How does your custom token get validated ? Have you added a custom handler for that ? WSS4J has a map of processor registered with the QName of the header block in the security header. So if we can register a processor for your custom header, then we can get this problem solved. Yes, at current we expect a SAML token when there is Issued Token as a supporting token in the policy. This should be improved to look for any type custom token. We need to find a way to register a custom processor with a QName in WSS4J and then we can improve Rampart Configuration have those configuration data. If you are willing to do these improvements, I can help and guide you to do that.
thanks, Nandana 2009/3/20 Håkon Sagehaug <[email protected]> > Hi > > Any tips on this issue? > > cheers, Håkon > > 2009/3/17 Håkon Sagehaug <[email protected]> > > Hi all >> >> I've got a service that accepts a custom token from a sts service, but >> when I call my end service after injected the custom token into my header I >> always get >> >> org.apache.axis2.AxisFault: SAML Token missing in request >> >> replay from my service. So I was wondering what does ramart look for when >> trying to extract the custom token? Is it that the value of TokenType, a >> namespace containing the element in my case, that must be the same as one of >> the elements in the soap header. I had a look at the code where the >> exception is thrown, in PolicyBasedResultsValidator#handleSupportingTokens >> >> else if ( token instanceof IssuedToken ) { >> //TODO is is enough to check for ST_UNSIGNED results ?? >> WSSecurityEngineResult samlResult = >> WSSecurityUtil.fetchActionResult(results, WSConstants.ST_UNSIGNED); >> if(samlResult == null) { >> throw new RampartException("samlTokenMissing"); >> } >> } >> >> So if I got i correct is that it checks for unsigned saml tokens, bu since >> my issued token is not a SAML token I've got a problem. Maybe the TODO has >> something to do with it >> >> Any tips on how to solve this? >> >> cheers, Håkon >> >> >> -- >> Håkon Sagehaug, Scientific Programmer >> Parallab, Bergen Center for Computational Science (BCCS) >> UNIFOB AS (University of Bergen Research Company) >> > > > > -- > Håkon Sagehaug, Scientific Programmer > Parallab, Bergen Center for Computational Science (BCCS) > UNIFOB AS (University of Bergen Research Company) >
