Hi Amila. Can you reproduce the issue?
Jorge. -----Mensaje original----- De: Amila Jayasekara [mailto:[email protected]] Enviado el: jueves, 24 de febrero de 2011 10:05 Para: Jorge Infante Osorio CC: [email protected] Asunto: Re: [Carbon-dev] Security scenario 15. Issue with header missing or InputStream NULL Hi Jorge, We use STS in IS when we want to use SAML tokens. We will try to reproduce the issue with the provided client code. Thanks AmilaJ On Thu, Feb 24, 2011 at 12:25 PM, Jorge Infante Osorio <[email protected]> wrote: > I now use the STS of ESB and the same errors appears. > Take a look to the code I send you, maybe I have a code mistake. > > The STS use scenario 5. > The proxy service use scenario 15. > I make a change in the service policy at client side, to pass the UT > in the second message, I don´t know if this is the right way to do > that. But it work. > > Jorge. > > -----Mensaje original----- > De: Amila Jayasekara [mailto:[email protected]] Enviado el: jueves, 24 > de febrero de 2011 0:55 > Para: Jorge Infante Osorio > CC: [email protected] > Asunto: Re: [Carbon-dev] Security scenario 15. Issue with header > missing or InputStream NULL > > Hi Jorge, > Sorry for the delay reply. > > It will be great if we could have the client code to have a better > understanding of your system. But after going through your deployment > we suspect following cause for the failure. > > Your setup involves, ESB, IS and WSAS. According to the description > given, it seems you are trying to retrieve a secure conversation token > from IS and use that in a communication with proxy service. As you may > know we are using Rampart for secure conversation. Rampart is not > capable of operating with a third party token issuer other than > communication parties. Therefore it should not possible for you to > communicate with ESB proxy service with a token given by IS. > The reason why the call get success in third attempt is that, your > client program might be establishing a security context with ESB proxy service. > (Cos, your ESB proxy is secured with scenario 15, and ESB has a token > issuer within it). In other words to establish a security context the > token issuer service and the actual service you are calling should be in the same JVM. > > > Thanks > AmilaJ > > > > On Thu, Feb 24, 2011 at 8:40 AM, Jorge Infante Osorio <[email protected]> > wrote: >> Hi folks. >> Any advance in this issue?? >> >> Sometimes the service work fine, still in the ESB log appears errors, >> and another times the service don´t work but I see the right response >> in the ESB log. I don´t understand that. >> >> Jorge. >> >> >> -----Mensaje original----- >> De: [email protected] [mailto:[email protected]] >> En nombre de Jorge Infante Osorio Enviado el: lunes, 21 de febrero de >> 2011 0:43 >> Para: 'Amila Jayasekara' >> CC: [email protected] >> Asunto: Re: [Carbon-dev] Security scenario 15. Issue with header >> missing or InputStream NULL >> >> Hi Amila. >> >> In the attach zip file I send you the XACML policy, STS policy, >> Service policy, the eclipse console information, and the message >> exchange between the client/ESB/IS/WSAS taken from the SOAP tracer. >> >> I established the security context between the client and the ESB >> using the IS security token, you can see it in the eclipse console, I > print it. >> >> In the client service policy I made a modification to pass the UT >> when it´s remove. This is duo to the need to maintain the UT in the >> second request message. >> >> This is the ESB error log this time, in some occasion the service >> work just >> fine: >> >> 2011-02-21 00:17:51,908 [-] [HttpServerWorker-8] ERROR AxisEngine >> SOAP header missing >> org.apache.axis2.AxisFault: SOAP header missing >> at >> org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFa >> u >> lt(Ram >> partReceiver.java:172) >> at >> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.jav >> a >> :99) >> at org.apache.axis2.engine.Phase.invoke(Phase.java:318) >> at >> org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:259) >> at >> org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:165) >> at >> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostReq >> u >> est(HT >> TPTransportUtils.java:173) >> at >> org.apache.synapse.transport.nhttp.ServerWorker.processEntityEnclosin >> g >> Method >> (ServerWorker.java:404) >> at >> org.apache.synapse.transport.nhttp.ServerWorker.run(ServerWorker.java: >> 260) >> at >> org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(Native >> W >> orkerP >> ool.java:58) >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExec >> u >> tor.ja >> va:886) >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor. >> java:9 >> 08) >> at java.lang.Thread.run(Thread.java:619) >> Caused by: org.apache.rampart.RampartException: SOAP header missing >> at >> org.apache.rampart.RampartEngine.process(RampartEngine.java:107) >> at >> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.jav >> a >> :92) >> ... 10 more >> 2011-02-21 00:17:52,423 [-] [HttpServerWorker-8] ERROR ServerWorker >> Error processing POST request >> org.apache.axis2.AxisFault: SOAP header missing >> at >> org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFa >> u >> lt(Ram >> partReceiver.java:172) >> at >> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.jav >> a >> :99) >> at org.apache.axis2.engine.Phase.invoke(Phase.java:318) >> at >> org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:259) >> at >> org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:165) >> at >> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostReq >> u >> est(HT >> TPTransportUtils.java:173) >> at >> org.apache.synapse.transport.nhttp.ServerWorker.processEntityEnclosin >> g >> Method >> (ServerWorker.java:404) >> at >> org.apache.synapse.transport.nhttp.ServerWorker.run(ServerWorker.java: >> 260) >> at >> org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(Native >> W >> orkerP >> ool.java:58) >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExec >> u >> tor.ja >> va:886) >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor. >> java:9 >> 08) >> at java.lang.Thread.run(Thread.java:619) >> Caused by: org.apache.rampart.RampartException: SOAP header missing >> at >> org.apache.rampart.RampartEngine.process(RampartEngine.java:107) >> at >> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.jav >> a >> :92) >> ... 10 more >> >> >> -----Mensaje original----- >> De: Amila Jayasekara [mailto:[email protected]] Enviado el: domingo, 20 >> de febrero de 2011 23:54 >> Para: Jorge Infante Osorio >> CC: [email protected] >> Asunto: Re: [Carbon-dev] Security scenario 15. Issue with header >> missing or InputStream NULL >> >> Hi Jorge, >> In security scenario 15 we are using secure conversation. In secure >> conversation we are establishing a security context before actual >> messages are exchanged. I am not sure whether following error has any >> relevancy to establishing a security context. >> It will be great if you could monitor messages exchanged between >> eclipse client and ESB proxy and let us know. In the mean time we >> will try to reproduce this scenario in our environment. Also provide >> us the XACML policy you used in this test. >> >> Thanks >> AmilaJ >> >> >> > > _______________________________________________ Carbon-dev mailing list [email protected] http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
