Does anybody know whether it is supported by AXIS2/Rampart or not? Thanks, Amitesh
amiteshksingh wrote: > > Hi, > I am not finding any sample which desribes the use of signed supporting > token uses issued token and requesting for SAML. > > I would appreciate, if anybody can provide that one. > > I am using the below policy > > <sp:SignedSupportingTokens > xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> > <wsp:Policy> > <sp:IssuedToken > sp:IncludeToken="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient";> > <Issuer > xmlns="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy";> > <Address > xmlns="http://www.w3.org/2005/08/addressing";>http://localhost:8090/axis2/services/STS</Address> > <Metadata > xmlns="http://www.w3.org/2005/08/addressing";> > <mex:Metadata > > xmlns:mex="http://schemas.xmlsoap.org/ws/2004/09/mex"; > > xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";> > <mex:MetadataSection > Dialect="http://schemas.xmlsoap.org/ws/2004/09/mex";> > <mex:MetadataReference> > <Address > > xmlns="http://www.w3.org/2005/08/addressing";>http://localhost:8090/axis2/services/mex</Address> > </mex:MetadataReference> > </mex:MetadataSection> > </mex:Metadata> > </Metadata> > </Issuer> > <sp:RequestSecurityTokenTemplate> > <t:TokenType > xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust";>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</t:TokenType> > <t:KeyType > xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust";>http://schemas.xmlsoap.org/ws/2005/02/trust/PublicKey</t:KeyType> > <t:KeySize > xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust";>256</t:KeySize> > <t:CanonicalizationAlgorithm > xmlns:t="http://docs.oasis-open.org/ws-sx/ws-trust/200512";>http://www.w3.org/2001/10/xml-exc-c14n#</t:CanonicalizationAlgorithm> > > <t:EncryptionAlgorithm > xmlns:t="http://docs.oasis-open.org/ws-sx/ws-trust/200512";>http://www.w3.org/2001/04/xmlenc#aes256-cbc</t:EncryptionAlgorithm> > > <t:EncryptWith > xmlns:t="http://docs.oasis-open.org/ws-sx/ws-trust/200512";>http://www.w3.org/2001/04/xmlenc#aes256-cbc</t:EncryptWith> > > <t:SignWith > xmlns:t="http://docs.oasis-open.org/ws-sx/ws-trust/200512";>http://www.w3.org/2000/09/xmldsig#hmac-sha1</t:SignWith> > > </sp:RequestSecurityTokenTemplate> > > <wsp:Policy> > <sp:RequireDerivedKeys/> > > <sp:RequireInternalReference/> > </wsp:Policy> > </sp:IssuedToken> > > </wsp:Policy> > </sp:SignedSupportingTokens> > > but I am not able to get the saml assetion. I am getting the below error > > Exception in thread "main" org.apache.axis2.AxisFault: Error in signature > with a custom token > at > org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:70) > at org.apache.axis2.engine.Phase.invoke(Phase.java:317) > at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:264) > at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:429) > at > org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:401) > at > org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:228) > at > org.apache.axis2.client.OperationClient.execute(OperationClient.java:163) > at > org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:548) > at > org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:528) > at com.accenture.apsp.security.Client.main(Client.java:82) > Caused by: org.apache.rampart.RampartException: Error in signature with a > custom token > at > org.apache.rampart.builder.BindingBuilder.doSymmSignature(BindingBuilder.java:683) > at > org.apache.rampart.builder.SymmetricBindingBuilder.doSignBeforeEncrypt(SymmetricBindingBuilder.java:504) > at > org.apache.rampart.builder.SymmetricBindingBuilder.build(SymmetricBindingBuilder.java:90) > at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:144) > at > org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:64) > ... 9 more > Caused by: org.apache.ws.security.WSSecurityException: Signature creation > failed; nested exception is: > org.apache.xml.security.signature.XMLSignatureException: Id not found > Original Exception was > org.apache.xml.security.signature.ReferenceNotInitializedException: Id not > found > Original Exception was > org.apache.xml.security.signature.ReferenceNotInitializedException: Id not > found > Original Exception was > org.apache.xml.security.signature.ReferenceNotInitializedException: Id not > found > Original Exception was > org.apache.xml.security.utils.resolver.ResourceResolverException: Id not > found > at > org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:683) > at > org.apache.rampart.builder.BindingBuilder.doSymmSignature(BindingBuilder.java:665) > ... 13 more > Caused by: org.apache.xml.security.signature.XMLSignatureException: Id not > found > Original Exception was > org.apache.xml.security.signature.ReferenceNotInitializedException: Id not > found > Original Exception was > org.apache.xml.security.signature.ReferenceNotInitializedException: Id not > found > Original Exception was > org.apache.xml.security.signature.ReferenceNotInitializedException: Id not > found > Original Exception was > org.apache.xml.security.utils.resolver.ResourceResolverException: Id not > found > at org.apache.xml.security.signature.XMLSignature.sign(Unknown Source) > at > org.apache.ws.security.message.WSSecSignature.computeSignature(WSSecSignature.java:677) > ... 14 more > -- View this message in context: http://www.nabble.com/Issue-in-SignedSupportingTokens-with-IssuedToken-requesting-for-SAML-tp24663093p24704097.html Sent from the Axis - User mailing list archive at Nabble.com.
