Hi,
I am trying to use SAML and use the configuration
coming with WSS4J CVS code, i.e.,
At the client side,
config.put("deployment", "client");
config.put("flow", "request-only");
config.put("action", "Timestamp
SAMLTokenUnsigned");
config.put("samlPropFile", "saml.properties");
at the server side
config.put("deployment", "server");
config.put("flow", "request-only");
config.put("action", "Timestamp
SAMLTokenUnsigned");
I use Sun's Jax-ws EA 2.0 and the soap message is
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";>
<soapenv:Header/>
<soapenv:Body>
<ns2:addNumbers xmlns:ns2="http://jtv.com";>
<number1>10</number1>
<number2>20</number2>
</ns2:addNumbers>
</soapenv:Body>
</soapenv:Envelope>
After the client did the security processing, the
message is:
<?xml version="1.0"
encoding="UTF-8"?><soapenv:Envelope
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";>
<soapenv:Header>
<wsse:Security
xmlns:wsse="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd";
soapenv:actor="test" soapenv:mustUnderstand="1">
<Assertion
xmlns="urn:oasis:names:tc:SAML:1.0:assertion"
xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion"
xmlns:samlp="urn:oasis:names:tc:SAML:1.0:protocol"
AssertionID="aa4441546da436294e634c74afd9bd69"
IssueInstant="2005-11-11T22:02:26.531Z"
Issuer="www.example.com" MajorVersion="1"
MinorVersion="1"><AuthenticationStatement
AuthenticationInstant="2005-11-11T22:02:26.517Z"
AuthenticationMethod="urn:oasis:names:tc:SAML:1.0:am:password"><Subject><NameIdentifier
NameQualifier="www.example.com">uid=joe,ou=people,ou=saml-demo,o=example.com</NameIdentifier><SubjectConfirmation><ConfirmationMethod>urn:oasis:names:tc:SAML:1.0:cm:sender-vouches</ConfirmationMethod></SubjectConfirmation></Subject></AuthenticationStatement></Assertion>
<wsu:Timestamp
xmlns:wsu="http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd";><wsu:Created>2005-11-11T22:02:25.967Z</wsu:Created><wsu:Expires>2005-11-11T22:07:25.967Z</wsu:Expires></wsu:Timestamp></wsse:Security></soapenv:Header>
<soapenv:Body>
<ns2:addNumbers xmlns:ns2="http://jtv.com";>
<number1>10</number1>
<number2>20</number2>
</ns2:addNumbers>
</soapenv:Body>
</soapenv:Envelope>
However, the server throwed the following error from
the log file,
com.sun.xml.messaging.saaj.soap.EnvelopeFactory
createEnvelope
SEVERE: SAAJ0511: Unable to create envelope from given
source
The client received the following fault message,
<?xml version="1.0" encoding="UTF-8"?>
<soapenv:Envelope xmlns:ns1="http://jtv.com";
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";>
<soapenv:Body>
<soapenv:Fault
xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";>
<faultcode>soapenv:Server</faultcode>
<faultstring>WSS4JHandler: cannot get SOAP
header after security processing</faultstring>
</soapenv:Fault>
</soapenv:Body>
</soapenv:Envelope>
Any hints for what was wrong?
Thanks in advance,
Jian
__________________________________
Yahoo! FareChase: Search multiple travel sites in one click.
http://farechase.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: [EMAIL PROTECTED]
For additional commands, e-mail: [EMAIL PROTECTED]
