It looks like the signature trust validation is not working correctly. The error about "org/apache/xml/security/resource/xmlsecurity" is related to the fact that some part of the application is initializing the Apache Santuario (XML Security) Init class before WSS4J does it. When this is done, the Santuario error message resource bundle is used instead of the WSS4J one.
See this recent JIRA for an explanation: https://issues.apache.org/jira/browse/WSS-631 The error should disappear if you can WSSConfig.init() before Apache Santuario is initialized. Colm. On Fri, Jul 13, 2018 at 4:38 PM, Alin <[email protected]> wrote: > I am not sure what the Merlin class is looking for in > > "org/apache/xml/security/resource/xmlsecurity > > > > These are the keystores that I have configured: > cas.authn.wsfedIdP.sts.signingKeystoreFile=/etc/cas/config/ststrust.jks > cas.authn.wsfedIdP.sts.signingKeystorePassword=storepass > cas.authn.wsfedIdP.sts.encryptionKeystoreFile=/etc/ > cas/config/stsencrypt.jks > cas.authn.wsfedIdP.sts.encryptionKeystorePassword=storepass > > # cas.authn.wsfedIdP.sts.subjectNameIdFormat=unspecified > cas.authn.wsfedIdP.sts.encryptTokens=false > > cas.authn.wsfedIdP.sts.realm.keystoreFile=/etc/cas/config/stscasrealm.jks > cas.authn.wsfedIdP.sts.realm.keystorePassword=storepass > cas.authn.wsfedIdP.sts.realm.keystoreAlias=realmcas > cas.authn.wsfedIdP.sts.realm.keyPassword=cas123456 > > > > > -- > Sent from: http://cxf.547215.n5.nabble.com/cxf-user-f547216.html > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
