You are not logged in.
Announcement
Unanswered posts
|
- Index
- » Product usage, architecture, user scenarios, suggestions & feedback
- » Problem with the STS example in the getting started guide
Post a reply
Topic review (newest first)
- JerryPreissler
- 2011-05-20 17:35:23
asharma wrote:
The problem seems to be related to the bouncy castle implementation used in Issue operation.
Do you have the bouncy castle provider already registered statically in your enviornment ?
You might to be on to something here. I had Bouncy Castle 1.46 installed statically, and the STS has 1.45 in its lib directory. I have disabled my static installation now, but that did not help. I rebuild the example with a clean Maven repo as well, still no luck. Next one is redoing the whole example in a freshly unpacked installation.
- jkindler
- 2011-05-20 16:25:48
Hm, I just did the sts sample together with Jerry on my machine and it worked like a charm :-)
Must be a problem with the environment ... maybe clearing the local Maven cache helps.
java version "1.6.0_24"
Java(TM) SE Runtime Environment (build 1.6.0_24-b07-334-10M3326)
Java HotSpot(TM) 64-Bit Server VM (build 19.1-b02-334, mixed mode)
... so Java is the same as Jerry has.
- asharma
- 2011-05-20 10:43:43
The problem seems to be related to the bouncy castle implementation used in Issue operation.
Do you have the bouncy castle provider already registered statically in your enviornment ?
- JerryPreissler
- 2011-05-20 08:31:57
cdynes wrote:
Hi,
Are you using different JDK versions?
Thanks
I'm on OSX using the default JDK installation for all processes:
sopmac13:sts_issue_operation jerry$ java -version
java version "1.6.0_24"
Java(TM) SE Runtime Environment (build 1.6.0_24-b07-334-10M3326)
Java HotSpot(TM) 64-Bit Server VM (build 19.1-b02-334, mixed mode)
- owulff
- 2011-05-19 22:39:17
Hi Jerry
I've deployed the demo on ubuntu but my client has the problem to connect to the STS even it is running. At least you reach the STS.
I was a little bit confused by the stacktrace because I couldn't find the invoke methods at the line in the cxf sources as listed in your stacktrace. I think the problem is here.
demo.sts.provider.cert.CRLVerifier.getCrlDistributionPoints
This would mean that the IssueOperation implementation is called. The code reads/parses a file. Don't know whether there is a similar problem as vgalopin and I noticed on Windows. The encoding of the schemas seem to be incorrect in the windows distribution.
Thanks
Oli
- cdynes
- 2011-05-19 15:15:52
Hi,
Are you using different JDK versions?
Thanks
- JerryPreissler
- 2011-05-18 14:22:57
Hi all,
I'm currently having a problem when running the STS example in the
Getting Started guide on OSX.
I unpacked TESB and the examples, copied the container and configured
the alternate container as described in chapter 4.1. Then I followed the
instructions in chapter 9 to build and run the STS, the STS-enabled services
and application.
When I run the car:GUI from the application container and click the
"browse"-Button, I see an incoming issue-request with a certificate
which looks ok, but processing fails a CRLDistributionPoints exception
(stacktrace @ end of post). To me it looks like the problem occurs
before processing is actually handed over to the implementation of the
issue operation.
When I try the same steps on a Ubuntu VM I got from a colleague,
everything works as expected.
Can anyone point me to what I'm doing wrong?
Best regards
Jerry
Request & Stacktrace from STS log:
May 17, 2011 3:55:31 PM
org.apache.cxf.interceptor.AbstractLoggingInterceptor log
INFO: Inbound Message
----------------------------
ID: 3
Address: http://localhost:9081/sts/SecurityTokenService/
Encoding: UTF-8
Http-Method: POST
Content-Type: text/xml; charset=UTF-8
Headers: {Accept=[*/*], Cache-Control=[no-cache],
connection=[keep-alive], Content-Length=[2630], content-type=[text/xml;
charset=UTF-8], Host=[localhost:9081], Pragma=[no-cache],
SOAPAction=["http://docs.oasis-open.org/ws-sx/ws-trust/200512/RST/Issue"],
User-Agent=[Apache CXF 2.4.0]}
Payload: <soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><wst:RequestSecurityToken
xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"><wst:SecondaryParameters><t:TokenType
xmlns:t="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV2.0</t:TokenType><t:KeyType
xmlns:t="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey</t:KeyType></wst:SecondaryParameters><wst:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Issue</wst:RequestType><wsp:AppliesTo
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"><wsa:EndpointReference
xmlns:wsa="http://www.w3.org/2005/08/addressing"><wsa:Address>http://localhost:8080/services/CRMServiceProvider/</wsa:Address></wsa:EndpointReference></wsp:AppliesTo><wst:KeyType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/PublicKey</wst:KeyType><wst:UseKey><dsig:KeyInfo
xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><X509Data
xmlns="http://www.w3.org/2000/09/xmldsig#">
<X509Certificate>
MIIEFjCCA3+gAwIBAgIJAJORWX2Xsa8DMA0GCSqGSIb3DQEBBQUAMIG5MQswCQYDVQQGEwJVUzER
MA8GA1UECBMITmV3IFlvcmsxFjAUBgNVBAcTDU5pYWdhcmEgRmFsbHMxLDAqBgNVBAoTI1NhbXBs
ZSBDbGllbnQgLS0gTk9UIEZPUiBQUk9EVUNUSU9OMRYwFAYDVQQLEw1JVCBEZXBhcnRtZW50MRcw
FQYDVQQDEw53d3cuY2xpZW50LmNvbTEgMB4GCSqGSIb3DQEJARYRY2xpZW50QGNsaWVudC5jb20w
HhcNMTEwMjA5MTgzMDI3WhcNMjEwMjA2MTgzMDI3WjCBuTELMAkGA1UEBhMCVVMxETAPBgNVBAgT
CE5ldyBZb3JrMRYwFAYDVQQHEw1OaWFnYXJhIEZhbGxzMSwwKgYDVQQKEyNTYW1wbGUgQ2xpZW50
IC0tIE5PVCBGT1IgUFJPRFVDVElPTjEWMBQGA1UECxMNSVQgRGVwYXJ0bWVudDEXMBUGA1UEAxMO
d3d3LmNsaWVudC5jb20xIDAeBgkqhkiG9w0BCQEWEWNsaWVudEBjbGllbnQuY29tMIGfMA0GCSqG
SIb3DQEBAQUAA4GNADCBiQKBgQDauFNVqi4B2+u/PC9ktDkn82bglEQYcL4o5JRUhQVEhTK2iElo
z1Rvo/qyfDhBPc1lzIUn4ams+DKBSSjZMCgop3XbeCXzIVP784ruC8HF5QrYsXUQfTc7lzqafXZX
H8Bk89gSScA1fFme6TpvYzM0zjBETSXADtKOs9oKB2VOIwIDAQABo4IBIjCCAR4wHQYDVR0OBBYE
FFIz+0BSZlLtXkA/udRjRgphtREuMIHuBgNVHSMEgeYwgeOAFFIz+0BSZlLtXkA/udRjRgphtREu
oYG/pIG8MIG5MQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxFjAUBgNVBAcTDU5pYWdh
cmEgRmFsbHMxLDAqBgNVBAoTI1NhbXBsZSBDbGllbnQgLS0gTk9UIEZPUiBQUk9EVUNUSU9OMRYw
FAYDVQQLEw1JVCBEZXBhcnRtZW50MRcwFQYDVQQDEw53d3cuY2xpZW50LmNvbTEgMB4GCSqGSIb3
DQEJARYRY2xpZW50QGNsaWVudC5jb22CCQCTkVl9l7GvAzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3
DQEBBQUAA4GBAEjEr9QfaYsZf7ELnqB++OkWcKxpMt1Yj/VOyL99AekkVTM+rRHCU9Bu+tncMNsf
y8mIXUC1JqKQ+Cq5RlaDh/ujzt6i17G7uSGd6U1U/DPZBqTm3Dxwl1cMAGU/CoAKTWE+o+fS4Q2x
Hv7L1KiXQQc9EWJ4C34Ik45fB6g3DiTj
</X509Certificate>
</X509Data></dsig:KeyInfo></wst:UseKey></wst:RequestSecurityToken></soap:Body></soap:Envelope>
--------------------------------------
May 17, 2011 3:55:31 PM org.apache.cxf.phase.PhaseInterceptorChain
doDefaultLogging
WARNING: Application
{http://docs.oasis-open.org/ws-sx/ws-trust/200512/wsdl}SecurityTokenServiceProvider#{http://docs.oasis-open.org/ws-sx/ws-trust/200512/wsdl}Issue
has thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: CRLDistributionPoints
at
org.apache.cxf.jaxws.AbstractJAXWSMethodInvoker.createFault(AbstractJAXWSMethodInvoker.java:76)
at
org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:121)
at
org.apache.cxf.jaxws.JAXWSMethodInvoker.invoke(JAXWSMethodInvoker.java:61)
at
org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:75)
at
org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:58)
at
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
at java.util.concurrent.FutureTask.run(FutureTask.java:138)
at
org.apache.cxf.workqueue.SynchronousExecutor.execute(SynchronousExecutor.java:37)
at
org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:106)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:118)
at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:208)
at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:223)
at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:166)
at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:113)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:184)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:107)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:163)
at
org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
at
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:390)
at
org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at
org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
at
org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
at
org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418)
at
org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:230)
at
org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114)
at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:326)
at
org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
at
org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:943)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:756)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:218)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
at
org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:410)
at
org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
Caused by: javax.xml.ws.soap.SOAPFaultException: CRLDistributionPoints
at
org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider.invoke(SecurityTokenServiceProvider.java:243)
at
org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider.invoke(SecurityTokenServiceProvider.java:63)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at
org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:173)
at
org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:89)
... 35 more
May 17, 2011 3:55:31 PM
org.apache.cxf.interceptor.AbstractLoggingInterceptor log
INFO: Outbound Message
---------------------------
ID: 3
Response-Code: 500
Encoding: UTF-8
Content-Type: text/xml
Headers: {}
Payload: <soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><soap:Fault><faultcode>soap:Server</faultcode><faultstring>CRLDistributionPoints</faultstring><detail><ns:Fault
xmlns:ns="http://docs.oasis-open.org/ws-sx/ws-trust/200512"><ns:ErrorCode>sun.reflect.NativeMethodAccessorImpl.invoke0(Native
Method)</ns:ErrorCode></ns:Fault></detail></soap:Fault></soap:Body></soap:Envelope>