Jorge, I have asked the security team to take a look at this. On Apr 2, 2011 5:40 AM, "Jorge Infante Osorio" <[email protected]> wrote: > Hi folk. > Any of you can help us in this subject? > > We are not able to use the scenario 15 using the IS, ESB and AppServ yet. As > Amila say I changed the token issuer to the ESB but the error still remain > the same. > I see some post in the Prabath blog that explain how to use the IS STS > service with ESB, but with the same configuration still not work. > > By the moment this is an unfinished work for us. Sometime the service work > but sometimes we see a lot of error, see the $subject. > > Thanks, > Jorge. > > -----Mensaje original----- > De: Amila Jayasekara [mailto:[email protected]] > Enviado el: jueves, 24 de febrero de 2011 0:55 > Para: Jorge Infante Osorio > CC: [email protected] > Asunto: Re: [Carbon-dev] Security scenario 15. Issue with header missing or > InputStream NULL > > Hi Jorge, > Sorry for the delay reply. > > It will be great if we could have the client code to have a better > understanding of your system. But after going through your deployment we > suspect following cause for the failure. > > Your setup involves, ESB, IS and WSAS. According to the description given, > it seems you are trying to retrieve a secure conversation token from IS and > use that in a communication with proxy service. As you may know we are using > Rampart for secure conversation. Rampart is not capable of operating with a > third party token issuer other than communication parties. Therefore it > should not possible for you to communicate with ESB proxy service with a > token given by IS. > The reason why the call get success in third attempt is that, your client > program might be establishing a security context with ESB proxy service. > (Cos, your ESB proxy is secured with scenario 15, and ESB has a token issuer > within it). In other words to establish a security context the token issuer > service and the actual service you are calling should be in the same JVM. > > > Thanks > AmilaJ > > > > On Thu, Feb 24, 2011 at 8:40 AM, Jorge Infante Osorio <[email protected]> > wrote: >> Hi folks. >> Any advance in this issue?? >> >> Sometimes the service work fine, still in the ESB log appears errors, >> and another times the service don´t work but I see the right response >> in the ESB log. I don´t understand that. >> >> Jorge. >> >> >> -----Mensaje original----- >> De: [email protected] [mailto:[email protected]] >> En nombre de Jorge Infante Osorio Enviado el: lunes, 21 de febrero de >> 2011 0:43 >> Para: 'Amila Jayasekara' >> CC: [email protected] >> Asunto: Re: [Carbon-dev] Security scenario 15. Issue with header >> missing or InputStream NULL >> >> Hi Amila. >> >> In the attach zip file I send you the XACML policy, STS policy, >> Service policy, the eclipse console information, and the message >> exchange between the client/ESB/IS/WSAS taken from the SOAP tracer. >> >> I established the security context between the client and the ESB >> using the IS security token, you can see it in the eclipse console, I > print it. >> >> In the client service policy I made a modification to pass the UT when >> it´s remove. This is duo to the need to maintain the UT in the second >> request message. >> >> This is the ESB error log this time, in some occasion the service work >> just >> fine: >> >> 2011-02-21 00:17:51,908 [-] [HttpServerWorker-8] ERROR AxisEngine SOAP >> header missing >> org.apache.axis2.AxisFault: SOAP header missing >> at >> org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFau >> lt(Ram >> partReceiver.java:172) >> at >> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java >> :99) >> at org.apache.axis2.engine.Phase.invoke(Phase.java:318) >> at >> org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:259) >> at >> org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:165) >> at >> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequ >> est(HT >> TPTransportUtils.java:173) >> at >> org.apache.synapse.transport.nhttp.ServerWorker.processEntityEnclosing >> Method >> (ServerWorker.java:404) >> at >> org.apache.synapse.transport.nhttp.ServerWorker.run(ServerWorker.java: >> 260) >> at >> org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeW >> orkerP >> ool.java:58) >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecu >> tor.ja >> va:886) >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor. >> java:9 >> 08) >> at java.lang.Thread.run(Thread.java:619) >> Caused by: org.apache.rampart.RampartException: SOAP header missing >> at >> org.apache.rampart.RampartEngine.process(RampartEngine.java:107) >> at >> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java >> :92) >> ... 10 more >> 2011-02-21 00:17:52,423 [-] [HttpServerWorker-8] ERROR ServerWorker >> Error processing POST request >> org.apache.axis2.AxisFault: SOAP header missing >> at >> org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFau >> lt(Ram >> partReceiver.java:172) >> at >> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java >> :99) >> at org.apache.axis2.engine.Phase.invoke(Phase.java:318) >> at >> org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:259) >> at >> org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:165) >> at >> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequ >> est(HT >> TPTransportUtils.java:173) >> at >> org.apache.synapse.transport.nhttp.ServerWorker.processEntityEnclosing >> Method >> (ServerWorker.java:404) >> at >> org.apache.synapse.transport.nhttp.ServerWorker.run(ServerWorker.java: >> 260) >> at >> org.apache.axis2.transport.base.threads.NativeWorkerPool$1.run(NativeW >> orkerP >> ool.java:58) >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecu >> tor.ja >> va:886) >> at >> java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor. >> java:9 >> 08) >> at java.lang.Thread.run(Thread.java:619) >> Caused by: org.apache.rampart.RampartException: SOAP header missing >> at >> org.apache.rampart.RampartEngine.process(RampartEngine.java:107) >> at >> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java >> :92) >> ... 10 more >> >> >> -----Mensaje original----- >> De: Amila Jayasekara [mailto:[email protected]] Enviado el: domingo, 20 >> de febrero de 2011 23:54 >> Para: Jorge Infante Osorio >> CC: [email protected] >> Asunto: Re: [Carbon-dev] Security scenario 15. Issue with header >> missing or InputStream NULL >> >> Hi Jorge, >> In security scenario 15 we are using secure conversation. In secure >> conversation we are establishing a security context before actual >> messages are exchanged. I am not sure whether following error has any >> relevancy to establishing a security context. >> It will be great if you could monitor messages exchanged between >> eclipse client and ESB proxy and let us know. In the mean time we will >> try to reproduce this scenario in our environment. Also provide us the >> XACML policy you used in this test. >> >> Thanks >> AmilaJ >> >> >> > > _______________________________________________ > Carbon-dev mailing list > [email protected] > http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
_______________________________________________ Carbon-dev mailing list [email protected] http://mail.wso2.org/cgi-bin/mailman/listinfo/carbon-dev
