Sergey, Thanks for your help.
> I need more info about this error. But, briefly, RPPS uses > ClientConfiguration.xml (for m-card) and > PersonalConfiguration.xml (for p-card). Your > PersonalConfiguration.xml looks correct. > RPPS should be configured in the same way as STS: you need to set > "org.eclipse.higgins.sts.conf" property with a path to your > ConfigurationFile folder. Here are the JAVA_OPTS I use to start the tomcat instance hosting the RPPS: -Dorg.eclipse.higgins.sts.conf=/home/higgins/ConfigurationFile -Djavax.net.ssl.trustStore=/home/higgins/localhost.jks -Djava.library.path=/home/higgins/native/ -Dlog4j.debug -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager ... and the STS: -Dorg.eclipse.higgins.sts.conf=/opt/tomcat/apache-tomcat-6.0.26/webapps/TokenService/ConfigurationFiles -Dorg.eclipse.higgins.sts.conf.file=ManagedConfiguration.xml -Dorg.eclipse.higgins.sts.log4j.properties=/opt/tomcat/apache-tomcat-6.0.26/webapps/TokenService/ConfigurationFiles/log4j.properties -Dlog4j.debug -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager > sts_error.log is rather a log of Cloud Selector than STS. It's possible. Sorry. Both services are hosted by the same Tomcat instance. > Please, do the following: > > 1. set RPPS logging level to ERROR. > 2. clean catalina.out. > 3. start RPPS. > 4. try to log in with a p-card using Azigo Selector (not Cloud > Selector). > 5. send the result log file. I've attached the logs corresponding to the following: 1. Starting Tomcat 2. Logging with the Azigo Selector to this site: http://www.identityblog.com/. The Azigo Selector shows an error message saying that the request failed. 3. Closing Tomcat. Unfortunately, I can't find any information that helps me figuring out the problem. Do you? Thanks, Jonathan > > Thanks, > Sergey Lyakhov > > On Thu, 8 Apr 2010 21:28:46 -0400 > Jonathan Tellier <[email protected]> wrote: > >> OK, so I took a step back. Now, I'm only trying to send a personal >> card that I've created with the Azigo selector. I've looked at the >> database and it seems that the card has been correctly imported. Here >> are the errors that I get. >> >> First, the cloud selector gives me: >> RP discovery / realm validation disabled; this option SHOULD be >> enabled for OPs >> >> Then, on the RPPS side, I get those errors that I find concerning: >> 08 Apr 2010 20:45:40,752 ERROR [http-8081-1] LogHelper.error >> (LogHelper.java:119) - No Extension Configuration Found. >> >> 08 Apr 2010 20:45:40,752 ERROR [http-8081-1] >> CardSpaceSelector.getIdentityToken (CardSpaceSelector.java:495) - >> Returning STS Fault: No Configuration Found. >> >> 08 Apr 2010 20:45:40,752 ERROR [http-8081-1] >> RPPSServiceImpl.getTokenObject (RPPSServiceImpl.java:833) - >> org.eclipse.higgins.icard.provider.cardspace.common.STSFaultException >> >> I've attached the remaining of the logs for both the STS and the RPPS >> along with the ~/.higgins and ~/ConfigurationFile folders used by >> CardSync. >> >> Does this additional information gives any more insights about my >> problem? >> >> Thanks, >> Jonathan >> >> >> On Wed, Apr 7, 2010 at 12:20 PM, Jonathan Tellier >> <[email protected]> wrote: >> > Hi, >> > >> > Thank you for taking the time to try to help me. >> > >> >> 1. I did not found any critical error in your RPPS log. Suppose it >> >> should successfully create and send p-cards. Is it correct? >> > >> > No. I can create personal (and managed) cards, but I can't send any. >> > When I try to send a personal card, I get: >> > >> > AxisFault >> > faultCode: >> > {http://schemas.xmlsoap.org/ws/2005/02/trust}wstRequestFailed >> > faultSubcode: faultString: The specified request failed >> > faultActor: STS >> > faultNode: >> > faultDetail: >> > {http://xml.apache.org/axis/}hostname:higgins >> > >> > By looking at that error, I would imagine that some configuration >> > that should point to my host is not set correctly, but I can't find >> > it. >> > >> >> 2. Does you try to send a m-card of your STS? I see the following >> >> in your STS log: >> >> ...... >> > >> > Yes, this error occurs when I try to send a managed card. I've >> > updated my ManagedConfiguration.xml, but the error still happens. >> > I've attached my new and updated config file so you can see if I've >> > made any errors (note that the address of the server changed since >> > I've deployed it elsewhere). If you need some other configuration >> > files, I can also send them. >> > >> > Thanks for your time, >> > Jonathan >> > >> > >> >> >> >> ..... >> >> AxisFault >> >> faultCode: >> >> {http://schemas.xmlsoap.org/ws/2005/02/trust}RequestFailed >> >> faultSubcode: faultString: The specified request failed >> >> faultActor: >> >> faultNode: >> >> faultDetail: >> >> {}Explanation:No Configuration Found. >> >> .... >> >> >> >> Suppose it will be fixed after you set a correct "Issuer" URI >> >> ( https://207.162.8.222:8443/TokenService/services/Trust ) in >> >> "AppliesToMapper" section of ManagedConfiguration.xml (373 line). >> >> >> >> Thanks, >> >> Sergey Lyakhov >> >> >> >> On Wed, 31 Mar 2010 10:21:02 -0400 >> >> Jonathan Tellier <[email protected]> wrote: >> >> >> >>> I've had to redeploy everything on a new server, so I've taken the >> >>> opportunity to use two instances of tomcat. One for CardSync and >> >>> one for the STS/RP/CloudSelector. That way, configuration files >> >>> and logs are more separated. I'm still not able to send card to >> >>> CardSync though... >> >>> >> >>> I've paid a close attention to the logs while I'm creating a >> >>> user, a card and importing it using the Azigo Selector. There's >> >>> no errors whatsoever during this process. Then, I've tried to >> >>> manually make a getTokenObject SOAP call to CardSync. This is the >> >>> call I've made: >> >>> >> >>> <soapenv:Envelope >> >>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; >> >>> xmlns:xsd="http://www.w3.org/2001/XMLSchema"; >> >>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/"; >> >>> xmlns:wsd="urn:RPPSService/wsdlRPPSService" >> >>> xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/";> >> >>> <soapenv:Header/> >> >>> <soapenv:Body> >> >>> <wsd:getTokenObject >> >>> soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/";> >> >>> <userId xsi:type="xsd:string">foo9</userId> >> >>> <password xsi:type="xsd:string">bar9</password> >> >>> <policy xsi:type="xsd:string"> >> >>> <object type="application/x-informationCard" >> >>> name="xmlToken"> <param name="privacyUrl" >> >>> value="http://wiki.eclipse.org/Cloud_Selector"; /> >> >>> <param name="privacyVersion" value="1" /> >> >>> <param name="tokenType" >> >>> value="urn:oasis:names:tc:SAML:1.0:assertion" /> >> >>> <param name="requiredClaims" >> >>> value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"; >> >>> /> >> >>> <param name="optionalClaims" >> >>> value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname >> >>> http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"; >> >>> /> >> >>> </object> >> >>> </policy> >> >>> <policytype xsi:type="xsd:string">cardspace</policytype> >> >>> <sslCert xsi:type="xsd:string"></sslCert> >> >>> <cuids xsi:type="wsd:ArrayOf_xsd_string" >> >>> soapenc:arrayType="xsd:string[]"> >> >>> >> >>> <item>org.eclipse.higgins.icard.provider.cardspace.managed.db#https://localhost:8443/TokenService/services/Trust#urn:Higgins-LDAP-Server&cardid=upass_foo9</item> >> >>> </cuids> >> >>> <typeofCredential >> >>> xsi:type="xsd:string">ITSUsernamePasswordCredential</typeofCredential> >> >>> <credentialKey xsi:type="wsd:ArrayOf_xsd_string" >> >>> soapenc:arrayType="xsd:string[]"> >> >>> <item>url</item> >> >>> <item>saveCard</item> >> >>> <item>saveCredential</item> >> >>> <item>address</item> >> >>> <item>metadataAddress</item> >> >>> <item>username</item> >> >>> <item>password</item> >> >>> </credentialKey> >> >>> <credentialValue xsi:type="wsd:ArrayOf_xsd_string" >> >>> soapenc:arrayType="xsd:string[]"> >> >>> <item>http://<my server's >> >>> IP>:8080/proxy.web/server-carddetails</item> >> >>> <item>false</item> >> >>> <item>false</item> >> >>> <item>https://localhost:8443/TokenService/services/Trust</item> >> >>> >> >>> <item>https://localhost:8443/TokenService/services/MetadataUsernameToken</item> >> >>> <item>foo9</item> >> >>> <item>bar9</item> >> >>> </credentialValue> >> >>> </wsd:getTokenObject> >> >>> </soapenv:Body> >> >>> </soapenv:Envelope> >> >>> >> >>> I've attached the logs for CardSync and for the TokenService >> >>> corresponding to that operation. Note that in the logs, I'm >> >>> starting the server, making the SOAP request and stopping the >> >>> server. Noting more. I've been scrutinizing the logs, my config >> >>> files and trying to fix that problem for quite some time now, but >> >>> I can't find the cause or the solution to my problem. I think >> >>> that this part, in the TokenService logs might have something to >> >>> do with it, but I'm not sure: >> >>> >> >>> AxisFault >> >>> faultCode: >> >>> {http://schemas.xmlsoap.org/ws/2005/02/trust}RequestFailed >> >>> faultSubcode: faultString: The specified request failed >> >>> faultActor: >> >>> faultNode: >> >>> faultDetail: >> >>> {}Explanation:No Configuration Found. >> >>> >> >>> What kind of configuration is this referring to? >> >>> >> >>> Well anyway, If any of you has a couple of minutes to spare and >> >>> could help, I'd really appreciate it. >> >>> >> >>> Thanks, >> >>> Jonathan >> >>> >> >>> >> >>> On Tue, Mar 23, 2010 at 4:15 PM, Jonathan Tellier >> >>> <[email protected]> wrote: >> >>> > Hello, >> >>> > >> >>> > I've attached logs for all steps in the process: >> >>> > >> >>> > - Staring the server >> >>> > - Creating a card with the STS >> >>> > - Importing a card with the Azigo selector >> >>> > - Logging to the test RP with the CloudSelector >> >>> > >> >>> > As for my config files, which ones do you want? >> >>> > >> >>> > Since I start tomcat with the following java opts: >> >>> > -Dorg.eclipse.higgins.sts.conf=$CATALINA_HOME/webapps/TokenService/ConfigurationFiles >> >>> > -Dorg.eclipse.higgins.sts.conf.file=ManagedConfiguration.xml >> >>> > -Dorg.eclipse.higgins.sts.log4j.properties=$CATALINA_HOME/webapps/TokenService/ConfigurationFiles/log4j.properties >> >>> > -Djavax.net.ssl.trustStore=$CATALINA_HOME/webapps/TokenService/ConfigurationFiles/localhost.jks >> >>> > -Djava.library.path=$CATALINA_HOME/native_lib/ >> >>> > -Duser.home=/usr/share/higgins >> >>> > >> >>> > I've attached the content of: >> >>> > - $CATALINA_HOME/webapps/TokenService/ConfigurationFiles >> >>> > - /usr/share/higgins >> >>> > >> >>> > Is there any other info that you would need? >> >>> > >> >>> > Thanks, >> >>> > Jonathan >> >>> > >> >>> > >> >>> > On Tue, Mar 23, 2010 at 3:25 PM, Sergey Lyakhov >> >>> > <[email protected]> wrote: >> >>> >> Jonathan, >> >>> >> >> >>> >>> So, are I-Card Providers defined in >> >>> >>> "ProvidersConfiguration.xml"? If it's the case, where could I >> >>> >>> find a template of that file? >> >>> >> >> >>> >> ProvidersConfiguration.xml is just an alternative way of ICard >> >>> >> providers configuration and should not affect on RPPS. What >> >>> >> version of RPPS do you use? Can you provide your configuration >> >>> >> files / error log? >> >>> >> >> >>> >> Thanks, >> >>> >> Sergey Lyakhov >> >>> >> >> >>> >> On Tue, 23 Mar 2010 14:44:26 -0400 >> >>> >> Jonathan Tellier <[email protected]> wrote: >> >>> >> >> >>> >>> I think I might have found something of interest. As I've >> >>> >>> mentioned earlier, I get a FileNotFoundException on >> >>> >>> "ProvidersConfiguration.xml". Now, I've just realized that >> >>> >>> this error also occurs when I'm trying to import a card. >> >>> >>> After some research, I've learned that I-Card Providers >> >>> >>> manage the persistence of I-Cards. So, would it be possible >> >>> >>> that the reason why I can't send I-Cards using the >> >>> >>> CloudSelector is actually because the cards are not properly >> >>> >>> imported? From what I can deduce, this would make sense since >> >>> >>> in the stack trace that I see when trying to send a card, >> >>> >>> there seem to be some problems parsing the card data. >> >>> >>> >> >>> >>> So, are I-Card Providers defined in >> >>> >>> "ProvidersConfiguration.xml"? If it's the case, where could I >> >>> >>> find a template of that file? >> >>> >>> >> >>> >>> Thanks, >> >>> >>> Jonathan >> >>> >>> >> >>> >>> >> >>> >>> On Fri, Mar 19, 2010 at 4:49 PM, Jonathan Tellier >> >>> >>> <[email protected]> wrote: >> >>> >>> > In the past few days, I've done some debugging and have >> >>> >>> > found out a small piece of information that I hope could be >> >>> >>> > useful. Basically, I've figured out the parameters which >> >>> >>> > are used to when performing the getTokenObject SOAP call >> >>> >>> > where trying to use a username/password card. Here there >> >>> >>> > are: >> >>> >>> > >> >>> >>> > userId: foo >> >>> >>> > >> >>> >>> > password: bar >> >>> >>> > >> >>> >>> > policy: >> >>> >>> > <object type="application/x-informationCard" >> >>> >>> > name="xmlToken"> <param name="privacyUrl" >> >>> >>> > value="http://wiki.eclipse.org/Cloud_Selector"; /> <param >> >>> >>> > name="privacyVersion" value="1" /> <param name="tokenType" >> >>> >>> > value="urn:oasis:names:tc:SAML:1.0:assertion" /> <param >> >>> >>> > name="requiredClaims" >> >>> >>> > value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"; >> >>> >>> > /> >> >>> >>> > <param name="optionalClaims" >> >>> >>> > value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname >> >>> >>> > http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"; >> >>> >>> > /> >> >>> >>> > </object> >> >>> >>> > >> >>> >>> > policytype: cardspace >> >>> >>> > >> >>> >>> > sslCert: >> >>> >>> > >> >>> >>> > cuids: >> >>> >>> > org.eclipse.higgins.icard.provider.cardspace.managed.db#https://<my >> >>> >>> > server's >> >>> >>> > address>/TokenService/services/Trust#urn:Higgins-LDAP-Server&cardid=username_token1_not_appliesto >> >>> >>> > >> >>> >>> > typeofCredential: ITSUsernamePasswordCredential >> >>> >>> > >> >>> >>> > credentialKey: >> >>> >>> > url >> >>> >>> > saveCard >> >>> >>> > saveCredential >> >>> >>> > address >> >>> >>> > metadataAddress >> >>> >>> > username >> >>> >>> > password >> >>> >>> > >> >>> >>> > credentialValue: >> >>> >>> > http://<my server's address>/proxy.web/server-carddetails >> >>> >>> > false >> >>> >>> > false >> >>> >>> > https://<my server's address>/TokenService/services/Trust >> >>> >>> > https://<my server's >> >>> >>> > address>/TokenService/services/MetadataUsernameToken foo >> >>> >>> > bar >> >>> >>> > >> >>> >>> > I've also tried to manually send a SOAP request to CardSync >> >>> >>> > and also to use a card from https://openidcards.sxip.com/, >> >>> >>> > but in both cases, I get the same "The specified request >> >>> >>> > failed" error. I would like to try the >> >>> >>> > http://higgins.eclipse.org/TokenService STS, but for every >> >>> >>> > action I try to perform using it, I get: >> >>> >>> > >> >>> >>> > exception: javax.naming.CommunicationException: >> >>> >>> > higgins.watson.ibm.com:636 [Root exception is >> >>> >>> > java.net.ConnectException: Connection refused] >> >>> >>> > >> >>> >>> > So, is there something wrong with the parameters that are >> >>> >>> > used? Does anyone has an idea about how I could solve my >> >>> >>> > problem? >> >>> >>> > >> >>> >>> > Thanks, >> >>> >>> > Jonathan >> >>> >>> > >> >>> >>> > >> >>> >>> > On Mon, Mar 15, 2010 at 8:59 PM, Jonathan Tellier >> >>> >>> > <[email protected]> wrote: >> >>> >>> >> Hello there, >> >>> >>> >> >> >>> >>> >> I think that I'm almost done with my local deployment of >> >>> >>> >> the CloudSelector/CardSync/TokenService, but I've still >> >>> >>> >> got some problems. When I try to send a personal card or a >> >>> >>> >> card that uses a Username Token, I get a STSFaultException >> >>> >>> >> caused by this error: >> >>> >>> >> >> >>> >>> >> 15 Mar 2010 20:42:32,267 ERROR [http-8443-1] >> >>> >>> >> LogHelper.error (LogHelper.java:119) - No Extension >> >>> >>> >> Configuration Found. >> >>> >>> >> >> >>> >>> >> 15 Mar 2010 20:42:32,268 ERROR [http-8443-1] >> >>> >>> >> CardSpaceSelector.getIdentityToken >> >>> >>> >> (CardSpaceSelector.java:495) - Returning >> >>> >>> >> STS Fault: No Configuration Found. >> >>> >>> >> >> >>> >>> >> 15 Mar 2010 20:42:32,269 ERROR [http-8443-1] >> >>> >>> >> RPPSServiceImpl.getTokenObject (RPPSServiceImpl.java:833) - >> >>> >>> >> org.eclipse.hig >> >>> >>> >> gins.icard.provider.cardspace.common.STSFaultException >> >>> >>> >> >> >>> >>> >> org.eclipse.higgins.icard.provider.cardspace.common.STSFaultException >> >>> >>> >> at >> >>> >>> >> org.eclipse.higgins.iss.cardspace.CardSpaceSelector.getIdentityToken(CardSpaceSelector.java:496) >> >>> >>> >> at >> >>> >>> >> org.eclipse.higgins.rpps.core.impl.RppsService.getTokenObject(RppsService.java:3245) >> >>> >>> >> at >> >>> >>> >> org.eclipse.higgins.rpps.core.impl.RppsService.getTokenObject(RppsService.java:3310) >> >>> >>> >> at >> >>> >>> >> org.eclipse.higgins.rpps.core.impl.RppsService.getTokenObject(RppsService.java:3438) >> >>> >>> >> at >> >>> >>> >> org.eclipse.higgins.rpps.webservices.RPPSServiceImpl.getTokenObject(RPPSServiceImpl.java:830) >> >>> >>> >> [... stacktrace continues ...] >> >>> >>> >> >> >>> >>> >> 15 Mar 2010 20:42:32,275 ERROR [http-8080-6] >> >>> >>> >> CardsServlet.error (CardsServlet.java:103) - Sorry, we >> >>> >>> >> could not process the OpenID request: The specified >> >>> >>> >> request failed >> >>> >>> >> >> >>> >>> >> AxisFault >> >>> >>> >> faultCode: >> >>> >>> >> {http://schemas.xmlsoap.org/ws/2005/02/trust}wstRequestFailed >> >>> >>> >> faultSubcode: faultString: The specified request failed >> >>> >>> >> faultActor: STS >> >>> >>> >> faultNode: >> >>> >>> >> faultDetail: >> >>> >>> >> {http://xml.apache.org/axis/}hostname:salmond >> >>> >>> >> >> >>> >>> >> When I try to send a card that uses a Self Signed SAML >> >>> >>> >> Token, I get: org.eclipse.higgins.iss.ISSException: Cannot >> >>> >>> >> find the Personal card used to authenticate for this >> >>> >>> >> managed card. >> >>> >>> >> >> >>> >>> >> When logging with the card selector, I've also got this >> >>> >>> >> error, but I don't know if it's relevant or not since it >> >>> >>> >> does not prevent any actions. >> >>> >>> >> >> >>> >>> >> 15 Mar 2010 20:48:16,075 ERROR [http-8443-1] >> >>> >>> >> ICardSelectorService.getICardSelector >> >>> >>> >> (ICardSelectorService.java:148) >> >>> >>> >> - org.eclipse.higgins.iss.PolicyParseException: Can not >> >>> >>> >> parse password managed policy. Root element is not >> >>> >>> >> PwmPolicy >> >>> >>> >> >> >>> >>> >> 15 Mar 2010 20:48:16,121 ERROR [http-8443-1] >> >>> >>> >> ConfigurationHandler.omFromFile >> >>> >>> >> (ConfigurationHandler.java:180) - >> >>> >>> >> java.io.FileNotFoundException: >> >>> >>> >> /home/jtellier/tomcat/apache-tomcat-6.0.24_sts_cloudselector_rp_cardsync/webapps/TokenService/ConfigurationFiles/ProvidersConfiguration.xml >> >>> >>> >> (No such file or directory) >> >>> >>> >> >> >>> >>> >> 15 Mar 2010 20:48:16,121 ERROR [http-8443-1] >> >>> >>> >> ConfigurationHandler.configure >> >>> >>> >> (ConfigurationHandler.java:288) >> >>> >>> >> - >> >>> >>> >> /home/jtellier/tomcat/apache-tomcat-6.0.24_sts_cloudselector_rp_cardsync/webapps/TokenService/ConfigurationFiles/ProvidersConfiguration.xml >> >>> >>> >> (No such file or directory) >> >>> >>> >> >> >>> >>> >> What is this "ProvidersConfiguration.xml" file? I could not >> >>> >>> >> find any reference to it anywhere. >> >>> >>> >> >> >>> >>> >> Finally, when configuring my deployment, I've had to >> >>> >>> >> comment out references to some classes in the >> >>> >>> >> "ClientConfiguration.xml" file. I've had to comment >> >>> >>> >> references to >> >>> >>> >> "org.eclipse.higgins.configuration.xml.ContextFactoryHandler" >> >>> >>> >> and >> >>> >>> >> "org.eclipse.higgins.configuration.xml.IdentityAttributeServiceHandler" >> >>> >>> >> because they don't seem to be present in B-1-1M7 and to >> >>> >>> >> "org.eclipse.higgins.sts.client.MetadataExchangeServiceFactory" >> >>> >>> >> because the instance returned was always null. Could this >> >>> >>> >> be related to the problems I'm encountering when trying to >> >>> >>> >> send cards? >> >>> >>> >> >> >>> >>> >> I would like to provide more information regarding those >> >>> >>> >> errors, but I don't really understand them... So if any of >> >>> >>> >> you has any ideas about the cause of those errors, please >> >>> >>> >> share them because at this point, any help would be gladly >> >>> >>> >> appreciated. >> >>> >>> >> >> >>> >>> >> Thanks, >> >>> >>> >> Jonathan >> >>> >>> >> >> >>> >>> > >> >>> >>> _______________________________________________ >> >>> >>> higgins-dev mailing list >> >>> >>> [email protected] >> >>> >>> https://dev.eclipse.org/mailman/listinfo/higgins-dev >> >>> >>> >> >>> >> >> >>> >> >> >>> >> >> >>> > >> >> >> >> >> >> _______________________________________________ >> >> higgins-dev mailing list >> >> [email protected] >> >> https://dev.eclipse.org/mailman/listinfo/higgins-dev >> >> >> > > > >
catalina.out
Description: Binary data
_______________________________________________ higgins-dev mailing list [email protected] https://dev.eclipse.org/mailman/listinfo/higgins-dev
