Re: STS and SecurityTokenReference

Thu, 08 Jan 2015 06:42:59 -0800 

What version of CXF are you using? Also, how are you configuring security
for the STS endpoint? Does it have a security policy in place? If not, are
you adding WSS4JInInterceptor to the in-interceptor list?

Colm.

On Wed, Jan 7, 2015 at 3:13 PM, Christofer Steingrefer <
[email protected]> wrote:

> Hey,
>
> i have a problem with my sts when i'm working with a
> securitytokenreference. I always get the error message: The specified
> request failed.
>
> Here is my request:
> <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";>
>    <soap:Header>
>       <wsse:Security xmlns:wsse="
>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> ">
>          <wsc:SecurityContextToken
> wsu:Id="sctId-4B86208B4873A9675F141898652726933" xmlns:wsc="
> http://schemas.xmlsoap.org/ws/2005/02/sc"; xmlns:wsu="
>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd
> ">
>
> <wsc:Identifier>uuid:75d41d5f-f817-4f3f-888b-baed3542b566</wsc:Identifier>
>          </wsc:SecurityContextToken>
>       </wsse:Security>
>    </soap:Header>
>    <soap:Body>
>       <wst:RequestSecurityToken xmlns:wst="
> http://docs.oasis-open.org/ws-sx/ws-trust/200512";>
>          <wst:TokenType>http://schemas.xmlsoap.org/ws/2005/02/sc/sct
> </wst:TokenType>
>          <wst:RequestType>
> http://docs.oasis-open.org/ws-sx/ws-trust/200512/Validate
> </wst:RequestType>
>          <wst:ValidateTarget>
>             <wsse:SecurityTokenReference xmlns:wsse="
>
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd
> ">
>                <wsse:Reference
> URI="#sctId-4B86208B4873A9675F141898652726933"/>
>             </wsse:SecurityTokenReference>
>          </wst:ValidateTarget>
>       </wst:RequestSecurityToken>
>    </soap:Body>
> </soap:Envelope>
>
> In the class RequestParser an exception is thrown:
> the code in line 745 the code starts like this:
> final List<WSHandlerResult> handlerResults =
>             CastUtils.cast((List<?>)
> messageContext.get(WSHandlerConstants.RECV_RESULTS));
>
>         if (handlerResults != null && handlerResults.size() > 0) {
> .....
>
> And handlerResults is always null, so if-clause fails and an exception is
> thrown. Do you know what i can do to work with SecurityTokenReference?
> When i replace the TokenReference by the Token, the validation works fine.
>
> Thanks,
> Chris
>



-- 
Colm O hEigeartaigh

Talend Community Coder
http://coders.talend.com

Reply via email to