cxf-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From jsmith828 <jeffrey_sm...@putnam.com>
Subject Getting a server error trying to read SAML assertion
Date Fri, 24 Jul 2015 20:04:38 GMT
Hi,

I have CXF JAX-RS application running on Tomcat and I am trying to implement
SAML security.  The payload for the service is JSON so I thought it might be
best if I use the Authorization header to send a signed SAML assertion to
the server.  On the client I used the SamlHeaderOutInterceptor with a custom
SamlCallbackHandler to actually create and sign the assertion.  When I
execute a request to my service through my client using Membrane I can see
that the header is present:

Authorization: SAML PHNhbWwyOkFzc2VydGlvbiBJRD0...

I turned off deflation so I could even paste it into Notepad++ and base64
decode it to see the contents.  Everything looks fine.  However when the
request reaches the server I get a very obscure error from the
SamlHeaderInHandler or more specifically the AbstractSamlInHandler.  Here is
the error:

24-Jul-2015 15:27:42.429 WARNING [http-nio-8080-exec-8]
org.apache.cxf.rs.security.saml.AbstractSamlInHandler.throwFault Assertion
can not be read as
XML document
24-Jul-2015 15:27:42.430 WARNING [http-nio-8080-exec-8]
org.apache.cxf.jaxrs.impl.WebApplicationExceptionMapper.toResponse
javax.ws.rs.NotAuthorizedEx
ception: HTTP 401 Unauthorized
        at
org.apache.cxf.jaxrs.utils.SpecExceptions.toNotAuthorizedException(SpecExceptions.java:94)
        at
org.apache.cxf.jaxrs.utils.ExceptionUtils.toNotAuthorizedException(ExceptionUtils.java:130)
        at
org.apache.cxf.rs.security.saml.AbstractSamlInHandler.throwFault(AbstractSamlInHandler.java:264)
        at
org.apache.cxf.rs.security.saml.AbstractSamlInHandler.readToken(AbstractSamlInHandler.java:107)
        at
org.apache.cxf.rs.security.saml.AbstractSamlInHandler.validateToken(AbstractSamlInHandler.java:96)
        at
org.apache.cxf.rs.security.saml.AbstractSamlBase64InHandler.handleToken(AbstractSamlBase64InHandler.java:53)
        at
org.apache.cxf.rs.security.saml.SamlHeaderInHandler.filter(SamlHeaderInHandler.java:52)

Again the assertion looks perfectly fine and the XML well-formed.  I was
hoping someone might have encountered this problem before and have a
solution.  Thanks in advance.




--
View this message in context: http://cxf.547215.n5.nabble.com/Getting-a-server-error-trying-to-read-SAML-assertion-tp5759446.html
Sent from the cxf-user mailing list archive at Nabble.com.

Mime
View raw message