Hi, Are you sure you need to create a SAML 1.0 token and not a SAML 1.1 token? 1.0 is not supported (afaik). What version of CXF are you using?
Colm. On Tue, Nov 29, 2011 at 11:43 PM, cxfnewbie <[email protected]> wrote: > Hi, > > I am new to CXF and am wondering if someone has any insight on how to add > saml 1.0 token using CXF. I tried creating a SAMLcallbackhandler, using > adding an wss4joutinterceptor with these properties. > > org.apache.cxf.endpoint.Client client = ClientProxy.getClient(service); > org.apache.cxf.endpoint.Endpoint cxfEndpoint = > client.getEndpoint(); > > Map<String, Object> outProps = new HashMap<String, Object>(); > // configure properties > outProps.put(WSHandlerConstants.ACTION, > WSHandlerConstants.SIGNATURE); > outProps.put(WSHandlerConstants.USER, KEY_ALIAS); > outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, > ClientCallbackHandler.class.getName()); > outProps.put(WSHandlerConstants.SIG_PROP_FILE, > "client_sign.properties"); > // outProps.put(WSHandlerConstants.SIG_ALGO, > // "http://www.w3c.org/2000/09/xmldsig#rsa-sha1";); > outProps.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference"); > > outProps.put(WSHandlerConstants.SAML_CALLBACK_CLASS, > SAMLCallbackHandler.class.getName()); > outProps.put(WSHandlerConstants.ACTION, > WSHandlerConstants.SAML_TOKEN_SIGNED); > outProps.put(WSHandlerConstants.SAML_PROP_FILE, > "saml.properties"); > > WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps); > > cxfEndpoint.getOutInterceptors().add(wssOut); > > > my saml.properties look like this > org.apache.ws.security.saml.issuer.cryptoProp.file=client_sign.properties > org.apache.ws.security.saml.issuer.key.name=myKey > org.apache.ws.security.saml.issuer.key.password=password > org.apache.ws.security.saml.issuer=CN=me, OU=CSD, O=some company, L=Los > angeles, ST=CA, C=US > org.apache.ws.security.saml.issuer.sendKeyValue=true > org.apache.ws.security.saml.issuer.signAssertion=true > org.apache.ws.security.saml.callback=client.SamlCallbackHandler > > Right now I'm getting a nullpointerexception > > java.lang.NullPointerException > at > org.apache.ws.security.saml.WSSecSignatureSAML.prepare(WSSecSignatureSAML.java:270) > at > org.apache.ws.security.saml.WSSecSignatureSAML.build(WSSecSignatureSAML.java:122) > at > org.apache.ws.security.action.SAMLTokenSignedAction.execute(SAMLTokenSignedAction.java:95) > at > org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:202) > at > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:52) > at > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:260) > at > org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:136) > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263) > at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:535) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:465) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:368) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:321) > at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:88) > at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134) > at $Proxy30.getMap(Unknown Source) > at MapUser$1.run(MapUser.java:77) > at java.lang.Thread.run(Thread.java:662) > > In my callbackhandler, I set the samlversion to 1.0 which I'm not sure will > even work. > > Any suggestion is appreciated. Thanks. > Newbie > > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/cxf-and-saml1-0-tp5034076p5034076.html > Sent from the cxf-user mailing list archive at Nabble.com. -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
