Re: SAML Token with Rampart

Ruchith Fernando Sat, 28 Oct 2006 20:22:50 -0700

Hi Manuel,

This is fixed in the latest DOOM.


Please try the latest Rampart snapshot[1] with the latest Axis2-1.1
snapshot[2].

If it still fails please file a JIRA [3].

Thanks,
Ruchith

[1] http://ws.zones.apache.org/dist/rampart/nightly/
[2] http://ws.zones.apache.org/dist/rampart/nightly/
[3] http://issues.apache.org/jira/browse/AXIS2

On 10/19/06, Manuel Ernstberger <[EMAIL PROTECTED]> wrote:

Hello all,

when I try to send a message with a SAML Token created by Rampart, an 
UnsupportedOperationException occurs.

The settings on client side are:

<parameter name="OutflowSecurity">
<action>
        <items>SAMLTokenUnsigned</items>
        <samlPropFile>saml.properties</samlPropFile>
</action>
</parameter>

on server side:


    <parameter name="InflowSecurity">
        <action>
                <items>SAMLTokenUnsigned</items>
                <samlPropFile>saml.properties</samlPropFile>
        </action>
    </parameter>


saml.properties contains this:

org.apache.ws.security.saml.issuerClass=org.apache.ws.security.saml.SAMLIssuerImpl
org.apache.ws.security.saml.issuer.cryptoProp.file=crypto.properties
org.apache.ws.security.saml.issuer.key.name=bob
org.apache.ws.security.saml.issuer.key.password=bobsPW
org.apache.ws.security.saml.issuer=www.example.com
org.apache.ws.security.saml.subjectNameId.name=uid=joe,ou=people,ou=saml-demo,o=example.com
org.apache.ws.security.saml.subjectNameId.qualifier=www.example.com
org.apache.ws.security.saml.authenticationMethod=password
org.apache.ws.security.saml.confirmationMethod=senderVouches


The message sent by the client looks like that:

<?xml version='1.0' encoding='UTF-8'?>
   <soapenv:Envelope xmlns:wsa="http://www.w3.org/2005/08/addressing"; 
xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope";>
      <soapenv:Header>
         <wsse:Security 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; 
soapenv:mustUnderstand="true">
            <Assertion xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" 
xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; xmlns:xsd="http://www.w3.org/2001/XMLSchema"; xmlns="urn:oasis:names:tc:SAML:1.0:assertion" 
AssertionID="_0ceb59b9b4e360d48a409a0380f348b3" IssueInstant="2006-10-19T09:03:22.662Z" Issuer="www.example.com" MajorVersion="1" 
MinorVersion="1">
               <AuthenticationStatement xmlns="urn:oasis:names:tc:SAML:1.0:assertion" 
AuthenticationInstant="2006-10-19T09:03:22.459Z" 
AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password">
                  <Subject xmlns="urn:oasis:names:tc:SAML:1.0:assertion">
                     <NameIdentifier xmlns="" 
NameQualifier="www.example.com">uid=joe,ou=people,ou=saml-demo,o=example.com</NameIdentifier>
                     <SubjectConfirmation>
                        
<ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</ConfirmationMethod>
                     </SubjectConfirmation>
                  </Subject>
               </AuthenticationStatement>
            </Assertion>
         </wsse:Security>
         <wsa:To>http://localhost:3333/axis2/services/TestWS</wsa:To>
         <wsa:ReplyTo>
            
<wsa:Address>http://www.w3.org/2005/08/addressing/anonymous</wsa:Address>
         </wsa:ReplyTo>
         
<wsa:MessageID>urn:uuid:8B6348B2D76C5B03A811612486005371</wsa:MessageID>
         <wsa:Action>urn:echo</wsa:Action>
      </soapenv:Header>
      <soapenv:Body>
         <echo xmlns="http://epdm.tsystems.com/xsd";>
            <param0 xmlns="">Hello world</param0>
         </echo>
      </soapenv:Body>
   </soapenv:Envelope>



The response from the server is:

html>
   <head>
      <title>Apache Tomcat/4.1.31 - Error report</title>
      <STYLE>
         <!--H1{font-family : sans-serif,Arial,Tahoma;color : white;background-color : 
#0086b2;} H3{font-family : sans-serif,Arial,Tahoma;color : white;background-color : 
#0086b2;} BODY{font-family : sans-serif,Arial,Tahoma;color : black;background-color : 
white;} B{color : white;background-color : #0086b2;} HR{color : #0086b2;} 
--></STYLE>
      </head>
      <body>
         <h1>HTTP Status 500 - </h1>
         <HR size="1" noshade="noshade">
            <p>
               <b>type</b> Exception report
            </p>
            <p>
               <b>message</b>
               <u></u>
            </p>
            <p>
               <b>description</b>
               <u>The server encountered an internal error () that prevented it from 
fulfilling this request.</u>
            </p>
            <p>
               <b>exception</b>
               <pre>java.lang.UnsupportedOperationException: TODO       at 
org.apache.axiom.om.impl.dom.ElementImpl.setIdAttributeNode(ElementImpl.java:1379)   at 
org.opensaml.SAMLAssertion.fromDOM(Unknown Source)   at 
org.opensaml.SAMLAssertion.&lt;init&gt;(Unknown Source)      at 
org.apache.ws.security.processor.SAMLTokenProcessor.handleSAMLToken(SAMLTokenProcessor.java:53)
      at 
org.apache.ws.security.processor.SAMLTokenProcessor.handleToken(SAMLTokenProcessor.java:42)  
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:269)   
  at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:191) 
    at org.apache.axis2.security.WSDoAllReceiver.processMessage(WSDoAllReceiver.java:180)   
at org.apache.axis2.security.handler.WSDoAllHandler.invoke(WSDoAllHandler.java:82)      at 
org.apache.axis2.engine.Phase.invoke(Phase.java:381) at 
org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:473)       at 
org.apache.axis2.engine.AxisEngine.receive(AxisEngine
 .java:445)     at 
org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:284)
       at 
org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:136)     at 
javax.servlet.http.HttpServlet.service(HttpServlet.java:716) at 
javax.servlet.http.HttpServlet.service(HttpServlet.java:809) at 
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:200)
    at 
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:146)
    at 
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:209)
  at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
 at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433) 
 at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948)       
 at 
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:144)
  at org.apache.catalina.core.Standard
 Pipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)    
at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433)  
at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948)        
at org.apache.catalina.core.StandardContext.invoke(StandardContext.java:2358)   
at 
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:133)   
     at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
 at 
org.apache.catalina.valves.ErrorDispatcherValve.invoke(ErrorDispatcherValve.java:118)
        at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:594)
 at 
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:116)   
     at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:594)
 at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433) 
 at org.apache.cat
 alina.core.ContainerBase.invoke(ContainerBase.java:948)        at 
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:127)
    at 
org.apache.catalina.core.StandardPipeline$StandardPipelineValveContext.invokeNext(StandardPipeline.java:596)
        at 
org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:433)
        at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:948)
        at 
org.apache.coyote.tomcat4.CoyoteAdapter.service(CoyoteAdapter.java:152)
        at 
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:799)
        at 
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.processConnection(Http11Protocol.java:705)
        at 
org.apache.tomcat.util.net.TcpWorkerThread.runIt(PoolTcpEndpoint.java:577)
        at 
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:683)
        at java.lang.Thread.run(Thread.java:595)
</pre>
            </p>
            <HR size="1" noshade="noshade">
               <h3>Apache Tomcat/4.1.31</h3>
            </body>
         </html>


Do you have any idea why this error occurs? Is it possible that there is missing some 
implementation, as it says "java.lang.UnsupportedOperationException: TODO" ?

Thanks in advance.

Regards,
Manuel


--
GMX DSL-Flatrate 0,- Euro* - Überall, wo DSL verfügbar ist!
NEU: Jetzt bis zu 16.000 kBit/s! http://www.gmx.net/de/go/dsl

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]



--
www.ruchith.org

---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]

Re: SAML Token with Rampart

Reply via email to