[
https://issues.apache.org/jira/browse/WSS-213?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=12772002#action_12772002
]
Jay Blanton commented on WSS-213:
---------------------------------
Colm...thanks again for your help.
Here is a sample class for background.
This is a class we built with BEA support so that we could implement SAML
Sender Vouches (version 1.1) and just a digital signature of the SAML Assertion.
It uses just OpenSAML.
package foo.opensaml;
import java.io.FileInputStream;
import java.io.FileNotFoundException;
import java.io.IOException;
import java.security.Key;
import java.security.KeyStore;
import java.security.KeyStoreException;
import java.security.NoSuchAlgorithmException;
import java.security.UnrecoverableKeyException;
import java.security.cert.Certificate;
import java.security.cert.CertificateException;
import java.util.ArrayList;
import java.util.Arrays;
import java.util.Collection;
import java.util.Collections;
import java.util.Date;
import java.util.List;
import java.util.Set;
import org.apache.commons.io.IOUtils;
import org.apache.commons.lang.BooleanUtils;
import org.apache.commons.lang.StringUtils;
import org.apache.xml.security.signature.XMLSignature;
import org.opensaml.SAMLAssertion;
import org.opensaml.SAMLAttribute;
import org.opensaml.SAMLAttributeStatement;
import org.opensaml.SAMLAuthenticationStatement;
import org.opensaml.SAMLException;
import org.opensaml.SAMLNameIdentifier;
import org.opensaml.SAMLResponse;
import org.opensaml.SAMLSignedObject;
import org.opensaml.SAMLSubject;
import org.opensaml.SAMLSubjectStatement;
import org.springframework.core.io.ClassPathResource;
import org.springframework.core.io.DefaultResourceLoader;
import org.springframework.core.io.ResourceLoader;
/**
* The Class SAMLAuthenticationHandler.
*/
public class SAMLAuthenticationHandler {
/** The Constant ASSERTION_ISSUER. */
public static final String ASSERTION_ISSUER = "assertion.issuer";
/** The Constant CERTIFICATE_PASSWORD. */
public static final String CERTIFICATE_PASSWORD =
"certificate.password";
/** The Constant CERTIFICATE_ALIAS. */
public static final String CERTIFICATE_ALIAS = "certificate.alias";
/** The Constant CERTIFICATE_KEYSTORE_PATH. */
public static final String CERTIFICATE_KEYSTORE_PATH =
"certificate.keystore.path";
/** The Constant ASSERTION_SIGN. */
public static final String ASSERTION_SIGN = "assertion.sign";
/** The Constant ASSERTION_USERNAME. */
public static final String ASSERTION_USERNAME = "assertion.username";
/** The Constant SIGNATURE_INCLUDECERT. */
public static final String SIGNATURE_INCLUDECERT =
"signature.includecert";
/** The Constant SAML_ASSERTION. */
public static final String SAML_ASSERTION = "SAML.Assertion";
/** The Constant SAML_ASSERTION_CERTPATH. */
public static final String SAML_ASSERTION_CERTPATH =
"SAML.Assertion.Certpath";
private String credentialType = SAML_ASSERTION;
private String assertionUserName;
private boolean signAssertion = false;
private Set<?> groups = Collections.EMPTY_SET;
private long notBeforeMs;
private long notAfterMs;
private String certKeystorePath;
private String certKeystoreType = "JKS";
private String certAlias;
private String certPassword;
private String assertionIssuer;
private String recipient;
/**
* Instantiates a new SAML authentication handler.
*
* @param config
* the config
*/
public SAMLAuthenticationHandler() {
super();
}
/**
* Handle request.
*
* @return the SOAP header block
*/
public String getSamlAssertion() {
String assertion = getSAMLAssertion(assertionUserName, //
username
groups, // groups
signAssertion, // isSigned
notBeforeMs, // not before condition
notAfterMs, // not after condition
certKeystorePath, // keystore uri
certKeystoreType, // trusted keystore type
certAlias, // trusted cert alias
certPassword, // trusted cert alias password
credentialType, // credentialType
assertionIssuer, // issuerURI
recipient // recipient
);
System.out.println(assertion);
return assertion;
}
public String getCredentialType() {
return credentialType;
}
public void setCredentialType(String credentialType) {
this.credentialType = credentialType;
}
public String getAssertionUserName() {
return assertionUserName;
}
public void setAssertionUserName(String assertionUserName) {
this.assertionUserName = assertionUserName;
}
public boolean isSignAssertion() {
return signAssertion;
}
public void setSignAssertion(boolean signAssertion) {
this.signAssertion = signAssertion;
}
public void setSignAssertion(String signAssertion) {
this.signAssertion = BooleanUtils.toBoolean(signAssertion);
}
public Set<?> getGroups() {
return groups;
}
public void setGroups(Set<?> groups) {
this.groups = groups;
}
public long getNotBeforeMs() {
return notBeforeMs;
}
public void setNotBeforeMs(long notBeforeMs) {
this.notBeforeMs = notBeforeMs;
}
public long getNotAfterMs() {
return notAfterMs;
}
public void setNotAfterMs(long notAfterMs) {
this.notAfterMs = notAfterMs;
}
public String getCertKeystorePath() {
return certKeystorePath;
}
public void setCertKeystorePath(String certKeystorePath) {
this.certKeystorePath = certKeystorePath;
}
public String getCertKeystoreType() {
return certKeystoreType;
}
public void setCertKeystoreType(String certKeystoreType) {
this.certKeystoreType = certKeystoreType;
}
public String getCertAlias() {
return certAlias;
}
public void setCertAlias(String certAlias) {
this.certAlias = certAlias;
}
public String getCertPassword() {
return certPassword;
}
public void setCertPassword(String certPassword) {
this.certPassword = certPassword;
}
public String getAssertionIssuer() {
return assertionIssuer;
}
public void setAssertionIssuer(String assertionIssuer) {
this.assertionIssuer = assertionIssuer;
}
public String getRecipient() {
return recipient;
}
public void setRecipient(String recipient) {
this.recipient = recipient;
}
/** The Constant UNKNOWN_RECIPIENT. */
public static final String UNKNOWN_RECIPIENT = "unknown";
/** The Constant SAML_RESPONSE. */
public static final String SAML_RESPONSE = "SAML.Profile.POST";
/** The Constant SAML_RESPONSE_CERTPATH. */
public static final String SAML_RESPONSE_CERTPATH =
"SAML.Profile.POST.Certpath";
/** The Constant SAML_RESPONSE_NO_CERTPATH. */
public static final String SAML_RESPONSE_NO_CERTPATH =
"SAML.Profile.POST.NoCertpath";
/** The Constant WLES_GROUP_TAG. */
private static final String WLES_GROUP_TAG = "WLESGroup";
/** The Constant WLES_GROUP_NS. */
private static final String WLES_GROUP_NS =
"urn:bea:security:saml:groups";
/**
* Gets the SAML assertion.
*
* @param userName
* the user name
* @param groups
* the groups
* @param isSigned
* the is signed
* @param notBeforeMs
* the not before_ms
* @param notAfterMs
* the not after_ms
* @param trustedKeystore
* the trusted keystore
* @param trustedKeystoreType
* the trusted keystore type
* @param trustedCertAlias
* the trusted cert alias
* @param trustedCertAliasPasswd
* the trusted cert alias passwd
* @param credentialType
* the credential type
* @param issuer
* the issuer
* @param recipient
* the recipient
*
* @return the SAML assertion
*/
public String getSAMLAssertion(String userName, Set<?> groups,
boolean isSigned, long notBeforeMs, long notAfterMs,
String trustedKeystore, String trustedKeystoreType,
String trustedCertAlias, String trustedCertAliasPasswd,
String credentialType, String issuer, String recipient) {
boolean asResponse = isResponseType(credentialType);
boolean withCertPath = requireCertpath(credentialType);
ClassLoader dirCLDR = this.getClass().getClassLoader();
ClassLoader threadCLDR =
Thread.currentThread().getContextClassLoader();
try {
Thread.currentThread().setContextClassLoader(dirCLDR);
SAMLSubject subject = new SAMLSubject(new
SAMLNameIdentifier(
userName, null, null), Collections
.singleton(SAMLSubject.CONF_SENDER_VOUCHES),
null, null);
SAMLAttributeStatement attrStat = null;
if ((groups != null) && (groups.size() != 0)) {
attrStat = createAttributeStatement(subject,
groups);
}
SAMLAssertion assertion = createAssertion(
createAuthenticationStatement(subject),
attrStat,
notBeforeMs, notAfterMs, issuer);
SAMLSignedObject signedObject = null;
if (asResponse) {
List<SAMLAssertion> assertionList = new
ArrayList<SAMLAssertion>();
assertionList.add(assertion);
String responseRecipient = recipient;
if (StringUtils.isEmpty(recipient)) {
responseRecipient = UNKNOWN_RECIPIENT;
}
SAMLResponse response = new SAMLResponse(null,
responseRecipient, assertionList, null);
if (isSigned) {
signedObject =
getSignedAssertion(response,
trustedKeystore,
trustedKeystoreType,
trustedCertAlias,
trustedCertAliasPasswd,
withCertPath, asResponse);
}
}
else {
if (isSigned) {
signedObject =
getSignedAssertion(assertion,
trustedKeystore,
trustedKeystoreType,
trustedCertAlias,
trustedCertAliasPasswd,
withCertPath, asResponse);
}
}
if (signedObject != null) {
return signedObject.toString();
}
else {
return assertion.toString();
}
}
catch (SAMLException e) {
throw new RuntimeException(e);
}
finally {
Thread.currentThread().setContextClassLoader(threadCLDR);
}
}
/**
* Creates a new SAMLToken object.
*
* @param authnStat
* the authn stat
* @param attrStat
* the attr stat
* @param notBeforeMs
* the not before_ms
* @param notAfterMs
* the not after_ms
* @param issuer
* the issuer
*
* @return the SAML assertion
*/
private SAMLAssertion createAssertion(
SAMLAuthenticationStatement authnStat,
SAMLAttributeStatement attrStat, long notBeforeMs, long
notAfterMs,
String issuer) {
SAMLAssertion samlAssertion = null;
long now = System.currentTimeMillis();
Date notBefore = new Date(now - notBeforeMs);
Date notOnOrAfter = new Date(now + notAfterMs);
List<SAMLSubjectStatement> statements = new
ArrayList<SAMLSubjectStatement>();
if (authnStat != null) {
statements.add(authnStat);
}
if (attrStat != null) {
statements.add(attrStat);
}
try {
samlAssertion = new SAMLAssertion(issuer, notBefore,
notOnOrAfter,
null, null, statements);
}
catch (SAMLException e) {
throw new RuntimeException(e);
}
return samlAssertion;
}
/**
* Creates a new SAMLToken object.
*
* @param subject
* the subject
* @param groups
* the groups
*
* @return the SAML attribute statement
*/
private SAMLAttributeStatement createAttributeStatement(
SAMLSubject subject, Collection<?> groups) {
SAMLAttributeStatement attrStmt = null;
try {
SAMLAttribute wlesGroup = new
SAMLAttribute(WLES_GROUP_TAG,
WLES_GROUP_NS, null, 0, groups);
ArrayList<SAMLAttribute> wlesGroups = new
ArrayList<SAMLAttribute>();
wlesGroups.add(wlesGroup);
attrStmt = new SAMLAttributeStatement(
(SAMLSubject) subject.clone(), wlesGroups);
}
catch (SAMLException e) {
throw new RuntimeException(e);
}
catch (CloneNotSupportedException e) {
throw new RuntimeException(e);
}
return attrStmt;
}
/**
* Creates a new SAMLToken object.
*
* @param subject
* the subject
*
* @return the SAML authentication statement
*/
private SAMLAuthenticationStatement createAuthenticationStatement(
SAMLSubject subject) {
String authnMtd =
SAMLAuthenticationStatement.AuthenticationMethod_Password;
SAMLAuthenticationStatement authnStat = null;
try {
authnStat = new
SAMLAuthenticationStatement((SAMLSubject) subject
.clone(), authnMtd, new Date(), null, null,
null);
}
catch (SAMLException e) {
throw new RuntimeException(e);
}
catch (CloneNotSupportedException e) {
throw new RuntimeException(e);
}
return authnStat;
}
/**
* Gets the signed assertion.
*
* @param assertion
* the assertion
* @param keyStoreFilename
* the key store filename
* @param keyStoreType
* the key store type
* @param certAlias
* the cert alias
* @param certPswd
* the cert pswd
* @param includeCertpath
* the include certpath
* @param isResponse
* the is response
*
* @return the signed assertion
*/
private SAMLSignedObject getSignedAssertion(SAMLSignedObject assertion,
String keyStoreFilename, String keyStoreType, String certAlias,
String certPswd, boolean includeCertpath, boolean isResponse) {
if (StringUtils.isEmpty(keyStoreFilename)) {
throw new SecurityException(
"keyStoreFilename is either null or empty
string");
}
if (StringUtils.isEmpty(keyStoreType)) {
throw new SecurityException("keyStoreType is either
null or empty");
}
if (StringUtils.isEmpty(certAlias)) {
throw new SecurityException("certAlias is either null
or empty");
}
if (StringUtils.isEmpty(certPswd)) {
throw new SecurityException("certPswd is either null or
empty");
}
FileInputStream fin = null;
try {
KeyStore store = KeyStore.getInstance(keyStoreType);
ResourceLoader rs = new DefaultResourceLoader();
ClassPathResource resource = (ClassPathResource) rs
.getResource(keyStoreFilename);
fin = new FileInputStream(resource.getFile());
store.load(fin, null);
Key privateKey = store.getKey(certAlias,
certPswd.toCharArray());
if (privateKey != null) {
List<Certificate> certs = new
ArrayList<Certificate>();
if (includeCertpath) {
if (isResponse) {
Certificate cert =
store.getCertificate(certAlias);
if (cert == null) {
throw new
SecurityException(
"unable to get
certificate using certAlias");
}
certs.add(cert);
}
else {
Certificate certArray[] = store
.getCertificateChain(certAlias);
if (certArray == null) {
throw new
SecurityException(
"unable to get
certificate chain using certAlias");
}
certs.addAll(Arrays.asList(certArray));
}
assertion.sign(XMLSignature.ALGO_ID_SIGNATURE_RSA,
privateKey, certs);
}
else {
assertion.sign(XMLSignature.ALGO_ID_SIGNATURE_RSA,
privateKey, null);
}
}
else {
throw new SecurityException(
"private key was null and hence cannot
sign assertion");
}
}
catch (KeyStoreException e) {
throw new RuntimeException(e);
}
catch (FileNotFoundException e) {
throw new RuntimeException(e);
}
catch (NoSuchAlgorithmException e) {
throw new RuntimeException(e);
}
catch (CertificateException e) {
throw new RuntimeException(e);
}
catch (UnrecoverableKeyException e) {
throw new RuntimeException(e);
}
catch (IOException e) {
throw new RuntimeException(e);
}
catch (SAMLException e) {
throw new RuntimeException(e);
}
finally {
IOUtils.closeQuietly(fin);
}
return assertion;
}
/**
* Checks if is response type.
*
* @param credentialTypes
* the credential types
*
* @return true, if is response type
*/
private boolean isResponseType(String credentialTypes) {
boolean responseType = false;
if (SAML_RESPONSE.equals(credentialTypes)
|| SAML_RESPONSE_CERTPATH.equals(credentialTypes)
|| SAML_RESPONSE_NO_CERTPATH.equals(credentialTypes)) {
responseType = true;
}
return responseType;
}
/**
* Require certpath.
*
* @param credentialTypes
* the credential types
*
* @return true, if successful
*/
private boolean requireCertpath(String credentialTypes) {
boolean requireCertpath = false;
if (SAML_ASSERTION_CERTPATH.equals(credentialTypes)
|| SAML_RESPONSE.equals(credentialTypes)
|| SAML_RESPONSE_CERTPATH.equals(credentialTypes)) {
requireCertpath = true;
}
return requireCertpath;
}
}
> Running TestWSSecurityNewST2 Fails - General security error (No certificates
> were found for SAML signature)
> -----------------------------------------------------------------------------------------------------------
>
> Key: WSS-213
> URL: https://issues.apache.org/jira/browse/WSS-213
> Project: WSS4J
> Issue Type: Bug
> Affects Versions: 1.5.8
> Environment: OS = Ubuntu 9.04
> Eclipse = JEE Eclipse, Galileo, STS, m2eclipse
> JDK = java-6-sun-1.6.0.16, java-1.5.0-sun-1.5.0.19 (attempted as well)
> Reporter: Jay Blanton
> Assignee: Ruchith Udayanga Fernando
> Priority: Critical
> Attachments: wss4j.saml-jks.tar.gz, wss4j.saml.tar.gz
>
>
> I pulled down the 1.5.8, 1.5.8-SNAPSHOT, and pulled down the trunk for 1.6.
> I tried to build the trunk by doing a mvn package -Dmaven.test.skip=true
> (because quite a few unit tests fail).
> Then I try to run TestWSSecurityNewST2 and it fails.
> This is the exact issue I am having when trying to get my Spring Web Service
> Implementation to work with WSS4J's SAML Support (which it appears that
> Spring does not expose so I have to create a custom Interceptor).
> I have working examples of a digital signature, encryption, and UsernameToken
> with Spring Web Services support for SAML, but the SAML is not working. So I
> specifically went to the WSS4J examples to see if I could get those working
> first, and then working with my keystores, but the default test does not work
> for me that shipped with WSS4J.
> [INFO] Scanning for projects...
> [INFO]
> ------------------------------------------------------------------------
> [INFO] Building Ping Web Service Client
> [INFO]
> [INFO] Id: com.foo:ping.ws-saml:jar:0.0.1-SNAPSHOT
> [INFO] task-segment: [package]
> [INFO]
> ------------------------------------------------------------------------
> [INFO] [resources:resources]
> [INFO] Using default encoding to copy filtered resources.
> url = http://repo1.maven.org/maven2
> Downloading:
> http://repo1.maven.org/maven2/com/sun/xml/wss/xws-security/2.0-FCS/xws-security-2.0-FCS.pom
> url = http://static.appfuse.org/repository
> Downloading:
> http://static.appfuse.org/repository/com/sun/xml/wss/xws-security/2.0-FCS/xws-security-2.0-FCS.pom
> url = http://repository.jboss.com/maven2
> Downloading:
> http://repository.jboss.com/maven2/com/sun/xml/wss/xws-security/2.0-FCS/xws-security-2.0-FCS.pom
> [INFO] [compiler:compile]
> [INFO] Compiling 10 source files to
> /home/a068071/Public/Development/eclipse3.5-workspace/ping.ws-saml/target/classes
> url = http://repo1.maven.org/maven2
> Downloading:
> http://repo1.maven.org/maven2/com/sun/xml/wss/xws-security/2.0-FCS/xws-security-2.0-FCS.pom
> url = http://static.appfuse.org/repository
> Downloading:
> http://static.appfuse.org/repository/com/sun/xml/wss/xws-security/2.0-FCS/xws-security-2.0-FCS.pom
> url = http://repository.jboss.com/maven2
> Downloading:
> http://repository.jboss.com/maven2/com/sun/xml/wss/xws-security/2.0-FCS/xws-security-2.0-FCS.pom
> [INFO] [jibx:bind]
> [INFO] Not running JiBX binding compiler (single-module mode) - no binding
> files
> [INFO] [resources:testResources]
> [INFO] Using default encoding to copy filtered resources.
> url = http://repo1.maven.org/maven2
> Downloading:
> http://repo1.maven.org/maven2/com/sun/xml/wss/xws-security/2.0-FCS/xws-security-2.0-FCS.pom
> url = http://static.appfuse.org/repository
> Downloading:
> http://static.appfuse.org/repository/com/sun/xml/wss/xws-security/2.0-FCS/xws-security-2.0-FCS.pom
> url = http://repository.jboss.com/maven2
> Downloading:
> http://repository.jboss.com/maven2/com/sun/xml/wss/xws-security/2.0-FCS/xws-security-2.0-FCS.pom
> [INFO] [compiler:testCompile]
> [INFO] Compiling 4 source files to
> /home/a068071/Public/Development/eclipse3.5-workspace/ping.ws-saml/target/test-classes
> url = http://repo1.maven.org/maven2
> Downloading:
> http://repo1.maven.org/maven2/com/sun/xml/wss/xws-security/2.0-FCS/xws-security-2.0-FCS.pom
> url = http://static.appfuse.org/repository
> Downloading:
> http://static.appfuse.org/repository/com/sun/xml/wss/xws-security/2.0-FCS/xws-security-2.0-FCS.pom
> url = http://repository.jboss.com/maven2
> Downloading:
> http://repository.jboss.com/maven2/com/sun/xml/wss/xws-security/2.0-FCS/xws-security-2.0-FCS.pom
> [INFO] [surefire:test]
> [INFO] Surefire report directory:
> /home/a068071/Public/Development/eclipse3.5-workspace/ping.ws-saml/target/surefire-reports
> DEBUG [security.util.Loader] Trying to find [crypto.properties] using
> sun.misc.launcher$appclassloa...@133056f class loader.
> DEBUG [components.crypto.CryptoFactory] Using Crypto Engine
> [org.apache.ws.security.components.crypto.Merlin]
> DEBUG [components.crypto.AbstractCrypto] CA certs have been loaded
> DEBUG [security.util.Loader] Trying to find [crypto.properties] using
> sun.misc.launcher$appclassloa...@133056f class loader.
> DEBUG [components.crypto.CryptoFactory] Using Crypto Engine
> [org.apache.ws.security.components.crypto.Merlin]
> DEBUG [components.crypto.AbstractCrypto] CA certs have been loaded
> DEBUG [security.util.Loader] Trying to find [crypto.properties] using
> sun.misc.launcher$appclassloa...@133056f class loader.
> DEBUG [components.crypto.CryptoFactory] Using Crypto Engine
> [org.apache.ws.security.components.crypto.Merlin]
> DEBUG [components.crypto.AbstractCrypto] CA certs have been loaded
> DEBUG [security.util.Loader] Trying to find [crypto.properties] using
> sun.misc.launcher$appclassloa...@133056f class loader.
> DEBUG [components.crypto.CryptoFactory] Using Crypto Engine
> [org.apache.ws.security.components.crypto.Merlin]
> DEBUG [components.crypto.AbstractCrypto] CA certs have been loaded
> -------------------------------------------------------
> T E S T S
> -------------------------------------------------------
> Running wssec.TestWSSecurityNewST2
> DEBUG [security.util.Loader] Trying to find [saml.properties] using
> sun.misc.launcher$appclassloa...@133056f class loader.
> INFO [security.saml.SAMLIssuerFactory] Using Crypto Engine
> [org.apache.ws.security.saml.SAMLIssuerImpl]
> DEBUG [security.util.Loader] Trying to find [crypto.properties] using
> sun.misc.launcher$appclassloa...@133056f class loader.
> DEBUG [components.crypto.CryptoFactory] Using Crypto Engine
> [org.apache.ws.security.components.crypto.Merlin]
> DEBUG [components.crypto.AbstractCrypto] CA certs have been loaded
> DEBUG [security.saml.SAMLIssuerImpl] Begin add SAMLAssertion token...
> INFO [wssec.TestWSSecurityNewST2] Before SAMLSignedSenderVouches....
> DEBUG [security.saml.WSSecSignatureSAML] Beginning ST signing...
> DEBUG [security.util.Loader] Trying to find [saml.properties] using
> sun.misc.launcher$appclassloa...@133056f class loader.
> INFO [security.saml.SAMLIssuerFactory] Using Crypto Engine
> [org.apache.ws.security.saml.SAMLIssuerImpl]
> DEBUG [security.util.Loader] Trying to find [crypto.properties] using
> sun.misc.launcher$appclassloa...@133056f class loader.
> DEBUG [components.crypto.CryptoFactory] Using Crypto Engine
> [org.apache.ws.security.components.crypto.Merlin]
> DEBUG [components.crypto.AbstractCrypto] CA certs have been loaded
> DEBUG [security.saml.SAMLIssuerImpl] Begin add SAMLAssertion token...
> INFO [wssec.TestWSSecurityNewST2] Before SAMLSignedSenderVouches....
> DEBUG [security.saml.WSSecSignatureSAML] Beginning ST signing...
> DEBUG [security.util.Loader] Trying to find [saml3.properties] using
> sun.misc.launcher$appclassloa...@133056f class loader.
> INFO [security.saml.SAMLIssuerFactory] Using Crypto Engine
> [org.apache.ws.security.saml.SAMLIssuerImpl]
> DEBUG [security.util.Loader] Trying to find [crypto.properties] using
> sun.misc.launcher$appclassloa...@133056f class loader.
> DEBUG [components.crypto.CryptoFactory] Using Crypto Engine
> [org.apache.ws.security.components.crypto.Merlin]
> DEBUG [components.crypto.AbstractCrypto] CA certs have been loaded
> DEBUG [security.saml.SAMLIssuerImpl] Begin add SAMLAssertion token...
> INFO [wssec.TestWSSecurityNewST2] Before SAMLSignedSenderVouches....
> DEBUG [security.saml.WSSecSignatureSAML] Beginning ST signing...
> DEBUG [security.util.Loader] Trying to find [saml.properties] using
> sun.misc.launcher$appclassloa...@133056f class loader.
> INFO [security.saml.SAMLIssuerFactory] Using Crypto Engine
> [org.apache.ws.security.saml.SAMLIssuerImpl]
> DEBUG [security.util.Loader] Trying to find [crypto.properties] using
> sun.misc.launcher$appclassloa...@133056f class loader.
> DEBUG [components.crypto.CryptoFactory] Using Crypto Engine
> [org.apache.ws.security.components.crypto.Merlin]
> DEBUG [components.crypto.AbstractCrypto] CA certs have been loaded
> DEBUG [security.saml.SAMLIssuerImpl] Begin add SAMLAssertion token...
> DEBUG [security.saml.WSSecSignatureSAML] Beginning ST signing...
> Tests run: 4, Failures: 0, Errors: 4, Skipped: 0, Time elapsed: 0.222 sec <<<
> FAILURE!
> Results :
> Tests in error:
> testSAMLSignedSenderVouches(wssec.TestWSSecurityNewST2)
> testSAMLSignedSenderVouchesKeyIdentifier(wssec.TestWSSecurityNewST2)
> testDefaultIssuerClass(wssec.TestWSSecurityNewST2)
> testWSS62(wssec.TestWSSecurityNewST2)
> Tests run: 5, Failures: 0, Errors: 5, Skipped: 0
> [ERROR]
> Mojo:
> org.apache.maven.plugins:maven-surefire-plugin:2.4.2:test
> FAILED for project:
> com.foo:ping.ws-saml:jar:0.0.1-SNAPSHOT
> Reason:
> There are test failures.
> Please refer to
> /home/jay/Public/Development/eclipse3.5-workspace/ping.ws-saml/target/surefire-reports
> for the individual test results.
> [INFO]
> ------------------------------------------------------------------------
> [INFO] For more information, run with the -e flag
> [INFO]
> ------------------------------------------------------------------------
> [INFO] BUILD FAILED
> [INFO]
> ------------------------------------------------------------------------
> [INFO] Total time: 16 seconds
> [INFO] Finished at: Wed Oct 07 13:29:03 PDT 2009
> [INFO] Final Memory: 4M/25M
> [INFO]
> ------------------------------------------------------------------------
> Here is the errors from the test report:
> -------------------------------------------------------------------------------
> Test set: wssec.TestWSSecurityNewST2
> -------------------------------------------------------------------------------
> Tests run: 4, Failures: 0, Errors: 4, Skipped: 0, Time elapsed: 0.731 sec <<<
> FAILURE!
> testSAMLSignedSenderVouches(wssec.TestWSSecurityNewST2) Time elapsed: 0.486
> sec <<< ERROR!
> org.apache.ws.security.WSSecurityException: General security error (No
> certificates were found for SAML signature)
> at
> org.apache.ws.security.saml.WSSecSignatureSAML.prepare(WSSecSignatureSAML.java:276)
> at
> org.apache.ws.security.saml.WSSecSignatureSAML.build(WSSecSignatureSAML.java:110)
> at
> wssec.TestWSSecurityNewST2.testSAMLSignedSenderVouches(TestWSSecurityNewST2.java:114)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at junit.framework.TestCase.runTest(TestCase.java:168)
> at junit.framework.TestCase.runBare(TestCase.java:134)
> at junit.framework.TestResult$1.protect(TestResult.java:110)
> at junit.framework.TestResult.runProtected(TestResult.java:128)
> at junit.framework.TestResult.run(TestResult.java:113)
> at junit.framework.TestCase.run(TestCase.java:124)
> at junit.framework.TestSuite.runTest(TestSuite.java:232)
> at junit.framework.TestSuite.run(TestSuite.java:227)
> at
> org.junit.internal.runners.JUnit38ClassRunner.run(JUnit38ClassRunner.java:81)
> at
> org.apache.maven.surefire.junit4.JUnit4TestSet.execute(JUnit4TestSet.java:62)
> at
> org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.executeTestSet(AbstractDirectoryTestSuite.java:140)
> at
> org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.execute(AbstractDirectoryTestSuite.java:127)
> at org.apache.maven.surefire.Surefire.run(Surefire.java:177)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at
> org.apache.maven.surefire.booter.SurefireBooter.runSuitesInProcess(SurefireBooter.java:338)
> at
> org.apache.maven.surefire.booter.SurefireBooter.main(SurefireBooter.java:997)
> testSAMLSignedSenderVouchesKeyIdentifier(wssec.TestWSSecurityNewST2) Time
> elapsed: 0.064 sec <<< ERROR!
> org.apache.ws.security.WSSecurityException: General security error (No
> certificates were found for SAML signature)
> at
> org.apache.ws.security.saml.WSSecSignatureSAML.prepare(WSSecSignatureSAML.java:276)
> at
> org.apache.ws.security.saml.WSSecSignatureSAML.build(WSSecSignatureSAML.java:110)
> at
> wssec.TestWSSecurityNewST2.testSAMLSignedSenderVouchesKeyIdentifier(TestWSSecurityNewST2.java:156)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at junit.framework.TestCase.runTest(TestCase.java:168)
> at junit.framework.TestCase.runBare(TestCase.java:134)
> at junit.framework.TestResult$1.protect(TestResult.java:110)
> at junit.framework.TestResult.runProtected(TestResult.java:128)
> at junit.framework.TestResult.run(TestResult.java:113)
> at junit.framework.TestCase.run(TestCase.java:124)
> at junit.framework.TestSuite.runTest(TestSuite.java:232)
> at junit.framework.TestSuite.run(TestSuite.java:227)
> at
> org.junit.internal.runners.JUnit38ClassRunner.run(JUnit38ClassRunner.java:81)
> at
> org.apache.maven.surefire.junit4.JUnit4TestSet.execute(JUnit4TestSet.java:62)
> at
> org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.executeTestSet(AbstractDirectoryTestSuite.java:140)
> at
> org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.execute(AbstractDirectoryTestSuite.java:127)
> at org.apache.maven.surefire.Surefire.run(Surefire.java:177)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at
> org.apache.maven.surefire.booter.SurefireBooter.runSuitesInProcess(SurefireBooter.java:338)
> at
> org.apache.maven.surefire.booter.SurefireBooter.main(SurefireBooter.java:997)
> testDefaultIssuerClass(wssec.TestWSSecurityNewST2) Time elapsed: 0.156 sec
> <<< ERROR!
> org.apache.ws.security.WSSecurityException: General security error (No
> certificates were found for SAML signature)
> at
> org.apache.ws.security.saml.WSSecSignatureSAML.prepare(WSSecSignatureSAML.java:276)
> at
> org.apache.ws.security.saml.WSSecSignatureSAML.build(WSSecSignatureSAML.java:110)
> at
> wssec.TestWSSecurityNewST2.testDefaultIssuerClass(TestWSSecurityNewST2.java:200)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at junit.framework.TestCase.runTest(TestCase.java:168)
> at junit.framework.TestCase.runBare(TestCase.java:134)
> at junit.framework.TestResult$1.protect(TestResult.java:110)
> at junit.framework.TestResult.runProtected(TestResult.java:128)
> at junit.framework.TestResult.run(TestResult.java:113)
> at junit.framework.TestCase.run(TestCase.java:124)
> at junit.framework.TestSuite.runTest(TestSuite.java:232)
> at junit.framework.TestSuite.run(TestSuite.java:227)
> at
> org.junit.internal.runners.JUnit38ClassRunner.run(JUnit38ClassRunner.java:81)
> at
> org.apache.maven.surefire.junit4.JUnit4TestSet.execute(JUnit4TestSet.java:62)
> at
> org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.executeTestSet(AbstractDirectoryTestSuite.java:140)
> at
> org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.execute(AbstractDirectoryTestSuite.java:127)
> at org.apache.maven.surefire.Surefire.run(Surefire.java:177)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at
> org.apache.maven.surefire.booter.SurefireBooter.runSuitesInProcess(SurefireBooter.java:338)
> at
> org.apache.maven.surefire.booter.SurefireBooter.main(SurefireBooter.java:997)
> testWSS62(wssec.TestWSSecurityNewST2) Time elapsed: 0.011 sec <<< ERROR!
> org.apache.ws.security.WSSecurityException: General security error (No
> certificates were found for SAML signature)
> at
> org.apache.ws.security.saml.WSSecSignatureSAML.prepare(WSSecSignatureSAML.java:276)
> at
> org.apache.ws.security.saml.WSSecSignatureSAML.build(WSSecSignatureSAML.java:110)
> at wssec.TestWSSecurityNewST2.testWSS62(TestWSSecurityNewST2.java:241)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at junit.framework.TestCase.runTest(TestCase.java:168)
> at junit.framework.TestCase.runBare(TestCase.java:134)
> at junit.framework.TestResult$1.protect(TestResult.java:110)
> at junit.framework.TestResult.runProtected(TestResult.java:128)
> at junit.framework.TestResult.run(TestResult.java:113)
> at junit.framework.TestCase.run(TestCase.java:124)
> at junit.framework.TestSuite.runTest(TestSuite.java:232)
> at junit.framework.TestSuite.run(TestSuite.java:227)
> at
> org.junit.internal.runners.JUnit38ClassRunner.run(JUnit38ClassRunner.java:81)
> at
> org.apache.maven.surefire.junit4.JUnit4TestSet.execute(JUnit4TestSet.java:62)
> at
> org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.executeTestSet(AbstractDirectoryTestSuite.java:140)
> at
> org.apache.maven.surefire.suite.AbstractDirectoryTestSuite.execute(AbstractDirectoryTestSuite.java:127)
> at org.apache.maven.surefire.Surefire.run(Surefire.java:177)
> at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
> at
> sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
> at
> sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
> at java.lang.reflect.Method.invoke(Method.java:585)
> at
> org.apache.maven.surefire.booter.SurefireBooter.runSuitesInProcess(SurefireBooter.java:338)
> at
> org.apache.maven.surefire.booter.SurefireBooter.main(SurefireBooter.java:997)
>
--
This message is automatically generated by JIRA.
-
You can reply to this email to add a comment to the issue online.
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscr...@ws.apache.org
For additional commands, e-mail: wss4j-dev-h...@ws.apache.org
