cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Colm O hEigeartaigh <cohei...@apache.org>
Subject Re: Issue with WS-Trust using security tokens/SAML assertions
Date Fri, 13 Jun 2014 15:41:34 GMT
> <property name="wsdlLocation" value="
https://adfs.msad.lab.xxx.xxx/adfs/services/trust/mex" />

I believe that this is the problem. "wsdlLocation" is meant to point to the
actual WSDL, it is not designed to work with WS-MEX. Have a look at section
"4) Using WS-MetadataExchange (WS-MEX)" of the following link, to see how
to get the STSClient working with WS-MEX:

http://coheigea.blogspot.ie/2013/11/apache-cxf-sts-client-configuration.html

Colm.


On Wed, Jun 11, 2014 at 9:49 AM, roband915 <robert.andersson@gmx.com> wrote:

> Ok I finally got the 2.7.12-SNAPSHOT working and now I get a
> stackoverflow. I
> seems like cxf gets stuck in one of its phases.
>
> My configuration at the moment is this. Maybe I missed some configuration?
>
> <jaxws:client
>
> name="{
> http://www.example.org/contract/DoubleIt}DoubleItSymmetricIssuedTokenPort"
>                 createdFromAPI="true">
>                 <jaxws:properties>
>                         <entry key="ws-security.callback-handler"
>
> value="se.xxx.webclient.util.ClientCallbackHandler" />
>                         <entry key="ws-security.signature.properties"
> value="clientKeystore.properties" />
>                         <entry key="ws-security.signature.username"
> value="myclientkey" />
>                         <entry key="ws-security.encryption.properties"
> value="clientKeystore.properties" />
>                         <entry key="ws-security.encryption.username"
> value="sts_cert_alias" />
>                         <entry key="ws-security.sts.client">
>                                 <bean
> class="org.apache.cxf.ws.security.trust.STSClient">
>                                         <constructor-arg ref="cxf" />
>                                         <property name="wsdlLocation"
>                                                 value="
> https://adfs.msad.lab.xxx.xxx/adfs/services/trust/mex" />
>                                         <property name="serviceName"
>
> value="{
> http://schemas.microsoft.com/ws/2008/06/identity/securitytokenservice}SecurityTokenService
> "
> />
>                                         <property name="endpointName"
>
> value="{
> http://schemas.microsoft.com/ws/2008/06/identity/securitytokenservice}IssuedTokenWSTrustBinding_IWSTrust13Async
> "
> />
>                                         <property name="properties">
>                                                 <map>
>                                                         <entry
> key="ws-security.username" value="alice" />
>                                                         <entry
> key="ws-security.callback-handler"
>
> value="se.migrationsverket.webclient.util.ClientCallbackHandler" />
>                                                         <entry
> key="ws-security.encryption.properties"
> value="clientKeystore.properties" />
>                                                         <entry
> key="ws-security.encryption.username" value="sts_cert_alias"
> />
>                                                         <entry
> key="ws-security.sts.token.username" value="sts_cert_alias" />
>                                                         <entry
> key="ws-security.sts.token.properties"
> value="clientKeystore.properties" />
>                                                 </map>
>                                         </property>
>                                 </bean>
>                         </entry>
>                 </jaxws:properties>
>         </jaxws:client>
>
>
> If we look at the line where everything fails it's line 272 in
> PhaseInterceptorChain.java
> That lines say: currentInterceptor.handleMessage(message);
> This all happens inside a while-loop:
>
> while (state == State.EXECUTING && iterator.hasNext()) {
>       ...
>       currentInterceptor.handleMessage(message);
>       ...
> }
>
> What is really happening here? Is cxf know trying to communicate with my
> adfs when something wrong happens? No soap message is being sent to the
> adfs
> as far as I can tell.
>
>
>
> --
> View this message in context:
> http://cxf.547215.n5.nabble.com/Issue-with-WS-Trust-using-security-tokens-SAML-assertions-tp5744142p5744967.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message