RE: Claims authentication to SharePoint 2010 via Apache CXF Fediz IDP

Thu, 06 Feb 2014 07:49:47 -0800 

Hi there

The org.apache.cxf.fediz.service.idp.beans.STSClientAction which is configured 
in idp-servlet.xml doesn't provide you the attribute to set this.
Can you log a JIRA for this issue please?

As a workaround, you can patch the STSClientAction here:
        IdpSTSClient sts = new IdpSTSClient(cxfBus);
        sts.setAddressingNamespace(HTTP_WWW_W3_ORG_2005_08_ADDRESSING);
        sts.setWspNamespace("http://schemas.xmlsoap.org/ws/2004/09/policy";);

As you might aware of I've started enhancing the IDP to provide REST interfaces 
and using JPA to make the SP configuration persistent and indepedent of spring 
configurations [1]. I'll add the attributes for policy namespace and probably 
you also need the old ws-addressing namespace to the Application resource 
(Service Provider or Relying Party).

Let me know whether this workaround works for you.

Thanks
Oli



[1] http://owulff.blogspot.ch/2014/01/features-coming-in-fediz-12-rest.html

________________________________________
From: Hrbacek, Stepan [[email protected]]
Sent: 06 February 2014 16:17
To: [email protected]
Subject: RE: Claims authentication to SharePoint 2010 via Apache CXF Fediz IDP

It seems that SharePoint 2010 does not support Web Services Policy 1.5 
(http://www.w3.org/ns/ws-policy).
Is it please possible to configure Fediz IDP/STS to use Web Services Policy 1.2 
(http://schemas.xmlsoap.org/ws/2004/09/policy)?

> Now the communication goes all the way to SharePoint and this returns HTTP
> 500 error (Runtime Error). I the SharePoint logs I can see following 
> application
> error, but I don't know if it is blocking or not...
> 02/06/2014 11:18:00.40        w3wp.exe (0x1268)                               
> 0x0BD4
>       SharePoint Foundation           General                         8nca
>       Verbose         Application error when access /_trust/, Error=ID3007:
> The element 'AppliesTo' with namespace 'http://www.w3.org/ns/ws-policy' is
> unrecognized.   at
> Microsoft.IdentityModel.Protocols.WSTrust.WSTrustSerializationHelper.ReadRS
> TRXml(XmlReader reader, RequestSecurityTokenResponse rstr,
> WSTrustSerializationContext context, WSTrustConstantsAdapter trustConstants)
> at
> Microsoft.IdentityModel.Protocols.WSTrust.WSTrustSerializationHelper.CreateR
> esponse(XmlReader reader, WSTrustSerializationContext context,
> WSTrustResponseSerializer responseSerializer, WSTrustConstantsAdapter
> trustConstants)     at
> Microsoft.IdentityModel.Protocols.WSTrust.WSTrust13ResponseSerializer.Read
> Xml(XmlReader reader, WSTrustSerializationContext context)     at
> Microsoft.IdentityModel.Protocols.WSFederation.WSFederationSer...
>       94b07bcc-8709-4449-8c8f-c4e175e2949b

Reply via email to