You are viewing a plain text version of this content. The canonical link for it is here.

Posted to rampart-dev@ws.apache.org by Massimiliano Masi <ma...@math.unifi.it> on 2007/10/15 16:37:16 UTC

Entropy question (I'm getting frustrated!)

Hi All,

I'm really frustrated. I cannot get rampart as SAML2 token issuer, with my
own implementation.

If I use

stsClient.setAction(RahasConstants.WST_NS_05_12 +  
RahasConstants.RST_ACTION_ISSUE);

I got  [java] java.util.MissingResourceException: Can't find resource  
for bundle org.apache.axis2.i18n.ProjectResourceBundle, key  
specificActionNotRecognised

So, i'm not able to use this version of ws-trust (both if I use as action
the IssueToken).

If I use the version 05_02, I can use the STSClient class, my tokenIssuer
issues the token, but when it come back, I got this:

   [java] java.lang.NullPointerException
      [java] 	at  
org.apache.rahas.client.STSClient.processIssueResponse(STSClient.java:283)
      [java] 	at  
org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:130)

so, the method

                 OMElement binSecElem = serviceEntrElem.getFirstElement();

is null. If in my token issuer I use

Base64.encode(data.getResponseEntropy());

I got a nullpointerexception. How can I use the entropy?

And, is correct to have the entropy mechanism with a saml token?

Let me know, now it's 2 weeks that I'm spending using rampart.

Have you pointers and examples?

Thanks,

                     Massimiliano


----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

Re: Entropy question (I'm getting frustrated!)

Posted by Massimiliano Masi <ma...@math.unifi.it>.

Hi,

Quoting Dimuthu Leelarathne <di...@wso2.com>:

> I went through the messages and we have a similar TestCase available
> here[1]. By looking at it's super class, which is
> "org.apache.rahas.TestClient" [2] I can see that it uses the plain
> ServiceClient. Look at testRequest() method, maybe it will  help you.
>
> Yes, when it comes to Bearer tokens STSClient has a bug. The STSClient
> tries to retrieve the ProofToken even when the token type is Bearer. You
> can report it at
> http://issues.apache.org/jira/browse/Rampart

So, another one is: I'll try to do things really similar to the
SAMLTokenIssuer. So I created a MyOwnSAML2TokenIssuerConfig that
extends the AbstractIssuerConfig.

Now, the keySize, cryptoProperties etc are defined as protected.
And I cannot have access to that fields.

Should I have to create another instance of MyAbstractIssuerConfig?

Thanks,

            Massimiliano




----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

Re: Entropy question (I'm getting frustrated!)

Posted by Dimuthu Leelarathne <di...@wso2.com>.

Hi,

I went through the messages and we have a similar TestCase available
here[1]. By looking at it's super class, which is
"org.apache.rahas.TestClient" [2] I can see that it uses the plain
ServiceClient. Look at testRequest() method, maybe it will  help you.

Yes, when it comes to Bearer tokens STSClient has a bug. The STSClient
tries to retrieve the ProofToken even when the token type is Bearer. You
can report it at 
http://issues.apache.org/jira/browse/Rampart

Great work!

Thank you,
Dimuthu

[1]https://svn.apache.org/repos/asf/webservices/rampart/trunk/java/modules/rampart-integration/src/test/java/org/apache/rahas/RahasSAMLTokenUTForBearerV1205Test.java
[2]https://svn.apache.org/repos/asf/webservices/rampart/trunk/java/modules/rampart-integration/src/main/java/org/apache/rahas/TestClient.java

On Tue, 2007-10-16 at 10:41 +0200, Massimiliano Masi wrote:
> Hi,
> 
> Quoting Dimuthu Leelarathne <di...@wso2.com>:
> 
> >> From what I can understand, you have implemented an SAML Token Issuer
> > yourself, and trying to receive the token. Did you use the TCPMonitor
> > ( available at http://ws.apache.org/commons/tcpmon/) to observe the SOAP
> > messages?
> 
> Yes, the messages are:
> 
> http://www.mascanc.net/~max/request.xml
> http://www.mascanc.net/~max/response.xml
> http://www.mascanc.net/~max/services.xml
> 
> Thank you
> 
> ----------------------------------------------------------------
> This message was sent using IMP, the Internet Messaging Program.
> 
>

Re: Entropy question (I'm getting frustrated!)

Posted by Massimiliano Masi <ma...@math.unifi.it>.

Hi,

Quoting Dimuthu Leelarathne <di...@wso2.com>:

>> From what I can understand, you have implemented an SAML Token Issuer
> yourself, and trying to receive the token. Did you use the TCPMonitor
> ( available at http://ws.apache.org/commons/tcpmon/) to observe the SOAP
> messages?

Yes, the messages are:

http://www.mascanc.net/~max/request.xml
http://www.mascanc.net/~max/response.xml
http://www.mascanc.net/~max/services.xml

Thank you

----------------------------------------------------------------
This message was sent using IMP, the Internet Messaging Program.

Re: Entropy question (I'm getting frustrated!)

Posted by Dimuthu Leelarathne <di...@wso2.com>.

Hi,


>>From what I can understand, you have implemented an SAML Token Issuer
yourself, and trying to receive the token. Did you use the TCPMonitor
( available at http://ws.apache.org/commons/tcpmon/) to observe the SOAP
messages? 

Can you send us the response from the STS to the mailing list? You can
extract it using the TCPMonitor. Then we can help you. 

Thank you,
Dimuthu.

 

On Mon, 2007-10-15 at 16:37 +0200, Massimiliano Masi wrote:
> Hi All,
> 
> I'm really frustrated. I cannot get rampart as SAML2 token issuer, with my
> own implementation.
> 
> If I use
> 
> stsClient.setAction(RahasConstants.WST_NS_05_12 +  
> RahasConstants.RST_ACTION_ISSUE);
> 
> I got  [java] java.util.MissingResourceException: Can't find resource  
> for bundle org.apache.axis2.i18n.ProjectResourceBundle, key  
> specificActionNotRecognised
> 
> So, i'm not able to use this version of ws-trust (both if I use as action
> the IssueToken).
> 
> If I use the version 05_02, I can use the STSClient class, my tokenIssuer
> issues the token, but when it come back, I got this:
> 
>    [java] java.lang.NullPointerException
>       [java] 	at  
> org.apache.rahas.client.STSClient.processIssueResponse(STSClient.java:283)
>       [java] 	at  
> org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:130)
> 
> so, the method
> 
>                  OMElement binSecElem = serviceEntrElem.getFirstElement();
> 
> is null. If in my token issuer I use
> 
> Base64.encode(data.getResponseEntropy());
> 
> I got a nullpointerexception. How can I use the entropy?
> And, is correct to have the entropy mechanism with a saml token?
> 
> Let me know, now it's 2 weeks that I'm spending using rampart.
> 
> Have you pointers and examples?
> 
> Thanks,
> 
>                      Massimiliano
> 
> 
> ----------------------------------------------------------------
> This message was sent using IMP, the Internet Messaging Program.
> 
>