The problem here is actually nothing to do with the EncodingType attribute. It's that a BinarySecurityToken is being included in the WS-Trust request Body and the STS is objecting as it does not know how to handle it. Why is this element being included here? Are both BinarySecurityTokens duplicates of each other?
Colm. On Sat, Jul 29, 2017 at 4:43 AM, NicholaiX <[email protected]> wrote: > Sorry for the late reply. I took some time to refactor and redo part of the > code. I'm still having an issue with this token, but the circumstances have > changed. I do have bsp-compliant set to false on the endpoint... > props.put("ws-security.is-bsp-compliant", "false"); > > > > 22:34:34.124 [XNIO-3 task-12] WARN o.a.c.s.r.RequestParser (123) - Found a > JAXB object of unknown type: > {http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss- > wssecurity-secext-1.0.xsd}BinarySecurityToken > 22:34:34.127 [XNIO-3 task-12] WARN o.a.c.s.r.RequestParser (132) - > org.apache.cxf.ws.security.sts.provider.STSException: The specified > RequestSecurityToken is not understood > at > org.apache.cxf.sts.request.RequestParser.parseRequest( > RequestParser.java:127) > at > org.apache.cxf.sts.operation.AbstractOperation.parseRequest( > AbstractOperation.java:202) > at > org.apache.cxf.sts.operation.TokenIssueOperation.issueSingle( > TokenIssueOperation.java:114) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java: > 62) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke( > DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at > org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider. > invoke(SecurityTokenServiceProvider.java:244) > at > com.hp.dfm.services.mdm.microsoft.impl.AOMServiceImpl. > invoke(AOMServiceImpl.java:269) > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java: > 62) > at > sun.reflect.DelegatingMethodAccessorImpl.invoke( > DelegatingMethodAccessorImpl.java:43) > at java.lang.reflect.Method.invoke(Method.java:498) > at > org.apache.cxf.service.invoker.AbstractInvoker.performInvocation( > AbstractInvoker.java:180) > at > org.apache.cxf.jaxws.JAXWSMethodInvoker.performInvocation( > JAXWSMethodInvoker.java:66) > at > org.apache.cxf.service.invoker.AbstractInvoker. > invoke(AbstractInvoker.java:96) > at > org.apache.cxf.jaxws.AbstractJAXWSMethodInvoker.invoke( > AbstractJAXWSMethodInvoker.java:232) > at > org.apache.cxf.jaxws.JAXWSMethodInvoker.invoke(JAXWSMethodInvoker.java:85) > at > org.apache.cxf.service.invoker.AbstractInvoker. > invoke(AbstractInvoker.java:74) > at > org.apache.cxf.interceptor.ServiceInvokerInterceptor$1. > run(ServiceInvokerInterceptor.java:59) > at java.util.concurrent.Executors$RunnableAdapter. > call(Executors.java:511) > at java.util.concurrent.FutureTask.run(FutureTask.java:266) > at > org.apache.cxf.interceptor.ServiceInvokerInterceptor$2. > run(ServiceInvokerInterceptor.java:126) > at > org.apache.cxf.workqueue.SynchronousExecutor.execute( > SynchronousExecutor.java:37) > at > org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage( > ServiceInvokerInterceptor.java:131) > at > org.apache.cxf.phase.PhaseInterceptorChain.doIntercept( > PhaseInterceptorChain.java:308) > at > org.apache.cxf.transport.ChainInitiationObserver.onMessage( > ChainInitiationObserver.java:121) > at > org.apache.cxf.transport.http.AbstractHTTPDestination.invoke( > AbstractHTTPDestination.java:263) > at > org.apache.cxf.transport.servlet.ServletController.invokeDestination( > ServletController.java:234) > at > org.apache.cxf.transport.servlet.ServletController. > invoke(ServletController.java:208) > at > org.apache.cxf.transport.servlet.ServletController. > invoke(ServletController.java:160) > at > org.apache.cxf.transport.servlet.CXFNonSpringServlet. > invoke(CXFNonSpringServlet.java:189) > at > org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest( > AbstractHTTPServlet.java:299) > at > org.apache.cxf.transport.servlet.AbstractHTTPServlet. > doPost(AbstractHTTPServlet.java:218) > at javax.servlet.http.HttpServlet.service(HttpServlet.java:707) > at > org.apache.cxf.transport.servlet.AbstractHTTPServlet. > service(AbstractHTTPServlet.java:274) > > > > > > -- > View this message in context: http://cxf.547215.n5.nabble. > com/STS-How-to-handle-BinarySecurityToken-when-it-s-not-as-expected- > tp5782018p5782177.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
