<<< The following policy (KeyValueToken) is not supported, but you could remove it as it is optional and see if that works: >>> Per Oliver advise, after I added an empty <wsp:Policy />element as a child of <sp:KeyValueToken>, I don't receive anymore compaining.
<<< The client needs to configure the HTTP conduit with the keystore that contains the certificate of the STS, e.g.: <http:conduit name="https://localhost:.*";> <http:tlsClientParameters disableCNCheck="true"> <sec:trustManagers> <sec:keyStore type="jks" password="cspass" resource="clientstore.jks"/> </sec:trustManagers> </http:tlsClientParameters> </http:conduit> >>> Afer added following to my client configuration, now I am getting new exception. By the way, with ADFS, I have to use https. <http:conduit name="https://strts01.ams.dev.*";> <http:tlsClientParameters disableCNCheck="true"> <sec:trustManagers> <sec:keyStore type="jks" password="cspass" resource="clientstore.jks"/> </sec:trustManagers> </http:tlsClientParameters> </http:conduit> Jun 1, 2012 12:47:33 PM org.apache.cxf.bus.spring.SpringBusFactory createApplicationContext WARNING: Initial attempt to create application context was unsuccessful. org.springframework.beans.factory.xml.XmlBeanDefinitionStoreException: Line 57 in XML document from class path resource [cxf.xml] is invalid; nested exception is org.xml.sax.SAXParseException: The prefix "http" for element "http:conduit" is not bo . at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.doLoadBeanDefinitions(XmlBeanDefinitionReader.java:396) at org.apache.cxf.bus.spring.ControlledValidationXmlBeanDefinitionReader.doLoadBeanDefinitions(ControlledValidationXmlBeanDefinitionReader.java:115) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:334) at org.apache.cxf.bus.spring.ControlledValidationXmlBeanDefinitionReader.internalLoadBeanDefinitions(ControlledValidationXmlBeanDefinitionReader.java:154) at org.apache.cxf.bus.spring.ControlledValidationXmlBeanDefinitionReader.access$000(ControlledValidationXmlBeanDefinitionReader.java:66) at org.apache.cxf.bus.spring.ControlledValidationXmlBeanDefinitionReader$1.run(ControlledValidationXmlBeanDefinitionReader.java:141) at org.apache.cxf.bus.spring.ControlledValidationXmlBeanDefinitionReader$1.run(ControlledValidationXmlBeanDefinitionReader.java:140) at java.security.AccessController.doPrivileged(Native Method) at org.apache.cxf.bus.spring.ControlledValidationXmlBeanDefinitionReader.loadBeanDefinitions(ControlledValidationXmlBeanDefinitionReader.java:139) at org.springframework.beans.factory.xml.XmlBeanDefinitionReader.loadBeanDefinitions(XmlBeanDefinitionReader.java:302) at org.springframework.beans.factory.support.AbstractBeanDefinitionReader.loadBeanDefinitions(AbstractBeanDefinitionReader.java:143) at org.springframework.context.support.AbstractXmlApplicationContext.loadBeanDefinitions(AbstractXmlApplicationContext.java:122) at org.apache.cxf.bus.spring.BusApplicationContext.loadBeanDefinitions(BusApplicationContext.java:309) at org.springframework.context.support.AbstractRefreshableApplicationContext.refreshBeanFactory(AbstractRefreshableApplicationContext.java:130) at org.springframework.context.support.AbstractApplicationContext.obtainFreshBeanFactory(AbstractApplicationContext.java:467) at org.springframework.context.support.AbstractApplicationContext.refresh(AbstractApplicationContext.java:397) at org.apache.cxf.bus.spring.BusApplicationContext$1.run(BusApplicationContext.java:101) at org.apache.cxf.bus.spring.BusApplicationContext$1.run(BusApplicationContext.java:100) at java.security.AccessController.doPrivileged(Native Method) at org.apache.cxf.bus.spring.BusApplicationContext.<init>(BusApplicationContext.java:99) at org.apache.cxf.bus.spring.SpringBusFactory.createApplicationContext(SpringBusFactory.java:130) at org.apache.cxf.bus.spring.SpringBusFactory.createBus(SpringBusFactory.java:121) at org.apache.cxf.bus.spring.SpringBusFactory.createBus(SpringBusFactory.java:95) at org.apache.cxf.bus.spring.SpringBusFactory.createBus(SpringBusFactory.java:69) at org.apache.cxf.bus.spring.SpringBusFactory.createBus(SpringBusFactory.java:58) at org.apache.cxf.BusFactory.getDefaultBus(BusFactory.java:99) at org.apache.cxf.BusFactory.createThreadBus(BusFactory.java:165) at org.apache.cxf.BusFactory.getThreadDefaultBus(BusFactory.java:155) at org.apache.cxf.BusFactory.getThreadDefaultBus(BusFactory.java:140) at org.apache.cxf.jaxws.spi.ProviderImpl.createServiceDelegate(ProviderImpl.java:96) at javax.xml.ws.Service.<init>(Service.java:92) at org.example.contract.doubleit.DoubleItService.<init>(DoubleItService.java:47) at client.WSClient.main(WSClient.java:8) On Fri, Jun 1, 2012 at 12:13 PM, Colm O hEigeartaigh <[email protected]>wrote: > > The client needs to configure the HTTP conduit with the keystore that > contains the certificate of the STS, e.g.: > > <http:conduit name="https://localhost:.*";> > <http:tlsClientParameters disableCNCheck="true"> > <sec:trustManagers> > <sec:keyStore type="jks" password="cspass" > resource="clientstore.jks"/> > </sec:trustManagers> > </http:tlsClientParameters> > </http:conduit> > > What NPE are you getting? The following policy (KeyValueToken) is not > supported, but you could remove it as it is optional and see if that works: > > > <sp:EndorsingSupportingTokens xmlns:sp=" > http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702";> > <wsp:Policy> > <sp:KeyValueToken sp:IncludeToken=" > http://docs.oasis-open.org/ws-sx/ws-securitypolicy/200702/IncludeToken/Never > " > wsp:Optional="true"> > <wsp:Policy /> > </sp:KeyValueToken> > <sp:SignedParts> > <sp:Header Name="To" > Namespace="http://www.w3.org/2005/08/addressing"; /> > </sp:SignedParts> > </wsp:Policy> > </sp: > EndorsingSupportingTokens> > > Colm. >
