What does the security policy look like? Colm.
On Fri, Jan 9, 2015 at 7:24 AM, Christofer Steingrefer < [email protected]> wrote: > Hey, > > my CXF-Version is 3.0.3. > I'm configuring the STS with a xml-file, the security policy is defined in > wsdl. > Many information came from > https://access.redhat.com/documentation/en-US/Red_Hat_JBoss_Fuse/6.0/html/Web_Services_Security_Guide/files/STS-Arch-Overview.html > The WSS4JInInterceptor is in the list and i checked that it is called > first. > > Chris > > 2015-01-08 15:42 GMT+01:00 Colm O hEigeartaigh <[email protected]>: > >> What version of CXF are you using? Also, how are you configuring security >> for the STS endpoint? Does it have a security policy in place? If not, are >> you adding WSS4JInInterceptor to the in-interceptor list? >> >> Colm. >> >> On Wed, Jan 7, 2015 at 3:13 PM, Christofer Steingrefer < >> [email protected]> wrote: >> >> > Hey, >> > >> > i have a problem with my sts when i'm working with a >> > securitytokenreference. I always get the error message: The specified >> > request failed. >> > >> > Here is my request: >> > <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/";> >> > <soap:Header> >> > <wsse:Security xmlns:wsse=" >> > >> > >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd >> > "> >> > <wsc:SecurityContextToken >> > wsu:Id="sctId-4B86208B4873A9675F141898652726933" xmlns:wsc=" >> > http://schemas.xmlsoap.org/ws/2005/02/sc"; xmlns:wsu=" >> > >> > >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd >> > "> >> > >> > >> <wsc:Identifier>uuid:75d41d5f-f817-4f3f-888b-baed3542b566</wsc:Identifier> >> > </wsc:SecurityContextToken> >> > </wsse:Security> >> > </soap:Header> >> > <soap:Body> >> > <wst:RequestSecurityToken xmlns:wst=" >> > http://docs.oasis-open.org/ws-sx/ws-trust/200512";> >> > <wst:TokenType>http://schemas.xmlsoap.org/ws/2005/02/sc/sct >> > </wst:TokenType> >> > <wst:RequestType> >> > http://docs.oasis-open.org/ws-sx/ws-trust/200512/Validate >> > </wst:RequestType> >> > <wst:ValidateTarget> >> > <wsse:SecurityTokenReference xmlns:wsse=" >> > >> > >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd >> > "> >> > <wsse:Reference >> > URI="#sctId-4B86208B4873A9675F141898652726933"/> >> > </wsse:SecurityTokenReference> >> > </wst:ValidateTarget> >> > </wst:RequestSecurityToken> >> > </soap:Body> >> > </soap:Envelope> >> > >> > In the class RequestParser an exception is thrown: >> > the code in line 745 the code starts like this: >> > final List<WSHandlerResult> handlerResults = >> > CastUtils.cast((List<?>) >> > messageContext.get(WSHandlerConstants.RECV_RESULTS)); >> > >> > if (handlerResults != null && handlerResults.size() > 0) { >> > ..... >> > >> > And handlerResults is always null, so if-clause fails and an exception >> is >> > thrown. Do you know what i can do to work with SecurityTokenReference? >> > When i replace the TokenReference by the Token, the validation works >> fine. >> > >> > Thanks, >> > Chris >> > >> >> >> >> -- >> Colm O hEigeartaigh >> >> Talend Community Coder >> http://coders.talend.com >> > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
