Re: Proglem with loading Apache CXF STS with UT authentication

[Gina Choi]

Both web service and STS up running, but when I execute client on the
command line, I am seeing following error message in Tomcat log. Have been
try to figure this out.

---------------------------
ID: 1
Response-Code: 500
Encoding: UTF-8
Content-Type: text/xml
Headers: {}
Payload: <soap:Envelope xmlns:soap="
http://schemas.xmlsoap.org/soap/envelope/";><soap:Body><soap:Fault><faultcode>soap:Client</faultcode><faultstring>Generalsecurity
error (No certificates were found for decryption
(KeyId))</faultstring></soap:Fault></soap:Body></soap:Envelope>
--------------------------------------
May 25, 2012 12:42:12 PM
org.apache.cxf.services.SecurityTokenService.UT_Port.STS
INFO: Inbound Message
----------------------------
ID: 2
Address: http://localhost:8088/DoubleItSTS/UT
Encoding: UTF-8
Http-Method: POST
Content-Type: text/xml; charset=UTF-8
Headers: {Accept=[*/*], cache-control=[no-cache], connection=[keep-alive],
content-type=[text/xml; charset=UTF-8], host=[localhost:8088],
pragma=[no-cache], SOAPAction=["
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue";],
transfer-encoding=[chunked], user-agent=[Apache CXF 2.6.0]}
Payload: <soap:Envelope xmlns:soap="
http://schemas.xmlsoap.org/soap/envelope/";><soap:Header><Action xmlns="
http://www.w3.org/2005/08/addressing"; xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
wsu:Id="Id-22089110">
http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue</Action><MessageID
xmlns="http://www.w3.org/2005/08/addressing"; xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
wsu:Id="Id-8082967">urn:uuid:8aae248b-5070-483f-aeb6-7f25e4949d2b</MessageID><To
xmlns="http://www.w3.org/2005/08/addressing"; xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
wsu:Id="Id-12116">http://localhost:8088/DoubleItSTS/UT</To><ReplyTo xmlns="
http://www.w3.org/2005/08/addressing"; xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
wsu:Id="Id-2314373"><Address>http://www.w3.org/2005/08/addressing/anonymous</Address></ReplyTo><wsse:Security
xmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
soap:mustUnderstand="1"><wsu:Timestamp
wsu:Id="TS-1"><wsu:Created>2012-05-25T16:42:12.623Z</wsu:Created><wsu:Expires>2012-05-25T16:47:12.623Z</wsu:Expires></wsu:Timestamp><xenc:EncryptedKey
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#";
Id="EK-86B5117A9FA78EFD2213379641328211"><xenc:EncryptionMethod Algorithm="
http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p"/><ds:KeyInfo xmlns:ds="
http://www.w3.org/2000/09/xmldsig#";><wsse:SecurityTokenReferencexmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";><wsse:KeyIdentifierEncodingType="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-soap-message-security-1.0#Base64Binary";
ValueType="
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#ThumbprintSHA1";>yGuKymFPtTn/J/Hq7DHGxcwJ9IA=</wsse:KeyIdentifier></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>z13XYFuuSxQxtzB/X+9rLUoTZeWoCqKdARCF97Zw8MvvrTuipnLxlOGVr5sk81DzT6cA2EB92KS+AXT1S7y1TMESb3aLWLiCOle4o+ima89bTByqRe2GukztJ8GiLANkMzvoc8uiluL4IaWw+ORdCn2iMhX0j6T/E9V+f6mes0g=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedKey><wsc:DerivedKeyTokenxmlns:wsc="
http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512";
wsu:Id="DK-3"><wsse:SecurityTokenReference xmlns:wsse11="
http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd";
wsse11:TokenType="
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey";
wsu:Id="STR-86B5117A9FA78EFD2213379641328412"><wsse:Reference
URI="#EK-86B5117A9FA78EFD2213379641328211" ValueType="
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey"/></wsse:SecurityTokenReference><wsc:Offset>0</wsc:Offset><wsc:Length>24</wsc:Length><wsc:Nonce>/jXB+2ccMwuCF/6ee7G1nQ==</wsc:Nonce></wsc:DerivedKeyToken><wsc:DerivedKeyTokenxmlns:wsc="
http://docs.oasis-open.org/ws-sx/ws-secureconversation/200512";
wsu:Id="DK-5"><wsse:SecurityTokenReference xmlns:wsse11="
http://docs.oasis-open.org/wss/oasis-wss-wssecurity-secext-1.1.xsd";
wsse11:TokenType="
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey";
wsu:Id="STR-86B5117A9FA78EFD2213379641328785"><wsse:Reference
URI="#EK-86B5117A9FA78EFD2213379641328211" ValueType="
http://docs.oasis-open.org/wss/oasis-wss-soap-message-security-1.1#EncryptedKey"/></wsse:SecurityTokenReference><wsc:Offset>0</wsc:Offset><wsc:Length>32</wsc:Length><wsc:Nonce>x6Kqo/t5hcDb4C53M3Gd9A==</wsc:Nonce></wsc:DerivedKeyToken><xenc:ReferenceListxmlns:xenc="
http://www.w3.org/2001/04/xmlenc#";><xenc:DataReferenceURI="#ED-6"/><xenc:DataReference
URI="#ED-7"/><xenc:DataReference
URI="#ED-8"/></xenc:ReferenceList><xenc:EncryptedData xmlns:xenc="
http://www.w3.org/2001/04/xmlenc#"; Id="ED-8" Type="
http://www.w3.org/2001/04/xmlenc#Element";><xenc:EncryptionMethod Algorithm="
http://www.w3.org/2001/04/xmlenc#aes256-cbc"/><ds:KeyInfo xmlns:ds="
http://www.w3.org/2000/09/xmldsig#";><wsse:SecurityTokenReferencexmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";><wsse:ReferenceURI="#DK-5"/></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>7S/6iJi2pElMDqqqEPNcECQWmHQmSBiKq42bBVaWJahH4+UIvFGj2RYIpKbQxS1S4LkUyHsAvKJzdK0A+kXi+QO+SJwhWG8jNe5Vc6tvyuSS+v9/9yZP12Ys/CUH3pLuRcXtsewsW2LcotgJ2jFckM2OTc4RIeYql2HGN0jjpVxpq5TPbFyaUuU4WrHvm83H5aC7RwdB7qi/EZIYcR6Cb8yukAlNTsjVAmcLw82e4RamsGNICLvM1rXXyoflo6tyyc6cbMTYp+boBBD8BbeulElF/kEoM1BJrgm8c+WsZE2cy600p1cYHnjzLGIHTRd1iuaikykm/NO5CzljwUiEPuJ2CGGQTMxdDXf8XbSrmVY=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData><xenc:EncryptedData
xmlns:xenc="http://www.w3.org/2001/04/xmlenc#"; Id="ED-7" Type="
http://www.w3.org/2001/04/xmlenc#Element";><xenc:EncryptionMethod Algorithm="
http://www.w3.org/2001/04/xmlenc#aes256-cbc"/><ds:KeyInfo xmlns:ds="
http://www.w3.org/2000/09/xmldsig#";><wsse:SecurityTokenReferencexmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";><wsse:ReferenceURI="#DK-5"/></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>j6AsZeds87wz/EuoP6oyHbpFBKxuGjpCSe1Zqsin0PAjYS91XyiZ1klBjhrljAMXcKMmjYU6uSv9wrSSefk96GWkjJj77WzglISqfyOelZVVik+S0mcDG+rVZ11HWhOBEol6RYg+yBvGa4L2vp2os1m1DcuLmcKN+7+Iv+lWfWzFQEjWL/wY7maBczmNdTj071bmx9SfvaPD5Ei8Sa5lGy45RSpMq0D4qI2cipi3+6rgYQ04j/T4dPFFLiuSbZmqIWTJMWqeIemnXll6x3noyjRuLXh/lTGIPhKqtEmqxU2vHr2hsPvACA1lJqA5K8pd+Yfh54q6tG0X3hiaZ5KWoimZXDuJnZCqV+Vd3iEXatziFrDVdv2QjdajUHHEuYBEhmHNh8XUqKUDGFIWxnwIKIrKSYgbAB99FOCtrwqyzgpFNQCGB8NZyQJGPgihfpNR7aAt+XpNLF7R77Mq8gTgvHi7CFHv1VD9lXcrX/sP8JwYp3Sx3sQCDwK2ptkW/CDWEIxD9QV955h6pWzOb6cPE/Sb3/YKMEw/HEjAVdq8R/AQ8Ag0eZokqA/85MRm8yvvHwE6s7pkoRlKVwLxXPgqWWP9QBzxiLhaC9qhbtWsLEKmYuorL2tbWW9PvCRrABu4uqhSDeB2UcYENv9abcXZlnM9dm6bzz+ej4/bU3kSUQxi4AlcVuAoJJZQTOvywLGw6OUSZJzI55HnoZ1Db82bEuLdYOk9uYEJvkNVH5BdrqgfOBnUpzGhLQYmFv3JGJNGigyRD0AJnMAYo5Yf7ouLsuQIT0m/j/I8vK+9J3V1jGG4TLBWfO8yJ7Ts53AEcXm90GGUwFE0fSbnjEYW4xIe9O02wsVySsJaDisVifbMZ4FzDsZ+ybhDJ+MQJ3AFWlRV/6IJnS41XjcOqZHdvjdjqeNfD7WyZQUqW8g7MYDzr3wvrkLDi9gsmS98nXRtVBwU5SlkuBV3o1+TChEdK4OnIZdkQI20g4IlE40laAyLd/xIM1qiQjxd1glPuLfPUwPTaH5ZMoH0AJvYle/BRQBtx7reIhldPcd39rrjjjsweOCaIICFHAzjONTjbOd4Q8Br3F86NT4J5MPEN9CIZzoT3FUMZ9+B8HJHwGl6ZQtc3qAr/4RtLWTsdo/lOKNFgAxpJo3kkuHpE01Qjsk3Tqdu1/KjAVmExShJX6fHDYzBPEki3IFE8R+wf7fuy8VOmKabFFilGeTOcVZOmQrblU5Y54GBVjR9z7XIYtA417zXhkR0lzUqqxwARANEGCwn/b65wbhbXmVAUjOMm12FVdQFuXKVgQetu6ezfInDmNH/PxCCvW83DPm2qmlJ9+IcUrQk7MqzB38gxkH19WPb/64gUF09jz+OY5yM4R6PY0tSi9UkQL/i5lH0QVzB/OgdU6rThBqKCpRUdzs1YJPmrzCGdSQXB+MrWpwvhV1+yBct3uhg/vYxxUrZoiOIwfrB1As266/e9bodXbx/PmWQtbcSLlmZ0PKKQf33/OZ8xF9AoY+DbDzlcUiEHANlP0dT5IhgpkXV2G65oxBTxxxQZ4ZzkpyZLfXoTUsuqRj83DITksXOI51Eqg1ijqWf7Dd0lVqdm2lassW/OLdks7Khv9eY0Ss7JDB8Vzk60RHah8+HvZAv2VQJ1qjaOHti3AeP3RoswWApD1BnlUYwdJVyfwvg2GprROxRkjirtnsggQS4xl4+nmUrDM2aM567wM5qftOywvq2wtCNNY9knNG/Wg953EPSDx00JtTif1kqdiBXuzffqWrkPebyq5JB90VlzKnmC82m48e43zBNGyekJuNiBGOap7rSG8C5SAoEX9XyYZeRQZOzlsAdc5lZkkOVVKr+iwFRn3f3cAhr7GeM7rWodx+0fzUAE+z/1DUwbyboNobPd8k4/lWXmnT5wokWT5mpybk+P4Qur1P2Qm5q6YVxDqYCANwYOyOrB3qFdCXBcCZRu54JiZHCXyZRYnTkKPHddSRsDrKM0jT8HlNY+J5Vuv8aKA4vnbo+P+b4TXvYYUwtWGbsRaSUyYSIRV7HE583zzxVpgBt2T+3eSjfjBWfkVTAEhOK1CdZdt1pBZ9tnf5EYAoENHRsPVsAfcISOAdK+XxAo+K3lXo7PZ75AuY6wmfawUerwMbLuqJxGtkRa7b0i6pY1RuNw91Zbs42NDtUUIV2nTfkBFG4VL1QVGwsG5Z6pmw33sARTl55qCXOIVUC8TChk4vhh3FDclI7ui1elVQdDDeQ7O+aYMb4Yhhh03kHiadCuwDSMN8QG+7GKFSI1e0LDOjUEhwOZwumQdC9xLoES7Oj1lvLEu4eNOxacN70Oa8LVN1QTZh37fqEptuKoOVjkWJ6XyLCpdmlotbMaQ+5a0ABMsb6X/kDLeFwvlZYkCWh6VH9uWuPl293yGqgDHW3h2GkfPMqdVIa+/nzcFVK8sT+UPxKwNMsMB/tGG4KVx9O9fs2nTNncVtR00XvPTWiNVNA7b1wmLkXiiowYtY7CRlZhCI+smsg5vL358v4ZjYlGfJ2Tyjt1oD2mdMP6+O4hPkkS9oWlTWY8jzogT4X5dZs566wvDP4Xs8R40T0yqSnSkuEvJYpKynJURE58Nwlpqme/0lY2vLWr4igu60kKe6CpX0BynXo4NRdF+Zs0+WzUL7LFiqKIExBSrLtqcSUnPJGyCIAE7B0I6SbykEYk9pEGHrR7r6K0Wp8FSYpXTmr1QylpL2kSKIMsCGCxV7uzOTAXAToP8Nb46WUPDhoABmAoqGBu8XPfrCZF9lMKfzpL2x2VQyU/JVWnNvLcCGCPRboagBY+c/EZlmhkhbZ9NSkTs5GDDMISWHss1OX83yOZUpjcGZYtCNFDdSuDR9Tuu6SadiTdC2N604YJmUv0lldjrAvsTlTeMehJEqaeo+t/Oda7KvsTHPNQ4anUpbXocQYHPYBjoiYMjt+fYd38WDCjW5Nte3s30qIflelXe5bMrIRVGkJuixv0Oyl1YPGRS/VChfnOXfzEY7tqbNIeF1oMC1pzNO/HnebZTc0jlbN7PQyi5yWZB4P+g/5c04yxOo8emSaN3YGwjtpAsP1MJXXfVcNPSC2rEQo2EEDfBfAk9KuHG8sHBbX2iDyDXBM0yj7gwW5Q43I9DLJJxNS3ZNd3NPqK/DsQpbJ6VVVR6hxHFXVnPcFQ61Y+t7O5WZBanOym3/z+Wq00ZHmyxOh9m7zPsdh1xyy6shsu1FJHdZHljSEYno3owKof89mGEyhuZ9sIilwj/e9iUnSOPPCPgkqpZShQagvFEKOHnCb02XIy8uo/g8Z9ACfcQnjAElapl9L8aoLi94/A5/U0XQUtsghZOSedyFlszkHS8GvNQMxVvZ2cE3bsM5naVU6/8aEIpnLakjo+aomtyaOygp0kjff99uW4WjforGLZznY45fYj717aZGDNz5XYrpULCyW6Oi2t4XF+pRy/gL/ULFs1l36WlmpwC/zj/mkApfZuDqSj3zuR+faBCfgenSHJHOpwxk/KG7bnAFh9D7YKx8VKXvHirrZJD1yMLYTrGzVsoADmjMwMjG6Zy3mT7vaiDlo1SrixnT0OKqAR9+i2HwyTVLMxvZWKq4FZwm85gcAoRdi46cBsst/h5HivQfKoM53/SDSgZACG7Sqq97pn1XlzHZ0NNfcd7Nky/4DLri+sYWkEX51jh3/p4gGGOCtI4QxHQGI0tmmwccB4hJFj4p2qvFkqocSUr5lmSx2VPAcQ3bnnnd/C5+9C2Z5TxL9MM1+lW7Q6nyEs0fJGCHJlxHHEjXqpy0zC44d1wtCeO0CnUnOwOb0drd8WcKn7hQSe9iQ+UdQPBw1V1LpdpRVIQk4bNyI44FwDv7MTF1tfKsDcHZeCKa1T6CQ1WgOe2CLhMYAnr0aRHRmrDKKZoAHYtGP5t4LmmGgvWTpB4LofWqhVR/r9xbS/6YOSVFOyjnq1Yq3yqPbg/5DmFpltjVPGT1oulwgdE3b/16n5qsoCHyJumY9poKkzSuwqf8+12tj5NDu8aNLM90at3wmjEMoQDFM98WVRE82CCOcuzot5eGQixmEkzN/lhpnplEeVK1w5SLAaW6HqT9zJYnClYHPqjhG8Cd8Dc6B95UOxX/1AdAJg4nQ8OGTZbVolH3APhiO4frsydSKb9SZ9ZG0Fm+d4c5iUXmB0d076HfAZi4erj6oPaLhnNstmOFEkyQP7OVSDo1F3st6S/AjOMVq4DCWRwCysELggvdj5qT3GLpLdgY7XDmS8QNKqdHP/noLkTotAQMsYEXyQmOJ86IJ5zvr4krCEUMsV2VyvpSSmTubl61jtxYUAYlBzoGVRJDsXXFL+Mr5C+RX2HssUx3Xnl+DRC7WfgwkLbS9vs0QqdIfvJyrKaLyuWbIzsjjnvsyLB2LzqcYj2oi96+s7iWETqvRoBCmZZs8O/6xdS7Ss4FagRbEoENpc5qeJe5f80uTsg3cGA8zDzxEldOieg+PphIpnpNYS2PmrNMKEDD640161RnEJLYzojaFA58t0+vV2bxBZtjmKZ7nujMHjHcmJLsfv8UoH8FPzB39tJS41P0QRI0UDKQ0DANcuufJGAkYAz1hfhiT+zdUs1oH+dlHYw4ETtj7THKrCytgDea2s2gXFd3wSpts6AdfGqS2/Tfek4kTdejcqmd0uE/horn4KUTJ3hffuQ/W53x9iQqwyUSNZzGgqoMKoY8DJQBVCUtdyHrQ8Sq+3HSXpcA224tJgCjFLBWE6i7jb4ASBvzF3NgwPvGTVkAbDxWPWAefu3ryUgVb29ipKznbJIkMYvdvd3y4U5JNYu8yxliPMaixmo7EuYJz/E2IOaV+arxO+OA3G1T787L+9FzK5Ibo0pAkVgyKQIKYPklPjRTBoSNoxh7wvbaRhnHvRo8MYse4yGts2y48J+o69+hmbJdUaX3UgvwC88gQNoPX8mUuiJ4JN752gw==</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></wsse:Security></soap:Header><soap:Body
xmlns:wsu="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";
wsu:Id="Id-10623141"><xenc:EncryptedData xmlns:xenc="
http://www.w3.org/2001/04/xmlenc#"; Id="ED-6" Type="
http://www.w3.org/2001/04/xmlenc#Content";><xenc:EncryptionMethod Algorithm="
http://www.w3.org/2001/04/xmlenc#aes256-cbc"/><ds:KeyInfo xmlns:ds="
http://www.w3.org/2000/09/xmldsig#";><wsse:SecurityTokenReferencexmlns:wsse="
http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";><wsse:ReferenceURI="#DK-5"/></wsse:SecurityTokenReference></ds:KeyInfo><xenc:CipherData><xenc:CipherValue>R5MO17Yyg162316WY2xNN3rnhCKxZj2n9C2kcFMw3e5pkyPXrKJKua9qHBzZTLVUADx1AO+Y+WEeAl8JIAkfvPy7ShWN0hKHIKAyc3J/ir+w+xZ9iQ59LaSgg4s8iVLutxvLJCm3IviJGDz9Hy44RsZp2o3fuaAO4CiOO6BmgSVY8cs7XbKSFUbzqba5oCD4IsGgf7DKpzLYMytIbTzJ7bobaNsfn9qH8JkX0VH8skEPINOemE1SvlsL5ad8fRqF00FOTUAN6UDf5P7qW1Qc10heEQGwDtawF3FrmJtC50ZXpAGopFSou5NaFMjuH+AsElA4a7P0A3+PlCBal3sLOiCdsoAvgTF7zSiDITVtzD73nQPVH3l++Hx+XqIesTvv9zsfWNJL097dQ4J0HefGbCu86Cz1FKwSaZMgomiICe6qA6L1f5Pd6fC2z03iJB0xDZzCAs+ue1CcSy5ui/sx9K+MQchg9lyo6tgK4aj6kvbFR5iA3U9sHtAYrHlyGJgDBOv0CiNKdh4LQ3905iydR0FCalhwmEg02qnSy9xGz7osgnesKsAcY1Rx4yW7JXkViSelKBEI0HXxCnSFb/AwfMfp49Np+xoQcbLihxBtw1XQfOyQkuWPUdRfuTv27T/mVcZaTaIltU5L2CS9EKmqcTr33QZwXNb14jMrwTVzigTcykmHHFS9KKtYBWRsyp1yzctrM59JFYVgGghtybqawgQHxIxV5gN+sP7kTZp0Uy7+5U/D76gDvYarz38xxakwZDasFae3o60hw3coYRwm+GqLPDKEI+X3Un4JAnzxpz1qYIn3M6f+jGTFEUfPafKFrylQYB400Yf/GNHvVkmkMczOspI6oSjWKQWGJZo8MeZjashkggDd7qtazyyoY3Fo2wHmResoI070h2Ch4GxpsNCRSdplOSZKxLSvwqHhdBksW8VeDt2BDgAsuSGznHk2oASLokREmQ3fgci4KzEvy53/MDWo7S02sk0FqF5OfuiQXt0AFPEydJ5ybnlS49xh4HTAG167gZHZGWHzHhPel5npEh+GyVe9yrYzzJ4yal4kXpIbVeyfB5csZGXmic2T/XPCQ97miGCohjEz7q0FXYFUPpROQkvbzSXkRp8naxGpU+dc9JN3fbBHmq0f358cnYOhPs5BEk8Yn/IHtUHLs43n8wogb5958uuOTsH9/E1iZUlDr88iHMousDG5ABxJaZBdyTaark10tavCF0lumYemso3v+77zfHTqsY4D+En69b5U96WHtQz50qzwXZuMZ0dFP5U/pPMlStKGPhVm8W6GD+rHdJjV9yScnyTack3YwBnKCWaqO/zXNG4EzdhHlxKzlW5gGNdSUtqM2HmjtGuNvg/UHe/+VVsJyP21wmxR1FOQfVPyrZS5gsULntB1toXltfpWByVDxJRpGaI9B0bkUuJFCmRcC/H1ej6tkH16+fjzwd8h/2YdJI3bW38mUYPmfE+4fKQZ2ptzGk/PNpGylkyFRBe6tvXhj9RuB1h0bxIX72y8/UJEtGVvEr0VMVcfqKkghTlOtY18C06I1zH0U7zDJbVC/2eO5xQykuj3td2Qj6cPC8q/4xq16FTUpqB6fqunATslBV+/xTEXowkp/8T6Otdivo7ft1OJxY7qtT5mu7GrRoGEMDBN+puH/UNVxLO1MeAUUA7SUxl7V7vcXWvQZURf4VhFf88iOOhKy09Gf23VECFVYryO+75Kthsx92SU+wWzWebApb8DdPkjTRTU3kFT4tgmGDW0czuptk91g4n87rud0orK3bheNmxwqHIbQmwNplFBWkU3QKd82WcBMnykajjyBJfRwbk=</xenc:CipherValue></xenc:CipherData></xenc:EncryptedData></soap:Body></soap:Envelope>
--------------------------------------
May 25, 2012 12:42:12 PM
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor handleMessage
WARNING:
org.apache.ws.security.WSSecurityException: General security error (No
certificates were found for decryption (KeyId))
 at
org.apache.ws.security.processor.EncryptedKeyProcessor.getCertificatesFromEncryptedKey(EncryptedKeyProcessor.java:255)
 at
org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:102)
 at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:397)
 at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:289)
 at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:97)
 at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262)
 at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:122)
 at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:211)
 at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:213)
 at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:193)
 at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:129)
 at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:187)
 at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:110)
 at javax.servlet.http.HttpServlet.service(HttpServlet.java:641)
 at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:166)
 at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
 at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
 at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:225)
 at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169)
 at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
 at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
 at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
 at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927)
 at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
 at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
 at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:999)
 at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:565)
 at
org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:307)
 at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
 at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
 at java.lang.Thread.run(Thread.java:662)
May 25, 2012 12:42:12 PM org.apache.cxf.phase.PhaseInterceptorChain
doDefaultLogging
WARNING: Interceptor for {
http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService#{http://docs.oasis-open.org/ws-sx/ws-trust/200512/}Issuehas
thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: General security error (No
certificates were found for decryption (KeyId))
 at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.createSoapFault(WSS4JInInterceptor.java:778)
 at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:357)
 at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:97)
 at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262)
 at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:122)
 at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:211)
 at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:213)
 at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:193)
 at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:129)
 at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:187)
 at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:110)
 at javax.servlet.http.HttpServlet.service(HttpServlet.java:641)
 at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:166)
 at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)
 at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)
 at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:225)
 at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:169)
 at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)
 at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)
 at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98)
 at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927)
 at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)
 at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)
 at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:999)
 at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:565)
 at
org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:307)
 at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)
 at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)
 at java.lang.Thread.run(Thread.java:662)
Caused by: org.apache.ws.security.WSSecurityException: General security
error (No certificates were found for decryption (KeyId))
 at
org.apache.ws.security.processor.EncryptedKeyProcessor.getCertificatesFromEncryptedKey(EncryptedKeyProcessor.java:255)
 at
org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(EncryptedKeyProcessor.java:102)
 at
org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:397)
 at
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:289)
 ... 27 more
May 25, 2012 12:42:12 PM
org.apache.cxf.services.SecurityTokenService.UT_Port.STS
INFO: Outbound Message
---------------------------
ID: 2
Response-Code: 500
Encoding: UTF-8
Content-Type: text/xml
Headers: {}
Payload: <soap:Envelope xmlns:soap="
http://schemas.xmlsoap.org/soap/envelope/";><soap:Body><soap:Fault><faultcode>soap:Client</faultcode><faultstring>Generalsecurity
error (No certificates were found for decryption
(KeyId))</faultstring></soap:Fault></soap:Body></soap:Envelope>
--------------------------------------

On Fri, May 25, 2012 at 10:21 AM, Glen Mazza <gma...@talend.com> wrote:

> That file is referenced in the cxf.xml (https://github.com/gmazza/**
> blog-samples/blob/master/cxf_**sts_tutorial/client/src/main/**
> resources/cxf.xml<https://github.com/gmazza/blog-samples/blob/master/cxf_sts_tutorial/client/src/main/resources/cxf.xml>)
> and used by the SOAP client to determine the authentication method it needs
> to use when interacting with the STS.  (It might be redundant in cases
> where the SOAP client makes a MEX--MetadataExchange--call to retrieve that
> same WSDL--I'd have to look more into that.)
>
> Yes, it should be the same as the STS WSDL -- it looks duplicative only
> because the sample tutorial bundles the STS and WSC together but normally
> separate teams would be handling each component, each with a copy of the
> WSDL in their own project
>
> Glen
>
>
> On 05/25/2012 10:08 AM, Gina Choi wrote:
>
>> Hi Glen,
>> I was looking at http://svn.apache.org/viewvc/**
>> cxf/fediz/trunk/services/sts/**src/main/webapp/WEB-INF/cxf-**
>> ut.xml?view=markup<http://svn.apache.org/viewvc/cxf/fediz/trunk/services/sts/src/main/webapp/WEB-INF/cxf-ut.xml?view=markup>
>> .
>> Later I was able to fix it based on apache-cxf-2.6.0-src.
>> You have DoubleItSTSService.wsdl file under \client\src\main\resources as
>> well. What is role of the wsdl file in client side? The content should be
>> same as sts side?
>> Thanks.
>> Gina
>> On Thu, May 24, 2012 at 10:06 PM, Glen Mazza <gma...@talend.com <mailto:
>> gma...@talend.com>> wrote:
>>
>>    Hmm, the sample doesn't have encryptionName under utService:
>>    http://svn.apache.org/viewvc/ cxf/trunk/distribution/src/
>>    main/release/samples/sts/src/ demo/wssec/sts/wssec-sts.xml?
>>    revision=1190520&view=markup# l69
>>    <http://svn.apache.org/viewvc/**cxf/trunk/distribution/src/**
>> main/release/samples/sts/src/**demo/wssec/sts/wssec-sts.xml?**
>> revision=1190520&view=markup#**l69<http://svn.apache.org/viewvc/cxf/trunk/distribution/src/main/release/samples/sts/src/demo/wssec/sts/wssec-sts.xml?revision=1190520&view=markup#l69>
>> >
>>
>>    I'm not sure why you're placing such a property in.
>>
>>    Glen
>>
>>
>
> --
> Glen Mazza
> Talend Community Coders
> coders.talend.com
> blog: www.jroller.com/gmazza
>
>