What Fediz version are you using? Are you specifying a "org.apache.ws.security.crypto.merlin.keystore.alias" in your keystore properties and does it match " realmmyrealm"?
Colm. On Thu, Oct 19, 2017 at 12:52 PM, Matthew Broadhead < [email protected]> wrote: > Thanks Colm, yes that was caused by a typo in stsKeystore.properties. > > but now I get this: > org.apache.wss4j.common.ext.WSSecurityException: The private key for the > supplied alias does not exist in the keystore > Original Exception was org.apache.wss4j.common.ext.WSSecurityException: > The private key for the supplied alias does not exist in the keystore > Original Exception was java.security.UnrecoverableKeyException: Cannot > recover key > at org.apache.wss4j.common.saml.SamlAssertionWrapper.signAssert > ion(SamlAssertionWrapper.java:542) > at org.apache.cxf.sts.token.provider.AbstractSAMLTokenProvider. > signToken(AbstractSAMLTokenProvider.java:121) > at org.apache.cxf.sts.token.provider.SAMLTokenProvider.createSa > mlToken(SAMLTokenProvider.java:319) > at org.apache.cxf.sts.token.provider.SAMLTokenProvider.createTo > ken(SAMLTokenProvider.java:117) > at org.apache.cxf.sts.operation.TokenIssueOperation.issueSingle > (TokenIssueOperation.java:171) > > but if i do keytool -list -v -keystore stsrealm_myrealm.jks i get > Keystore type: JKS > Keystore provider: SUN > > Your keystore contains 1 entry > > Alias name: realmmyrealm > Creation date: 17-Oct-2017 > Entry type: PrivateKeyEntry > Certificate chain length: 1 > Certificate[1]: > > > On 19/10/2017 13:27, Colm O hEigeartaigh wrote: > >> The error is that the STS can't load the signature properties file. For >> example, in the default STS the RealmProperties references the >> signaturePropertiesFile for the realm here: >> >> https://github.com/apache/cxf-fediz/blob/aee07e167458e468f12 >> 3954f177c79f17df2c083/services/sts/src/main/webapp/ >> WEB-INF/data/realms.xml#L62 >> >> which in turn is here: >> >> https://github.com/apache/cxf-fediz/blob/master/services/sts >> /src/main/resources/stsKeystoreA.properties >> >> On Thu, Oct 19, 2017 at 10:31 AM, Matthew Broadhead < >> [email protected]> wrote: >> >> Hi, >>> >>> I am following this article by Jan https://janbernhardt.blogspot. >>> com.es/2016/02/apache-fediz-installation-in-productive.html and I think >>> I >>> am close to getting it working but I have hit this error that I cannot >>> work >>> out. Can anyone help? >>> >>> org.apache.cxf.sts.token.provider.SAMLTokenProvider - >>> org.apache.cxf.ws.security.sts.provider.STSException: Configuration >>> error: cannot load signature properties >>> at org.apache.cxf.sts.token.realm.RealmProperties.getSignatureC >>> rypto(RealmProperties.java:156) >>> at org.apache.cxf.sts.token.provider.AbstractSAMLTokenProvider. >>> signToken(AbstractSAMLTokenProvider.java:59) >>> at org.apache.cxf.sts.token.provider.SAMLTokenProvider.createSa >>> mlToken(SAMLTokenProvider.java:319) >>> at org.apache.cxf.sts.token.provider.SAMLTokenProvider.createTo >>> ken(SAMLTokenProvider.java:117) >>> at org.apache.cxf.sts.operation.TokenIssueOperation.issueSingle >>> (TokenIssueOperation.java:171) >>> >>> >>> >> > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
