You always know the answer :). Ok, I've changed the WS-TRUST version that Geneva was using in the Passive STS, so it is now generating this message.
<t:RequestSecurityTokenResponse Context="s2cd9f16167cabfa87c3aaa22457820ed00240cfd4" xmlns:t="http://schemas.xmlsoap.org/ws/2005/02/trust";> <t:Lifetime> <wsu:Created xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>2009-11-11T18:01:43.192Z</wsu:Created> <wsu:Expires xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>2009-11-12T04:01:43.192Z</wsu:Expires> </t:Lifetime> <z:ReplyTo xmlns:z="http://schemas.microsoft.com/ws/2008/06/identity";>https://sp.stonehenge.com:8180/opensso/WSFederationServlet/metaAlias/Fedsp</z:ReplyTo> <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";> <EndpointReference xmlns="http://www.w3.org/2005/08/addressing";> <Address>https://sp.stonehenge.com:8180/opensso/WSFederationServlet/metaAlias/Fedsp</Address> </EndpointReference> </wsp:AppliesTo> <t:RequestedSecurityToken> <saml:Assertion MajorVersion="1" MinorVersion="1" AssertionID="_488ad180-6478-416e-8a61-c879f8a75a4d" Issuer="PassiveSTS" IssueInstant="2009-11-11T18:01:43.195Z" xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> <saml:Conditions NotBefore="2009-11-11T18:01:43.192Z" NotOnOrAfter="2009-11-12T04:01:43.192Z"> <saml:AudienceRestrictionCondition> <saml:Audience>https://sp.stonehenge.com:8180/opensso/WSFederationServlet/metaAlias/Fedsp</saml:Audience> </saml:AudienceRestrictionCondition> </saml:Conditions> <saml:AttributeStatement> <saml:Subject> <saml:NameIdentifier Format="http://schemas.xmlsoap.org/claims/UPN";>uid:[email protected]</saml:NameIdentifier> <saml:SubjectConfirmation> <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod> </saml:SubjectConfirmation> </saml:Subject> <saml:Attribute AttributeName="role" AttributeNamespace="http://microsoft";> <saml:AttributeValue>staff</saml:AttributeValue> </saml:Attribute> </saml:AttributeStatement> <saml:AuthenticationStatement AuthenticationMethod="http://microsoft/geneva"; AuthenticationInstant="2009-11-11T18:01:43.195Z"> <saml:Subject> <saml:NameIdentifier Format="http://schemas.xmlsoap.org/claims/UPN";>uid:[email protected]</saml:NameIdentifier> <saml:SubjectConfirmation> <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod> </saml:SubjectConfirmation> </saml:Subject> </saml:AuthenticationStatement> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> <ds:SignedInfo> <ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; /> <ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"; /> <ds:Reference URI="#_488ad180-6478-416e-8a61-c879f8a75a4d"> <ds:Transforms> <ds:Transform Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"; /> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; /> </ds:Transforms> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; /> <ds:DigestValue>u2bSngQA1SOIyYglfZs8bXMZ19c=</ds:DigestValue> </ds:Reference> </ds:SignedInfo> <ds:SignatureValue>JT55FJhCtjnisHzF75UY6JwA01Y7lkZM5qxFJGLZi7s7/B7PBKGyjleF7sa3M5RkhNODjbg4PfjWMVZEG5xITciFk95P86BS8CqxJJCjOz4YkjqPTX6kRROe2RNgI6WaWnFDuCPuS+Wuc/mkWqtLrss0lXY311BfrI/saX7n7t4=</ds:SignatureValue> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";> <X509Data> <X509Certificate>MIIB8DCCAVmgAwIBAgIQblTMtVPsaJNFRKtH3ePDszANBgkqhkiG9w0BAQQFADASMRAwDgYDVQQDEwdCU0wuQ29tMB4XDTA4MDUyMTA0NDgxNVoXDTM5MTIzMTIzNTk1OVowEjEQMA4GA1UEAxMHQlNMLkNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArai/gNTS+dU4GvMSB5VfkFL1e5ielRhgtnWJ70Xpl51ABksTFkpRNcLDo56sdXtnk3sKEGWe2QeQ1uoBo0bN7aQTsHCNjuT5K/YD4/y2j+oeRESrz905mJ4owW08MnxkhUzpa6+iPGq0l3TdZaG0GHuuky6wEWe3Chc0hdwCdv0CAwEAAaNHMEUwQwYDVR0BBDwwOoAQcMZu+2G/jyh39/5QO/5nIKEUMBIxEDAOBgNVBAMTB0JTTC5Db22CEG5UzLVT7GiTRUSrR93jw7MwDQYJKoZIhvcNAQEEBQADgYEApc0gYQl50mS2RklQnoCpRX/wEfdwhNIQXcMj/6eqcf9Ul6623Ge2jDNMgQesLAK+rp+kKFqgL6F4odrqxY1u00QvUPQi9LLjWBUi1xAiNnd9lBwmD7z4ITsxhU40/ON+GVIHJ1CbeWvTwE5TaFyCP6uRSDX1Ojv+tovYt6X5Y4w=</X509Certificate> </X509Data> </KeyInfo> </ds:Signature> </saml:Assertion> </t:RequestedSecurityToken> <t:RequestedAttachedReference> <o:SecurityTokenReference xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";> <o:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID";>_488ad180-6478-416e-8a61-c879f8a75a4d</o:KeyIdentifier> </o:SecurityTokenReference> </t:RequestedAttachedReference> <t:RequestedUnattachedReference> <o:SecurityTokenReference xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";> <o:KeyIdentifier ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID";>_488ad180-6478-416e-8a61-c879f8a75a4d</o:KeyIdentifier> </o:SecurityTokenReference> </t:RequestedUnattachedReference> <t:TokenType>urn:oasis:names:tc:SAML:1.0:assertion</t:TokenType> <t:RequestType>http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</t:RequestType> <t:KeyType>http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey</t:KeyType> </t:RequestSecurityTokenResponse> I am now getting the following exception in OpenSSO, #|2009-11-11T14:01:46.422-0400|WARNING|sun-appserver9.1|javax.enterprise.system.stream.err|_ThreadID=16;_ThreadName=httpSSLWorkerThread-8180-0;_RequestID=8395b912-1787-4a81-8b2d-80ee5efa0a75;| java.lang.NullPointerException at com.sun.identity.wsfederation.profile.RequestSecurityTokenResponse.<init>(RequestSecurityTokenResponse.java:126) at com.sun.identity.wsfederation.profile.RequestSecurityTokenResponse.parseXML(RequestSecurityTokenResponse.java:159) at com.sun.identity.wsfederation.servlet.RPSigninResponse.process(RPSigninResponse.java:101) at com.sun.identity.wsfederation.servlet.WSFederationServlet.doPost(WSFederationServlet.java:107) at javax.servlet.http.HttpServlet.service(HttpServlet.java:738) at javax.servlet.http.HttpServlet.service(HttpServlet.java:831) at org.apache.catalina.core.ApplicationFilterChain.servletService(ApplicationFilterChain.java:411) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:317) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:198) at com.sun.identity.setup.AMSetupFilter.doFilter(AMSetupFilter.java:91) at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:230) at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:198) at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:288) at org.apache.catalina.core.StandardContextValve.invokeInternal(StandardContextValve.java:271) at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:202) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577) at com.sun.enterprise.web.WebPipeline.invoke(WebPipeline.java:94) at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:206) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080) at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:150) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:632) at org.apache.catalina.core.StandardPipeline.doInvoke(StandardPipeline.java:577) at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:571) at org.apache.catalina.core.ContainerBase.invoke(ContainerBase.java:1080) at org.apache.coyote.tomcat5.CoyoteAdapter.service(CoyoteAdapter.java:272) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.invokeAdapter(DefaultProcessorTask.java:637) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.doProcess(DefaultProcessorTask.java:568) at com.sun.enterprise.web.connector.grizzly.DefaultProcessorTask.process(DefaultProcessorTask.java:813) at com.sun.enterprise.web.connector.grizzly.DefaultReadTask.executeProcessorTask(DefaultReadTask.java:341) at com.sun.enterprise.web.connector.grizzly.ssl.SSLReadTask.process(SSLReadTask.java:440) at com.sun.enterprise.web.connector.grizzly.ssl.SSLReadTask.doTask(SSLReadTask.java:228) at com.sun.enterprise.web.connector.grizzly.TaskBase.run(TaskBase.java:265) at com.sun.enterprise.web.connector.grizzly.ssl.SSLWorkerThread.run(SSLWorkerThread.java:106) |#] It looks like Geneva is generating something that OpenSSO does not know how to parse or something like that. I initially thought that the addressing version in the AppliesTo element could be the issue as OpenSSO is using an older versio, so I changed that, but it did not work. Any clue about what could be wrong in the message ? Thanks Pablo. -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Tuesday, November 10, 2009 8:52 PM To: [email protected] Subject: Re: Fifth interop test between Metro and .NET The version of ws-federation passive profile supported in OpenSSO is before 1.1. So no RequestSecurityTokenResponseCollection with xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512"; ;-) . Is it possible to configure .Net Passive STS to create <wst:RequestSecurityTokenResponse xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust";> Thanks! Jiandong Pablo Cibraro wrote: Pablo Cibraro wrote: > Mmm, no. The only info about errors I could find was in this folder > opensso\log\WSFederation.error. This file contains a single line with the > WS-Trust message that the .NET passive STS is generating, > > These are the redirections I am getting, > > 1. Trader client makes an Http GET to > https://sp.stonehenge.com:8080/WSFederationServlet/metaAlias/Fedsp?goto=http://apps.stonehenge.com:1316/trader_client > 2. OpenSSO makes an Http GET to http://localhost/trade_identity ? All the > WSTrust parameters (This is the .NET passive STS) > 3. The .NET passive STS generates a form with action = > "https://sp.stonehenge.com:8080/WSFederationServlet/metaAlias/Fedsp"; > > This is the WS-TRUST message > > <trust:RequestSecurityTokenResponseCollection > xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512";> > <trust:RequestSecurityTokenResponse > Context="s2ceec7ad41fed61267f0f72c9557b77046c98ef7c"> > <trust:Lifetime> > <wsu:Created > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>2009-11-10T22:59:28.543Z</wsu:Created> > <wsu:Expires > xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";>2009-11-11T08:59:28.543Z</wsu:Expires> > </trust:Lifetime> > <z:ReplyTo > xmlns:z="http://schemas.microsoft.com/ws/2008/06/identity";>https://sp.stonehenge.com:8180/opensso/WSFederationServlet/metaAlias/Fedsp</z:ReplyTo> > <wsp:AppliesTo xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy";> > <EndpointReference xmlns="http://www.w3.org/2005/08/addressing";> > > <Address>https://sp.stonehenge.com:8180/opensso/WSFederationServlet/metaAlias/Fedsp</Address> > </EndpointReference> > </wsp:AppliesTo> > <trust:RequestedSecurityToken> > <saml:Assertion MajorVersion="1" MinorVersion="1" > AssertionID="_560fe2f7-f0c9-418b-8e74-4145f5c37b7b" Issuer="PassiveSTS" > IssueInstant="2009-11-10T22:59:28.544Z" > xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> > <saml:Conditions NotBefore="2009-11-10T22:59:28.543Z" > NotOnOrAfter="2009-11-11T08:59:28.543Z"> > <saml:AudienceRestrictionCondition> > > <saml:Audience>https://sp.stonehenge.com:8180/opensso/WSFederationServlet/metaAlias/Fedsp</saml:Audience> > </saml:AudienceRestrictionCondition> > </saml:Conditions> > <saml:AttributeStatement> > <saml:Subject> > <saml:NameIdentifier > Format="http://schemas.xmlsoap.org/claims/UPN";>uid:[email protected]</saml:NameIdentifier> > <saml:SubjectConfirmation> > > <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod> > </saml:SubjectConfirmation> > </saml:Subject> > <saml:Attribute AttributeName="role" > AttributeNamespace="http://microsoft";> > <saml:AttributeValue>staff</saml:AttributeValue> > </saml:Attribute> > </saml:AttributeStatement> > <saml:AuthenticationStatement > AuthenticationMethod="http://microsoft/geneva"; > AuthenticationInstant="2009-11-10T22:59:28.543Z"> > <saml:Subject> > <saml:NameIdentifier > Format="http://schemas.xmlsoap.org/claims/UPN";>uid:[email protected]</saml:NameIdentifier> > <saml:SubjectConfirmation> > > <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod> > </saml:SubjectConfirmation> > </saml:Subject> > </saml:AuthenticationStatement> > <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> > <ds:SignedInfo> > <ds:CanonicalizationMethod > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; /> > <ds:SignatureMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"; /> > <ds:Reference URI="#_560fe2f7-f0c9-418b-8e74-4145f5c37b7b"> > <ds:Transforms> > <ds:Transform > Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"; /> > <ds:Transform > Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; /> > </ds:Transforms> > <ds:DigestMethod > Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; /> > <ds:DigestValue>Bt97jrvwGHD7YYHGIrzseAERLz0=</ds:DigestValue> > </ds:Reference> > </ds:SignedInfo> > > <ds:SignatureValue>DUWVbsicStAEAAjKECn6txzxY3R/Xqac69haLQnhiE7nzvDD40rQ9yME25+8f4mbyOSlQqM6t8gI+CD6wOOUIZHuCOGZw7FA/KLbhIVFhJfPbzeGqEXcrcplhhbHCiUDC0V5Dt8tRFJZEOIrb3Ytha9j+yOwwB9UJdZl63E2lMA=</ds:SignatureValue> > <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";> > <X509Data> > > <X509Certificate>MIIB8DCCAVmgAwIBAgIQblTMtVPsaJNFRKtH3ePDszANBgkqhkiG9w0BAQQFADASMRAwDgYDVQQDEwdCU0wuQ29tMB4XDTA4MDUyMTA0NDgxNVoXDTM5MTIzMTIzNTk1OVowEjEQMA4GA1UEAxMHQlNMLkNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArai/gNTS+dU4GvMSB5VfkFL1e5ielRhgtnWJ70Xpl51ABksTFkpRNcLDo56sdXtnk3sKEGWe2QeQ1uoBo0bN7aQTsHCNjuT5K/YD4/y2j+oeRESrz905mJ4owW08MnxkhUzpa6+iPGq0l3TdZaG0GHuuky6wEWe3Chc0hdwCdv0CAwEAAaNHMEUwQwYDVR0BBDwwOoAQcMZu+2G/jyh39/5QO/5nIKEUMBIxEDAOBgNVBAMTB0JTTC5Db22CEG5UzLVT7GiTRUSrR93jw7MwDQYJKoZIhvcNAQEEBQADgYEApc0gYQl50mS2RklQnoCpRX/wEfdwhNIQXcMj/6eqcf9Ul6623Ge2jDNMgQesLAK+rp+kKFqgL6F4odrqxY1u00QvUPQi9LLjWBUi1xAiNnd9lBwmD7z4ITsxhU40/ON+GVIHJ1CbeWvTwE5TaFyCP6uRSDX1Ojv+tovYt6X5Y4w=</X509Certificate> > </X509Data> > </KeyInfo> > </ds:Signature> > </saml:Assertion> > </trust:RequestedSecurityToken> > <trust:RequestedAttachedReference> > <o:SecurityTokenReference > xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";> > <o:KeyIdentifier > ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID";>_560fe2f7-f0c9-418b-8e74-4145f5c37b7b</o:KeyIdentifier> > </o:SecurityTokenReference> > </trust:RequestedAttachedReference> > <trust:RequestedUnattachedReference> > <o:SecurityTokenReference > xmlns:o="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";> > <o:KeyIdentifier > ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID";>_560fe2f7-f0c9-418b-8e74-4145f5c37b7b</o:KeyIdentifier> > </o:SecurityTokenReference> > </trust:RequestedUnattachedReference> > <trust:TokenType>urn:oasis:names:tc:SAML:1.0:assertion</trust:TokenType> > > <trust:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</trust:RequestType> > > <trust:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Bearer</trust:KeyType> > </trust:RequestSecurityTokenResponse> > </trust:RequestSecurityTokenResponseCollection> > > The only error I am getting in OpenSSO is HTTP Status 403 (Access Denied to > the specified resource) after the form with the WS-TRUST message is posted. > > Do you see something strange in the WS-TRUST message ? > > Thanks > Pablo. > > > -----Original Message----- > From: [email protected] [mailto:[email protected]] > Sent: Tuesday, November 10, 2009 6:13 PM > To: [email protected] > Subject: Re: Fifth interop test between Metro and .NET > > Pablo Cibraro wrote: > >> Thanks. The metro client is now calling the .NET passive STS, and this one >> is returning a SAML token to the OpenSSO sp. >> > Great! > >> The OpenSSO sp is throwing an with the following details, >> >> > The following exceptions should not be relevant. > > Do you see any other information in the server log for sp? > Or check the opensso debug files in the config directory, e.g. > C:\Documents and Settings\manveen\opensso\sp\opensso\debug. > > Thanks! > > Jiandong > >> [#|2009-11-10T14:00:44.647-0400|SEVERE|sun-appserver9.1|com.sun.xml.ws.wspolicy.PolicyWSDLParserExtension|_ThreadID=10;_ThreadName=main;_RequestID=570cda77-1918-4cbe-b3c6-13f1b82a2033;|WSP1007: >> Policy exception occured when finishing WSDL parsing. >> com.sun.xml.ws.policy.PolicyException: WSP0071: Multiple policy assertion >> creators try to register for namespace >> 'http://schemas.xmlsoap.org/ws/2005/02/rm/policy'. Old creator`s class: >> 'com.sun.xml.ws.rx.policy.spi_impl.RxAssertionCreator', new creator`s class: >> 'com.sun.xml.ws.rm.policy.spi_impl.RmAssertionCreator'. >> at >> com.sun.xml.ws.policy.sourcemodel.PolicyModelTranslator.<init>(PolicyModelTranslator.java:184) >> at >> com.sun.xml.ws.api.policy.ModelTranslator.<init>(ModelTranslator.java:81) >> at >> com.sun.xml.ws.api.policy.ModelTranslator.<clinit>(ModelTranslator.java:70) >> at >> com.sun.xml.ws.policy.BuilderHandler.getPolicies(BuilderHandler.java:97) >> at >> com.sun.xml.ws.policy.BuilderHandler.getPolicySubjects(BuilderHandler.java:105) >> at >> com.sun.xml.ws.policy.BuilderHandlerEndpointScope.doPopulate(BuilderHandlerEndpointScope.java:67) >> at >> com.sun.xml.ws.policy.BuilderHandler.populate(BuilderHandler.java:77) >> at >> com.sun.xml.ws.policy.PolicyMapBuilder.getNewPolicyMap(PolicyMapBuilder.java:103) >> at >> com.sun.xml.ws.policy.PolicyMapBuilder.getPolicyMap(PolicyMapBuilder.java:85) >> at >> com.sun.xml.ws.policy.PolicyWSDLParserExtension.postFinished(PolicyWSDLParserExtension.java:955) >> at >> com.sun.xml.ws.wsdl.parser.DelegatingParserExtension.postFinished(DelegatingParserExtension.java:187) >> at >> com.sun.xml.ws.wsdl.parser.WSDLParserExtensionFacade.postFinished(WSDLParserExtensionFacade.java:334) >> at >> com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:262) >> at >> com.sun.xml.ws.server.EndpointFactory.getWSDLPort(EndpointFactory.java:531) >> at >> com.sun.xml.ws.server.EndpointFactory.createEndpoint(EndpointFactory.java:174) >> at com.sun.xml.ws.api.server.WSEndpoint.create(WSEndpoint.java:505) >> at >> com.sun.xml.ws.transport.http.DeploymentDescriptorParser.parseAdapters(DeploymentDescriptorParser.java:253) >> at >> com.sun.xml.ws.transport.http.DeploymentDescriptorParser.parse(DeploymentDescriptorParser.java:147) >> at >> com.sun.xml.ws.transport.http.servlet.WSServletContextListener.contextInitialized(WSServletContextListener.java:124) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >> at java.lang.reflect.Method.invoke(Method.java:597) >> at >> com.sun.identity.wss.sts.STSContextListener.contextInitialized(STSContextListener.java:107) >> at >> org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4523) >> at >> org.apache.catalina.core.StandardContext.start(StandardContext.java:5184) >> at com.sun.enterprise.web.WebModule.start(WebModule.java:326) >> at >> com.sun.enterprise.web.LifecycleStarter.doRun(LifecycleStarter.java:58) >> at >> com.sun.appserv.management.util.misc.RunnableBase.runSync(RunnableBase.java:304) >> at >> com.sun.appserv.management.util.misc.RunnableBase._submit(RunnableBase.java:176) >> at >> com.sun.appserv.management.util.misc.RunnableBase.submit(RunnableBase.java:192) >> at >> com.sun.enterprise.web.VirtualServer.startChildren(VirtualServer.java:1672) >> at >> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1231) >> at org.apache.catalina.core.StandardHost.start(StandardHost.java:955) >> at >> com.sun.enterprise.web.LifecycleStarter.doRun(LifecycleStarter.java:58) >> at >> com.sun.appserv.management.util.misc.RunnableBase.runSync(RunnableBase.java:304) >> at >> com.sun.appserv.management.util.misc.RunnableBase._submit(RunnableBase.java:176) >> at >> com.sun.appserv.management.util.misc.RunnableBase.submit(RunnableBase.java:192) >> at >> com.sun.enterprise.web.EmbeddedWebContainer$WebEngine.startChildren(EmbeddedWebContainer.java:453) >> at >> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1231) >> at >> org.apache.catalina.core.StandardEngine.start(StandardEngine.java:533) >> at org.apache.catalina.startup.Embedded.start(Embedded.java:936) >> at com.sun.enterprise.web.WebContainer.start(WebContainer.java:873) >> at >> com.sun.enterprise.web.PEWebContainer.startInstance(PEWebContainer.java:790) >> at >> com.sun.enterprise.web.PEWebContainerLifecycle.onStartup(PEWebContainerLifecycle.java:84) >> at >> com.sun.enterprise.server.ApplicationServer.onStartup(ApplicationServer.java:442) >> at >> com.sun.enterprise.server.ondemand.OnDemandServer.onStartup(OnDemandServer.java:120) >> at com.sun.enterprise.server.PEMain.run(PEMain.java:411) >> at com.sun.enterprise.server.PEMain.main(PEMain.java:338) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >> at java.lang.reflect.Method.invoke(Method.java:597) >> at com.sun.enterprise.server.PELaunch.main(PELaunch.java:412) >> |#] >> >> [#|2009-11-10T14:00:44.649-0400|SEVERE|sun-appserver9.1|com.sun.xml.ws.server.http|_ThreadID=10;_ThreadName=main;_RequestID=570cda77-1918-4cbe-b3c6-13f1b82a2033;|WSSERVLET11: >> failed to parse runtime descriptor: javax.xml.ws.WebServiceException: >> WSP1007: Policy exception occured when finishing WSDL parsing. >> javax.xml.ws.WebServiceException: WSP1007: Policy exception occured when >> finishing WSDL parsing. >> at >> com.sun.xml.ws.policy.PolicyWSDLParserExtension.postFinished(PolicyWSDLParserExtension.java:959) >> at >> com.sun.xml.ws.wsdl.parser.DelegatingParserExtension.postFinished(DelegatingParserExtension.java:187) >> at >> com.sun.xml.ws.wsdl.parser.WSDLParserExtensionFacade.postFinished(WSDLParserExtensionFacade.java:334) >> at >> com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:262) >> at >> com.sun.xml.ws.server.EndpointFactory.getWSDLPort(EndpointFactory.java:531) >> at >> com.sun.xml.ws.server.EndpointFactory.createEndpoint(EndpointFactory.java:174) >> at com.sun.xml.ws.api.server.WSEndpoint.create(WSEndpoint.java:505) >> at >> com.sun.xml.ws.transport.http.DeploymentDescriptorParser.parseAdapters(DeploymentDescriptorParser.java:253) >> at >> com.sun.xml.ws.transport.http.DeploymentDescriptorParser.parse(DeploymentDescriptorParser.java:147) >> at >> com.sun.xml.ws.transport.http.servlet.WSServletContextListener.contextInitialized(WSServletContextListener.java:124) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >> at java.lang.reflect.Method.invoke(Method.java:597) >> at >> com.sun.identity.wss.sts.STSContextListener.contextInitialized(STSContextListener.java:107) >> at >> org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4523) >> at >> org.apache.catalina.core.StandardContext.start(StandardContext.java:5184) >> at com.sun.enterprise.web.WebModule.start(WebModule.java:326) >> at >> com.sun.enterprise.web.LifecycleStarter.doRun(LifecycleStarter.java:58) >> at >> com.sun.appserv.management.util.misc.RunnableBase.runSync(RunnableBase.java:304) >> at >> com.sun.appserv.management.util.misc.RunnableBase._submit(RunnableBase.java:176) >> at >> com.sun.appserv.management.util.misc.RunnableBase.submit(RunnableBase.java:192) >> at >> com.sun.enterprise.web.VirtualServer.startChildren(VirtualServer.java:1672) >> at >> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1231) >> at org.apache.catalina.core.StandardHost.start(StandardHost.java:955) >> at >> com.sun.enterprise.web.LifecycleStarter.doRun(LifecycleStarter.java:58) >> at >> com.sun.appserv.management.util.misc.RunnableBase.runSync(RunnableBase.java:304) >> at >> com.sun.appserv.management.util.misc.RunnableBase._submit(RunnableBase.java:176) >> at >> com.sun.appserv.management.util.misc.RunnableBase.submit(RunnableBase.java:192) >> at >> com.sun.enterprise.web.EmbeddedWebContainer$WebEngine.startChildren(EmbeddedWebContainer.java:453) >> at >> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1231) >> at >> org.apache.catalina.core.StandardEngine.start(StandardEngine.java:533) >> at org.apache.catalina.startup.Embedded.start(Embedded.java:936) >> at com.sun.enterprise.web.WebContainer.start(WebContainer.java:873) >> at >> com.sun.enterprise.web.PEWebContainer.startInstance(PEWebContainer.java:790) >> at >> com.sun.enterprise.web.PEWebContainerLifecycle.onStartup(PEWebContainerLifecycle.java:84) >> at >> com.sun.enterprise.server.ApplicationServer.onStartup(ApplicationServer.java:442) >> at >> com.sun.enterprise.server.ondemand.OnDemandServer.onStartup(OnDemandServer.java:120) >> at com.sun.enterprise.server.PEMain.run(PEMain.java:411) >> at com.sun.enterprise.server.PEMain.main(PEMain.java:338) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >> at java.lang.reflect.Method.invoke(Method.java:597) >> at com.sun.enterprise.server.PELaunch.main(PELaunch.java:412) >> Caused by: com.sun.xml.ws.policy.PolicyException: WSP0071: Multiple policy >> assertion creators try to register for namespace >> 'http://schemas.xmlsoap.org/ws/2005/02/rm/policy'. Old creator`s class: >> 'com.sun.xml.ws.rx.policy.spi_impl.RxAssertionCreator', new creator`s class: >> 'com.sun.xml.ws.rm.policy.spi_impl.RmAssertionCreator'. >> at >> com.sun.xml.ws.policy.sourcemodel.PolicyModelTranslator.<init>(PolicyModelTranslator.java:184) >> at >> com.sun.xml.ws.api.policy.ModelTranslator.<init>(ModelTranslator.java:81) >> at >> com.sun.xml.ws.api.policy.ModelTranslator.<clinit>(ModelTranslator.java:70) >> at >> com.sun.xml.ws.policy.BuilderHandler.getPolicies(BuilderHandler.java:97) >> at >> com.sun.xml.ws.policy.BuilderHandler.getPolicySubjects(BuilderHandler.java:105) >> at >> com.sun.xml.ws.policy.BuilderHandlerEndpointScope.doPopulate(BuilderHandlerEndpointScope.java:67) >> at >> com.sun.xml.ws.policy.BuilderHandler.populate(BuilderHandler.java:77) >> at >> com.sun.xml.ws.policy.PolicyMapBuilder.getNewPolicyMap(PolicyMapBuilder.java:103) >> at >> com.sun.xml.ws.policy.PolicyMapBuilder.getPolicyMap(PolicyMapBuilder.java:85) >> at >> com.sun.xml.ws.policy.PolicyWSDLParserExtension.postFinished(PolicyWSDLParserExtension.java:955) >> ... 44 more >> |#] >> >> [#|2009-11-10T14:00:44.655-0400|WARNING|sun-appserver9.1|javax.enterprise.system.stream.err|_ThreadID=10;_ThreadName=main;_RequestID=570cda77-1918-4cbe-b3c6-13f1b82a2033;|java.lang.reflect.InvocationTargetException >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >> at java.lang.reflect.Method.invoke(Method.java:597) >> at >> com.sun.identity.wss.sts.STSContextListener.contextInitialized(STSContextListener.java:107) >> at >> org.apache.catalina.core.StandardContext.listenerStart(StandardContext.java:4523) >> at >> org.apache.catalina.core.StandardContext.start(StandardContext.java:5184) >> at com.sun.enterprise.web.WebModule.start(WebModule.java:326) >> at >> com.sun.enterprise.web.LifecycleStarter.doRun(LifecycleStarter.java:58) >> at >> com.sun.appserv.management.util.misc.RunnableBase.runSync(RunnableBase.java:304) >> at >> com.sun.appserv.management.util.misc.RunnableBase._submit(RunnableBase.java:176) >> at >> com.sun.appserv.management.util.misc.RunnableBase.submit(RunnableBase.java:192) >> at >> com.sun.enterprise.web.VirtualServer.startChildren(VirtualServer.java:1672) >> at >> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1231) >> at org.apache.catalina.core.StandardHost.start(StandardHost.java:955) >> at >> com.sun.enterprise.web.LifecycleStarter.doRun(LifecycleStarter.java:58) >> at >> com.sun.appserv.management.util.misc.RunnableBase.runSync(RunnableBase.java:304) >> at >> com.sun.appserv.management.util.misc.RunnableBase._submit(RunnableBase.java:176) >> at >> com.sun.appserv.management.util.misc.RunnableBase.submit(RunnableBase.java:192) >> at >> com.sun.enterprise.web.EmbeddedWebContainer$WebEngine.startChildren(EmbeddedWebContainer.java:453) >> at >> org.apache.catalina.core.ContainerBase.start(ContainerBase.java:1231) >> at >> org.apache.catalina.core.StandardEngine.start(StandardEngine.java:533) >> at org.apache.catalina.startup.Embedded.start(Embedded.java:936) >> at com.sun.enterprise.web.WebContainer.start(WebContainer.java:873) >> at >> com.sun.enterprise.web.PEWebContainer.startInstance(PEWebContainer.java:790) >> at >> com.sun.enterprise.web.PEWebContainerLifecycle.onStartup(PEWebContainerLifecycle.java:84) >> at >> com.sun.enterprise.server.ApplicationServer.onStartup(ApplicationServer.java:442) >> at >> com.sun.enterprise.server.ondemand.OnDemandServer.onStartup(OnDemandServer.java:120) >> at com.sun.enterprise.server.PEMain.run(PEMain.java:411) >> at com.sun.enterprise.server.PEMain.main(PEMain.java:338) >> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) >> at >> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39) >> at >> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25) >> at java.lang.reflect.Method.invoke(Method.java:597) >> at com.sun.enterprise.server.PELaunch.main(PELaunch.java:412) >> Caused by: com.sun.xml.ws.transport.http.servlet.WSServletException: >> WSSERVLET11: failed to parse runtime descriptor: >> javax.xml.ws.WebServiceException: WSP1007: Policy exception occured when >> finishing WSDL parsing. >> at >> com.sun.xml.ws.transport.http.servlet.WSServletContextListener.contextInitialized(WSServletContextListener.java:139) >> ... 35 more >> Caused by: javax.xml.ws.WebServiceException: WSP1007: Policy exception >> occured when finishing WSDL parsing. >> at >> com.sun.xml.ws.policy.PolicyWSDLParserExtension.postFinished(PolicyWSDLParserExtension.java:959) >> at >> com.sun.xml.ws.wsdl.parser.DelegatingParserExtension.postFinished(DelegatingParserExtension.java:187) >> at >> com.sun.xml.ws.wsdl.parser.WSDLParserExtensionFacade.postFinished(WSDLParserExtensionFacade.java:334) >> at >> com.sun.xml.ws.wsdl.parser.RuntimeWSDLParser.parse(RuntimeWSDLParser.java:262) >> at >> com.sun.xml.ws.server.EndpointFactory.getWSDLPort(EndpointFactory.java:531) >> at >> com.sun.xml.ws.server.EndpointFactory.createEndpoint(EndpointFactory.java:174) >> at com.sun.xml.ws.api.server.WSEndpoint.create(WSEndpoint.java:505) >> at >> com.sun.xml.ws.transport.http.DeploymentDescriptorParser.parseAdapters(DeploymentDescriptorParser.java:253) >> at >> com.sun.xml.ws.transport.http.DeploymentDescriptorParser.parse(DeploymentDescriptorParser.java:147) >> at >> com.sun.xml.ws.transport.http.servlet.WSServletContextListener.contextInitialized(WSServletContextListener.java:124) >> ... 35 more >> Caused by: com.sun.xml.ws.policy.PolicyException: WSP0071: Multiple policy >> assertion creators try to register for namespace >> 'http://schemas.xmlsoap.org/ws/2005/02/rm/policy'. Old creator`s class: >> 'com.sun.xml.ws.rx.policy.spi_impl.RxAssertionCreator', new creator`s class: >> 'com.sun.xml.ws.rm.policy.spi_impl.RmAssertionCreator'. >> at >> com.sun.xml.ws.policy.sourcemodel.PolicyModelTranslator.<init>(PolicyModelTranslator.java:184) >> at >> com.sun.xml.ws.api.policy.ModelTranslator.<init>(ModelTranslator.java:81) >> at >> com.sun.xml.ws.api.policy.ModelTranslator.<clinit>(ModelTranslator.java:70) >> at >> com.sun.xml.ws.policy.BuilderHandler.getPolicies(BuilderHandler.java:97) >> at >> com.sun.xml.ws.policy.BuilderHandler.getPolicySubjects(BuilderHandler.java:105) >> at >> com.sun.xml.ws.policy.BuilderHandlerEndpointScope.doPopulate(BuilderHandlerEndpointScope.java:67) >> at >> com.sun.xml.ws.policy.BuilderHandler.populate(BuilderHandler.java:77) >> at >> com.sun.xml.ws.policy.PolicyMapBuilder.getNewPolicyMap(PolicyMapBuilder.java:103) >> at >> com.sun.xml.ws.policy.PolicyMapBuilder.getPolicyMap(PolicyMapBuilder.java:85) >> at >> com.sun.xml.ws.policy.PolicyWSDLParserExtension.postFinished(PolicyWSDLParserExtension.java:955) >> ... 44 more >> |#] >> >> This is the SAML token the passive STS is generating, >> >> <saml:Assertion MajorVersion="1" MinorVersion="1" >> AssertionID="_fa555580-fcac-4baa-9d10-e5b2dd64679c" Issuer="PassiveSTS" >> IssueInstant="2009-11-10T17:24:58.844Z" >> xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"> >> <saml:Conditions NotBefore="2009-11-10T17:24:58.342Z" >> NotOnOrAfter="2009-11-11T03:24:58.342Z"> >> <saml:AudienceRestrictionCondition> >> >> <saml:Audience>https://sp.stonehenge.com:8180/opensso/WSFederationServlet/metaAlias/Fedsp</saml:Audience> >> </saml:AudienceRestrictionCondition> >> </saml:Conditions> >> <saml:AttributeStatement> >> <saml:Subject> >> <saml:NameIdentifier >> Format="http://schemas.xmlsoap.org/claims/UPN";>uid:[email protected]</saml:NameIdentifier> >> <saml:SubjectConfirmation> >> >> <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod> >> </saml:SubjectConfirmation> >> </saml:Subject> >> <saml:Attribute AttributeName="role" >> AttributeNamespace="http://microsoft";> >> <saml:AttributeValue>staff</saml:AttributeValue> >> </saml:Attribute> >> </saml:AttributeStatement> >> <saml:AuthenticationStatement >> AuthenticationMethod="http://microsoft/geneva"; >> AuthenticationInstant="2009-11-10T17:24:58.844Z"> >> <saml:Subject> >> <saml:NameIdentifier >> Format="http://schemas.xmlsoap.org/claims/UPN";>uid:[email protected]</saml:NameIdentifier> >> <saml:SubjectConfirmation> >> >> <saml:ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:bearer</saml:ConfirmationMethod> >> </saml:SubjectConfirmation> >> </saml:Subject> >> </saml:AuthenticationStatement> >> <ds:Signature xmlns:ds="http://www.w3.org/2000/09/xmldsig#";> >> <ds:SignedInfo> >> <ds:CanonicalizationMethod >> Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; /> >> <ds:SignatureMethod >> Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"; /> >> <ds:Reference URI="#_fa555580-fcac-4baa-9d10-e5b2dd64679c"> >> <ds:Transforms> >> <ds:Transform >> Algorithm="http://www.w3.org/2000/09/xmldsig#enveloped-signature"; /> >> <ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; >> /> >> </ds:Transforms> >> <ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; >> /> >> <ds:DigestValue>cHUIIGuyRrYhtBJP3euTVomdwZc=</ds:DigestValue> >> </ds:Reference> >> </ds:SignedInfo> >> >> <ds:SignatureValue>FevVLUpP6BHExpoxwbENlBCJZflNNY6Av6R2y2Lm9kD0MKJn+WXx82sZdWWg/7VihoKrZomU4q/S6MJWplP3yXB4CM++/vcJns/yvjQPJZdtzfFHanzgStCQr7+ULK3TZYqJhcAHL34bHBo/Xnza58Yb7lU/iAKr1Q6OcBcM4Gk=</ds:SignatureValue> >> <KeyInfo xmlns="http://www.w3.org/2000/09/xmldsig#";> >> <X509Data> >> >> <X509Certificate>MIIB8DCCAVmgAwIBAgIQblTMtVPsaJNFRKtH3ePDszANBgkqhkiG9w0BAQQFADASMRAwDgYDVQQDEwdCU0wuQ29tMB4XDTA4MDUyMTA0NDgxNVoXDTM5MTIzMTIzNTk1OVowEjEQMA4GA1UEAxMHQlNMLkNvbTCBnzANBgkqhkiG9w0BAQEFAAOBjQAwgYkCgYEArai/gNTS+dU4GvMSB5VfkFL1e5ielRhgtnWJ70Xpl51ABksTFkpRNcLDo56sdXtnk3sKEGWe2QeQ1uoBo0bN7aQTsHCNjuT5K/YD4/y2j+oeRESrz905mJ4owW08MnxkhUzpa6+iPGq0l3TdZaG0GHuuky6wEWe3Chc0hdwCdv0CAwEAAaNHMEUwQwYDVR0BBDwwOoAQcMZu+2G/jyh39/5QO/5nIKEUMBIxEDAOBgNVBAMTB0JTTC5Db22CEG5UzLVT7GiTRUSrR93jw7MwDQYJKoZIhvcNAQEEBQADgYEApc0gYQl50mS2RklQnoCpRX/wEfdwhNIQXcMj/6eqcf9Ul6623Ge2jDNMgQesLAK+rp+kKFqgL6F4odrqxY1u00QvUPQi9LLjWBUi1xAiNnd9lBwmD7z4ITsxhU40/ON+GVIHJ1CbeWvTwE5TaFyCP6uRSDX1Ojv+tovYt6X5Y4w=</X509Certificate> >> </X509Data> >> </KeyInfo> >> </ds:Signature> >> </saml:Assertion> >> >> Do you know what could be the issue in opensso ?. >> >> Thanks in advance >> Pablo. >> >> -----Original Message----- >> From: [email protected] [mailto:[email protected]] >> Sent: Tuesday, November 10, 2009 5:55 AM >> To: [email protected] >> Subject: Re: Fifth interop test between Metro and .NET >> >> Hi Pablo, >> >> See inline ... >> >> Pablo Cibraro wrote: >> >> >>> Hi Jiandong, >>> >>> I need some of your help if it is possible to configure this scenario, >>> >>> Config Service -> Metro >>> Business Service - Metro >>> Passive STS -> .NET >>> Active STS -> Metro >>> Trader Client -> Metro >>> I have two questions for you, >>> >>> >>> 1. Is this the correct procedure to configure an external idp in >>> OpenSSO ? >>> >>> >>> >> Yes, the basic reference is >> https://opensso.dev.java.net/public/use/docs/opensso/pdf/WSFedHowTo.pdf. >> section 5 is about configure OpenSSO as SP with outside idp. >> >> >>> 2. How can I change the realm parameter to be an absolute URL (I >>> could not find a way to change this in the .xml files) >>> >>> >>> >> The TokenIssuerName in fedsp.xml according to the document above. >> >> Thanks! >> >> Jiandong >> >> >>> Thanks >>> Pablo. >>> >>> >>> >>> >>> >> >> >> > > >
