I'm trying to set up a simple tomcat-contained servlet that is access-controlled by XACML requests to an Identity Server EntitlementService.
So when I try to run it, I get a Null Pointer Exception from the code responsible for extracting the actual authentication result from the reply from the EntitlementService. So, I looked at the HTTP traffic, and what's going on is really interesting. Basically what they have are SOAP envelopes, and then inside those envelopes they have XML documents that are the requests and responses to the EntitlementService. The problem is, those XML documents are "encoded" in the sense that instead of having, for example, <Response>, they have <Response> I've attached the request and response. The request is also encoded in that weird way, which is notable, because it means that the Identity Server is actually expecting and processing that. This is really weird. As far as I can tell, what I have set up is a "plain vanilla" configuration with nothing out of the ordinary or unexpected. Any of you guys know what could be going on? jc
POST /services/EntitlementService HTTP/1.1 Content-Type: application/soap+xml; charset=UTF-8; action="urn:getDecision" User-Agent: Axis2 Authorization: Basic YWRtaW46YWRtaW4= Host: localhost:12345 Transfer-Encoding: chunked 6d5 <?xml version="1.0" encoding="UTF-8"?><soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope";><soapenv:Body><ns3:getDecision xmlns:ns3="http://org.apache.axis2/xsd";><ns3:request><Request xlmns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17" CombinedDecision="false" ReturnPolicyIdList="false"><Attributes Category="urn:oasis:names:tc:xacml:1.0:subject-category:access-subject"><Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:subject:subject-id" IncludeInResult="false"><AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">admin</AttributeValue></Attribute></Attributes><Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:action"><Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:action:action-id" IncludeInResult="false"><AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">GET</AttributeValue></Attribute></Attributes><Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:resource"><Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:resource:resource-id" IncludeInResult="false"><AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string">/Entitlement_Sample_WebApp/protected.jsp</AttributeValue></Attribute></Attributes><Attributes Category="urn:oasis:names:tc:xacml:3.0:attribute-category:environment"><Attribute AttributeId="urn:oasis:names:tc:xacml:1.0:environment:environment-id" IncludeInResult="false"><AttributeValue DataType="http://www.w3.org/2001/XMLSchema#string"></AttributeValue></Attribute></Attributes></Request></ns3:request></ns3:getDecision></soapenv:Body></soapenv:Envelope> 0
<?xml version="1.0" encoding="UTF-8"?> <soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope";> <soapenv:Body> <ns:getDecisionResponse xmlns:ns="http://org.apache.axis2/xsd";> <ns:return> <Response xmlns="urn:oasis:names:tc:xacml:3.0:core:schema:wd-17"><Result><Decision>Permit</Decision><Status><StatusCode Value="urn:oasis:names:tc:xacml:1.0:status:ok"/></Status></Result></Response> </ns:return> </ns:getDecisionResponse> </soapenv:Body> </soapenv:Envelope>
_______________________________________________ Dev mailing list [email protected] http://wso2.org/cgi-bin/mailman/listinfo/dev
