cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From scmakhaye <scmakh...@gmail.com>
Subject Re: AW: HTTP Status 403 - Requesting security token failed
Date Wed, 07 Mar 2012 22:49:37 GMT
*Tomcat instance 2*

Mar 7, 2012 11:47:00 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:00 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /
Mar 7, 2012 11:47:00 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   No applicable constraints defined
Mar 7, 2012 11:47:00 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE:  Not subject to any constraint
Mar 7, 2012 11:47:01 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:01 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /tomcat.css
Mar 7, 2012 11:47:01 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:01 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   No applicable constraints defined
Mar 7, 2012 11:47:01 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /tomcat.png
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE:  Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE:  Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /bg-upper.png
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE:  Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /bg-nav.png
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE:  Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /bg-button.png
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /bg-middle.png
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /asf-logo.png
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE:  Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE:  Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE:  Not subject to any constraint
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /manager/html
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[Status interface]' against
GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against GET /html --> true
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[Status interface]' against
GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against GET /html --> true
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE:  Calling hasUserDataPermission()
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
hasUserDataPermission
FINE:   User data constraint has no restrictions
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE:  Calling authenticate()
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
authenticate
FINE: authenticate invoked
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
authenticate
FINE: Save request in session '46CDFE0A261E845160D624A96594A579'
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE:  Failed authenticate() test
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /fedizidp/
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   No applicable constraints defined
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE:  Not subject to any constraint




*Tomcat instance 1*

Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against PUT /html/deploy --> true
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[Status interface]' against
PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against PUT /html/deploy --> true
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[Status interface]' against
PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
hasUserDataPermission
FINE:   User data constraint has no restrictions
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.CombinedRealm authenticate
FINE: Attempting to authenticate user "admin" with realm
"org.apache.catalina.realm.UserDatabaseRealm/1.0"
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.CombinedRealm authenticate
FINE: Authenticated user "admin" with realm
"org.apache.catalina.realm.UserDatabaseRealm/1.0"
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
hasResourcePermission
FINE:   Checking roles GenericPrincipal[admin(manager-gui,)]
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase hasRole
FINE: Username admin has role manager-gui
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
hasResourcePermission
FINE: Role found:  manager-gui
Mar 7, 2012 11:42:38 PM org.apache.catalina.startup.HostConfig
checkResources
INFO: Undeploying context [/fedizidp]
Mar 7, 2012 11:42:39 PM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
C:\apache-tomcat-7.0.25\webapps\fedizidp.war
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against PUT /html/deploy --> true
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[Status interface]' against
PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against PUT /html/deploy --> true
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE:   Checking constraint 'SecurityConstraint[Status interface]' against
PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
hasUserDataPermission
FINE:   User data constraint has no restrictions
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.CombinedRealm authenticate
FINE: Attempting to authenticate user "admin" with realm
"org.apache.catalina.realm.UserDatabaseRealm/1.0"
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.CombinedRealm authenticate
FINE: Authenticated user "admin" with realm
"org.apache.catalina.realm.UserDatabaseRealm/1.0"
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
hasResourcePermission
FINE:   Checking roles GenericPrincipal[admin(manager-gui,)]
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase hasRole
FINE: Username admin has role manager-gui
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
hasResourcePermission
FINE: Role found:  manager-gui
Mar 7, 2012 11:43:33 PM org.apache.catalina.startup.HostConfig
checkResources
INFO: Undeploying context [/fedizidpsts]
Mar 7, 2012 11:43:34 PM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
C:\apache-tomcat-7.0.25\webapps\fedizidpsts.war


I did what asked ... but still it complains about certificates


can not deploy deploy fedizhelloworld it doesnt contain any files in the
folder


*
This is how the tomcat server instance 2 after deploying fediz-(core and
tomcat)*


cate
FINE: authenticate invoked
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
authenti
cate
FINE: Save request in session '46CDFE0A261E845160D624A96594A579'
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE:  Failed authenticate() test
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Security checking request GET /fedizidp/
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstrai
nts
FINE:   No applicable constraints defined
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE:  Not subject to any constraint
Mar 7, 2012 11:47:10 PM
org.apache.cxf.configuration.jsse.spring.TLSParameterJax
BUtils getKeyStore
SEVERE: Could not load keystore resource clientstore.jks
Mar 7, 2012 11:47:10 PM
org.apache.cxf.configuration.jsse.spring.TLSParameterJax
BUtils getKeyStore
SEVERE: Could not load keystore resource clientstore.jks
org.apache.cxf.service.factory.ServiceConstructionException: Failed to
create se
rvice.
        at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:94)
        at
org.apache.cxf.ws.security.trust.STSClient.createClient(STSClient.jav
a:500)
        at
org.talend.security.idp.IdpSTSClient.requestSecurityTokenResponse(Idp
STSClient.java:44)
        at
org.talend.security.idp.IdpSTSClient.requestSecurityTokenResponse(Idp
STSClient.java:39)
        at
org.talend.security.idp.IdpServlet.requestSecurityToken(IdpServlet.ja
va:218)
        at org.talend.security.idp.IdpServlet.doGet(IdpServlet.java:138)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
        at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:305)
        at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:210)
        at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:224)
        at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:169)
        at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
torBase.java:472)
        at
org.apache.fediz.tomcat.FederationAuthenticator.invoke(FederationAuth
enticator.java:199)
        at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:168)
        at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:98)
        at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:
927)
        at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:118)
        at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:407)
        at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp
11Processor.java:987)
        at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(
AbstractProtocol.java:579)
        at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoin
t.java:1600)
        at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExec
utor.java:886)
        at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor
.java:908)
        at java.lang.Thread.run(Thread.java:662)
Caused by: javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR:
Prob
lem parsing 'https://localhost:9443/wsfedidpsts/STSService?wsdl'.:
javax.net.ssl
.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path
bui
lding failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable
 to find valid certification path to requested target
        at
com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2133)

        at
com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2325)
        at
com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2357)
        at
org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.
java:244)
        at
org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.j
ava:191)
        at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:92)
        ... 24 more
Caused by: javax.net.ssl.SSLHandshakeException:
sun.security.validator.Validator
Exception: PKIX path building failed:
sun.security.provider.certpath.SunCertPath
BuilderException: unable to find valid certification path to requested
target
        at
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
        at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1
649)
        at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
        at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
        at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:1206)
        at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHa
ndshaker.java:136)
        at
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:5
93)
        at
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.jav
a:529)
        at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.j
ava:893)
        at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SS
LSocketImpl.java:1138)
        at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1165)
        at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1149)
        at
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:
434)
        at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(AbstractDelegateHttpsURLConnection.java:166)
        at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLCon
nection.java:1172)
        at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Http
sURLConnectionImpl.java:234)
        at
com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrent
Entity(XMLEntityManager.java:677)
        at
com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineD
ocVersion(XMLVersionDetector.java:186)
        at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:772)
        at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:737)
        at
com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.
java:119)
        at
com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.
java:235)
        at
com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(Doc
umentBuilderImpl.java:284)
        at
com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2123)

        ... 29 more
Caused by: sun.security.validator.ValidatorException: PKIX path building
failed:
 sun.security.provider.certpath.SunCertPathBuilderException: unable to find
vali
d certification path to requested target
        at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
        at
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.jav
a:217)
        at sun.security.validator.Validator.validate(Validator.java:218)
        at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustM
anagerImpl.java:126)
        at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:209)
        at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:249)
        at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:1185)
        ... 48 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to
 find valid certification path to requested target
        at
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCert
PathBuilder.java:174)
        at
java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
        at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
        ... 54 more
Mar 7, 2012 11:47:10 PM org.talend.security.idp.IdpServlet doGet
INFO: Requesting security token failed
org.apache.cxf.service.factory.ServiceConstructionException: Failed to
create se
rvice.
        at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:94)
        at
org.apache.cxf.ws.security.trust.STSClient.createClient(STSClient.jav
a:500)
        at
org.talend.security.idp.IdpSTSClient.requestSecurityTokenResponse(Idp
STSClient.java:44)
        at
org.talend.security.idp.IdpSTSClient.requestSecurityTokenResponse(Idp
STSClient.java:39)
        at
org.talend.security.idp.IdpServlet.requestSecurityToken(IdpServlet.ja
va:218)
        at org.talend.security.idp.IdpServlet.doGet(IdpServlet.java:138)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
        at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:305)
        at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:210)
        at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:224)
        at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:169)
        at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
torBase.java:472)
        at
org.apache.fediz.tomcat.FederationAuthenticator.invoke(FederationAuth
enticator.java:199)
        at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:168)
        at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:98)
        at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:
927)
        at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:118)
        at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:407)
        at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp
11Processor.java:987)
        at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(
AbstractProtocol.java:579)
        at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoin
t.java:1600)
        at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExec
utor.java:886)
        at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor
.java:908)
        at java.lang.Thread.run(Thread.java:662)
Caused by: javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR:
Prob
lem parsing 'https://localhost:9443/wsfedidpsts/STSService?wsdl'.:
javax.net.ssl
.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path
bui
lding failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable
 to find valid certification path to requested target
        at
com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2133)

        at
com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2325)
        at
com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2357)
        at
org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.
java:244)
        at
org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.j
ava:191)
        at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:92)
        ... 24 more
Caused by: javax.net.ssl.SSLHandshakeException:
sun.security.validator.Validator
Exception: PKIX path building failed:
sun.security.provider.certpath.SunCertPath
BuilderException: unable to find valid certification path to requested
target
        at
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
        at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1
649)
        at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
        at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
        at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:1206)
        at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHa
ndshaker.java:136)
        at
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:5
93)
        at
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.jav
a:529)
        at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.j
ava:893)
        at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SS
LSocketImpl.java:1138)
        at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1165)
        at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1149)
        at
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:
434)
        at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(AbstractDelegateHttpsURLConnection.java:166)
        at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLCon
nection.java:1172)
        at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Http
sURLConnectionImpl.java:234)
        at
com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrent
Entity(XMLEntityManager.java:677)
        at
com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineD
ocVersion(XMLVersionDetector.java:186)
        at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:772)
        at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:737)
        at
com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.
java:119)
        at
com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.
java:235)
        at
com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(Doc
umentBuilderImpl.java:284)
        at
com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2123)

        ... 29 more
Caused by: sun.security.validator.ValidatorException: PKIX path building
failed:
 sun.security.provider.certpath.SunCertPathBuilderException: unable to find
vali
d certification path to requested target
        at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
        at
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.jav
a:217)
        at sun.security.validator.Validator.validate(Validator.java:218)
        at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustM
anagerImpl.java:126)
        at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:209)
        at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:249)
        at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:1185)
        ... 48 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to
 find valid certification path to requested target
        at
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCert
PathBuilder.java:174)
        at
java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
        at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
        ... 54 more


-----

_ _ _ _ _ _ _ 

Siboniso Makhaye
--
View this message in context: http://cxf.547215.n5.nabble.com/HTTP-Status-403-Requesting-security-token-failed-tp5543684p5545896.html
Sent from the cxf-user mailing list archive at Nabble.com.

Mime
View raw message