cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Christofer Steingrefer <csteingre...@gmail.com>
Subject Re: STS and SecurityTokenReference
Date Fri, 09 Jan 2015 07:24:06 GMT
Hey,

my CXF-Version is 3.0.3.
I'm configuring the STS with a xml-file, the security policy is defined in
wsdl.
Many information came from
https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Fuse/6.0/html/Web_Services_Security_Guide/files/STS-Arch-Overview.html
The WSS4JInInterceptor is in the list and i checked that it is called
first.

Chris

2015-01-08 15:42 GMT+01:00 Colm O hEigeartaigh <coheigea@apache.org>:

> What version of CXF are you using? Also, how are you configuring security
> for the STS endpoint? Does it have a security policy in place? If not, are
> you adding WSS4JInInterceptor to the in-interceptor list?
>
> Colm.
>
> On Wed, Jan 7, 2015 at 3:13 PM, Christofer Steingrefer <
> csteingrefer@gmail.com> wrote:
>
> > Hey,
> >
> > i have a problem with my sts when i'm working with a
> > securitytokenreference. I always get the error message: The specified
> > request failed.
> >
> > Here is my request:
> > <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/">
> >    <soap:Header>
> >       <wsse:Security xmlns:wsse="
> >
> >
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> > ">
> >          <wsc:SecurityContextToken
> > wsu:Id="sctId-4B86208B4873A9675F141898652726933" xmlns:wsc="
> > http://schemas.xmlsoap.org/ws/2005/02/sc" xmlns:wsu="
> >
> >
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> > ">
> >
> >
> <wsc:Identifier>uuid:75d41d5f-f817-4f3f-888b-baed3542b566</wsc:Identifier>
> >          </wsc:SecurityContextToken>
> >       </wsse:Security>
> >    </soap:Header>
> >    <soap:Body>
> >       <wst:RequestSecurityToken xmlns:wst="
> > http://docs.oasis-open.org/ws-sx/ws-trust/200512">
> >          <wst:TokenType>http://schemas.xmlsoap.org/ws/2005/02/sc/sct
> > </wst:TokenType>
> >          <wst:RequestType>
> > http://docs.oasis-open.org/ws-sx/ws-trust/200512/Validate
> > </wst:RequestType>
> >          <wst:ValidateTarget>
> >             <wsse:SecurityTokenReference xmlns:wsse="
> >
> >
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> > ">
> >                <wsse:Reference
> > URI="#sctId-4B86208B4873A9675F141898652726933"/>
> >             </wsse:SecurityTokenReference>
> >          </wst:ValidateTarget>
> >       </wst:RequestSecurityToken>
> >    </soap:Body>
> > </soap:Envelope>
> >
> > In the class RequestParser an exception is thrown:
> > the code in line 745 the code starts like this:
> > final List<WSHandlerResult> handlerResults =
> >             CastUtils.cast((List<?>)
> > messageContext.get(WSHandlerConstants.RECV_RESULTS));
> >
> >         if (handlerResults != null && handlerResults.size() > 0) {
> > .....
> >
> > And handlerResults is always null, so if-clause fails and an exception is
> > thrown. Do you know what i can do to work with SecurityTokenReference?
> > When i replace the TokenReference by the Token, the validation works
> fine.
> >
> > Thanks,
> > Chris
> >
>
>
>
> --
> Colm O hEigeartaigh
>
> Talend Community Coder
> http://coders.talend.com
>

Mime
  • Unnamed multipart/alternative (inline, None, 0 bytes)
View raw message