Re: [Carbon-dev] SAML consuming issue

[Francesco Stampacchia]

Thank you Thilina!

I've successfully managed to integrate your sample in WSAS thanks to your
hint.

Now I'm trying to move on a bit. I need in my application to separate Token
issuing operation from Token consuming operation, so I have two functions,
let's say getToken() and validateToken().

In the getToken() I ask the STS for a token, then in the validateToken() I
try to consume it against my service (i.e. sample05).

On this second operation (as I can see from the SOAPTracer), I managed to
retrieve the token from  ConfigurationContext TokenStore (as I can find it
in the SOAP request header), but I get the following exception during token
consuming:

[2009-12-01 16:44:11,563] ERROR -  Error in adding token into store
org.apache.axis2.AxisFault: Error in adding token into store
    at
org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:70)
    at org.apache.axis2.engine.Phase.invoke(Phase.java:318)
    at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:256)
    at org.apache.axis2.engine.AxisEngine.send(AxisEngine.java:421)
    at
org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:43)
    at
org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:114)
    at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:178)
    at
org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:167)
    at
org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:142)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at
org.eclipse.equinox.http.servlet.internal.ServletRegistration.handleRequest(ServletRegistration.java:90)
    at
org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:111)
    at
org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:67)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at org.wso2.carbon.bridge.BridgeServlet.service(BridgeServlet.java:135)
    at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
    at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
    at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
    at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
    at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
    at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
    at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
    at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
    at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
    at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:870)
    at
org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
    at
org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
    at
org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
    at
org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
    at java.lang.Thread.run(Thread.java:595)
Caused by: org.apache.rampart.RampartException: Error in adding token into
store
    at
org.apache.rampart.builder.SymmetricBindingBuilder.getEncryptedKey(SymmetricBindingBuilder.java:826)
    at
org.apache.rampart.builder.SymmetricBindingBuilder.doSignBeforeEncrypt(SymmetricBindingBuilder.java:431)
    at
org.apache.rampart.builder.SymmetricBindingBuilder.build(SymmetricBindingBuilder.java:97)
    at org.apache.rampart.MessageBuilder.build(MessageBuilder.java:144)
    at
org.apache.rampart.handler.RampartSender.invoke(RampartSender.java:64)
    ... 30 more

Why does the service tries to add a token into the store? And how can I
handle this exception?

Thank you very much!


2009/12/1 Thilina Mahesh Buddhika <thili...@wso2.com>

> Hi,
>
> Following reference explains how to configure and use STS in WSO2 Identity
> Server [1]. Same STS implementation is used across  WSO2 IS, WSAS and ESB.
> So same instructions are valid for WSAS STS as well.
>
> Thanks.
> /thilina
>
> [1] -
> http://blog.facilelogin.com/2009/05/security-token-service-with-wso2.html
>
>
> On Mon, Nov 30, 2009 at 11:03 PM, Francesco Stampacchia <
> stampacchiafrance...@gmail.com> wrote:
>
>> Hello everyone!
>>
>> I've successfully worked out the SAML issuing and consuming sample
>> presented here:
>> http://thilinamb.wordpress.com/2009/10/20/saml-2-0-token-profile-support-in-rampart-1-5/.
>>
>> Now I'm trying to port it on WSAS 3.1.1. But I'm finding some troubles
>> even in obtaining the token from the sts used by the service. Probably I'm
>> getting lost in policies configuration, could someone show me the way?!
>>
>> More in details I'd like to make the code in the link above work under
>> WSAS as it does under axis2-1.5, especially the codeline in wich I
>> explicitly call for token consuming:
>>
>>         options.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN,
>> tokenId);
>>
>> Thank you in advance!
>>
>> --
>> Francesco Stampacchia
>>
>> _______________________________________________
>> Carbon-dev mailing list
>> Carbon-dev@wso2.org
>> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
>>
>>
>
>
> --
> Thilina Mahesh Buddhika
>
> WSO2 Inc. ; http://wso2.com
> http://blog.thilinamb.com
>
> _______________________________________________
> Carbon-dev mailing list
> Carbon-dev@wso2.org
> https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
>
>


-- 
Francesco Stampacchia

_______________________________________________
Carbon-dev mailing list
Carbon-dev@wso2.org
https://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev