What does your client configuration look like for this case? Colm.
On Wed, Jul 11, 2012 at 11:58 AM, Gina Choi <[email protected]> wrote: > Hi Colm, > > Thanks for confirmation. If I browse( > https://wkengchoi.global.sdl.corp:9443/fedizidpsts/STSService?wsdl) Fediz > STS wsdl file, I see following content. As you noticed that except > TransportUT_Port, > soap address for port UTEncrypted_Por, UT_Port and Transport_Port are > relative address(TransportKerberos_Port seems not ready. I might comment > this out). > > > <wsdl:service name="SecurityTokenService"> > > <wsdl:port binding="wstrust:X509_Binding" name="X509_Port"> > > <soap:address location="/X509"/> > > </wsdl:port> > > <wsdl:port binding="wstrust:TransportUT_Binding" > name="TransportUT_Port"> > > <soap:address location=" > https://wkengchoi.global.sdl.corp:9443/fedizidpsts/STSService"/> > > </wsdl:port> > > <wsdl:port binding="wstrust:TransportKerberos_Binding" > name="TransportKerberos_Port"> > > <soap:address location=" > http://wkengchoi.global.sdl.corp:9080/jaxws-sts/sts"/> > > </wsdl:port> > > <wsdl:port binding="wstrust:UTEncrypted_Binding" > name="UTEncrypted_Port"> > > <soap:address location="/UTEncrypted"/> > > </wsdl:port> > > <wsdl:port binding="wstrust:Transport_Binding" name="Transport_Port"> > > <soap:address location="/STSServiceTransport"/> > > </wsdl:port> > > <wsdl:port binding="wstrust:UT_Binding" name="UT_Port"> > > <soap:address location="/UT"/> > > </wsdl:port> > > </wsdl:service> > > Part of current configuration of my ws-trust-1.4-service.wsdl is as follow. > > <wsdl:service name="SecurityTokenService"> > > <wsdl:port name="UT_Port" binding="tns:UT_Binding"> > > <soap:address location=" > http://wkengchoi.global.sdl.corp:9080/jaxws-sts/sts"; /> > > </wsdl:port> > > <wsdl:port name="X509_Port" binding="tns:X509_Binding"> > > <soap:address location=" > http://wkengchoi.global.sdl.corp:9080/jaxws-sts/sts"; /> > > </wsdl:port> > > <wsdl:port name="Transport_Port" binding="tns:Transport_Binding"> > > <soap:address location=" > http://wkengchoi.global.sdl.corp:9080/jaxws-sts/sts"; /> > > </wsdl:port> > > <wsdl:port name="UTEncrypted_Port" > binding="tns:UTEncrypted_Binding"> > > <soap:address location=" > http://wkengchoi.global.sdl.corp:9080/jaxws-sts/sts"; /> > > </wsdl:port> > > <wsdl:port name="TransportUT_Port" > binding="tns:TransportUT_Binding"> > > <soap:address location=" > http://wkengchoi.global.sdl.corp:9080/jaxws-sts/sts"; /> > > </wsdl:port> > > <wsdl:port name="TransportKerberos_Port" > binding="tns:TransportKerberos_Binding"> > > <soap:address location=" > http://wkengchoi.global.sdl.corp:9080/jaxws-sts/sts"; /> > > </wsdl:port> > > </wsdl:service> > > > > When I run my client toward UTEncrypted_Port, I am getting following > exception. So, it doesn't like relative address. > > Exception in thread "main" javax.xml.ws.WebServiceException: Could not > send Message. > at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:145) > at $Proxy25.doubleIt(Unknown Source) > at client.WSClient.doubleIt(WSClient.java:18) > at client.WSClient.main(WSClient.java:11) > *Caused by: java.net.MalformedURLException: no protocol: /UTEncrypted* > at java.net.URL.<init>(URL.java:567) > at java.net.URL.<init>(URL.java:464) > at java.net.URL.<init>(URL.java:413) > at > org.apache.cxf.transport.http.HTTPConduit.getURL(HTTPConduit.java:752) > at > org.apache.cxf.transport.http.HTTPConduit.getURL(HTTPConduit.java:741) > at > org.apache.cxf.transport.http.HTTPConduit.setupURL(HTTPConduit.java:685) > at > org.apache.cxf.transport.http.HTTPConduit.prepare(HTTPConduit.java:474) > at > org.apache.cxf.interceptor.MessageSenderInterceptor.handleMessage(MessageSenderInterceptor.java:46) > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262) > at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:532) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:464) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:367) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:320) > at > org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:722) > at > org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:602) > at > org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:594) > at > org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.getTokenFromSTS(IssuedTokenInterceptorProvider.java:404) > at > org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.handleMessage(IssuedTokenInterceptorProvider.java:188) > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262) > at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:532) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:464) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:367) > at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:320) > at > org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:89) > at > org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134) > > Thanks. > > Gina > On Wed, Jul 11, 2012 at 5:30 AM, Colm O hEigeartaigh > <[email protected]>wrote: > >> Hi Gina, >> >> Yes your changes are correct - I have updated the STS config. >> >> Colm. >> >> >> On Tue, Jul 10, 2012 at 7:03 PM, Gina Choi <[email protected]> wrote: >> >>> Thanks for quick fix. Both cxf-ut.xml and cxf-x509.xml are complaining >>> about bean properties name when I enable them. So, I made following changes >>> in cxf-ut.xml. >>> >>> 1. Commented out "encryptionName". >>> >>> <bean id="utService" >>> >>> class="org.apache.cxf.sts.service.StaticService"> >>> >>> <property name="endpoints" ref="utEndpoints"/> >>> >>> <!--property name="encryptionName" value="myservicekey"/--> >>> >>> </bean> >>> >>> >>> 2. Changed signatureProperties to signaturePropertiesFile. Changed >>> encryptionProperties to encryptionPropertiesFile like bellow. >>> >>> <bean id="utSTSProperties" >>> >>> class="org.apache.cxf.sts.StaticSTSProperties"> >>> >>> <property >>> name="signaturePropertiesFile" value="stsKeystore.properties"/> >>> >>> <property name="signatureUsername" >>> value="mystskey"/> >>> >>> <property name="callbackHandlerClass" >>> value="org.apache.cxf.sts.war.PasswordCallbackHandler"/> >>> >>> <property >>> name="encryptionPropertiesFile" value="stsKeystore.properties"/> >>> >>> <property name="issuer" >>> value="DoubleItSTSIssuer"/> >>> >>> </bean> >>> >>> >>> I also made similar changed on cxf-x509.xml like bellow. I don't know if >>> this is right way to fix it, but at least it prevents exceptions. >>> >>> <bean id="x509Service" >>> >>> class="org.apache.cxf.sts.service.StaticService"> >>> >>> <property name="endpoints" ref="x509Endpoints"/> >>> >>> <!--property name="encryptionName" value="myservicekey"/--> >>> >>> </bean> >>> >>> >>> >>> <bean id="x509STSProperties" >>> >>> class="org.apache.cxf.sts.StaticSTSProperties"> >>> >>> <property >>> name="signaturePropertiesFile" value="stsKeystore.properties"/> >>> >>> <property name="signatureUsername" >>> value="mystskey"/> >>> >>> <property name="callbackHandlerClass" >>> value="org.apache.cxf.sts.war.PasswordCallbackHandler"/> >>> >>> <property >>> name="encryptionPropertiesFile" value="stsKeystore.properties"/> >>> >>> <property name="issuer" >>> value="DoubleItSTSIssuer"/> >>> >>> </bean> >>> >>> <bean id="utSTSProperties" >>> >>> class="org.apache.cxf.sts.StaticSTSProperties"> >>> >>> <property >>> name="signaturePropertiesFile" value="stsKeystore.properties"/> >>> >>> <property name="signatureUsername" >>> value="mystskey"/> >>> >>> <property name="callbackHandlerClass" >>> value="org.apache.cxf.sts.war.PasswordCallbackHandler"/> >>> >>> <property >>> name="encryptionPropertiesFile" value="stsKeystore.properties"/> >>> >>> <property name="issuer" >>> value="DoubleItSTSIssuer"/> >>> >>> </bean> >>> >>> >>> >>> Thanks. >>> >>> Gina >>> >>> >>> On Tue, Jul 10, 2012 at 11:09 AM, Colm O hEigeartaigh < >>> [email protected]> wrote: >>> >>>> There's a bug in the cxf-encrypted-ut.xml shipped with Fediz. I've >>>> merged a >>>> fix here: >>>> >>>> http://svn.apache.org/viewvc?view=revision&revision=1359717 >>>> >>>> Colm. >>>> >>> >> >> >> -- >> Colm O hEigeartaigh >> >> Talend Community Coder >> http://coders.talend.com >> >> > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
