cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From frank <franks...@gmail.com>
Subject Re: Federation processing failed: Security token has been revoked -> P.S.
Date Mon, 03 Sep 2012 11:05:48 GMT
Hi Oli,

If you can tell me hoe to produce a stack trace, I will get you one. I am
not a Tomcat expert.

Cheers, Frank

Hi Frank
>
> Do you have a stacktrace from the tomcat log?
>
> Could you also share the fediz_config.xml?
>
> Thanks
> Oli
>
> ------
>
> Oliver Wulff
>
> Blog: http://owulff.blogspot.com
> Solution Architect
> http://coders.talend.com
>
> Talend Application Integration Division http://www.talend.com
>
> ________________________________________
> From: frank [franksked@gmail.com <javascript:;>]
> Sent: 02 September 2012 18:03
> To: users@cxf.apache.org <javascript:;>
> Subject: Re: Federation processing failed: Security token has been revoked
> -> P.S.
>
> Hi,
>
> The page that is returned by the fedizhelloworld application is a 401 with
> "
> *This request requires HTTP authentication ().*" as the message. This seems
> to indicate that the Fediz plugin requires authentication of the IDP, but
> because I use HTPP i.s.o. HTTPS this obviously doesn't occur.
>
> Cheers,
>
> Frank
>
> On Sun, Sep 2, 2012 at 5:59 PM, frank <franksked@gmail.com <javascript:;>>
> wrote:
>
> > HI,
> >
> > I am trying to get the Fediz plugin and the fedizhelloworld application
> to
> > work with a Microsoft WIF-based Identity Provider (SelfSTS).
> >
> > Unfortunately, I am getting the error message "Federation processing
> > failed: Security token has been revoked". The certificate that is used by
> > the IDP is self-signed and valid until 2040, so in terms of validity
> things
> > should be OK. I have imported the certificate in the sample tomcat-rp.jks
> > keystore, to make sure that the IDP is trusted.
> >
> > There is, however, a difference with respect to how the Fediz IDP/STS
> > works: my IDP doesn't use HTTPS, but HTTP. Is this what is causing the
> > error message, or should I be looking somewhere else?
> >
> > Cheers,
> >
> > Frank
> >

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message