[jira] [Commented] (FEDIZ-40) Can CXF Fediz IDP & RP work with SAML1.1 ?

Tue, 08 Jan 2013 13:20:13 -0800 

    [ 
https://issues.apache.org/jira/browse/FEDIZ-40?page=com.atlassian.jira.plugin.system.issuetabpanels:comment-tabpanel&focusedCommentId=13547280#comment-13547280
 ] 

Oliver Wulff commented on FEDIZ-40:
-----------------------------------

Can you attach your fediz_config.xml as well as the http traffic sent from the 
browser to the RP (which contains the RSTR of the STS in wresult element)?
                
> Can CXF Fediz IDP & RP work with SAML1.1 ? 
> -------------------------------------------
>
>                 Key: FEDIZ-40
>                 URL: https://issues.apache.org/jira/browse/FEDIZ-40
>             Project: CXF-Fediz
>          Issue Type: Bug
>          Components: Examples
>    Affects Versions: 1.0.1
>         Environment: Apache Tomcat/7
> OS Name: Windows XP
> Architecture: x86
>            Reporter: satyanarayana
>              Labels: security
>             Fix For: 1.0.1
>
>   Original Estimate: 434h
>  Remaining Estimate: 434h
>
> Hi,
> I have tried to run the RP application configured in tomcat 7 and also 
> configured our ADFS server as IDP which serves STS tokens. As per 
> WS-federation protocol, the control got redirected to IDP/STS for 
> authentication & in return RP received the STS. The received STS token is 
> SAML 1.1 version. While processing the SAML 1.1 assertion token we are 
> getting below error where as the same code with SAML 2.0 assertion token it 
> works well (we have IDP/STS configured into tomcat 7 as suggested in fediz 
> tomcat IDP configuration).
> For RP we used the same versions of jars as provided in the apache fediz 
> release 1.0.2 
> Note:As per the below reference URL, following features are supported by the 
> Fediz plugin 1.0
> WS-Federation 1.0/1.1/1.2
> SAML 1.1/2.0 Tokens
> For ur Reference: 
> http://owulff.blogspot.in/2011/11/configure-tomcat-for-federation-part.html
> Error:
> Dec 10, 2012 3:10:46 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator 
> auth
> enticate
> INFO: Trusted issuer: .*CN=www.sts.com.*
> Dec 10, 2012 3:10:46 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator 
> auth
> enticate
> FINE: Truststore file: D:\FasiSSOTesting\tomcat-rp\conf\tomcat-rp.jks
> Dec 10, 2012 3:10:46 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator 
> auth
> enticate
> FINE: Truststore password: tompass
> Dec 10, 2012 3:10:47 PM org.apache.coyote.http11.Http11Processor process
> SEVERE: Error processing request
> java.lang.NullPointerException
>         at 
> org.apache.ws.security.saml.ext.OpenSAMLUtil.fromDom(OpenSAMLUtil.jav
> a:83)
>         at 
> org.apache.ws.security.saml.ext.AssertionWrapper.<init>(AssertionWrap
> per.java:137)
>         at 
> org.apache.cxf.fediz.core.saml.SAMLTokenValidator.validateAndProcessT
> oken(SAMLTokenValidator.java:90)
>         at 
> org.apache.cxf.fediz.core.FederationProcessorImpl.processSignInReques
> t(FederationProcessorImpl.java:155)
>         at 
> org.apache.cxf.fediz.core.FederationProcessorImpl.processRequest(Fede
> rationProcessorImpl.java:75)
>         at 
> org.apache.cxf.fediz.tomcat.FederationAuthenticator.authenticate(Fede
> rationAuthenticator.java:448)
>         at 
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
> torBase.java:544)
>         at 
> org.apache.cxf.fediz.tomcat.FederationAuthenticator.invoke(Federation
> Authenticator.java:235)
>         at 
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
> ava:151)
>         at 
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
> ava:100)
>         at 
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:
> 929)
>         at 
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
> ve.java:118)
>         at 
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
> a:405)
>         at 
> org.apache.coyote.http11.Http11Processor.process(Http11Processor.java
> :269)
>         at 
> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(
> AbstractProtocol.java:515)
>         at 
> org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoin
> t.java:302)
>         at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(Unknown 
> Source
> )
>         at java.util.concurrent.ThreadPoolExecutor$Worker.run(Unknown Source)
>         at java.lang.Thread.run(Unknown Source)

--
This message is automatically generated by JIRA.
If you think it was sent incorrectly, please contact your JIRA administrators
For more information on JIRA, see: http://www.atlassian.com/software/jira

Reply via email to