Yes, you're right, the Renew operation was not configured. I did that
and now the token seems to get renewed.
Unfortunately I get another exception now, and I don't know if that is
related to the previous problem.
I configured the token lifetime to 20 seconds.
After 5 minutes I get the following exception in the client. There is no
exception in the sts log:
Jan 28, 2015 8:51:06 AM org.apache.cxf.ws.addressing.soap.MAPCodec
restoreExchange
Warnung: Response message does not contain WS-Addressing properties.
Not correlating response.
Jan 28, 2015 8:51:06 AM
org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor handleMessage
Warnung: Request does not contain Security header, but it's a fault.
Jan 28, 2015 8:51:06 AM org.apache.cxf.ws.addressing.ContextUtils
retrieveMAPs
Warnung: WS-Addressing - failed to retrieve Message Addressing
Properties from context
javax.xml.ws.soap.SOAPFaultException: General security error (SAML token
security failure)
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:158)
at com.sun.proxy.$Proxy42.submitInvoice(Unknown Source)
at
ch.curabill.msp.service.invoicedelivery.client.InvoiceDeliveryClient.submitDocument(InvoiceDeliveryClient.java:216)
at
ch.curabill.msp.service.invoicedelivery.client.InvoiceDeliveryClient.main(InvoiceDeliveryClient.java:138)
Caused by: org.apache.cxf.binding.soap.SoapFault: General security error
(SAML token security failure)
at
org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.unmarshalFault(Soap11FaultInInterceptor.java:84)
at
org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:51)
at
org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.handleMessage(Soap11FaultInInterceptor.java:40)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at
org.apache.cxf.interceptor.AbstractFaultChainInitiatorObserver.onMessage(AbstractFaultChainInitiatorObserver.java:113)
at
org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:69)
at
org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.handleMessage(CheckFaultInterceptor.java:34)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:849)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponseInternal(HTTPConduit.java:1626)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.handleResponse(HTTPConduit.java:1515)
at
org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.close(HTTPConduit.java:1318)
at
org.apache.cxf.transport.AbstractConduit.close(AbstractConduit.java:56)
at
org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.java:632)
at
org.apache.cxf.interceptor.MessageSenderInterceptor$MessageSenderEndingInterceptor.handleMessage(MessageSenderInterceptor.java:62)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:272)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:572)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:481)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:382)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:335)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:136)
... 3 more
thanks,
Laci
On 27.01.2015 17:30, Colm O hEigeartaigh wrote:
Ok well the error here is that the STS you are using does not support
Renew, or it is not configured. The CXF client will then fall back to
getting a new token via "issue".
Colm.
On Tue, Jan 27, 2015 at 4:09 PM, Laci Gaspar <[email protected]> wrote:
I rebuilt the sts with cxf 2.7.14 and I get this: (I am sending a
directory full of files to a server)
Every time the token expires there is an Error in the log, but no
exception is thrown:
Jan 27, 2015 5:03:23 PM org.apache.cxf.ws.security.policy.interceptors.
IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor renewToken
Warnung: Error renewing a token
org.apache.cxf.binding.soap.SoapFault: Implementation for this operation
not found.
at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.
unmarshalFault(Soap11FaultInInterceptor.java:84)
at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.
handleMessage(Soap11FaultInInterceptor.java:51)
at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.
handleMessage(Soap11FaultInInterceptor.java:40)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(
PhaseInterceptorChain.java:272)
at org.apache.cxf.interceptor.AbstractFaultChainInitiatorObs
erver.onMessage(AbstractFaultChainInitiatorObserver.java:113)
at org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.
handleMessage(CheckFaultInterceptor.java:69)
at org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.
handleMessage(CheckFaultInterceptor.java:34)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(
PhaseInterceptorChain.java:272)
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:849)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.
handleResponseInternal(HTTPConduit.java:1626)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.
handleResponse(HTTPConduit.java:1515)
at org.apache.cxf.transport.http.HTTPConduit$
WrappedOutputStream.close(HTTPConduit.java:1318)
at org.apache.cxf.transport.AbstractConduit.close(
AbstractConduit.java:56)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.
java:632)
at org.apache.cxf.interceptor.MessageSenderInterceptor$
MessageSenderEndingInterceptor.handleMessage(
MessageSenderInterceptor.java:62)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(
PhaseInterceptorChain.java:272)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:572)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:481)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:382)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:335)
at org.apache.cxf.ws.security.trust.AbstractSTSClient.renew(
AbstractSTSClient.java:1066)
at org.apache.cxf.ws.security.trust.STSClient.
renewSecurityToken(STSClient.java:82)
at org.apache.cxf.ws.security.policy.interceptors.
IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.renewToken(
IssuedTokenInterceptorProvider.java:439)
at org.apache.cxf.ws.security.policy.interceptors.
IssuedTokenInterceptorProvider$IssuedTokenOutInterceptor.handleMessage(
IssuedTokenInterceptorProvider.java:156)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(
PhaseInterceptorChain.java:272)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:572)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:481)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:382)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:335)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(
JaxWsClientProxy.java:136)
at com.sun.proxy.$Proxy42.submitInvoice(Unknown Source)
at ch.curabill.msp.service.invoicedelivery.client.
InvoiceDeliveryClient.submitDocument(InvoiceDeliveryClient.java:216)
at ch.curabill.msp.service.invoicedelivery.client.
InvoiceDeliveryClient.main(InvoiceDeliveryClient.java:138)
but then before all files are sent I get an exception:
Jan 27, 2015 5:04:23 PM org.apache.cxf.ws.addressing.soap.MAPCodec
restoreExchange
Warnung: Response message does not contain WS-Addressing properties. Not
correlating response.
Jan 27, 2015 5:04:23 PM org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor
handleMessage
Warnung: Request does not contain Security header, but it's a fault.
Jan 27, 2015 5:04:23 PM org.apache.cxf.ws.addressing.ContextUtils
retrieveMAPs
Warnung: WS-Addressing - failed to retrieve Message Addressing Properties
from context
javax.xml.ws.soap.SOAPFaultException: General security error (SAML token
security failure)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(
JaxWsClientProxy.java:158)
at com.sun.proxy.$Proxy42.submitInvoice(Unknown Source)
at ch.curabill.msp.service.invoicedelivery.client.
InvoiceDeliveryClient.submitDocument(InvoiceDeliveryClient.java:216)
at ch.curabill.msp.service.invoicedelivery.client.
InvoiceDeliveryClient.main(InvoiceDeliveryClient.java:138)
Caused by: org.apache.cxf.binding.soap.SoapFault: General security error
(SAML token security failure)
at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.
unmarshalFault(Soap11FaultInInterceptor.java:84)
at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.
handleMessage(Soap11FaultInInterceptor.java:51)
at org.apache.cxf.binding.soap.interceptor.Soap11FaultInInterceptor.
handleMessage(Soap11FaultInInterceptor.java:40)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(
PhaseInterceptorChain.java:272)
at org.apache.cxf.interceptor.AbstractFaultChainInitiatorObs
erver.onMessage(AbstractFaultChainInitiatorObserver.java:113)
at org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.
handleMessage(CheckFaultInterceptor.java:69)
at org.apache.cxf.binding.soap.interceptor.CheckFaultInterceptor.
handleMessage(CheckFaultInterceptor.java:34)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(
PhaseInterceptorChain.java:272)
at org.apache.cxf.endpoint.ClientImpl.onMessage(ClientImpl.java:849)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.
handleResponseInternal(HTTPConduit.java:1626)
at org.apache.cxf.transport.http.HTTPConduit$WrappedOutputStream.
handleResponse(HTTPConduit.java:1515)
at org.apache.cxf.transport.http.HTTPConduit$
WrappedOutputStream.close(HTTPConduit.java:1318)
at org.apache.cxf.transport.AbstractConduit.close(
AbstractConduit.java:56)
at org.apache.cxf.transport.http.HTTPConduit.close(HTTPConduit.
java:632)
at org.apache.cxf.interceptor.MessageSenderInterceptor$
MessageSenderEndingInterceptor.handleMessage(
MessageSenderInterceptor.java:62)
at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(
PhaseInterceptorChain.java:272)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:572)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:481)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:382)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:335)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:96)
at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(
JaxWsClientProxy.java:136)
... 3 more
Any idea?
Thanks
Laci
On 27.01.2015 16:45, Colm O hEigeartaigh wrote:
Token renewing is, or should be, supported. However, maybe there is some
other issue that is causing the problem.
Colm.
On Tue, Jan 27, 2015 at 3:37 PM, Laci Gaspar <[email protected]> wrote:
Thanks for your quick answer, Colm.
Are you saying, that with a more recent version of CXF the token should
be
renewed automatically?
Thanks,
Laci
On 27.01.2015 16:34, Colm O hEigeartaigh wrote:
Could you try with a more recent version of CXF? There have been a bunch
of
issues fixed in relation to renewing tokens since the 2.7.7 release.
Colm.
On Tue, Jan 27, 2015 at 3:26 PM, Laci Gaspar <[email protected]> wrote:
Hi
We are using an sts (cxf 2.7.7) to issue saml 2 tokens for our
webservices.
Our WS Clients are instantiated by spring. Something like this:
SpringBusFactory bf = new SpringBusFactory();
URL busFile = new ClassPathResource("wssec-
client.xml").getURL();
Bus bus = bf.createBus(busFile.toString());
SpringBusFactory.setDefaultBus(bus);
SpringBusFactory.setThreadDefaultBus(bus);
Service service = Service.create(wsdlURL, SERVICE_NAME);
while (true) {
Greeter port = service.getPort(PORT_NAME, Greeter.class);
}
After the token expires I receive an exception calling the WS. Can
anybody
please help me with how I renew the token after it expires?
Any help is most appreciated.
Thanks,
Laci
