Re: BiPRO Security-Token-Service

Wed, 27 Aug 2014 08:19:20 -0700 

Could you create a test-case + I will take a look? Normally,
SecureConversationToken is used with a BootstrapPolicy, which it isn't in
this case.

Colm.

On Wed, Aug 27, 2014 at 12:04 PM, SRog <[email protected]> wrote:

> Hi there,
> I will give that a new try because I am not sure whats the problem.
>
> I have a STS which provides a SCT.
>
> My business service policy is described like this (BiPRO-standard):
>
>   <wsp:Policy wsu:Id="BiPROAuthSecurityPolicy">
>         <wsp:ExactlyOne>
>             <wsp:All>
>                 <sp:TransportBinding>
>                     <wsp:Policy>
>                         <sp:TransportToken>
>                             <wsp:Policy>
>                                 <sp:HttpsToken
>                                     RequireClientCertificate="false" />
>                             </wsp:Policy>
>                         </sp:TransportToken>
>                     </wsp:Policy>
>                 </sp:TransportBinding>
>                 <sp:SupportingTokens>
>                     <wsp:Policy>
>                         <sp:SecureConversationToken
>
> sp:IncludeToken="
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient
> ">
>                             <sp:Issuer>
>
> <wsa:Address>http://localhost:8080/DoubleItSTS/STS</wsa:Address>
>                             </sp:Issuer>
>                         </sp:SecureConversationToken>
>                     </wsp:Policy>
>                 </sp:SupportingTokens>
>             </wsp:All>
>         </wsp:ExactlyOne>
>     </wsp:Policy>
>
> Now I tried to call the business service with a request header like this:
>
>    <soapenv:Header>
>         <wsse:Security>
>                 <wsc:SecurityContextToken
> xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc";>
>
> <wsc:Identifier>uuid:D47D9C3E74F30DF5BE14090688057401</wsc:Identifier>
>                 </wsc:SecurityContextToken>
>         </wsse:Security>
>    </soapenv:Header>
>
> I thought that a call with a header like this has correct format to get
> processed but instead I got this message:
>
> These policy alternatives can not be satisfied:
> {
> http://schemas.xmlsoap.org/ws/2005/07/securitypolicy/IncludeToken/AlwaysToRecipient}SecureConversationToken
>
> Whats wrong with the request? How can I fix this issue?
>
> Regards,
> SRog
>
>
>
> --
> View this message in context:
> http://cxf.547215.n5.nabble.com/BiPRO-Security-Token-Service-tp5748199.html
> Sent from the cxf-user mailing list archive at Nabble.com.
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Reply via email to