Looking for SAML Configuration

Wed, 14 Oct 2009 09:24:32 -0700 

Hi,

I am working now configuration with. I found this configuration in the internet 
and implemented saml in the demagoj example.


<bean id="wss4jOutConfiguration" 
class="org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor">
        <constructor-arg>
            <map>
                <entry key="action" value="SAMLTokenSigned" />
                <entry key="signatureKeyIdentifier" value="DirectReference" />
                <entry key="samlPropFile" value="saml.properties" />
            </map>
        </constructor-arg>
    </bean>


How I have to configure the server site?


log4j:WARN No appenders could be found for logger 
(org.springframework.context.support.ClassPathXmlApplicationContext).
log4j:WARN Please initialize the log4j system properly.
14.10.2009 18:09:23 org.apache.cxf.bus.spring.BusApplicationContext 
getConfigResources
INFO: No cxf.xml configuration file detected, relying on defaults.
14.10.2009 18:09:32 org.apache.cxf.service.factory.ReflectionServiceFactoryBean 
buildServiceFromClass
INFO: Creating Service {http://spring.demo/}HelloWorldService from class 
demo.spring.HelloWorld
14.10.2009 18:10:04 
org.apache.cxf.interceptor.LoggingOutInterceptor$LoggingCallback onClose
INFO: Outbound Message
---------------------------
ID: 1
Address: http://localhost:8080/cxf-tutorial/services/HelloWorldImplService
Encoding: UTF-8
Content-Type: text/xml
Headers: {SOAPAction=[""], Accept=[*/*]}
Payload: <soap:Envelope 
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";><soap:Header><wsse:Security
 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
 soap:mustUnderstand="1"><Assertion 
xmlns="urn:oasis:names:tc:SAML:1.0:assertion" 
xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" 
xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol" 
AssertionID="fed57a52f56145ec9c753fcb888e5024" 
IssueInstant="2009-10-14T16:09:59.937Z" Issuer="www.example.com" 
MajorVersion="1" MinorVersion="1"><AuthenticationStatement 
AuthenticationInstant="2009-10-14T16:09:46.796Z" 
AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password"><Subject><NameIdentifier
 
NameQualifier="www.example.com">uid=joe,ou=people,ou=saml-demo,o=example.com</NameIdentifier><SubjectConfirmation><ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</ConfirmationMethod></SubjectConfirmation></Subject></AuthenticationStatement></Assertion><wsse:SecurityTokenReference
 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
 wsu:Id="STRSAMLId-2C827BE4C1A23FB01412555366005624"><wsse:Reference 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
 URI="#fed57a52f56145ec9c753fcb888e5024" 
ValueType="http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.0#SAMLAssertionID";
 /></wsse:SecurityTokenReference><wsse:BinarySecurityToken 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
 
EncodingType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
 
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
 
wsu:Id="CertId-2C827BE4C1A23FB01412555366005623">MIIBozCCAQygAwIBAgIESqzPBTANBgkqhkiG9w0BAQUFADAWMRQwEgYDVQQDDAtyYW1lc2hfY2VydDAeFw0wOTA5MTMxMDUyNTNaFw0wOTEyMTIxMDUyNTNaMBYxFDASBgNVBAMMC3JhbWVzaF9jZXJ0MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQCY27O6DAC7FtJe2+TxFwgxY3xObYpWiRH8B0nPCSsAVqoMSzx/3Tvk26RwMtUggc6D0M99VSE+ovROjOQ7HN0YwUdhAQgz8EJ40So9/Q5mcWwWTUjDKhzyCkK8sJK00mH5elfQ0Vj8ha7F+rHqplRMStEy+HrnbjcyLzg3FRF6IwIDAQABMA0GCSqGSIb3DQEBBQUAA4GBADD6G96qjJ/RJGxMljTRvB8KdlQb+MYuZCACpDF9SrPpUl4eUSRW9WJ9XqP3VUpRVamgmAUV0fTjA8Y7JkSqOtHpt/DpvOhINTMfgrXhRgGSpsSrWBM22i1lNf3w7MPMpe3joNNZLgfmjE7duCk24bMd8x9z8uASEzVBMBkrc2nN</wsse:BinarySecurityToken><ds:Signature
 xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; Id="Signature-1">
<ds:SignedInfo>
<ds:CanonicalizationMethod Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; 
/>
<ds:SignatureMethod Algorithm="http://www.w3.org/2000/09/xmldsig#rsa-sha1"; />
<ds:Reference URI="#STRSAMLId-2C827BE4C1A23FB01412555366005624">
<ds:Transforms>
<ds:Transform 
Algorithm="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#STR-Transform";>
<wsse:TransformationParameters 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";><ds:CanonicalizationMethod
 xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; 
Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; 
/></wsse:TransformationParameters>
</ds:Transform>
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; />
<ds:DigestValue>GPVvY9HxtaS3T3H8VROgUuePwZ0=</ds:DigestValue>
</ds:Reference>
<ds:Reference URI="#id-2">
<ds:Transforms>
<ds:Transform Algorithm="http://www.w3.org/2001/10/xml-exc-c14n#"; />
</ds:Transforms>
<ds:DigestMethod Algorithm="http://www.w3.org/2000/09/xmldsig#sha1"; />
<ds:DigestValue>Uyq5J5RN77XpVgJbmxnwUlxUPkk=</ds:DigestValue>
</ds:Reference>
</ds:SignedInfo>
<ds:SignatureValue>
h0zYRsSG+nxL26ZGQcTIKsNyT7nain/GdAQVbi/G+WgbhfWtK6I+NcXuZsTTwy505aFH/10KxgFD
kjiXTaJAlvijf2wHYmQgT6Dx610+JHmV93Vh4Ju5f0Fhzd/U3zmJygwoAgMfLrFWRxbs5MdCnxzV
/L3LHcgCcGfbMZ1gAo0=
</ds:SignatureValue>
<ds:KeyInfo xmlns:ds="http://www.w3.org/2000/09/xmldsig#"; 
Id="KeyId-2C827BE4C1A23FB01412555366005001">
<wsse:SecurityTokenReference 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
 wsu:Id="STRId-2C827BE4C1A23FB01412555366005622"><wsse:Reference 
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
 URI="#CertId-2C827BE4C1A23FB01412555366005623" 
ValueType="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-x509-token-profile-1.0#X509v3";
 /></wsse:SecurityTokenReference>
</ds:KeyInfo>
</ds:Signature></wsse:Security></soap:Header><soap:Body 
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
 wsu:Id="id-2"><ns2:sayHi 
xmlns:ns2="http://spring.demo/";><arg0>Domagoj</arg0></ns2:sayHi></soap:Body></soap:Envelope>
--------------------------------------
14.10.2009 18:10:21 org.apache.cxf.interceptor.LoggingInInterceptor logging
INFO: Inbound Message
----------------------------
ID: 1
Encoding: UTF-8
Content-Type: text/xml;charset=UTF-8
Headers: {content-type=[text/xml;charset=UTF-8], connection=[close], Date=[Wed, 
14 Oct 2009 16:10:21 GMT], Content-Length=[227], Server=[Apache-Coyote/1.1]}
Payload: <soap:Envelope 
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>Fault
 occurred while 
processing.</faultstring></soap:Fault></soap:Body></soap:Envelope>
--------------------------------------
14.10.2009 18:10:22 org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor 
handleMessage
WARNUNG: Request does not contain required Security header, but it's a fault.


__________________________________________________
Do You Yahoo!?
Sie sind Spam leid? Yahoo! Mail verfügt über einen herausragenden Schutz gegen 
Massenmails. 
http://mail.yahoo.com

Reply via email to