Oliver,
The wsdl you have for the trust server is slightly problematic. The
soap:operation soapAction needs to be set properly. Instead of:
<soap:operation soapAction="" style="document"/>
if you set it to:
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue
I think it will work. That said, we definitely should handle this better
and I'm updating the STSClient findOperation method to handle this.
Dan
On Mon October 19 2009 9:51:27 am Oliver Wulff wrote:
> I've attached the testcase.
>
> 1) update the location address of the wsdl port SignedSAMLSenderVouches in
> wsdl/ws-trust-1.3-soap.wsdl to a valid endpoint address. No valid WS-Trust
> endpoint is required. All you want to see is that the
> LoggingOutInterceptor in the client logs an empty soap message which is
> sent.
>
> 2) run
> mvn -Psecure.client
>
> You should now see that the outgoing message is an empty soap message:
> 19.10.2009 14:46:37
> org.apache.cxf.interceptor.LoggingOutInterceptor$LoggingCall back onClose
> INFO: Outbound Message
> ---------------------------
> ID: 1
> Address:
> https://b0d0hr02.ch.zurich.com:57076/services/security/SecurityTokenSer
> <https://b0d0hr02.ch.zurich.com:57076/services/security/SecurityTokenSer>
> viceSOAPService/SignedSAMLSenderVouches
> Encoding: UTF-8
> Content-Type: text/xml
> Headers: {SOAPAction=[""], Accept=[*/*]}
> Payload: <soap:Envelope
> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/
> <http://schemas.xmlsoap.org/soap/envelope/> ">< soap:Body
> /></soap:Envelope>
>
> Thanks
> Oliver
>
> ________________________________
>
> Von: Oliver Wulff [mailto:[email protected]]
> Gesendet: Mo 19.10.2009 07:45
> An: [email protected]
> Betreff: STS Client, Bearer KeyType results in empty soap message
>
>
>
> Hi there
>
> My web service has defined an IssuedToken policy where KeyType is Bearer:
>
> <sp:IssuedToken
> xmlns:sp="http://schemas.xmlsoap.org/ws/2005/07/securitypolicy
> <https://webmail.progress.com/exchweb/bin/redir.asp?URL=http://schemas.xml
> soap.org/ws/2005/07/securitypolicy> "> <sp:RequestSecurityTokenTemplate>
> <trust:TokenType
> xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512";>http://docs
> .oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</trust:TokenT
> ype
> <https://webmail.progress.com/exchweb/bin/redir.asp?URL=http://docs.oasis-
> open.org/ws-sx/ws-trust/200512%22%3Ehttp://docs.oasis-open.org/wss/oasis-ws
> s-saml-token-profile-1.1%23SAMLV1.1%3C/trust:TokenType> > <trust:KeyType
> xmlns:trust="http://docs.oasis-open.org/ws-sx/ws-trust/200512";>http://docs
> .oasis-open.org/ws-sx/wstrust/200512/Bearer</trust:KeyType
> <https://webmail.progress.com/exchweb/bin/redir.asp?URL=http://docs.oasis-
> open.org/ws-sx/ws-trust/200512%22%3Ehttp://docs.oasis-open.org/ws-sx/wstrus
> t/200512/Bearer%3C/trust:KeyType> > </sp:RequestSecurityTokenTemplate>
> </sp:IssuedToken>
>
>
> Unfortunately, the sent request to the STS is an empty soap message:
>
> INFO: Outbound Message
> ---------------------------
> ID: 1
> Address:
> https://b0d0hr02:57076/services/security/SecurityTokenServiceSOAPService/S
> ignedSAMLSenderVouches
> <https://b0d0hr02:57076/services/security/SecurityTokenServiceSOAPService/
> SignedSAMLSenderVouches> Encoding: UTF-8
> Content-Type: text/xml
> Headers: {SOAPAction=[""], Accept=[*/*]}
> Payload: <soap:Envelope
> xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";><soap:Body
> <https://webmail.progress.com/exchweb/bin/redir.asp?URL=http://schemas.xml
> soap.org/soap/envelope/%22%3E%3Csoap:Body> /></soap:Envelope>
>
>
> I have debugged the STSClient and the writeStartElement and writeEndElement
> seem to be correct. But for some reason, the translation into DOMSource
> seems not to work: Object obj[] = client.invoke(boi, new
> DOMSource(writer.getDocument().getDocumentElement()));
>
> Do you have any ideas?
>
> Thanks
> Oliver
>
--
Daniel Kulp
[email protected]
http://www.dankulp.com/blog
