cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From sumit_chauhan <sumit_chau...@uhc.com>
Subject RE: SAMLToken (Signed) request failing because of WS Policy
Date Wed, 03 Apr 2013 13:04:57 GMT
CXF-2.4.6

Thanks,
Sumit

From: coheigea [via CXF] [mailto:ml-node+s547215n5725743h3@n5.nabble.com]
Sent: Wednesday, April 03, 2013 5:41 PM
To: Chauhan, Sumit K
Subject: Re: SAMLToken (Signed) request failing because of WS Policy

What version of CXF are you using?

Colm.


On Wed, Apr 3, 2013 at 11:23 AM, sumit_chauhan <[hidden email]</user/SendEmail.jtp?type=node&node=5725743&i=0>>wrote:

> I am implementing alternate authentication using UsernameToken or SAMLToken
> (Signed). I have configured below policy in my wsdl:
>
>         <wsp:Policy wsu:Id="DoubleItPlaintextPolicy">
>                 <wsp:ExactlyOne>
>                         <wsp:All>
>                                 <sp:SupportingTokens
> xmlns:sp="http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702">
>                                         <wsp:Policy>
>                                                 <sp:SamlToken
> sp:IncludeToken="
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/AlwaysToRecipient
> ">
>                                                         <wsp:Policy>
>
> <sp:WssSamlV20Token11/>
>                                                         </wsp:Policy>
>                                                 </sp:SamlToken>
>                                         </wsp:Policy>
>                                 </sp:SupportingTokens>
>                         </wsp:All>
>                         <wsp:All>
>                                 <sp:SupportingTokens>
>                                         <wsp:Policy>
>                                                 <sp:UsernameToken>
>                                                         <wsp:Policy>
>
> <sp:HashPassword/>
>                                                         </wsp:Policy>
>                                                 </sp:UsernameToken>
>                                         </wsp:Policy>
>                                 </sp:SupportingTokens>
>                         </wsp:All>
>                 </wsp:ExactlyOne>
>         </wsp:Policy>
>
> Also, I have configured the backend validators in spring beans file. I am
> able to receive requests with UsernameToken. However, SAMLToken requests
> are
> failing with below error:
>
>   <faultstring>These policy alternatives can not be satisfied:
> {
> http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SupportingTokens
> {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}SamlToken
> {http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702}UsernameToken
> </faultstring>
>
> I am attaching a sample SAML request which I am trying to handle.
> getTrustedDomainsByUserAddress_SAML_request.xml
> <
> http://cxf.547215.n5.nabble.com/file/n5725739/getTrustedDomainsByUserAddress_SAML_request.xml
> >
> Can someone please let me know the correct policy for handling this kind of
> request.
>
>
>
> --
> View this message in context:
> http://cxf.547215.n5.nabble.com/SAMLToken-Signed-request-failing-because-of-WS-Policy-tp5725739.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>



--
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

________________________________
If you reply to this email, your message will be added to the discussion below:
http://cxf.547215.n5.nabble.com/SAMLToken-Signed-request-failing-because-of-WS-Policy-tp5725739p5725743.html
To unsubscribe from SAMLToken (Signed) request failing because of WS Policy, click here<http://cxf.547215.n5.nabble.com/template/NamlServlet.jtp?macro=unsubscribe_by_code&node=5725739&code=c3VtaXRfY2hhdWhhbkB1aGMuY29tfDU3MjU3Mzl8MTgyNDk4Nzc1MA==>.
NAML<http://cxf.547215.n5.nabble.com/template/NamlServlet.jtp?macro=macro_viewer&id=instant_html%21nabble%3Aemail.naml&base=nabble.naml.namespaces.BasicNamespace-nabble.view.web.template.NabbleNamespace-nabble.view.web.template.NodeNamespace&breadcrumbs=notify_subscribers%21nabble%3Aemail.naml-instant_emails%21nabble%3Aemail.naml-send_instant_email%21nabble%3Aemail.naml>

This e-mail, including attachments, may include confidential and/or
proprietary information, and may be used only by the person or entity
to which it is addressed. If the reader of this e-mail is not the intended
recipient or his or her authorized agent, the reader is hereby notified
that any dissemination, distribution or copying of this e-mail is
prohibited. If you have received this e-mail in error, please notify the
sender by replying to this message and delete this e-mail immediately.




--
View this message in context: http://cxf.547215.n5.nabble.com/SAMLToken-Signed-request-failing-because-of-WS-Policy-tp5725739p5725750.html
Sent from the cxf-user mailing list archive at Nabble.com.

Mime
View raw message