Hi, Your problem is caused by SSL handshake by getting WSDL from 'https://localhost:9093/SecurityTokenService/Transport?wsdl':
javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR: Problem parsing 'https://localhost:9093/SecurityTokenService/Transport?wsdl'.: javax.net.ssl.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target at com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(Unknown Source) at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source) at It means that Sun security provider doesn't accept certificate from server. I have not the solution at the moment, will look into in the next days. You can try proposals from following links: http://caffiendfrog.blogspot.de/2011/06/setting-up-apache-cxf-with-ssl-for.html http://stackoverflow.com/questions/8000918/apache-cxf-soap-client-using-generated-stubs-in-https http://stackoverflow.com/questions/12178273/how-do-i-setup-a-cxf-soap-client-connection-over-https-with-username-password-n Regards, Andrei. > -----Original Message----- > From: geecxf [mailto:[email protected]] > Sent: Dienstag, 19. März 2013 19:57 > To: [email protected] > Subject: RE: Code only STSClient > > Andrei, > > Unfortunately, getDefaultBus() and getDefaultSpringBus() are not returning > a bus that works. On the other hand, injecting the bus into a class property > does work. Here is my spring configuration: > > <cxf:bus name="cxf"> > <cxf:features> > <cxf:logging /> > </cxf:features> > </cxf:bus> > > <jaxws:client > > name="{http://docs.oasis-open.org/ws-sx/ws- > trust/200512/}SecurityTokenService" > createdFromAPI="true" username="demo" password="demo" /> > > <http:conduit name="https://localhost:.*"; > > <http:tlsClientParameters > disableCNCheck="true"> > <sec:trustManagers> > <sec:keyStore type="jks" password="cspass" > resource="certs/clientKeystore.jks" /> > </sec:trustManagers> > </http:tlsClientParameters> > </http:conduit> > > The error I get with the bus returned from getDefaultBus() and > getThreadDefaultBus(): > > "org.apache.cxf.service.factory.ServiceConstructionException: Failed to > create service. at > org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.java: > 94) > at > org.apache.cxf.ws.security.trust.STSClient.createClient(STSClient.java:550) > at > org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.j > ava:641) > at > org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.j > ava:635) > at > org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.j > ava:627) > at > com.ge.dsp.example.webservice.test.SamlRestTest.requestSecurityToken(S > amlRestTest.java:400) > at > com.ge.dsp.example.webservice.test.SamlRestTest.testGetSamlBearerToke > nFromSts(SamlRestTest.java:291) > at com.ge.dsp.testng.runner.TestNgRunner.test(TestNgRunner.java:153) at > com.ge.dsp.testng.runner.TestNgRunner.init(TestNgRunner.java:130) at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanF > actory$8.run(AbstractAutowireCapableBeanFactory.java:1568) > at java.security.AccessController.doPrivileged(Native Method) at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanF > actory.invokeCustomInitMethod(AbstractAutowireCapableBeanFactory.java > :1566) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanF > actory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1522) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanF > actory.initializeBean(AbstractAutowireCapableBeanFactory.java:1452) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanF > actory.doCreateBean(AbstractAutowireCapableBeanFactory.java:519) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanF > actory.createBean(AbstractAutowireCapableBeanFactory.java:456) > at > org.springframework.beans.factory.support.AbstractBeanFactory$1.getObje > ct(AbstractBeanFactory.java:294) > at > org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.g > etSingleton(DefaultSingletonBeanRegistry.java:225) > at > org.springframework.beans.factory.support.AbstractBeanFactory.doGetBea > n(AbstractBeanFactory.java:291) > at > org.springframework.beans.factory.support.AbstractBeanFactory.getBean(A > bstractBeanFactory.java:193) > at > org.springframework.beans.factory.support.DefaultListableBeanFactory.preI > nstantiateSingletons(DefaultListableBeanFactory.java:609) > at > org.springframework.context.support.AbstractApplicationContext.finishBea > nFactoryInitialization(AbstractApplicationContext.java:918) > at > org.springframework.osgi.context.support.AbstractDelegatedExecutionAppli > cationContext.access$1600(AbstractDelegatedExecutionApplicationContext.j > ava:69) > at > org.springframework.osgi.context.support.AbstractDelegatedExecutionAppli > cationContext$4.run(AbstractDelegatedExecutionApplicationContext.java:35 > 5) > at > org.springframework.osgi.util.internal.PrivilegedUtils.executeWithCustomTC > CL(PrivilegedUtils.java:85) > at > org.springframework.osgi.context.support.AbstractDelegatedExecutionAppli > cationContext.completeRefresh(AbstractDelegatedExecutionApplicationCon > text.java:320) > at > org.springframework.osgi.extender.internal.dependencies.startup.Depende > ncyWaiterApplicationContextExecutor$CompleteRefreshTask.run(Dependen > cyWaiterApplicationContextExecutor.java:132) > at java.lang.Thread.run(Thread.java:680) Caused by: > javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR: > Problem parsing > 'https://localhost:9093/SecurityTokenService/Transport?wsdl'.: > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target at > com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(Unknown Source) at > com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source) at > com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source) at > org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl > .java:249) > at > org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl. > java:192) > at > org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.java: > 92) > ... 52 more Caused by: javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target at > com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174) at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1747) at > com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241) at > com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235) at > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandsh > aker.java:1209) > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandsh > aker.java:135) > at > com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593) > at > com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:52 > 9) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:9 > 43) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSock > etImpl.java:1188) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.ja > va:1215) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.ja > va:1199) > at > sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434) > at > sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect( > AbstractDelegateHttpsURLConnection.java:166) > at > sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLCo > nnection.java:1172) > at > sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Http > sURLConnectionImpl.java:234) > at > com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrentE > ntity(XMLEntityManager.java:675) > at > com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineDo > cVersion(XMLVersionDetector.java:186) > at > com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML > 11Configuration.java:772) > at > com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML > 11Configuration.java:737) > at > com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.jav > a:119) > at > com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.j > ava:232) > at > com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(Docu > mentBuilderImpl.java:284) > ... 58 more Caused by: sun.security.validator.ValidatorException: PKIX path > building failed: sun.security.provider.certpath.SunCertPathBuilderException: > unable to find valid certification path to requested target at > sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323) at > sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217) > at sun.security.validator.Validator.validate(Validator.java:218) at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustMana > gerImpl.java:126) > at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X50 > 9TrustManagerImpl.java:209) > at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X50 > 9TrustManagerImpl.java:249) > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandsh > aker.java:1188) > ... 76 more Caused by: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target at > sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPath > Builder.java:174) > at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238) at > sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318) ... 82 > more ... Removed 25 stack frames > org.apache.cxf.service.factory.ServiceConstructionException: Failed to > create service. at > org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.java: > 94) > at > org.apache.cxf.ws.security.trust.STSClient.createClient(STSClient.java:550) > at > org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.j > ava:641) > at > org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.j > ava:635) > at > org.apache.cxf.ws.security.trust.STSClient.requestSecurityToken(STSClient.j > ava:627) > at > com.ge.dsp.example.webservice.test.SamlRestTest.requestSecurityToken(S > amlRestTest.java:400) > at > com.ge.dsp.example.webservice.test.SamlRestTest.testGetSamlBearerToke > nFromSts(SamlRestTest.java:291) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.j > ava:39) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces > sorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) at > org.testng.internal.MethodInvocationHelper.invokeMethod(MethodInvocat > ionHelper.java:80) > at org.testng.internal.Invoker.invokeMethod(Invoker.java:714) at > org.testng.internal.Invoker.invokeTestMethod(Invoker.java:901) at > org.testng.internal.Invoker.invokeTestMethods(Invoker.java:1231) at > org.testng.internal.TestMethodWorker.invokeTestMethods(TestMethodWo > rker.java:127) > at org.testng.internal.TestMethodWorker.run(TestMethodWorker.java:111) > at > org.testng.TestRunner.privateRun(TestRunner.java:767) at > org.testng.TestRunner.run(TestRunner.java:617) at > org.testng.SuiteRunner.runTest(SuiteRunner.java:334) at > org.testng.SuiteRunner.runSequentially(SuiteRunner.java:329) at > org.testng.SuiteRunner.privateRun(SuiteRunner.java:291) at > org.testng.SuiteRunner.run(SuiteRunner.java:240) at > org.testng.SuiteRunnerWorker.runSuite(SuiteRunnerWorker.java:52) at > org.testng.SuiteRunnerWorker.run(SuiteRunnerWorker.java:86) at > org.testng.TestNG.runSuitesSequentially(TestNG.java:1198) at > org.testng.TestNG.runSuitesLocally(TestNG.java:1123) at > org.testng.TestNG.run(TestNG.java:1031) at > com.ge.dsp.testng.runner.TestNgRunner.test(TestNgRunner.java:153) at > com.ge.dsp.testng.runner.TestNgRunner.init(TestNgRunner.java:130) at > sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.j > ava:39) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAcces > sorImpl.java:25) > at java.lang.reflect.Method.invoke(Method.java:597) at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanF > actory$8.run(AbstractAutowireCapableBeanFactory.java:1568) > at java.security.AccessController.doPrivileged(Native Method) at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanF > actory.invokeCustomInitMethod(AbstractAutowireCapableBeanFactory.java > :1566) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanF > actory.invokeInitMethods(AbstractAutowireCapableBeanFactory.java:1522) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanF > actory.initializeBean(AbstractAutowireCapableBeanFactory.java:1452) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanF > actory.doCreateBean(AbstractAutowireCapableBeanFactory.java:519) > at > org.springframework.beans.factory.support.AbstractAutowireCapableBeanF > actory.createBean(AbstractAutowireCapableBeanFactory.java:456) > at > org.springframework.beans.factory.support.AbstractBeanFactory$1.getObje > ct(AbstractBeanFactory.java:294) > at > org.springframework.beans.factory.support.DefaultSingletonBeanRegistry.g > etSingleton(DefaultSingletonBeanRegistry.java:225) > at > org.springframework.beans.factory.support.AbstractBeanFactory.doGetBea > n(AbstractBeanFactory.java:291) > at > org.springframework.beans.factory.support.AbstractBeanFactory.getBean(A > bstractBeanFactory.java:193) > at > org.springframework.beans.factory.support.DefaultListableBeanFactory.preI > nstantiateSingletons(DefaultListableBeanFactory.java:609) > at > org.springframework.context.support.AbstractApplicationContext.finishBea > nFactoryInitialization(AbstractApplicationContext.java:918) > at > org.springframework.osgi.context.support.AbstractDelegatedExecutionAppli > cationContext.access$1600(AbstractDelegatedExecutionApplicationContext.j > ava:69) > at > org.springframework.osgi.context.support.AbstractDelegatedExecutionAppli > cationContext$4.run(AbstractDelegatedExecutionApplicationContext.java:35 > 5) > at > org.springframework.osgi.util.internal.PrivilegedUtils.executeWithCustomTC > CL(PrivilegedUtils.java:85) > at > org.springframework.osgi.context.support.AbstractDelegatedExecutionAppli > cationContext.completeRefresh(AbstractDelegatedExecutionApplicationCon > text.java:320) > at > org.springframework.osgi.extender.internal.dependencies.startup.Depende > ncyWaiterApplicationContextExecutor$CompleteRefreshTask.run(Dependen > cyWaiterApplicationContextExecutor.java:132) > at java.lang.Thread.run(Thread.java:680) Caused by: > javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR: > Problem parsing > 'https://localhost:9093/SecurityTokenService/Transport?wsdl'.: > javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target at > com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(Unknown Source) at > com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source) at > com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source) at > org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl > .java:249) > at > org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl. > java:192) > at > org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.java: > 92) > ... 52 more Caused by: javax.net.ssl.SSLHandshakeException: > sun.security.validator.ValidatorException: PKIX path building failed: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target at > com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174) at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1747) at > com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241) at > com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235) at > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandsh > aker.java:1209) > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHandsh > aker.java:135) > at > com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:593) > at > com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.java:52 > 9) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.java:9 > 43) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SSLSock > etImpl.java:1188) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.ja > va:1215) > at > com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketImpl.ja > va:1199) > at > sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:434) > at > sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect( > AbstractDelegateHttpsURLConnection.java:166) > at > sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLCo > nnection.java:1172) > at > sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Http > sURLConnectionImpl.java:234) > at > com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrentE > ntity(XMLEntityManager.java:675) > at > com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineDo > cVersion(XMLVersionDetector.java:186) > at > com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML > 11Configuration.java:772) > at > com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(XML > 11Configuration.java:737) > at > com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.jav > a:119) > at > com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.j > ava:232) > at > com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(Docu > mentBuilderImpl.java:284) > ... 58 more Caused by: sun.security.validator.ValidatorException: PKIX path > building failed: sun.security.provider.certpath.SunCertPathBuilderException: > unable to find valid certification path to requested target at > sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323) at > sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.java:217) > at sun.security.validator.Validator.validate(Validator.java:218) at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustMana > gerImpl.java:126) > at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X50 > 9TrustManagerImpl.java:209) > at > com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(X50 > 9TrustManagerImpl.java:249) > at > com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(ClientHandsh > aker.java:1188) > ... 76 more Caused by: > sun.security.provider.certpath.SunCertPathBuilderException: unable to find > valid certification path to requested target at > sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCertPath > Builder.java:174) > at java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238) at > sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318) ... 82 > more " > > > > -- > View this message in context: http://cxf.547215.n5.nabble.com/Code-only- > STSClient-tp5724575p5724805.html > Sent from the cxf-user mailing list archive at Nabble.com.
