Hey, my CXF-Version is 3.0.3. I'm configuring the STS with a xml-file, the security policy is defined in wsdl. Many information came from https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Fuse/6.0/html/Web_Services_Security_Guide/files/STS-Arch-Overview.html The WSS4JInInterceptor is in the list and i checked that it is called first.
Chris 2015-01-08 15:42 GMT+01:00 Colm O hEigeartaigh <[email protected]>: > What version of CXF are you using? Also, how are you configuring security > for the STS endpoint? Does it have a security policy in place? If not, are > you adding WSS4JInInterceptor to the in-interceptor list? > > Colm. > > On Wed, Jan 7, 2015 at 3:13 PM, Christofer Steingrefer < > [email protected]> wrote: > > > Hey, > > > > i have a problem with my sts when i'm working with a > > securitytokenreference. I always get the error message: The specified > > request failed. > > > > Here is my request: > > <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";> > > <soap:Header> > > <wsse:Security xmlns:wsse=" > > > > > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd > > "> > > <wsc:SecurityContextToken > > wsu:Id="sctId-4B86208B4873A9675F141898652726933" xmlns:wsc=" > > http://schemas.xmlsoap.org/ws/2005/02/sc"; xmlns:wsu=" > > > > > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd > > "> > > > > > <wsc:Identifier>uuid:75d41d5f-f817-4f3f-888b-baed3542b566</wsc:Identifier> > > </wsc:SecurityContextToken> > > </wsse:Security> > > </soap:Header> > > <soap:Body> > > <wst:RequestSecurityToken xmlns:wst=" > > http://docs.oasis-open.org/ws-sx/ws-trust/200512";> > > <wst:TokenType>http://schemas.xmlsoap.org/ws/2005/02/sc/sct > > </wst:TokenType> > > <wst:RequestType> > > http://docs.oasis-open.org/ws-sx/ws-trust/200512/Validate > > </wst:RequestType> > > <wst:ValidateTarget> > > <wsse:SecurityTokenReference xmlns:wsse=" > > > > > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd > > "> > > <wsse:Reference > > URI="#sctId-4B86208B4873A9675F141898652726933"/> > > </wsse:SecurityTokenReference> > > </wst:ValidateTarget> > > </wst:RequestSecurityToken> > > </soap:Body> > > </soap:Envelope> > > > > In the class RequestParser an exception is thrown: > > the code in line 745 the code starts like this: > > final List<WSHandlerResult> handlerResults = > > CastUtils.cast((List<?>) > > messageContext.get(WSHandlerConstants.RECV_RESULTS)); > > > > if (handlerResults != null && handlerResults.size() > 0) { > > ..... > > > > And handlerResults is always null, so if-clause fails and an exception is > > thrown. Do you know what i can do to work with SecurityTokenReference? > > When i replace the TokenReference by the Token, the validation works > fine. > > > > Thanks, > > Chris > > > > > > -- > Colm O hEigeartaigh > > Talend Community Coder > http://coders.talend.com >
