Re: CXF WSS4J signature validation problem.

[mw4for...@gmail.com]

I got this spun up but CXF doesn't seem to be acknowledging that I have
provided a custom interceptor. I use spring to provision endpoints, here is
an excerpt of my service definition:

                <jaxws:properties>
                        <entry key="ws-security.callback-handler"
                                
value="gov.hhs.fha.nhinc.callback.cxf.CXFSAMLCallbackHandler" />
                        <entry key="ws-security.signature.properties" 
value="keystore.properties"
/>
                        <entry key="ws-security.encryption.properties"
value="truststore.properties" />
                        <entry key="ws-security.signature.validator">
                                <bean
class="gov.hhs.fha.nhinc.callback.cxf.CONNECTSignatureTrustValidator" />
                        </entry>
                </jaxws:properties>

However when I receive a web service message, I get the following
stacktrace:
[#|2012-12-20T14:49:02.901-0500|WARNING|glassfish3.1.2|org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor|_ThreadID=106;_ThreadName=Thread-2;|org.apache.ws.security.WSSecurityException:
The security token could not be authenticated or authorized
        at
org.apache.ws.security.validate.SignatureTrustValidator.validate(SignatureTrustValidator.java:86)
        at
org.apache.ws.security.validate.SamlAssertionValidator.verifySignedAssertion(SamlAssertionValidator.java:121)
        at
org.apache.ws.security.validate.SamlAssertionValidator.validate(SamlAssertionValidator.java:100)
        at
org.apache.ws.security.processor.SAMLTokenProcessor.handleSAMLToken(SAMLTokenProcessor.java:188)
        at
org.apache.ws.security.processor.SAMLTokenProcessor.handleToken(SAMLTokenProcessor.java:78)
        at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396)
        at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:273)
        at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:95)
        at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:271)

It doesn't appear that my custom validator is being invoked. Any thoughts?



--
View this message in context: 
http://cxf.547215.n5.nabble.com/CXF-WSS4J-signature-validation-problem-tp5719033p5720609.html
Sent from the cxf-dev mailing list archive at Nabble.com.