Hi all, I have tested the samples of RC2 and I have encountered a problem in sample 05. The response is:
<?xml version="1.0" encoding="UTF-8"?> <soapenv:Envelope xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";> <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing";> <wsa:Action>http://www.w3.org/2005/08/addressing/soap/fault</wsa:Action> <wsa:RelatesTo>urn:uuid:DC6CBC0805A79583451210760374233</wsa:RelatesTo> </soapenv:Header> <soapenv:Body> <soapenv:Fault xmlns:wsse=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd "> <faultcode>wsse:InvalidSecurity</faultcode> <faultstring>General security error (SAML token security failure); nested exception is: org.opensaml.MalformedException: Subject is invalid, requires either NameIdentifier or at least one ConfirmationMethod</faultstring> <detail/> </soapenv:Fault> </soapenv:Body> </soapenv:Envelope> In fact the SAML assertion looks like this: <Assertion xmlns="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:samlp=" urn:oasis:names:tc:SAML:1.0:protocol" xmlns:saml=" urn:oasis:names:tc:SAML:1.0:assertion" xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance"; xmlns:xsd=" http://www.w3.org/2001/XMLSchema"; AssertionID=" _7816cc0f3175b845fe6885392887dcfb" IssueInstant="2008-05-14T08:55:39.906Z"Issuer ="SAMPLE_STS" MajorVersion="1" MinorVersion="1"> <Conditions NotBefore="2008-05-14T08:55:39.906Z" NotOnOrAfter=" 2008-05-14T09:00:39.906Z"/> <AttributeStatement> <Subject> <SubjectConfirmation> <ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:holder-of-key</ ConfirmationMethod> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";> <xenc:EncryptedKey xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; Id=" EncKeyId-urn:uuid:FF61AF1C61F5F11915121075533990612"> <xenc:EncryptionMethod Algorithm="http://www.w3.org/2001/04/xmlenc#rsa-1_5 "/> <ds:KeyInfo> <wsse:SecurityTokenReference xmlns:wsse=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd "> <wsse:KeyIdentifier EncodingType=" http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary " ValueType=" http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1 ">HYL371NzoOs2+IA24VDkBGcUFQM=</wsse:KeyIdentifier> </wsse:SecurityTokenReference> </ds:KeyInfo> <xenc:CipherData> <xenc:CipherValue>aRbQNN6......xenc:CipherValue> </xenc:CipherData> </xenc:EncryptedKey> </KeyInfo> </SubjectConfirmation> </Subject> <Attribute AttributeName="Name" AttributeNamespace=" https://rahas.apache.org/saml/attrns";> <AttributeValue>Colombo/Rahas</AttributeValue> </Attribute> </AttributeStatement> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm=" http://www.w3.org/2001/10/xml-exc-c14n#"/> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"/> <ds:Reference URI="#_7816cc0f3175b845fe6885392887dcfb"> <ds:Transforms> <ds:Transform Algorithm=" http://www.w3.org/2000/09/xmldsig#enveloped-signature"/> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#";> <ec:InclusiveNamespaces xmlns:ec="http://www.w3.org/2001/10/xml-exc-c14n#"PrefixList ="code ds kind rw saml samlp typens #default xsd xsi"/> </ds:Transform> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"/> <ds:DigestValue>mIaVRuYws25Y9M/LYs8p2jUxp6c=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>gspHip...</ds:SignatureValue> <ds:KeyInfo> <ds:X509Data> <ds:X509Certificate>MIICTjC.....</ds:X509Certificate> </ds:X509Data> </ds:KeyInfo> </ds:Signature> </Assertion> Does anybody else have the same error? Thanks, Plamena On Mon, May 5, 2008 at 5:31 PM, Nandana Mihindukulasooriya < [EMAIL PROTECTED]> wrote: > Hi, > Please do the testing with Rampart RC2 which can be found here. > > [1] - http://people.apache.org/~nandana/rampart-1.4/RC2/ > > it depends on the Axis2 1.4 release. > > thanks, > nandana > > > On Mon, May 5, 2008 at 4:27 PM, Stefan Lischke <[EMAIL PROTECTED]> > wrote: > >> Hi, >> >> found for myself: >> >> >> http://mail-archives.apache.org/mod_mbox/ws-rampart-dev/200805.mbox/[EMAIL >> PROTECTED] >> >> sorry >> >> Stefan >> >> >> Stefan Lischke wrote: >> > Hi, >> > >> > Great to see the latest Axis2 release. When will there be a matching >> > Rampart release? >> > Or is the RC1[1] ok? >> > >> > Thanks in advance >> > >> > Stefan >> > >> > >> > [1] http://people.apache.org/~nandana/rampart-1.4/RC1/ >> > >> > >> > >> > >> > --------------------------------------------------------------------- >> > To unsubscribe, e-mail: [EMAIL PROTECTED] >> > For additional commands, e-mail: [EMAIL PROTECTED] >> > >> > >> > >> > >> >
