Hi Colm, <<<< I think the reason that when you view the WSDL via " https://wkengchoi.global.sdl.corp:9443/fedizidpsts/STSService?wsdl"; you only see the correct address for the "TransportUT_Port" is that "/STSService" is the address defined for the TransportUT_Port in cxf-transport.xml. If you want to see the correct address for the "Transport_Port" in cxf-transport.xml you would use the WSDL location " https://wkengchoi.global.sdl.corp:9443/fedizidpsts/STSServiceTransport?wsdl"; etc. >>>>
Now I understand what you are talking about. I was trying to see what I want to see. So, Fediz STS has wsdl file for each end point. This is something different than ADFS. I was expecting one generic wsdl file(I thought that it was https://wkengchoi.global.sdl.corp:9443/fedizidpsts/STSService?wsdl) for entire Fediz STS and I thought it will be is fine long as I mention port name that I going to use at the client side. When I use UTEncrypted endpoint, then I have to use wsdl https://wkengchoi.global.sdl.corp:9443/fedizidpsts/UTEncrypted?wsdl as Fediz STS wsdl reference. Thanks. Gina On Wed, Jul 11, 2012 at 8:47 AM, Colm O hEigeartaigh <[email protected]>wrote: > > I think the reason that when you view the WSDL via " > https://wkengchoi.global.sdl.corp:9443/fedizidpsts/STSService?wsdl"; you > only see the correct address for the "TransportUT_Port" is that > "/STSService" is the address defined for the TransportUT_Port in > cxf-transport.xml. If you want to see the correct address for the > "Transport_Port" in cxf-transport.xml you would use the WSDL location " > https://wkengchoi.global.sdl.corp:9443/fedizidpsts/STSServiceTransport?wsdl"; > etc. > > Colm. > > > On Wed, Jul 11, 2012 at 12:43 PM, Gina Choi <[email protected]> wrote: > >> Following is what I have. >> >> <jaxws:client name="{ >> http://www.example.org/contract/DoubleIt}DoubleItPort"; >> createdFromAPI="true"> >> <jaxws:properties> >> <!-- Use below for UT Authentication between WSC and STS --> >> <entry key="ws-security.sts.client"> >> <bean class="org.apache.cxf.ws.security.trust.STSClient"> >> <constructor-arg ref="cxf"/> >> <property name="wsdlLocation" value=" >> http://wkengchoi.global.sdl.corp:9080/fedizidpsts/STSService?wsdl"/> >> <property name="serviceName" value="{ >> http://docs.oasis-open.org/ws-sx/ws-trust/200512/}SecurityTokenService"/> >> <property name="endpointName" value="{ >> http://docs.oasis-open.org/ws-sx/ws-trust/200512/}UTEncrypted_Port"/> >> <property name="properties"> >> <map> >> <entry key="ws-security.username" >> value="gchoi"/> >> <entry key="ws-security.callback-handler" >> value="client.ClientCallbackHandler"/> >> <entry key="ws-security.encryption.properties" >> value="clientKeystore.properties"/> >> <entry key="ws-security.encryption.username" >> value="mystskey"/> >> </map> >> </property> >> </bean> >> </entry> >> </jaxws:properties> >> </jaxws:client> >> </beans> >> >> >> On Wed, Jul 11, 2012 at 7:24 AM, Colm O hEigeartaigh <[email protected] >> > wrote: >> >>> >>> What does your client configuration look like for this case? >>> >>> Colm. >>> >>> >>> On Wed, Jul 11, 2012 at 11:58 AM, Gina Choi <[email protected]>wrote: >>> >>>> Hi Colm, >>>> >>>> Thanks for confirmation. If I browse( >>>> https://wkengchoi.global.sdl.corp:9443/fedizidpsts/STSService?wsdl) >>>> Fediz STS wsdl file, I see following content. As you noticed that except >>>> TransportUT_Port, >>>> soap address for port UTEncrypted_Por, UT_Port and Transport_Port are >>>> relative address(TransportKerberos_Port seems not ready. I might >>>> comment this out). >>>> >>>> >>>> <wsdl:service name="SecurityTokenService"> >>>> >>>> <wsdl:port binding="wstrust:X509_Binding" name="X509_Port"> >>>> >>>> <soap:address location="/X509"/> >>>> >>>> </wsdl:port> >>>> >>>> <wsdl:port binding="wstrust:TransportUT_Binding" >>>> name="TransportUT_Port"> >>>> >>>> <soap:address location=" >>>> https://wkengchoi.global.sdl.corp:9443/fedizidpsts/STSService"/> >>>> >>>> </wsdl:port> >>>> >>>> <wsdl:port binding="wstrust:TransportKerberos_Binding" >>>> name="TransportKerberos_Port"> >>>> >>>> <soap:address location=" >>>> http://wkengchoi.global.sdl.corp:9080/jaxws-sts/sts"/> >>>> >>>> </wsdl:port> >>>> >>>> <wsdl:port binding="wstrust:UTEncrypted_Binding" >>>> name="UTEncrypted_Port"> >>>> >>>> <soap:address location="/UTEncrypted"/> >>>> >>>> </wsdl:port> >>>> >>>> <wsdl:port binding="wstrust:Transport_Binding" >>>> name="Transport_Port"> >>>> >>>> <soap:address location="/STSServiceTransport"/> >>>> >>>> </wsdl:port> >>>> >>>> <wsdl:port binding="wstrust:UT_Binding" name="UT_Port"> >>>> >>>> <soap:address location="/UT"/> >>>> >>>> </wsdl:port> >>>> >>>> </wsdl:service> >>>> >>>> Part of current configuration of my ws-trust-1.4-service.wsdl is as >>>> follow. >>>> >>>> <wsdl:service name="SecurityTokenService"> >>>> >>>> <wsdl:port name="UT_Port" binding="tns:UT_Binding"> >>>> >>>> <soap:address location=" >>>> http://wkengchoi.global.sdl.corp:9080/jaxws-sts/sts"; /> >>>> >>>> </wsdl:port> >>>> >>>> <wsdl:port name="X509_Port" binding="tns:X509_Binding"> >>>> >>>> <soap:address location=" >>>> http://wkengchoi.global.sdl.corp:9080/jaxws-sts/sts"; /> >>>> >>>> </wsdl:port> >>>> >>>> <wsdl:port name="Transport_Port" binding="tns:Transport_Binding"> >>>> >>>> <soap:address location=" >>>> http://wkengchoi.global.sdl.corp:9080/jaxws-sts/sts"; /> >>>> >>>> </wsdl:port> >>>> >>>> <wsdl:port name="UTEncrypted_Port" >>>> binding="tns:UTEncrypted_Binding"> >>>> >>>> <soap:address location=" >>>> http://wkengchoi.global.sdl.corp:9080/jaxws-sts/sts"; /> >>>> >>>> </wsdl:port> >>>> >>>> <wsdl:port name="TransportUT_Port" >>>> binding="tns:TransportUT_Binding"> >>>> >>>> <soap:address location=" >>>> http://wkengchoi.global.sdl.corp:9080/jaxws-sts/sts"; /> >>>> >>>> </wsdl:port> >>>> >>>> <wsdl:port name="TransportKerberos_Port" >>>> binding="tns:TransportKerberos_Binding"> >>>> >>>> <soap:address location=" >>>> http://wkengchoi.global.sdl.corp:9080/jaxws-sts/sts"; /> >>>> >>>> </wsdl:port> >>>> >>>> </wsdl:service> >>>> >>>> >>>> >>>> When I run my client toward UTEncrypted_Port, I am getting following >>>> exception. So, it doesn't like relative address. >>>> >>>> Exception in thread "main" javax.xml.ws.WebServiceException: Could not >>>> send Message. >>>> at >>>> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:145) >>>> at $Proxy25.doubleIt(Unknown Source) >>>> at client.WSClient.doubleIt(WSClient.java:18) >>>> at client.WSClient.main(WSClient.java:11) >>>> *Caused by: java.net.MalformedURLException: no protocol: /UTEncrypted* >>>> at java.net.URL.<init>(URL.java:567) >>>> at java.net.URL.<init>(URL.java:464) >>>> at java.net.URL.<init>(URL.java:413) >>>> at >>>> org.apache.cxf.transport.http.HTTPConduit.getURL(HTTPConduit.java:752) >>>> at >>>> org.apache.cxf.transport.http.HTTPConduit.getURL(HTTPConduit.java:741) >>>> at >>>> org.apache.cxf.transport.http.HTTPConduit.setupURL(HTTPConduit.java:685) >>>> at >>>> org.apache.cxf.transport.http.HTTPConduit.prepare(HTTPConduit.java:474) >>>> at >>>> org.apache.cxf.interceptor.MessageSenderInterceptor.handleMessage(MessageSenderInterceptor.java:46) >>>> at >>>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262) >>>> at >>>> org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:532) >>>> at >>>> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:464) >>>> at >>>> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:367) >>>> at >>>> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:320) >>>> at >>>> org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:722) >>>> at >>>> org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:602) >>>> at >>>> org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.java:594) >>>> at >>>> org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.getTokenFromSTS(IssuedTokenInterceptorProvider.java:404) >>>> at >>>> org.apache.cxf.ws.security.policy.interceptors.IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.handleMessage(IssuedTokenInterceptorProvider.java:188) >>>> at >>>> org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:262) >>>> at >>>> org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:532) >>>> at >>>> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:464) >>>> at >>>> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:367) >>>> at >>>> org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:320) >>>> at >>>> org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:89) >>>> at >>>> org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134) >>>> >>>> Thanks. >>>> >>>> Gina >>>> >>> > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com > >
