You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by scmakhaye <sc...@gmail.com> on 2012/03/07 11:15:29 UTC
HTTP Status 403 - Requesting security token failed
*Tomcat instance 1*
Mar 7, 2012 10:52:22 AM org.apache.catalina.core.StandardServer await
INFO: A valid shutdown command was received via the shutdown port. Stopping
the Server instance.
Mar 7, 2012 10:52:22 AM org.apache.coyote.AbstractProtocol pause
INFO: Pausing ProtocolHandler ["http-apr-9080"]
Mar 7, 2012 10:52:22 AM org.apache.coyote.AbstractProtocol pause
INFO: Pausing ProtocolHandler ["http-apr-9000"]
Mar 7, 2012 10:52:22 AM org.apache.coyote.AbstractProtocol pause
INFO: Pausing ProtocolHandler ["http-nio-8443"]
Mar 7, 2012 10:52:22 AM org.apache.coyote.AbstractProtocol pause
INFO: Pausing ProtocolHandler ["ajp-apr-8109"]
Mar 7, 2012 10:52:22 AM org.apache.catalina.core.StandardService
stopInternal
INFO: Stopping service Catalina
Mar 7, 2012 10:52:24 AM org.apache.coyote.AbstractProtocol stop
INFO: Stopping ProtocolHandler ["http-apr-9080"]
Mar 7, 2012 10:52:24 AM org.apache.coyote.AbstractProtocol stop
INFO: Stopping ProtocolHandler ["http-apr-9000"]
Mar 7, 2012 10:52:24 AM org.apache.coyote.AbstractProtocol stop
INFO: Stopping ProtocolHandler ["http-nio-8443"]
Mar 7, 2012 10:52:24 AM org.apache.coyote.AbstractProtocol stop
INFO: Stopping ProtocolHandler ["ajp-apr-8109"]
Mar 7, 2012 10:52:24 AM org.apache.coyote.AbstractProtocol destroy
INFO: Destroying ProtocolHandler ["http-apr-9080"]
Mar 7, 2012 10:52:24 AM org.apache.coyote.AbstractProtocol destroy
INFO: Destroying ProtocolHandler ["http-apr-9000"]
Mar 7, 2012 10:52:24 AM org.apache.coyote.AbstractProtocol destroy
INFO: Destroying ProtocolHandler ["http-nio-8443"]
Mar 7, 2012 10:52:24 AM org.apache.coyote.AbstractProtocol destroy
INFO: Destroying ProtocolHandler ["ajp-apr-8109"]
Mar 7, 2012 10:55:29 AM org.apache.catalina.core.AprLifecycleListener init
INFO: Loaded APR based Apache Tomcat Native library 1.1.22.
Mar 7, 2012 10:55:29 AM org.apache.catalina.core.AprLifecycleListener init
INFO: APR capabilities: IPv6 [false], sendfile [true], accept filters
[false], random [true].
Mar 7, 2012 10:55:30 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-apr-9080"]
Mar 7, 2012 10:55:30 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-apr-9000"]
Mar 7, 2012 10:55:30 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-nio-8443"]
Mar 7, 2012 10:55:31 AM org.apache.tomcat.util.net.NioSelectorPool
getSharedSelector
INFO: Using a shared selector for servlet write/read
Mar 7, 2012 10:55:31 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["ajp-apr-8109"]
Mar 7, 2012 10:55:31 AM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 2323 ms
Mar 7, 2012 10:55:31 AM org.apache.catalina.core.StandardService
startInternal
INFO: Starting service Catalina
Mar 7, 2012 10:55:31 AM org.apache.catalina.core.StandardEngine
startInternal
INFO: Starting Servlet Engine: Apache Tomcat/7.0.25
Mar 7, 2012 10:55:31 AM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
C:\apache-tomcat-7.0.25\webapps\wsfedidp.war
Mar 7, 2012 10:55:35 AM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
C:\apache-tomcat-7.0.25\webapps\wsfedidpsts.war
Mar 7, 2012 10:55:36 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\webapps\build
Mar 7, 2012 10:55:36 AM org.apache.catalina.startup.ContextConfig webConfig
Mar 7, 2012 10:55:38 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\webapps\docs
Mar 7, 2012 10:55:39 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\webapps\examples
Mar 7, 2012 10:55:41 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\webapps\host-manager
Mar 7, 2012 10:55:41 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\webapps\manager
Mar 7, 2012 10:55:41 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\webapps\ROOT
Mar 7, 2012 10:55:41 AM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-apr-9080"]
Mar 7, 2012 10:55:41 AM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-apr-9000"]
Mar 7, 2012 10:55:41 AM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-nio-8443"]
Mar 7, 2012 10:55:41 AM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["ajp-apr-8109"]
Mar 7, 2012 10:55:41 AM org.apache.catalina.startup.Catalina start
INFO: Server startup in 10762 ms
*Tomcat instance 2*
Mar 7, 2012 10:52:01 AM org.apache.catalina.core.StandardServer await
INFO: A valid shutdown command was received via the shutdown port. Stopping
the Server instance.
Mar 7, 2012 10:52:01 AM org.apache.coyote.AbstractProtocol pause
INFO: Pausing ProtocolHandler ["http-apr-8282"]
Mar 7, 2012 10:52:01 AM org.apache.coyote.AbstractProtocol pause
INFO: Pausing ProtocolHandler ["http-apr-8283"]
Mar 7, 2012 10:52:01 AM org.apache.coyote.AbstractProtocol pause
INFO: Pausing ProtocolHandler ["http-nio-8222"]
Mar 7, 2012 10:52:01 AM org.apache.coyote.AbstractProtocol pause
INFO: Pausing ProtocolHandler ["ajp-apr-8209"]
Mar 7, 2012 10:52:01 AM org.apache.catalina.core.StandardService
stopInternal
INFO: Stopping service Catalina
Mar 7, 2012 10:52:03 AM org.apache.coyote.AbstractProtocol stop
INFO: Stopping ProtocolHandler ["http-apr-8282"]
Mar 7, 2012 10:52:03 AM org.apache.coyote.AbstractProtocol stop
INFO: Stopping ProtocolHandler ["http-apr-8283"]
Mar 7, 2012 10:52:03 AM org.apache.coyote.AbstractProtocol stop
INFO: Stopping ProtocolHandler ["http-nio-8222"]
Mar 7, 2012 10:52:03 AM org.apache.coyote.AbstractProtocol stop
INFO: Stopping ProtocolHandler ["ajp-apr-8209"]
Mar 7, 2012 10:52:03 AM org.apache.coyote.AbstractProtocol destroy
INFO: Destroying ProtocolHandler ["http-apr-8282"]
Mar 7, 2012 10:52:03 AM org.apache.coyote.AbstractProtocol destroy
INFO: Destroying ProtocolHandler ["http-apr-8283"]
Mar 7, 2012 10:52:03 AM org.apache.coyote.AbstractProtocol destroy
INFO: Destroying ProtocolHandler ["http-nio-8222"]
Mar 7, 2012 10:52:03 AM org.apache.coyote.AbstractProtocol destroy
INFO: Destroying ProtocolHandler ["ajp-apr-8209"]
Mar 7, 2012 10:55:40 AM org.apache.catalina.core.AprLifecycleListener init
INFO: Loaded APR based Apache Tomcat Native library 1.1.22.
Mar 7, 2012 10:55:40 AM org.apache.catalina.core.AprLifecycleListener init
INFO: APR capabilities: IPv6 [false], sendfile [true], accept filters
[false], random [true].
Mar 7, 2012 10:55:42 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-apr-8282"]
Mar 7, 2012 10:55:42 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-apr-8283"]
Mar 7, 2012 10:55:42 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-nio-8222"]
Mar 7, 2012 10:55:42 AM org.apache.tomcat.util.net.NioSelectorPool
getSharedSelector
INFO: Using a shared selector for servlet write/read
Mar 7, 2012 10:55:42 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["ajp-apr-8209"]
Mar 7, 2012 10:55:42 AM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 2671 ms
Mar 7, 2012 10:55:42 AM org.apache.catalina.core.StandardService
startInternal
INFO: Starting service Catalina
Mar 7, 2012 10:55:42 AM org.apache.catalina.core.StandardEngine
startInternal
INFO: Starting Servlet Engine: Apache Tomcat/7.0.25
Mar 7, 2012 10:55:42 AM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
C:\apache-tomcat-7.0.25\tomcat-instance2\webapps\fedizidp.war
Mar 7, 2012 10:55:47 AM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
C:\apache-tomcat-7.0.25\tomcat-instance2\webapps\fedizidpsts.war
Mar 7, 2012 10:55:48 AM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
C:\apache-tomcat-7.0.25\tomcat-instance2\webapps\wsfedidp.war
Mar 7, 2012 10:55:50 AM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
C:\apache-tomcat-7.0.25\tomcat-instance2\webapps\wsfedidpsts.war
Mar 7, 2012 10:55:51 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\tomcat-instance2\webapps\build
Mar 7, 2012 10:55:51 AM org.apache.catalina.startup.ContextConfig webConfig
SEVERE: Unable to determine URL for WEB-INF/classes
javax.naming.NameNotFoundException: Resource /WEB-INF/classes not found
Mar 7, 2012 10:55:52 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\tomcat-instance2\webapps\docs
Mar 7, 2012 10:55:54 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\tomcat-instance2\webapps\examples
Mar 7, 2012 10:55:56 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\tomcat-instance2\webapps\host-manager
Mar 7, 2012 10:55:56 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\tomcat-instance2\webapps\manager
Mar 7, 2012 10:55:56 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\tomcat-instance2\webapps\ROOT
Mar 7, 2012 10:55:56 AM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-apr-8282"]
Mar 7, 2012 10:55:56 AM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-apr-8283"]
Mar 7, 2012 10:55:56 AM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-nio-8222"]
Mar 7, 2012 10:55:56 AM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["ajp-apr-8209"]
Mar 7, 2012 10:55:56 AM org.apache.catalina.startup.Catalina start
INFO: Server startup in 14133 ms
HTTP Status 403 - Requesting security token failed
type Status report
message Requesting security token failed
description Access to the specified resource (Requesting security token
failed) has been forbidden
https://localhost:8222/fedizidp/?wa=wsignin1.0&wreply=http%3A%2F%2Flocalhost%3A8282%2Fmanager%2Fhtml&wtrealm=http%3A%2F%2Flocalhost%3A8282%2Fmanager%2F
--
View this message in context: http://cxf.547215.n5.nabble.com/HTTP-Status-403-Requesting-security-token-failed-tp5543684p5543684.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: AW: AW: AW: HTTP Status 403 - Requesting security token failed
Posted by scmakhaye <sc...@gmail.com>.
* IdP clatalina log *
Mar 12, 2012 10:10:20 AM org.apache.catalina.core.AprLifecycleListener init
INFO: The APR based Apache Tomcat Native library which allows optimal
performance in production environments was not found on the
java.library.path: C:\Program
Files\Java\jdk1.6.0\bin;.;C:\Windows\Sun\Java\bin;C:\Windows\system32;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program
Files\Java\jdk1.6.0\bin;%M2%C:\apache-maven-3.0.3\bin;%M2%C:\apache-maven-3.0.3\bin;C:\apache-maven-3.0.3\bin;C:\apache-ant-1.8.0\bin;C:\mule-standalone-3.2.0\bin;C:\apache-ode-jbi-1.3.5\apache-ode-jbi-1.3.5\bin\bin
Mar 12, 2012 10:10:20 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-bio-9080"]
Mar 12, 2012 10:10:20 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-bio-9443"]
Mar 12, 2012 10:10:20 AM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 461 ms
Mar 12, 2012 10:10:20 AM org.apache.catalina.core.StandardService
startInternal
INFO: Starting service Catalina
Mar 12, 2012 10:10:20 AM org.apache.catalina.core.StandardEngine
startInternal
INFO: Starting Servlet Engine: Apache Tomcat/7.0.22
Mar 12, 2012 10:10:20 AM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive fedizidp.war
Mar 12, 2012 10:10:21 AM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive fedizidpsts.war
Mar 12, 2012 10:10:21 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory docs
Mar 12, 2012 10:10:21 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory examples
Mar 12, 2012 10:10:22 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory host-manager
Mar 12, 2012 10:10:22 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory manager
Mar 12, 2012 10:10:22 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory ROOT
Mar 12, 2012 10:10:22 AM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-bio-9080"]
Mar 12, 2012 10:10:22 AM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-bio-9443"]
Mar 12, 2012 10:10:22 AM org.apache.catalina.startup.Catalina start
INFO: Server startup in 1361 ms
Mar 12, 2012 4:06:25 PM org.apache.catalina.core.AprLifecycleListener init
INFO: The APR based Apache Tomcat Native library which allows optimal
performance in production environments was not found on the
java.library.path: C:\Program
Files\Java\jdk1.6.0\bin;.;C:\Windows\Sun\Java\bin;C:\Windows\system32;C:\Windows;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program
Files\Java\jdk1.6.0\bin;%M2%C:\apache-maven-3.0.3\bin;%M2%C:\apache-maven-3.0.3\bin;C:\apache-maven-3.0.3\bin;C:\apache-ant-1.8.0\bin;C:\mule-standalone-3.2.0\bin;C:\apache-ode-jbi-1.3.5\apache-ode-jbi-1.3.5\bin\bin
Mar 12, 2012 4:06:25 PM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-bio-9080"]
Mar 12, 2012 4:06:25 PM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-bio-9443"]
Mar 12, 2012 4:06:26 PM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 734 ms
Mar 12, 2012 4:06:26 PM org.apache.catalina.core.StandardService
startInternal
INFO: Starting service Catalina
Mar 12, 2012 4:06:26 PM org.apache.catalina.core.StandardEngine
startInternal
INFO: Starting Servlet Engine: Apache Tomcat/7.0.22
Mar 12, 2012 4:06:26 PM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive fedizidp.war
Mar 12, 2012 4:06:27 PM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive fedizidpsts.war
Mar 12, 2012 4:06:28 PM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory docs
Mar 12, 2012 4:06:28 PM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory examples
Mar 12, 2012 4:06:28 PM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory host-manager
Mar 12, 2012 4:06:28 PM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory manager
Mar 12, 2012 4:06:28 PM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory ROOT
Mar 12, 2012 4:06:28 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-bio-9080"]
Mar 12, 2012 4:06:28 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-bio-9443"]
Mar 12, 2012 4:06:28 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 2836 ms
*IdP server after typing the
https://localhost:8443/fedizhelloworld/secureservlet/fed *
Mar 12, 2012 4:06:16 PM org.apache.catalina.core.AprLifecycleListener init
INFO: The APR based Apache Tomcat Native library which allows optimal
performanc
e in production environments was not found on the java.library.path:
C:\Program
Files\Java\jdk1.6.0\bin;.;C:\Windows\Sun\Java\bin;C:\Windows\system32;C:\Windows
;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\Win
dowsPowerShell\v1.0\;C:\Program
Files\Java\jdk1.6.0\bin;%M2%C:\apache-maven-3.0.
3\bin;%M2%C:\apache-maven-3.0.3\bin;C:\apache-maven-3.0.3\bin;C:\apache-ant-1.8.
0\bin;C:\mule-standalone-3.2.0\bin;C:\apache-ode-jbi-1.3.5\apache-ode-jbi-1.3.5\
bin\bin
Mar 12, 2012 4:06:17 PM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-bio-8080"]
Mar 12, 2012 4:06:17 PM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-bio-8443"]
Mar 12, 2012 4:06:17 PM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 1450 ms
Mar 12, 2012 4:06:17 PM org.apache.catalina.core.StandardService
startInternal
INFO: Starting service Catalina
Mar 12, 2012 4:06:17 PM org.apache.catalina.core.StandardEngine
startInternal
INFO: Starting Servlet Engine: Apache Tomcat/7.0.21
Mar 12, 2012 4:06:17 PM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive fedizhelloworld.war
Mar 12, 2012 4:06:17 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator
<ini
t>
FINE: WsFedAuthenticator()
Mar 12, 2012 4:06:17 PM org.apache.catalina.authenticator.AuthenticatorBase
star
tInternal
FINE: No SingleSignOn Valve is present
Mar 12, 2012 4:06:18 PM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory docs
Mar 12, 2012 4:06:18 PM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory examples
Mar 12, 2012 4:06:18 PM org.apache.catalina.authenticator.AuthenticatorBase
star
tInternal
FINE: No SingleSignOn Valve is present
Mar 12, 2012 4:06:18 PM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory host-manager
Mar 12, 2012 4:06:18 PM org.apache.catalina.authenticator.AuthenticatorBase
star
tInternal
FINE: No SingleSignOn Valve is present
Mar 12, 2012 4:06:18 PM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory manager
Mar 12, 2012 4:06:18 PM org.apache.catalina.authenticator.AuthenticatorBase
star
tInternal
FINE: No SingleSignOn Valve is present
Mar 12, 2012 4:06:18 PM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory ROOT
Mar 12, 2012 4:06:18 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator
<ini
t>
FINE: WsFedAuthenticator()
Mar 12, 2012 4:06:18 PM org.apache.catalina.authenticator.AuthenticatorBase
star
tInternal
FINE: No SingleSignOn Valve is present
Mar 12, 2012 4:06:18 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-bio-8080"]
Mar 12, 2012 4:06:18 PM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-bio-8443"]
Mar 12, 2012 4:06:18 PM org.apache.catalina.startup.Catalina start
INFO: Server startup in 964 ms
Mar 12, 2012 4:15:00 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator
invo
ke
FINE: WsFedAuthenticator:invoke()
Mar 12, 2012 4:15:00 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Security checking request GET /fedizhelloworld/secureservlet/fed
Mar 12, 2012 4:15:00 PM org.apache.catalina.realm.RealmBase
findSecurityConstrai
nts
FINE: Checking constraint 'SecurityConstraint[Servlet Protected Area]'
against
GET /secureservlet/fed --> true
Mar 12, 2012 4:15:00 PM org.apache.catalina.realm.RealmBase
findSecurityConstrai
nts
FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET
/se
cureservlet/fed --> false
Mar 12, 2012 4:15:00 PM org.apache.catalina.realm.RealmBase
findSecurityConstrai
nts
FINE: Checking constraint 'SecurityConstraint[Servlet Protected Area]'
against
GET /secureservlet/fed --> true
Mar 12, 2012 4:15:00 PM org.apache.catalina.realm.RealmBase
findSecurityConstrai
nts
FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET
/se
cureservlet/fed --> false
Mar 12, 2012 4:15:00 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Calling hasUserDataPermission()
Mar 12, 2012 4:15:00 PM org.apache.catalina.realm.RealmBase
hasUserDataPermissio
n
FINE: User data constraint has no restrictions
Mar 12, 2012 4:15:00 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Calling authenticate()
Mar 12, 2012 4:15:00 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator
auth
enticate
FINE: authenticate invoked
Mar 12, 2012 4:15:00 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator
auth
enticate
FINE: Save request in session '3A7F4DE2986DB2C2FFAB0B6514A47F07'
Mar 12, 2012 4:15:00 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator
redi
rectToLoginPage
INFO: Issuer url: https://localhost:9443/fedizidp/
Mar 12, 2012 4:15:00 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator
redi
rectToLoginPage
FINE: wtrealm=https://localhost:8443/fedizhelloworld/
Mar 12, 2012 4:15:00 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Failed authenticate() test
Mar 12, 2012 4:15:05 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator
invo
ke
FINE: WsFedAuthenticator:invoke()
Mar 12, 2012 4:15:05 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Security checking request GET /fedizhelloworld/secureservlet/fed
Mar 12, 2012 4:15:05 PM org.apache.catalina.realm.RealmBase
findSecurityConstrai
nts
FINE: Checking constraint 'SecurityConstraint[Servlet Protected Area]'
against
GET /secureservlet/fed --> true
Mar 12, 2012 4:15:05 PM org.apache.catalina.realm.RealmBase
findSecurityConstrai
nts
FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET
/se
cureservlet/fed --> false
Mar 12, 2012 4:15:05 PM org.apache.catalina.realm.RealmBase
findSecurityConstrai
nts
FINE: Checking constraint 'SecurityConstraint[Servlet Protected Area]'
against
GET /secureservlet/fed --> true
Mar 12, 2012 4:15:05 PM org.apache.catalina.realm.RealmBase
findSecurityConstrai
nts
FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET
/se
cureservlet/fed --> false
Mar 12, 2012 4:15:05 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Calling hasUserDataPermission()
Mar 12, 2012 4:15:05 PM org.apache.catalina.realm.RealmBase
hasUserDataPermissio
n
FINE: User data constraint has no restrictions
Mar 12, 2012 4:15:05 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Calling authenticate()
Mar 12, 2012 4:15:05 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator
auth
enticate
FINE: authenticate invoked
Mar 12, 2012 4:15:05 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator
auth
enticate
FINE: Save request in session '3A7F4DE2986DB2C2FFAB0B6514A47F07'
Mar 12, 2012 4:15:05 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator
redi
rectToLoginPage
INFO: Issuer url: https://localhost:9443/fedizidp/
Mar 12, 2012 4:15:05 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator
redi
rectToLoginPage
FINE: wtrealm=https://localhost:8443/fedizhelloworld/
Mar 12, 2012 4:15:05 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Failed authenticate() test
-----
_ _ _ _ _ _ _
Siboniso Makhaye
--
View this message in context: http://cxf.547215.n5.nabble.com/HTTP-Status-403-Requesting-security-token-failed-tp5543684p5557931.html
Sent from the cxf-user mailing list archive at Nabble.com.
AW: AW: AW: HTTP Status 403 - Requesting security token failed
Posted by Oliver Wulff <ow...@talend.com>.
weird, I've just unzipped the package again, started the two container and could successfully run the test.
The certificates are valid till 2021.
I'm running the tests on ubuntu with JDK 1.6.
Could you attach the full log of tomcat-idp? (wondering whether there is a message that the jdk security extensions must be installed)
Oli
------
Oliver Wulff
Blog: http://owulff.blogspot.com
Solution Architect
http://coders.talend.com
Talend Application Integration Division http://www.talend.com
________________________________________
Von: scmakhaye [scmakhaye@gmail.com]
Gesendet: Samstag, 10. März 2012 20:56
Bis: users@cxf.apache.org
Betreff: Re: AW: AW: HTTP Status 403 - Requesting security token failed
when I enter this URL
https://localhost:8443/fedizhelloworld/secureservlet/fed, it says
The server localhost:9443 requires a username and password
The server says :IDP
and I have tried the configured usernames and passwords
user: alice password:ecila
user: bob password:bob
user: ted password:det
but it returns HTTP Status 403 - Requesting security token failed
http://cxf.547215.n5.nabble.com/file/n5553575/page.gif
*The tomacat-rp server shows this message *
Mar 10, 2012 9:20:04 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator
invo
ke
FINE: WsFedAuthenticator:invoke()
Mar 10, 2012 9:20:04 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Security checking request GET /fedizhelloworld/secureservlet/fed
Mar 10, 2012 9:20:04 PM org.apache.catalina.realm.RealmBase
findSecurityConstrai
nts
FINE: Checking constraint 'SecurityConstraint[Servlet Protected Area]'
against
GET /secureservlet/fed --> true
Mar 10, 2012 9:20:04 PM org.apache.catalina.realm.RealmBase
findSecurityConstrai
nts
FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET
/se
cureservlet/fed --> false
Mar 10, 2012 9:20:04 PM org.apache.catalina.realm.RealmBase
findSecurityConstrai
nts
FINE: Checking constraint 'SecurityConstraint[Servlet Protected Area]'
against
GET /secureservlet/fed --> true
Mar 10, 2012 9:20:04 PM org.apache.catalina.realm.RealmBase
findSecurityConstrai
nts
FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET
/se
cureservlet/fed --> false
Mar 10, 2012 9:20:04 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Calling hasUserDataPermission()
Mar 10, 2012 9:20:04 PM org.apache.catalina.realm.RealmBase
hasUserDataPermissio
n
FINE: User data constraint has no restrictions
Mar 10, 2012 9:20:04 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Calling authenticate()
Mar 10, 2012 9:20:04 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator
auth
enticate
FINE: authenticate invoked
Mar 10, 2012 9:20:04 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator
auth
enticate
FINE: Save request in session '51E40EEB5F15CDF2646BA9EF90925D40'
Mar 10, 2012 9:20:04 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator
redi
rectToLoginPage
INFO: Issuer url: https://localhost:9443/fedizidp/
Mar 10, 2012 9:20:04 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator
redi
rectToLoginPage
FINE: wtrealm=https://localhost:8443/fedizhelloworld/
Mar 10, 2012 9:20:04 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Failed authenticate() test
*tomcat-idp server report the following *
Entity(XMLEntityManager.java:677)
at
com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineD
ocVersion(XMLVersionDetector.java:186)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:771)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:737)
at
com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.
java:107)
at
com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.
java:225)
at
com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(Doc
umentBuilderImpl.java:283)
... 28 more
Caused by: sun.security.validator.ValidatorException: PKIX path building
failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
vali
d certification path to requested target
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
at
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.jav
a:191)
at sun.security.validator.Validator.validate(Validator.java:218)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustM
anagerImpl.java:126)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:209)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:249)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:954)
... 46 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to
find valid certification path to requested target
at
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCert
PathBuilder.java:174)
at
java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
... 52 more
org.apache.cxf.service.factory.ServiceConstructionException: Failed to
create se
rvice.
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:94)
at
org.apache.cxf.ws.security.trust.STSClient.createClient(STSClient.jav
a:500)
at
org.apache.cxf.fediz.service.idp.IdpSTSClient.requestSecurityTokenRes
ponse(IdpSTSClient.java:50)
at
org.apache.cxf.fediz.service.idp.IdpSTSClient.requestSecurityTokenRes
ponse(IdpSTSClient.java:45)
at
org.apache.cxf.fediz.service.idp.IdpServlet.requestSecurityToken(IdpS
ervlet.java:258)
at
org.apache.cxf.fediz.service.idp.IdpServlet.doGet(IdpServlet.java:156
)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:304)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:210)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:224)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:169)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:168)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:100)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:
929)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:118)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:405)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp
11Processor.java:964)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(
AbstractProtocol.java:515)
at
org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoin
t.java:302)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExec
utor.java:885)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor
.java:907)
at java.lang.Thread.run(Thread.java:619)
Caused by: javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR:
Prob
lem parsing 'https://localhost:9443/fedizidpsts/STSService?wsdl'.:
javax.net.ssl
.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path
bui
lding failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable
to find valid certification path to requested target
at com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(Unknown Source)
at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source)
at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.
java:244)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.j
ava:191)
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:92)
... 22 more
Caused by: javax.net.ssl.SSLHandshakeException:
sun.security.validator.Validator
Exception: PKIX path building failed:
sun.security.provider.certpath.SunCertPath
BuilderException: unable to find valid certification path to requested
target
at
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1
520)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:182)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:176)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:975)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHa
ndshaker.java:123)
at
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:5
11)
at
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.jav
a:449)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.j
ava:817)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SS
LSocketImpl.java:1029)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1056)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1040)
at
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:
405)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(AbstractDelegateHttpsURLConnection.java:170)
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLCon
nection.java:981)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Http
sURLConnectionImpl.java:234)
at
com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrent
Entity(XMLEntityManager.java:677)
at
com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineD
ocVersion(XMLVersionDetector.java:186)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:771)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:737)
at
com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.
java:107)
at
com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.
java:225)
at
com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(Doc
umentBuilderImpl.java:283)
... 28 more
Caused by: sun.security.validator.ValidatorException: PKIX path building
failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
vali
d certification path to requested target
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
at
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.jav
a:191)
at sun.security.validator.Validator.validate(Validator.java:218)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustM
anagerImpl.java:126)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:209)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:249)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:954)
... 46 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to
find valid certification path to requested target
at
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCert
PathBuilder.java:174)
at
java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
... 52 more
Mar 10, 2012 9:50:53 PM org.apache.cxf.fediz.service.idp.IdpServlet doGet
INFO: Requesting security token failed
org.apache.cxf.service.factory.ServiceConstructionException: Failed to
create se
rvice.
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:94)
at
org.apache.cxf.ws.security.trust.STSClient.createClient(STSClient.jav
a:500)
at
org.apache.cxf.fediz.service.idp.IdpSTSClient.requestSecurityTokenRes
ponse(IdpSTSClient.java:50)
at
org.apache.cxf.fediz.service.idp.IdpSTSClient.requestSecurityTokenRes
ponse(IdpSTSClient.java:45)
at
org.apache.cxf.fediz.service.idp.IdpServlet.requestSecurityToken(IdpS
ervlet.java:258)
at
org.apache.cxf.fediz.service.idp.IdpServlet.doGet(IdpServlet.java:156
)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:304)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:210)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:224)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:169)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:168)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:100)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:
929)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:118)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:405)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp
11Processor.java:964)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(
AbstractProtocol.java:515)
at
org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoin
t.java:302)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExec
utor.java:885)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor
.java:907)
at java.lang.Thread.run(Thread.java:619)
Caused by: javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR:
Prob
lem parsing 'https://localhost:9443/fedizidpsts/STSService?wsdl'.:
javax.net.ssl
.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path
bui
lding failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable
to find valid certification path to requested target
at com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(Unknown Source)
at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source)
at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.
java:244)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.j
ava:191)
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:92)
... 22 more
Caused by: javax.net.ssl.SSLHandshakeException:
sun.security.validator.Validator
Exception: PKIX path building failed:
sun.security.provider.certpath.SunCertPath
BuilderException: unable to find valid certification path to requested
target
at
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1
520)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:182)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:176)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:975)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHa
ndshaker.java:123)
at
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:5
11)
at
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.jav
a:449)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.j
ava:817)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SS
LSocketImpl.java:1029)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1056)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1040)
at
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:
405)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(AbstractDelegateHttpsURLConnection.java:170)
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLCon
nection.java:981)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Http
sURLConnectionImpl.java:234)
at
com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrent
Entity(XMLEntityManager.java:677)
at
com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineD
ocVersion(XMLVersionDetector.java:186)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:771)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:737)
at
com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.
java:107)
at
com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.
java:225)
at
com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(Doc
umentBuilderImpl.java:283)
... 28 more
Caused by: sun.security.validator.ValidatorException: PKIX path building
failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
vali
d certification path to requested target
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
at
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.jav
a:191)
at sun.security.validator.Validator.validate(Validator.java:218)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustM
anagerImpl.java:126)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:209)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:249)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:954)
... 46 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to
find valid certification path to requested target
at
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCert
PathBuilder.java:174)
at
java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
... 52 more
Thanks
-----
scmakhaye
-----
_ _ _ _ _ _ _
Siboniso Makhaye
--
View this message in context: http://cxf.547215.n5.nabble.com/HTTP-Status-403-Requesting-security-token-failed-tp5543684p5553575.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: AW: AW: HTTP Status 403 - Requesting security token failed
Posted by scmakhaye <sc...@gmail.com>.
when I enter this URL
https://localhost:8443/fedizhelloworld/secureservlet/fed, it says
The server localhost:9443 requires a username and password
The server says :IDP
and I have tried the configured usernames and passwords
user: alice password:ecila
user: bob password:bob
user: ted password:det
but it returns HTTP Status 403 - Requesting security token failed
http://cxf.547215.n5.nabble.com/file/n5553575/page.gif
*The tomacat-rp server shows this message *
Mar 10, 2012 9:20:04 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator
invo
ke
FINE: WsFedAuthenticator:invoke()
Mar 10, 2012 9:20:04 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Security checking request GET /fedizhelloworld/secureservlet/fed
Mar 10, 2012 9:20:04 PM org.apache.catalina.realm.RealmBase
findSecurityConstrai
nts
FINE: Checking constraint 'SecurityConstraint[Servlet Protected Area]'
against
GET /secureservlet/fed --> true
Mar 10, 2012 9:20:04 PM org.apache.catalina.realm.RealmBase
findSecurityConstrai
nts
FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET
/se
cureservlet/fed --> false
Mar 10, 2012 9:20:04 PM org.apache.catalina.realm.RealmBase
findSecurityConstrai
nts
FINE: Checking constraint 'SecurityConstraint[Servlet Protected Area]'
against
GET /secureservlet/fed --> true
Mar 10, 2012 9:20:04 PM org.apache.catalina.realm.RealmBase
findSecurityConstrai
nts
FINE: Checking constraint 'SecurityConstraint[Protected Area]' against GET
/se
cureservlet/fed --> false
Mar 10, 2012 9:20:04 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Calling hasUserDataPermission()
Mar 10, 2012 9:20:04 PM org.apache.catalina.realm.RealmBase
hasUserDataPermissio
n
FINE: User data constraint has no restrictions
Mar 10, 2012 9:20:04 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Calling authenticate()
Mar 10, 2012 9:20:04 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator
auth
enticate
FINE: authenticate invoked
Mar 10, 2012 9:20:04 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator
auth
enticate
FINE: Save request in session '51E40EEB5F15CDF2646BA9EF90925D40'
Mar 10, 2012 9:20:04 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator
redi
rectToLoginPage
INFO: Issuer url: https://localhost:9443/fedizidp/
Mar 10, 2012 9:20:04 PM org.apache.cxf.fediz.tomcat.FederationAuthenticator
redi
rectToLoginPage
FINE: wtrealm=https://localhost:8443/fedizhelloworld/
Mar 10, 2012 9:20:04 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Failed authenticate() test
*tomcat-idp server report the following *
Entity(XMLEntityManager.java:677)
at
com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineD
ocVersion(XMLVersionDetector.java:186)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:771)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:737)
at
com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.
java:107)
at
com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.
java:225)
at
com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(Doc
umentBuilderImpl.java:283)
... 28 more
Caused by: sun.security.validator.ValidatorException: PKIX path building
failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
vali
d certification path to requested target
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
at
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.jav
a:191)
at sun.security.validator.Validator.validate(Validator.java:218)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustM
anagerImpl.java:126)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:209)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:249)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:954)
... 46 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to
find valid certification path to requested target
at
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCert
PathBuilder.java:174)
at
java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
... 52 more
org.apache.cxf.service.factory.ServiceConstructionException: Failed to
create se
rvice.
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:94)
at
org.apache.cxf.ws.security.trust.STSClient.createClient(STSClient.jav
a:500)
at
org.apache.cxf.fediz.service.idp.IdpSTSClient.requestSecurityTokenRes
ponse(IdpSTSClient.java:50)
at
org.apache.cxf.fediz.service.idp.IdpSTSClient.requestSecurityTokenRes
ponse(IdpSTSClient.java:45)
at
org.apache.cxf.fediz.service.idp.IdpServlet.requestSecurityToken(IdpS
ervlet.java:258)
at
org.apache.cxf.fediz.service.idp.IdpServlet.doGet(IdpServlet.java:156
)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:304)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:210)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:224)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:169)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:168)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:100)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:
929)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:118)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:405)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp
11Processor.java:964)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(
AbstractProtocol.java:515)
at
org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoin
t.java:302)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExec
utor.java:885)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor
.java:907)
at java.lang.Thread.run(Thread.java:619)
Caused by: javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR:
Prob
lem parsing 'https://localhost:9443/fedizidpsts/STSService?wsdl'.:
javax.net.ssl
.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path
bui
lding failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable
to find valid certification path to requested target
at com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(Unknown Source)
at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source)
at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.
java:244)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.j
ava:191)
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:92)
... 22 more
Caused by: javax.net.ssl.SSLHandshakeException:
sun.security.validator.Validator
Exception: PKIX path building failed:
sun.security.provider.certpath.SunCertPath
BuilderException: unable to find valid certification path to requested
target
at
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1
520)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:182)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:176)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:975)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHa
ndshaker.java:123)
at
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:5
11)
at
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.jav
a:449)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.j
ava:817)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SS
LSocketImpl.java:1029)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1056)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1040)
at
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:
405)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(AbstractDelegateHttpsURLConnection.java:170)
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLCon
nection.java:981)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Http
sURLConnectionImpl.java:234)
at
com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrent
Entity(XMLEntityManager.java:677)
at
com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineD
ocVersion(XMLVersionDetector.java:186)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:771)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:737)
at
com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.
java:107)
at
com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.
java:225)
at
com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(Doc
umentBuilderImpl.java:283)
... 28 more
Caused by: sun.security.validator.ValidatorException: PKIX path building
failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
vali
d certification path to requested target
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
at
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.jav
a:191)
at sun.security.validator.Validator.validate(Validator.java:218)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustM
anagerImpl.java:126)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:209)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:249)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:954)
... 46 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to
find valid certification path to requested target
at
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCert
PathBuilder.java:174)
at
java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
... 52 more
Mar 10, 2012 9:50:53 PM org.apache.cxf.fediz.service.idp.IdpServlet doGet
INFO: Requesting security token failed
org.apache.cxf.service.factory.ServiceConstructionException: Failed to
create se
rvice.
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:94)
at
org.apache.cxf.ws.security.trust.STSClient.createClient(STSClient.jav
a:500)
at
org.apache.cxf.fediz.service.idp.IdpSTSClient.requestSecurityTokenRes
ponse(IdpSTSClient.java:50)
at
org.apache.cxf.fediz.service.idp.IdpSTSClient.requestSecurityTokenRes
ponse(IdpSTSClient.java:45)
at
org.apache.cxf.fediz.service.idp.IdpServlet.requestSecurityToken(IdpS
ervlet.java:258)
at
org.apache.cxf.fediz.service.idp.IdpServlet.doGet(IdpServlet.java:156
)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:304)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:210)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:224)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:169)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:168)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:100)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:
929)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:118)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:405)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp
11Processor.java:964)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(
AbstractProtocol.java:515)
at
org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoin
t.java:302)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExec
utor.java:885)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor
.java:907)
at java.lang.Thread.run(Thread.java:619)
Caused by: javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR:
Prob
lem parsing 'https://localhost:9443/fedizidpsts/STSService?wsdl'.:
javax.net.ssl
.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path
bui
lding failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable
to find valid certification path to requested target
at com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(Unknown Source)
at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source)
at com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(Unknown Source)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.
java:244)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.j
ava:191)
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:92)
... 22 more
Caused by: javax.net.ssl.SSLHandshakeException:
sun.security.validator.Validator
Exception: PKIX path building failed:
sun.security.provider.certpath.SunCertPath
BuilderException: unable to find valid certification path to requested
target
at
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1
520)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:182)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:176)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:975)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHa
ndshaker.java:123)
at
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:5
11)
at
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.jav
a:449)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.j
ava:817)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SS
LSocketImpl.java:1029)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1056)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1040)
at
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:
405)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(AbstractDelegateHttpsURLConnection.java:170)
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLCon
nection.java:981)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Http
sURLConnectionImpl.java:234)
at
com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrent
Entity(XMLEntityManager.java:677)
at
com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineD
ocVersion(XMLVersionDetector.java:186)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:771)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:737)
at
com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.
java:107)
at
com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.
java:225)
at
com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(Doc
umentBuilderImpl.java:283)
... 28 more
Caused by: sun.security.validator.ValidatorException: PKIX path building
failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
vali
d certification path to requested target
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:285)
at
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.jav
a:191)
at sun.security.validator.Validator.validate(Validator.java:218)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustM
anagerImpl.java:126)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:209)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:249)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:954)
... 46 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to
find valid certification path to requested target
at
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCert
PathBuilder.java:174)
at
java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:280)
... 52 more
Thanks
-----
scmakhaye
-----
_ _ _ _ _ _ _
Siboniso Makhaye
--
View this message in context: http://cxf.547215.n5.nabble.com/HTTP-Status-403-Requesting-security-token-failed-tp5543684p5553575.html
Sent from the cxf-user mailing list archive at Nabble.com.
AW: AW: HTTP Status 403 - Requesting security token failed
Posted by Oliver Wulff <ow...@talend.com>.
I've provided more information here:
http://owulff.blogspot.com/2012/03/packaged-tomcat-instances-for.html
------
Oliver Wulff
Blog: http://owulff.blogspot.com
Solution Architect
http://coders.talend.com
Talend Application Integration Division http://www.talend.com
________________________________________
Von: Oliver Wulff [owulff@talend.com]
Gesendet: Donnerstag, 8. März 2012 19:24
Bis: users@cxf.apache.org
Betreff: AW: AW: HTTP Status 403 - Requesting security token failed
I've prepared a zip file which contains two tomcat instances:
- tomcat-idp
- tomcat-rp (contains the application)
You can download it here:
https://docs.google.com/open?id=0B39bWm6JgpkfMDZDVkFZemdTX202YlVWM2xMUjEwdw
After starting the two tomcat instances, open a browser and enter the following url:
https://localhost:8443/fedizhelloworld/secureservlet/fed
The following usernames are configured:
user: alice password:ecila
user: bob password:bob
user: ted password:det
HTH
Oli
------
Oliver Wulff
http://owulff.blogspot.com
Solution Architect
Talend Application Integration Division http://www.talend.com
________________________________________
Von: Oliver Wulff [owulff@talend.com]
Gesendet: Donnerstag, 8. März 2012 17:38
Bis: users@cxf.apache.org
Betreff: AW: AW: HTTP Status 403 - Requesting security token failed
Hi there
The fedizidp can't securely connect to the fedizidpsts (clientkeystore.jks).
I'll prepare a package with two tomcat instances and upload it to google docs and send the link...
Thanks
------
Oliver Wulff
http://owulff.blogspot.com
Solution Architect
Talend Application Integration Division http://www.talend.com
________________________________________
Von: scmakhaye [scmakhaye@gmail.com]
Gesendet: Mittwoch, 7. März 2012 23:49
Bis: users@cxf.apache.org
Betreff: Re: AW: HTTP Status 403 - Requesting security token failed
*Tomcat instance 2*
Mar 7, 2012 11:47:00 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:00 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /
Mar 7, 2012 11:47:00 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:00 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:01 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:01 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /tomcat.css
Mar 7, 2012 11:47:01 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:01 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:01 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /tomcat.png
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /bg-upper.png
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /bg-nav.png
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /bg-button.png
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /bg-middle.png
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /asf-logo.png
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /manager/html
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against GET /html --> true
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against GET /html --> true
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Calling hasUserDataPermission()
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
hasUserDataPermission
FINE: User data constraint has no restrictions
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Calling authenticate()
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
authenticate
FINE: authenticate invoked
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
authenticate
FINE: Save request in session '46CDFE0A261E845160D624A96594A579'
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Failed authenticate() test
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /fedizidp/
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
*Tomcat instance 1*
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against PUT /html/deploy --> true
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against PUT /html/deploy --> true
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
hasUserDataPermission
FINE: User data constraint has no restrictions
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.CombinedRealm authenticate
FINE: Attempting to authenticate user "admin" with realm
"org.apache.catalina.realm.UserDatabaseRealm/1.0"
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.CombinedRealm authenticate
FINE: Authenticated user "admin" with realm
"org.apache.catalina.realm.UserDatabaseRealm/1.0"
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
hasResourcePermission
FINE: Checking roles GenericPrincipal[admin(manager-gui,)]
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase hasRole
FINE: Username admin has role manager-gui
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
hasResourcePermission
FINE: Role found: manager-gui
Mar 7, 2012 11:42:38 PM org.apache.catalina.startup.HostConfig
checkResources
INFO: Undeploying context [/fedizidp]
Mar 7, 2012 11:42:39 PM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
C:\apache-tomcat-7.0.25\webapps\fedizidp.war
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against PUT /html/deploy --> true
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against PUT /html/deploy --> true
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
hasUserDataPermission
FINE: User data constraint has no restrictions
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.CombinedRealm authenticate
FINE: Attempting to authenticate user "admin" with realm
"org.apache.catalina.realm.UserDatabaseRealm/1.0"
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.CombinedRealm authenticate
FINE: Authenticated user "admin" with realm
"org.apache.catalina.realm.UserDatabaseRealm/1.0"
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
hasResourcePermission
FINE: Checking roles GenericPrincipal[admin(manager-gui,)]
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase hasRole
FINE: Username admin has role manager-gui
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
hasResourcePermission
FINE: Role found: manager-gui
Mar 7, 2012 11:43:33 PM org.apache.catalina.startup.HostConfig
checkResources
INFO: Undeploying context [/fedizidpsts]
Mar 7, 2012 11:43:34 PM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
C:\apache-tomcat-7.0.25\webapps\fedizidpsts.war
I did what asked ... but still it complains about certificates
can not deploy deploy fedizhelloworld it doesnt contain any files in the
folder
*
This is how the tomcat server instance 2 after deploying fediz-(core and
tomcat)*
cate
FINE: authenticate invoked
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
authenti
cate
FINE: Save request in session '46CDFE0A261E845160D624A96594A579'
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Failed authenticate() test
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Security checking request GET /fedizidp/
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstrai
nts
FINE: No applicable constraints defined
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:10 PM
org.apache.cxf.configuration.jsse.spring.TLSParameterJax
BUtils getKeyStore
SEVERE: Could not load keystore resource clientstore.jks
Mar 7, 2012 11:47:10 PM
org.apache.cxf.configuration.jsse.spring.TLSParameterJax
BUtils getKeyStore
SEVERE: Could not load keystore resource clientstore.jks
org.apache.cxf.service.factory.ServiceConstructionException: Failed to
create se
rvice.
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:94)
at
org.apache.cxf.ws.security.trust.STSClient.createClient(STSClient.jav
a:500)
at
org.talend.security.idp.IdpSTSClient.requestSecurityTokenResponse(Idp
STSClient.java:44)
at
org.talend.security.idp.IdpSTSClient.requestSecurityTokenResponse(Idp
STSClient.java:39)
at
org.talend.security.idp.IdpServlet.requestSecurityToken(IdpServlet.ja
va:218)
at org.talend.security.idp.IdpServlet.doGet(IdpServlet.java:138)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:305)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:210)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:224)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:169)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
torBase.java:472)
at
org.apache.fediz.tomcat.FederationAuthenticator.invoke(FederationAuth
enticator.java:199)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:168)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:98)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:
927)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:118)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:407)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp
11Processor.java:987)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(
AbstractProtocol.java:579)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoin
t.java:1600)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExec
utor.java:886)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor
.java:908)
at java.lang.Thread.run(Thread.java:662)
Caused by: javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR:
Prob
lem parsing 'https://localhost:9443/wsfedidpsts/STSService?wsdl'.:
javax.net.ssl
.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path
bui
lding failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable
to find valid certification path to requested target
at
com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2133)
at
com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2325)
at
com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2357)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.
java:244)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.j
ava:191)
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:92)
... 24 more
Caused by: javax.net.ssl.SSLHandshakeException:
sun.security.validator.Validator
Exception: PKIX path building failed:
sun.security.provider.certpath.SunCertPath
BuilderException: unable to find valid certification path to requested
target
at
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1
649)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:1206)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHa
ndshaker.java:136)
at
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:5
93)
at
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.jav
a:529)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.j
ava:893)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SS
LSocketImpl.java:1138)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1165)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1149)
at
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:
434)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(AbstractDelegateHttpsURLConnection.java:166)
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLCon
nection.java:1172)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Http
sURLConnectionImpl.java:234)
at
com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrent
Entity(XMLEntityManager.java:677)
at
com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineD
ocVersion(XMLVersionDetector.java:186)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:772)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:737)
at
com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.
java:119)
at
com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.
java:235)
at
com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(Doc
umentBuilderImpl.java:284)
at
com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2123)
... 29 more
Caused by: sun.security.validator.ValidatorException: PKIX path building
failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
vali
d certification path to requested target
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
at
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.jav
a:217)
at sun.security.validator.Validator.validate(Validator.java:218)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustM
anagerImpl.java:126)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:209)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:249)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:1185)
... 48 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to
find valid certification path to requested target
at
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCert
PathBuilder.java:174)
at
java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
... 54 more
Mar 7, 2012 11:47:10 PM org.talend.security.idp.IdpServlet doGet
INFO: Requesting security token failed
org.apache.cxf.service.factory.ServiceConstructionException: Failed to
create se
rvice.
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:94)
at
org.apache.cxf.ws.security.trust.STSClient.createClient(STSClient.jav
a:500)
at
org.talend.security.idp.IdpSTSClient.requestSecurityTokenResponse(Idp
STSClient.java:44)
at
org.talend.security.idp.IdpSTSClient.requestSecurityTokenResponse(Idp
STSClient.java:39)
at
org.talend.security.idp.IdpServlet.requestSecurityToken(IdpServlet.ja
va:218)
at org.talend.security.idp.IdpServlet.doGet(IdpServlet.java:138)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:305)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:210)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:224)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:169)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
torBase.java:472)
at
org.apache.fediz.tomcat.FederationAuthenticator.invoke(FederationAuth
enticator.java:199)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:168)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:98)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:
927)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:118)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:407)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp
11Processor.java:987)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(
AbstractProtocol.java:579)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoin
t.java:1600)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExec
utor.java:886)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor
.java:908)
at java.lang.Thread.run(Thread.java:662)
Caused by: javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR:
Prob
lem parsing 'https://localhost:9443/wsfedidpsts/STSService?wsdl'.:
javax.net.ssl
.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path
bui
lding failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable
to find valid certification path to requested target
at
com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2133)
at
com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2325)
at
com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2357)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.
java:244)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.j
ava:191)
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:92)
... 24 more
Caused by: javax.net.ssl.SSLHandshakeException:
sun.security.validator.Validator
Exception: PKIX path building failed:
sun.security.provider.certpath.SunCertPath
BuilderException: unable to find valid certification path to requested
target
at
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1
649)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:1206)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHa
ndshaker.java:136)
at
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:5
93)
at
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.jav
a:529)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.j
ava:893)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SS
LSocketImpl.java:1138)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1165)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1149)
at
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:
434)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(AbstractDelegateHttpsURLConnection.java:166)
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLCon
nection.java:1172)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Http
sURLConnectionImpl.java:234)
at
com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrent
Entity(XMLEntityManager.java:677)
at
com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineD
ocVersion(XMLVersionDetector.java:186)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:772)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:737)
at
com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.
java:119)
at
com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.
java:235)
at
com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(Doc
umentBuilderImpl.java:284)
at
com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2123)
... 29 more
Caused by: sun.security.validator.ValidatorException: PKIX path building
failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
vali
d certification path to requested target
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
at
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.jav
a:217)
at sun.security.validator.Validator.validate(Validator.java:218)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustM
anagerImpl.java:126)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:209)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:249)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:1185)
... 48 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to
find valid certification path to requested target
at
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCert
PathBuilder.java:174)
at
java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
... 54 more
-----
_ _ _ _ _ _ _
Siboniso Makhaye
--
View this message in context: http://cxf.547215.n5.nabble.com/HTTP-Status-403-Requesting-security-token-failed-tp5543684p5545896.html
Sent from the cxf-user mailing list archive at Nabble.com.
AW: AW: HTTP Status 403 - Requesting security token failed
Posted by Oliver Wulff <ow...@talend.com>.
I've prepared a zip file which contains two tomcat instances:
- tomcat-idp
- tomcat-rp (contains the application)
You can download it here:
https://docs.google.com/open?id=0B39bWm6JgpkfMDZDVkFZemdTX202YlVWM2xMUjEwdw
After starting the two tomcat instances, open a browser and enter the following url:
https://localhost:8443/fedizhelloworld/secureservlet/fed
The following usernames are configured:
user: alice password:ecila
user: bob password:bob
user: ted password:det
HTH
Oli
------
Oliver Wulff
http://owulff.blogspot.com
Solution Architect
Talend Application Integration Division http://www.talend.com
________________________________________
Von: Oliver Wulff [owulff@talend.com]
Gesendet: Donnerstag, 8. März 2012 17:38
Bis: users@cxf.apache.org
Betreff: AW: AW: HTTP Status 403 - Requesting security token failed
Hi there
The fedizidp can't securely connect to the fedizidpsts (clientkeystore.jks).
I'll prepare a package with two tomcat instances and upload it to google docs and send the link...
Thanks
------
Oliver Wulff
http://owulff.blogspot.com
Solution Architect
Talend Application Integration Division http://www.talend.com
________________________________________
Von: scmakhaye [scmakhaye@gmail.com]
Gesendet: Mittwoch, 7. März 2012 23:49
Bis: users@cxf.apache.org
Betreff: Re: AW: HTTP Status 403 - Requesting security token failed
*Tomcat instance 2*
Mar 7, 2012 11:47:00 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:00 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /
Mar 7, 2012 11:47:00 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:00 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:01 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:01 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /tomcat.css
Mar 7, 2012 11:47:01 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:01 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:01 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /tomcat.png
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /bg-upper.png
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /bg-nav.png
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /bg-button.png
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /bg-middle.png
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /asf-logo.png
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /manager/html
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against GET /html --> true
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against GET /html --> true
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Calling hasUserDataPermission()
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
hasUserDataPermission
FINE: User data constraint has no restrictions
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Calling authenticate()
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
authenticate
FINE: authenticate invoked
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
authenticate
FINE: Save request in session '46CDFE0A261E845160D624A96594A579'
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Failed authenticate() test
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /fedizidp/
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
*Tomcat instance 1*
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against PUT /html/deploy --> true
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against PUT /html/deploy --> true
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
hasUserDataPermission
FINE: User data constraint has no restrictions
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.CombinedRealm authenticate
FINE: Attempting to authenticate user "admin" with realm
"org.apache.catalina.realm.UserDatabaseRealm/1.0"
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.CombinedRealm authenticate
FINE: Authenticated user "admin" with realm
"org.apache.catalina.realm.UserDatabaseRealm/1.0"
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
hasResourcePermission
FINE: Checking roles GenericPrincipal[admin(manager-gui,)]
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase hasRole
FINE: Username admin has role manager-gui
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
hasResourcePermission
FINE: Role found: manager-gui
Mar 7, 2012 11:42:38 PM org.apache.catalina.startup.HostConfig
checkResources
INFO: Undeploying context [/fedizidp]
Mar 7, 2012 11:42:39 PM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
C:\apache-tomcat-7.0.25\webapps\fedizidp.war
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against PUT /html/deploy --> true
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against PUT /html/deploy --> true
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
hasUserDataPermission
FINE: User data constraint has no restrictions
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.CombinedRealm authenticate
FINE: Attempting to authenticate user "admin" with realm
"org.apache.catalina.realm.UserDatabaseRealm/1.0"
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.CombinedRealm authenticate
FINE: Authenticated user "admin" with realm
"org.apache.catalina.realm.UserDatabaseRealm/1.0"
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
hasResourcePermission
FINE: Checking roles GenericPrincipal[admin(manager-gui,)]
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase hasRole
FINE: Username admin has role manager-gui
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
hasResourcePermission
FINE: Role found: manager-gui
Mar 7, 2012 11:43:33 PM org.apache.catalina.startup.HostConfig
checkResources
INFO: Undeploying context [/fedizidpsts]
Mar 7, 2012 11:43:34 PM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
C:\apache-tomcat-7.0.25\webapps\fedizidpsts.war
I did what asked ... but still it complains about certificates
can not deploy deploy fedizhelloworld it doesnt contain any files in the
folder
*
This is how the tomcat server instance 2 after deploying fediz-(core and
tomcat)*
cate
FINE: authenticate invoked
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
authenti
cate
FINE: Save request in session '46CDFE0A261E845160D624A96594A579'
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Failed authenticate() test
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Security checking request GET /fedizidp/
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstrai
nts
FINE: No applicable constraints defined
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:10 PM
org.apache.cxf.configuration.jsse.spring.TLSParameterJax
BUtils getKeyStore
SEVERE: Could not load keystore resource clientstore.jks
Mar 7, 2012 11:47:10 PM
org.apache.cxf.configuration.jsse.spring.TLSParameterJax
BUtils getKeyStore
SEVERE: Could not load keystore resource clientstore.jks
org.apache.cxf.service.factory.ServiceConstructionException: Failed to
create se
rvice.
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:94)
at
org.apache.cxf.ws.security.trust.STSClient.createClient(STSClient.jav
a:500)
at
org.talend.security.idp.IdpSTSClient.requestSecurityTokenResponse(Idp
STSClient.java:44)
at
org.talend.security.idp.IdpSTSClient.requestSecurityTokenResponse(Idp
STSClient.java:39)
at
org.talend.security.idp.IdpServlet.requestSecurityToken(IdpServlet.ja
va:218)
at org.talend.security.idp.IdpServlet.doGet(IdpServlet.java:138)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:305)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:210)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:224)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:169)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
torBase.java:472)
at
org.apache.fediz.tomcat.FederationAuthenticator.invoke(FederationAuth
enticator.java:199)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:168)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:98)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:
927)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:118)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:407)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp
11Processor.java:987)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(
AbstractProtocol.java:579)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoin
t.java:1600)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExec
utor.java:886)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor
.java:908)
at java.lang.Thread.run(Thread.java:662)
Caused by: javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR:
Prob
lem parsing 'https://localhost:9443/wsfedidpsts/STSService?wsdl'.:
javax.net.ssl
.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path
bui
lding failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable
to find valid certification path to requested target
at
com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2133)
at
com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2325)
at
com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2357)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.
java:244)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.j
ava:191)
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:92)
... 24 more
Caused by: javax.net.ssl.SSLHandshakeException:
sun.security.validator.Validator
Exception: PKIX path building failed:
sun.security.provider.certpath.SunCertPath
BuilderException: unable to find valid certification path to requested
target
at
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1
649)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:1206)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHa
ndshaker.java:136)
at
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:5
93)
at
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.jav
a:529)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.j
ava:893)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SS
LSocketImpl.java:1138)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1165)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1149)
at
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:
434)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(AbstractDelegateHttpsURLConnection.java:166)
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLCon
nection.java:1172)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Http
sURLConnectionImpl.java:234)
at
com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrent
Entity(XMLEntityManager.java:677)
at
com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineD
ocVersion(XMLVersionDetector.java:186)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:772)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:737)
at
com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.
java:119)
at
com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.
java:235)
at
com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(Doc
umentBuilderImpl.java:284)
at
com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2123)
... 29 more
Caused by: sun.security.validator.ValidatorException: PKIX path building
failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
vali
d certification path to requested target
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
at
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.jav
a:217)
at sun.security.validator.Validator.validate(Validator.java:218)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustM
anagerImpl.java:126)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:209)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:249)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:1185)
... 48 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to
find valid certification path to requested target
at
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCert
PathBuilder.java:174)
at
java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
... 54 more
Mar 7, 2012 11:47:10 PM org.talend.security.idp.IdpServlet doGet
INFO: Requesting security token failed
org.apache.cxf.service.factory.ServiceConstructionException: Failed to
create se
rvice.
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:94)
at
org.apache.cxf.ws.security.trust.STSClient.createClient(STSClient.jav
a:500)
at
org.talend.security.idp.IdpSTSClient.requestSecurityTokenResponse(Idp
STSClient.java:44)
at
org.talend.security.idp.IdpSTSClient.requestSecurityTokenResponse(Idp
STSClient.java:39)
at
org.talend.security.idp.IdpServlet.requestSecurityToken(IdpServlet.ja
va:218)
at org.talend.security.idp.IdpServlet.doGet(IdpServlet.java:138)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:305)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:210)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:224)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:169)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
torBase.java:472)
at
org.apache.fediz.tomcat.FederationAuthenticator.invoke(FederationAuth
enticator.java:199)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:168)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:98)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:
927)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:118)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:407)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp
11Processor.java:987)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(
AbstractProtocol.java:579)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoin
t.java:1600)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExec
utor.java:886)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor
.java:908)
at java.lang.Thread.run(Thread.java:662)
Caused by: javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR:
Prob
lem parsing 'https://localhost:9443/wsfedidpsts/STSService?wsdl'.:
javax.net.ssl
.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path
bui
lding failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable
to find valid certification path to requested target
at
com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2133)
at
com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2325)
at
com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2357)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.
java:244)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.j
ava:191)
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:92)
... 24 more
Caused by: javax.net.ssl.SSLHandshakeException:
sun.security.validator.Validator
Exception: PKIX path building failed:
sun.security.provider.certpath.SunCertPath
BuilderException: unable to find valid certification path to requested
target
at
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1
649)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:1206)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHa
ndshaker.java:136)
at
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:5
93)
at
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.jav
a:529)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.j
ava:893)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SS
LSocketImpl.java:1138)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1165)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1149)
at
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:
434)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(AbstractDelegateHttpsURLConnection.java:166)
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLCon
nection.java:1172)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Http
sURLConnectionImpl.java:234)
at
com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrent
Entity(XMLEntityManager.java:677)
at
com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineD
ocVersion(XMLVersionDetector.java:186)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:772)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:737)
at
com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.
java:119)
at
com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.
java:235)
at
com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(Doc
umentBuilderImpl.java:284)
at
com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2123)
... 29 more
Caused by: sun.security.validator.ValidatorException: PKIX path building
failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
vali
d certification path to requested target
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
at
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.jav
a:217)
at sun.security.validator.Validator.validate(Validator.java:218)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustM
anagerImpl.java:126)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:209)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:249)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:1185)
... 48 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to
find valid certification path to requested target
at
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCert
PathBuilder.java:174)
at
java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
... 54 more
-----
_ _ _ _ _ _ _
Siboniso Makhaye
--
View this message in context: http://cxf.547215.n5.nabble.com/HTTP-Status-403-Requesting-security-token-failed-tp5543684p5545896.html
Sent from the cxf-user mailing list archive at Nabble.com.
AW: AW: HTTP Status 403 - Requesting security token failed
Posted by Oliver Wulff <ow...@talend.com>.
Hi there
The fedizidp can't securely connect to the fedizidpsts (clientkeystore.jks).
I'll prepare a package with two tomcat instances and upload it to google docs and send the link...
Thanks
------
Oliver Wulff
http://owulff.blogspot.com
Solution Architect
Talend Application Integration Division http://www.talend.com
________________________________________
Von: scmakhaye [scmakhaye@gmail.com]
Gesendet: Mittwoch, 7. März 2012 23:49
Bis: users@cxf.apache.org
Betreff: Re: AW: HTTP Status 403 - Requesting security token failed
*Tomcat instance 2*
Mar 7, 2012 11:47:00 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:00 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /
Mar 7, 2012 11:47:00 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:00 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:01 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:01 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /tomcat.css
Mar 7, 2012 11:47:01 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:01 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:01 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /tomcat.png
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /bg-upper.png
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /bg-nav.png
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /bg-button.png
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /bg-middle.png
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /asf-logo.png
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /manager/html
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against GET /html --> true
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against GET /html --> true
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Calling hasUserDataPermission()
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
hasUserDataPermission
FINE: User data constraint has no restrictions
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Calling authenticate()
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
authenticate
FINE: authenticate invoked
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
authenticate
FINE: Save request in session '46CDFE0A261E845160D624A96594A579'
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Failed authenticate() test
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /fedizidp/
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
*Tomcat instance 1*
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against PUT /html/deploy --> true
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against PUT /html/deploy --> true
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
hasUserDataPermission
FINE: User data constraint has no restrictions
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.CombinedRealm authenticate
FINE: Attempting to authenticate user "admin" with realm
"org.apache.catalina.realm.UserDatabaseRealm/1.0"
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.CombinedRealm authenticate
FINE: Authenticated user "admin" with realm
"org.apache.catalina.realm.UserDatabaseRealm/1.0"
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
hasResourcePermission
FINE: Checking roles GenericPrincipal[admin(manager-gui,)]
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase hasRole
FINE: Username admin has role manager-gui
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
hasResourcePermission
FINE: Role found: manager-gui
Mar 7, 2012 11:42:38 PM org.apache.catalina.startup.HostConfig
checkResources
INFO: Undeploying context [/fedizidp]
Mar 7, 2012 11:42:39 PM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
C:\apache-tomcat-7.0.25\webapps\fedizidp.war
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against PUT /html/deploy --> true
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against PUT /html/deploy --> true
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
hasUserDataPermission
FINE: User data constraint has no restrictions
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.CombinedRealm authenticate
FINE: Attempting to authenticate user "admin" with realm
"org.apache.catalina.realm.UserDatabaseRealm/1.0"
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.CombinedRealm authenticate
FINE: Authenticated user "admin" with realm
"org.apache.catalina.realm.UserDatabaseRealm/1.0"
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
hasResourcePermission
FINE: Checking roles GenericPrincipal[admin(manager-gui,)]
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase hasRole
FINE: Username admin has role manager-gui
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
hasResourcePermission
FINE: Role found: manager-gui
Mar 7, 2012 11:43:33 PM org.apache.catalina.startup.HostConfig
checkResources
INFO: Undeploying context [/fedizidpsts]
Mar 7, 2012 11:43:34 PM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
C:\apache-tomcat-7.0.25\webapps\fedizidpsts.war
I did what asked ... but still it complains about certificates
can not deploy deploy fedizhelloworld it doesnt contain any files in the
folder
*
This is how the tomcat server instance 2 after deploying fediz-(core and
tomcat)*
cate
FINE: authenticate invoked
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
authenti
cate
FINE: Save request in session '46CDFE0A261E845160D624A96594A579'
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Failed authenticate() test
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Security checking request GET /fedizidp/
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstrai
nts
FINE: No applicable constraints defined
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:10 PM
org.apache.cxf.configuration.jsse.spring.TLSParameterJax
BUtils getKeyStore
SEVERE: Could not load keystore resource clientstore.jks
Mar 7, 2012 11:47:10 PM
org.apache.cxf.configuration.jsse.spring.TLSParameterJax
BUtils getKeyStore
SEVERE: Could not load keystore resource clientstore.jks
org.apache.cxf.service.factory.ServiceConstructionException: Failed to
create se
rvice.
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:94)
at
org.apache.cxf.ws.security.trust.STSClient.createClient(STSClient.jav
a:500)
at
org.talend.security.idp.IdpSTSClient.requestSecurityTokenResponse(Idp
STSClient.java:44)
at
org.talend.security.idp.IdpSTSClient.requestSecurityTokenResponse(Idp
STSClient.java:39)
at
org.talend.security.idp.IdpServlet.requestSecurityToken(IdpServlet.ja
va:218)
at org.talend.security.idp.IdpServlet.doGet(IdpServlet.java:138)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:305)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:210)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:224)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:169)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
torBase.java:472)
at
org.apache.fediz.tomcat.FederationAuthenticator.invoke(FederationAuth
enticator.java:199)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:168)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:98)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:
927)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:118)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:407)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp
11Processor.java:987)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(
AbstractProtocol.java:579)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoin
t.java:1600)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExec
utor.java:886)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor
.java:908)
at java.lang.Thread.run(Thread.java:662)
Caused by: javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR:
Prob
lem parsing 'https://localhost:9443/wsfedidpsts/STSService?wsdl'.:
javax.net.ssl
.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path
bui
lding failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable
to find valid certification path to requested target
at
com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2133)
at
com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2325)
at
com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2357)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.
java:244)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.j
ava:191)
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:92)
... 24 more
Caused by: javax.net.ssl.SSLHandshakeException:
sun.security.validator.Validator
Exception: PKIX path building failed:
sun.security.provider.certpath.SunCertPath
BuilderException: unable to find valid certification path to requested
target
at
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1
649)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:1206)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHa
ndshaker.java:136)
at
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:5
93)
at
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.jav
a:529)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.j
ava:893)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SS
LSocketImpl.java:1138)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1165)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1149)
at
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:
434)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(AbstractDelegateHttpsURLConnection.java:166)
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLCon
nection.java:1172)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Http
sURLConnectionImpl.java:234)
at
com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrent
Entity(XMLEntityManager.java:677)
at
com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineD
ocVersion(XMLVersionDetector.java:186)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:772)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:737)
at
com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.
java:119)
at
com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.
java:235)
at
com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(Doc
umentBuilderImpl.java:284)
at
com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2123)
... 29 more
Caused by: sun.security.validator.ValidatorException: PKIX path building
failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
vali
d certification path to requested target
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
at
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.jav
a:217)
at sun.security.validator.Validator.validate(Validator.java:218)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustM
anagerImpl.java:126)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:209)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:249)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:1185)
... 48 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to
find valid certification path to requested target
at
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCert
PathBuilder.java:174)
at
java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
... 54 more
Mar 7, 2012 11:47:10 PM org.talend.security.idp.IdpServlet doGet
INFO: Requesting security token failed
org.apache.cxf.service.factory.ServiceConstructionException: Failed to
create se
rvice.
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:94)
at
org.apache.cxf.ws.security.trust.STSClient.createClient(STSClient.jav
a:500)
at
org.talend.security.idp.IdpSTSClient.requestSecurityTokenResponse(Idp
STSClient.java:44)
at
org.talend.security.idp.IdpSTSClient.requestSecurityTokenResponse(Idp
STSClient.java:39)
at
org.talend.security.idp.IdpServlet.requestSecurityToken(IdpServlet.ja
va:218)
at org.talend.security.idp.IdpServlet.doGet(IdpServlet.java:138)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:305)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:210)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:224)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:169)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
torBase.java:472)
at
org.apache.fediz.tomcat.FederationAuthenticator.invoke(FederationAuth
enticator.java:199)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:168)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:98)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:
927)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:118)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:407)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp
11Processor.java:987)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(
AbstractProtocol.java:579)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoin
t.java:1600)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExec
utor.java:886)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor
.java:908)
at java.lang.Thread.run(Thread.java:662)
Caused by: javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR:
Prob
lem parsing 'https://localhost:9443/wsfedidpsts/STSService?wsdl'.:
javax.net.ssl
.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path
bui
lding failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable
to find valid certification path to requested target
at
com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2133)
at
com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2325)
at
com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2357)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.
java:244)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.j
ava:191)
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:92)
... 24 more
Caused by: javax.net.ssl.SSLHandshakeException:
sun.security.validator.Validator
Exception: PKIX path building failed:
sun.security.provider.certpath.SunCertPath
BuilderException: unable to find valid certification path to requested
target
at
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1
649)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:1206)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHa
ndshaker.java:136)
at
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:5
93)
at
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.jav
a:529)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.j
ava:893)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SS
LSocketImpl.java:1138)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1165)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1149)
at
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:
434)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(AbstractDelegateHttpsURLConnection.java:166)
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLCon
nection.java:1172)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Http
sURLConnectionImpl.java:234)
at
com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrent
Entity(XMLEntityManager.java:677)
at
com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineD
ocVersion(XMLVersionDetector.java:186)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:772)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:737)
at
com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.
java:119)
at
com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.
java:235)
at
com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(Doc
umentBuilderImpl.java:284)
at
com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2123)
... 29 more
Caused by: sun.security.validator.ValidatorException: PKIX path building
failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
vali
d certification path to requested target
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
at
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.jav
a:217)
at sun.security.validator.Validator.validate(Validator.java:218)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustM
anagerImpl.java:126)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:209)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:249)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:1185)
... 48 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to
find valid certification path to requested target
at
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCert
PathBuilder.java:174)
at
java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
... 54 more
-----
_ _ _ _ _ _ _
Siboniso Makhaye
--
View this message in context: http://cxf.547215.n5.nabble.com/HTTP-Status-403-Requesting-security-token-failed-tp5543684p5545896.html
Sent from the cxf-user mailing list archive at Nabble.com.
Re: AW: HTTP Status 403 - Requesting security token failed
Posted by scmakhaye <sc...@gmail.com>.
*Tomcat instance 2*
Mar 7, 2012 11:47:00 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:00 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /
Mar 7, 2012 11:47:00 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:00 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:01 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:01 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /tomcat.css
Mar 7, 2012 11:47:01 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:01 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:01 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /tomcat.png
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /bg-upper.png
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /bg-nav.png
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /bg-button.png
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /bg-middle.png
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /asf-logo.png
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:02 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:02 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /manager/html
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against GET /html --> true
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against GET /html --> true
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against GET /html --> false
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Calling hasUserDataPermission()
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
hasUserDataPermission
FINE: User data constraint has no restrictions
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Calling authenticate()
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
authenticate
FINE: authenticate invoked
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
authenticate
FINE: Save request in session '46CDFE0A261E845160D624A96594A579'
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Failed authenticate() test
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Security checking request GET /fedizidp/
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: No applicable constraints defined
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invoke
FINE: Not subject to any constraint
*Tomcat instance 1*
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against PUT /html/deploy --> true
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against PUT /html/deploy --> true
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
PUT /html/deploy --> false
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
hasUserDataPermission
FINE: User data constraint has no restrictions
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.CombinedRealm authenticate
FINE: Attempting to authenticate user "admin" with realm
"org.apache.catalina.realm.UserDatabaseRealm/1.0"
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.CombinedRealm authenticate
FINE: Authenticated user "admin" with realm
"org.apache.catalina.realm.UserDatabaseRealm/1.0"
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
hasResourcePermission
FINE: Checking roles GenericPrincipal[admin(manager-gui,)]
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase hasRole
FINE: Username admin has role manager-gui
Mar 7, 2012 11:42:36 PM org.apache.catalina.realm.RealmBase
hasResourcePermission
FINE: Role found: manager-gui
Mar 7, 2012 11:42:38 PM org.apache.catalina.startup.HostConfig
checkResources
INFO: Undeploying context [/fedizidp]
Mar 7, 2012 11:42:39 PM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
C:\apache-tomcat-7.0.25\webapps\fedizidp.war
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against PUT /html/deploy --> true
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Text Manager interface (for
scripts)]' against PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[JMX Proxy interface]'
against PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[HTML Manager interface (for
humans)]' against PUT /html/deploy --> true
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
findSecurityConstraints
FINE: Checking constraint 'SecurityConstraint[Status interface]' against
PUT /html/deploy --> false
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
hasUserDataPermission
FINE: User data constraint has no restrictions
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.CombinedRealm authenticate
FINE: Attempting to authenticate user "admin" with realm
"org.apache.catalina.realm.UserDatabaseRealm/1.0"
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.CombinedRealm authenticate
FINE: Authenticated user "admin" with realm
"org.apache.catalina.realm.UserDatabaseRealm/1.0"
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
hasResourcePermission
FINE: Checking roles GenericPrincipal[admin(manager-gui,)]
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase hasRole
FINE: Username admin has role manager-gui
Mar 7, 2012 11:43:32 PM org.apache.catalina.realm.RealmBase
hasResourcePermission
FINE: Role found: manager-gui
Mar 7, 2012 11:43:33 PM org.apache.catalina.startup.HostConfig
checkResources
INFO: Undeploying context [/fedizidpsts]
Mar 7, 2012 11:43:34 PM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
C:\apache-tomcat-7.0.25\webapps\fedizidpsts.war
I did what asked ... but still it complains about certificates
can not deploy deploy fedizhelloworld it doesnt contain any files in the
folder
*
This is how the tomcat server instance 2 after deploying fediz-(core and
tomcat)*
cate
FINE: authenticate invoked
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
authenti
cate
FINE: Save request in session '46CDFE0A261E845160D624A96594A579'
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Failed authenticate() test
Mar 7, 2012 11:47:09 PM org.apache.fediz.tomcat.FederationAuthenticator
invoke
FINE: WsFedAuthenticator:invoke()
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Security checking request GET /fedizidp/
Mar 7, 2012 11:47:09 PM org.apache.catalina.realm.RealmBase
findSecurityConstrai
nts
FINE: No applicable constraints defined
Mar 7, 2012 11:47:09 PM org.apache.catalina.authenticator.AuthenticatorBase
invo
ke
FINE: Not subject to any constraint
Mar 7, 2012 11:47:10 PM
org.apache.cxf.configuration.jsse.spring.TLSParameterJax
BUtils getKeyStore
SEVERE: Could not load keystore resource clientstore.jks
Mar 7, 2012 11:47:10 PM
org.apache.cxf.configuration.jsse.spring.TLSParameterJax
BUtils getKeyStore
SEVERE: Could not load keystore resource clientstore.jks
org.apache.cxf.service.factory.ServiceConstructionException: Failed to
create se
rvice.
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:94)
at
org.apache.cxf.ws.security.trust.STSClient.createClient(STSClient.jav
a:500)
at
org.talend.security.idp.IdpSTSClient.requestSecurityTokenResponse(Idp
STSClient.java:44)
at
org.talend.security.idp.IdpSTSClient.requestSecurityTokenResponse(Idp
STSClient.java:39)
at
org.talend.security.idp.IdpServlet.requestSecurityToken(IdpServlet.ja
va:218)
at org.talend.security.idp.IdpServlet.doGet(IdpServlet.java:138)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:305)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:210)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:224)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:169)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
torBase.java:472)
at
org.apache.fediz.tomcat.FederationAuthenticator.invoke(FederationAuth
enticator.java:199)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:168)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:98)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:
927)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:118)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:407)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp
11Processor.java:987)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(
AbstractProtocol.java:579)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoin
t.java:1600)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExec
utor.java:886)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor
.java:908)
at java.lang.Thread.run(Thread.java:662)
Caused by: javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR:
Prob
lem parsing 'https://localhost:9443/wsfedidpsts/STSService?wsdl'.:
javax.net.ssl
.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path
bui
lding failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable
to find valid certification path to requested target
at
com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2133)
at
com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2325)
at
com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2357)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.
java:244)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.j
ava:191)
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:92)
... 24 more
Caused by: javax.net.ssl.SSLHandshakeException:
sun.security.validator.Validator
Exception: PKIX path building failed:
sun.security.provider.certpath.SunCertPath
BuilderException: unable to find valid certification path to requested
target
at
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1
649)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:1206)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHa
ndshaker.java:136)
at
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:5
93)
at
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.jav
a:529)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.j
ava:893)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SS
LSocketImpl.java:1138)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1165)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1149)
at
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:
434)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(AbstractDelegateHttpsURLConnection.java:166)
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLCon
nection.java:1172)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Http
sURLConnectionImpl.java:234)
at
com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrent
Entity(XMLEntityManager.java:677)
at
com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineD
ocVersion(XMLVersionDetector.java:186)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:772)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:737)
at
com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.
java:119)
at
com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.
java:235)
at
com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(Doc
umentBuilderImpl.java:284)
at
com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2123)
... 29 more
Caused by: sun.security.validator.ValidatorException: PKIX path building
failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
vali
d certification path to requested target
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
at
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.jav
a:217)
at sun.security.validator.Validator.validate(Validator.java:218)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustM
anagerImpl.java:126)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:209)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:249)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:1185)
... 48 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to
find valid certification path to requested target
at
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCert
PathBuilder.java:174)
at
java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
... 54 more
Mar 7, 2012 11:47:10 PM org.talend.security.idp.IdpServlet doGet
INFO: Requesting security token failed
org.apache.cxf.service.factory.ServiceConstructionException: Failed to
create se
rvice.
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:94)
at
org.apache.cxf.ws.security.trust.STSClient.createClient(STSClient.jav
a:500)
at
org.talend.security.idp.IdpSTSClient.requestSecurityTokenResponse(Idp
STSClient.java:44)
at
org.talend.security.idp.IdpSTSClient.requestSecurityTokenResponse(Idp
STSClient.java:39)
at
org.talend.security.idp.IdpServlet.requestSecurityToken(IdpServlet.ja
va:218)
at org.talend.security.idp.IdpServlet.doGet(IdpServlet.java:138)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:621)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:722)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Appl
icationFilterChain.java:305)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationF
ilterChain.java:210)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperV
alve.java:224)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextV
alve.java:169)
at
org.apache.catalina.authenticator.AuthenticatorBase.invoke(Authentica
torBase.java:472)
at
org.apache.fediz.tomcat.FederationAuthenticator.invoke(FederationAuth
enticator.java:199)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.j
ava:168)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.j
ava:98)
at
org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:
927)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineVal
ve.java:118)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.jav
a:407)
at
org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp
11Processor.java:987)
at
org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(
AbstractProtocol.java:579)
at
org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoin
t.java:1600)
at
java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExec
utor.java:886)
at
java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor
.java:908)
at java.lang.Thread.run(Thread.java:662)
Caused by: javax.wsdl.WSDLException: WSDLException: faultCode=PARSER_ERROR:
Prob
lem parsing 'https://localhost:9443/wsfedidpsts/STSService?wsdl'.:
javax.net.ssl
.SSLHandshakeException: sun.security.validator.ValidatorException: PKIX path
bui
lding failed: sun.security.provider.certpath.SunCertPathBuilderException:
unable
to find valid certification path to requested target
at
com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2133)
at
com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2325)
at
com.ibm.wsdl.xml.WSDLReaderImpl.readWSDL(WSDLReaderImpl.java:2357)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.loadDefinition(WSDLManagerImpl.
java:244)
at
org.apache.cxf.wsdl11.WSDLManagerImpl.getDefinition(WSDLManagerImpl.j
ava:191)
at
org.apache.cxf.wsdl11.WSDLServiceFactory.<init>(WSDLServiceFactory.ja
va:92)
... 24 more
Caused by: javax.net.ssl.SSLHandshakeException:
sun.security.validator.Validator
Exception: PKIX path building failed:
sun.security.provider.certpath.SunCertPath
BuilderException: unable to find valid certification path to requested
target
at
com.sun.net.ssl.internal.ssl.Alerts.getSSLException(Alerts.java:174)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.fatal(SSLSocketImpl.java:1
649)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:241)
at
com.sun.net.ssl.internal.ssl.Handshaker.fatalSE(Handshaker.java:235)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:1206)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.processMessage(ClientHa
ndshaker.java:136)
at
com.sun.net.ssl.internal.ssl.Handshaker.processLoop(Handshaker.java:5
93)
at
com.sun.net.ssl.internal.ssl.Handshaker.process_record(Handshaker.jav
a:529)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.readRecord(SSLSocketImpl.j
ava:893)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.performInitialHandshake(SS
LSocketImpl.java:1138)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1165)
at
com.sun.net.ssl.internal.ssl.SSLSocketImpl.startHandshake(SSLSocketIm
pl.java:1149)
at
sun.net.www.protocol.https.HttpsClient.afterConnect(HttpsClient.java:
434)
at
sun.net.www.protocol.https.AbstractDelegateHttpsURLConnection.connect
(AbstractDelegateHttpsURLConnection.java:166)
at
sun.net.www.protocol.http.HttpURLConnection.getInputStream(HttpURLCon
nection.java:1172)
at
sun.net.www.protocol.https.HttpsURLConnectionImpl.getInputStream(Http
sURLConnectionImpl.java:234)
at
com.sun.org.apache.xerces.internal.impl.XMLEntityManager.setupCurrent
Entity(XMLEntityManager.java:677)
at
com.sun.org.apache.xerces.internal.impl.XMLVersionDetector.determineD
ocVersion(XMLVersionDetector.java:186)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:772)
at
com.sun.org.apache.xerces.internal.parsers.XML11Configuration.parse(X
ML11Configuration.java:737)
at
com.sun.org.apache.xerces.internal.parsers.XMLParser.parse(XMLParser.
java:119)
at
com.sun.org.apache.xerces.internal.parsers.DOMParser.parse(DOMParser.
java:235)
at
com.sun.org.apache.xerces.internal.jaxp.DocumentBuilderImpl.parse(Doc
umentBuilderImpl.java:284)
at
com.ibm.wsdl.xml.WSDLReaderImpl.getDocument(WSDLReaderImpl.java:2123)
... 29 more
Caused by: sun.security.validator.ValidatorException: PKIX path building
failed:
sun.security.provider.certpath.SunCertPathBuilderException: unable to find
vali
d certification path to requested target
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:323)
at
sun.security.validator.PKIXValidator.engineValidate(PKIXValidator.jav
a:217)
at sun.security.validator.Validator.validate(Validator.java:218)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.validate(X509TrustM
anagerImpl.java:126)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:209)
at
com.sun.net.ssl.internal.ssl.X509TrustManagerImpl.checkServerTrusted(
X509TrustManagerImpl.java:249)
at
com.sun.net.ssl.internal.ssl.ClientHandshaker.serverCertificate(Clien
tHandshaker.java:1185)
... 48 more
Caused by: sun.security.provider.certpath.SunCertPathBuilderException:
unable to
find valid certification path to requested target
at
sun.security.provider.certpath.SunCertPathBuilder.engineBuild(SunCert
PathBuilder.java:174)
at
java.security.cert.CertPathBuilder.build(CertPathBuilder.java:238)
at
sun.security.validator.PKIXValidator.doBuild(PKIXValidator.java:318)
... 54 more
-----
_ _ _ _ _ _ _
Siboniso Makhaye
--
View this message in context: http://cxf.547215.n5.nabble.com/HTTP-Status-403-Requesting-security-token-failed-tp5543684p5545896.html
Sent from the cxf-user mailing list archive at Nabble.com.
AW: HTTP Status 403 - Requesting security token failed
Posted by Oliver Wulff <ow...@talend.com>.
Hi there
1)
Could you increase the log level of tomcat instance 1 and 2:
Maybe increase the logging level in conf/logging.properties by adding the following lines:
org.apache.catalina.authenticator.level = FINEST
org.apache.catalina.realm.level = FINEST
2)
Please also remove fedizidp and fedizidpsts in tomcat instance 2.
3) It looks like that your application doesn't redirect to tomcat instance 1 (port is 8222 which is the one of tomcat instance 2)
https://localhost:8222/fedizidp/?wa=wsignin1.0&wreply=http%3A%2F%2Flocalhost%3A8282%2Fmanager%2Fhtml&wtrealm=http%3A%2F%2Flocalhost%3A8282%2Fmanager%2F
4) maybe try to deploy fedizhelloworld first before deploying your application.
HTH
Thanks
Oli
------
Oliver Wulff
http://owulff.blogspot.com
Solution Architect
Talend Application Integration Division http://www.talend.com
________________________________________
Von: scmakhaye [scmakhaye@gmail.com]
Gesendet: Mittwoch, 7. März 2012 11:15
Bis: users@cxf.apache.org
Betreff: HTTP Status 403 - Requesting security token failed
*Tomcat instance 1*
Mar 7, 2012 10:52:22 AM org.apache.catalina.core.StandardServer await
INFO: A valid shutdown command was received via the shutdown port. Stopping
the Server instance.
Mar 7, 2012 10:52:22 AM org.apache.coyote.AbstractProtocol pause
INFO: Pausing ProtocolHandler ["http-apr-9080"]
Mar 7, 2012 10:52:22 AM org.apache.coyote.AbstractProtocol pause
INFO: Pausing ProtocolHandler ["http-apr-9000"]
Mar 7, 2012 10:52:22 AM org.apache.coyote.AbstractProtocol pause
INFO: Pausing ProtocolHandler ["http-nio-8443"]
Mar 7, 2012 10:52:22 AM org.apache.coyote.AbstractProtocol pause
INFO: Pausing ProtocolHandler ["ajp-apr-8109"]
Mar 7, 2012 10:52:22 AM org.apache.catalina.core.StandardService
stopInternal
INFO: Stopping service Catalina
Mar 7, 2012 10:52:24 AM org.apache.coyote.AbstractProtocol stop
INFO: Stopping ProtocolHandler ["http-apr-9080"]
Mar 7, 2012 10:52:24 AM org.apache.coyote.AbstractProtocol stop
INFO: Stopping ProtocolHandler ["http-apr-9000"]
Mar 7, 2012 10:52:24 AM org.apache.coyote.AbstractProtocol stop
INFO: Stopping ProtocolHandler ["http-nio-8443"]
Mar 7, 2012 10:52:24 AM org.apache.coyote.AbstractProtocol stop
INFO: Stopping ProtocolHandler ["ajp-apr-8109"]
Mar 7, 2012 10:52:24 AM org.apache.coyote.AbstractProtocol destroy
INFO: Destroying ProtocolHandler ["http-apr-9080"]
Mar 7, 2012 10:52:24 AM org.apache.coyote.AbstractProtocol destroy
INFO: Destroying ProtocolHandler ["http-apr-9000"]
Mar 7, 2012 10:52:24 AM org.apache.coyote.AbstractProtocol destroy
INFO: Destroying ProtocolHandler ["http-nio-8443"]
Mar 7, 2012 10:52:24 AM org.apache.coyote.AbstractProtocol destroy
INFO: Destroying ProtocolHandler ["ajp-apr-8109"]
Mar 7, 2012 10:55:29 AM org.apache.catalina.core.AprLifecycleListener init
INFO: Loaded APR based Apache Tomcat Native library 1.1.22.
Mar 7, 2012 10:55:29 AM org.apache.catalina.core.AprLifecycleListener init
INFO: APR capabilities: IPv6 [false], sendfile [true], accept filters
[false], random [true].
Mar 7, 2012 10:55:30 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-apr-9080"]
Mar 7, 2012 10:55:30 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-apr-9000"]
Mar 7, 2012 10:55:30 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-nio-8443"]
Mar 7, 2012 10:55:31 AM org.apache.tomcat.util.net.NioSelectorPool
getSharedSelector
INFO: Using a shared selector for servlet write/read
Mar 7, 2012 10:55:31 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["ajp-apr-8109"]
Mar 7, 2012 10:55:31 AM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 2323 ms
Mar 7, 2012 10:55:31 AM org.apache.catalina.core.StandardService
startInternal
INFO: Starting service Catalina
Mar 7, 2012 10:55:31 AM org.apache.catalina.core.StandardEngine
startInternal
INFO: Starting Servlet Engine: Apache Tomcat/7.0.25
Mar 7, 2012 10:55:31 AM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
C:\apache-tomcat-7.0.25\webapps\wsfedidp.war
Mar 7, 2012 10:55:35 AM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
C:\apache-tomcat-7.0.25\webapps\wsfedidpsts.war
Mar 7, 2012 10:55:36 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\webapps\build
Mar 7, 2012 10:55:36 AM org.apache.catalina.startup.ContextConfig webConfig
Mar 7, 2012 10:55:38 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\webapps\docs
Mar 7, 2012 10:55:39 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\webapps\examples
Mar 7, 2012 10:55:41 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\webapps\host-manager
Mar 7, 2012 10:55:41 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\webapps\manager
Mar 7, 2012 10:55:41 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\webapps\ROOT
Mar 7, 2012 10:55:41 AM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-apr-9080"]
Mar 7, 2012 10:55:41 AM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-apr-9000"]
Mar 7, 2012 10:55:41 AM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-nio-8443"]
Mar 7, 2012 10:55:41 AM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["ajp-apr-8109"]
Mar 7, 2012 10:55:41 AM org.apache.catalina.startup.Catalina start
INFO: Server startup in 10762 ms
*Tomcat instance 2*
Mar 7, 2012 10:52:01 AM org.apache.catalina.core.StandardServer await
INFO: A valid shutdown command was received via the shutdown port. Stopping
the Server instance.
Mar 7, 2012 10:52:01 AM org.apache.coyote.AbstractProtocol pause
INFO: Pausing ProtocolHandler ["http-apr-8282"]
Mar 7, 2012 10:52:01 AM org.apache.coyote.AbstractProtocol pause
INFO: Pausing ProtocolHandler ["http-apr-8283"]
Mar 7, 2012 10:52:01 AM org.apache.coyote.AbstractProtocol pause
INFO: Pausing ProtocolHandler ["http-nio-8222"]
Mar 7, 2012 10:52:01 AM org.apache.coyote.AbstractProtocol pause
INFO: Pausing ProtocolHandler ["ajp-apr-8209"]
Mar 7, 2012 10:52:01 AM org.apache.catalina.core.StandardService
stopInternal
INFO: Stopping service Catalina
Mar 7, 2012 10:52:03 AM org.apache.coyote.AbstractProtocol stop
INFO: Stopping ProtocolHandler ["http-apr-8282"]
Mar 7, 2012 10:52:03 AM org.apache.coyote.AbstractProtocol stop
INFO: Stopping ProtocolHandler ["http-apr-8283"]
Mar 7, 2012 10:52:03 AM org.apache.coyote.AbstractProtocol stop
INFO: Stopping ProtocolHandler ["http-nio-8222"]
Mar 7, 2012 10:52:03 AM org.apache.coyote.AbstractProtocol stop
INFO: Stopping ProtocolHandler ["ajp-apr-8209"]
Mar 7, 2012 10:52:03 AM org.apache.coyote.AbstractProtocol destroy
INFO: Destroying ProtocolHandler ["http-apr-8282"]
Mar 7, 2012 10:52:03 AM org.apache.coyote.AbstractProtocol destroy
INFO: Destroying ProtocolHandler ["http-apr-8283"]
Mar 7, 2012 10:52:03 AM org.apache.coyote.AbstractProtocol destroy
INFO: Destroying ProtocolHandler ["http-nio-8222"]
Mar 7, 2012 10:52:03 AM org.apache.coyote.AbstractProtocol destroy
INFO: Destroying ProtocolHandler ["ajp-apr-8209"]
Mar 7, 2012 10:55:40 AM org.apache.catalina.core.AprLifecycleListener init
INFO: Loaded APR based Apache Tomcat Native library 1.1.22.
Mar 7, 2012 10:55:40 AM org.apache.catalina.core.AprLifecycleListener init
INFO: APR capabilities: IPv6 [false], sendfile [true], accept filters
[false], random [true].
Mar 7, 2012 10:55:42 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-apr-8282"]
Mar 7, 2012 10:55:42 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-apr-8283"]
Mar 7, 2012 10:55:42 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["http-nio-8222"]
Mar 7, 2012 10:55:42 AM org.apache.tomcat.util.net.NioSelectorPool
getSharedSelector
INFO: Using a shared selector for servlet write/read
Mar 7, 2012 10:55:42 AM org.apache.coyote.AbstractProtocol init
INFO: Initializing ProtocolHandler ["ajp-apr-8209"]
Mar 7, 2012 10:55:42 AM org.apache.catalina.startup.Catalina load
INFO: Initialization processed in 2671 ms
Mar 7, 2012 10:55:42 AM org.apache.catalina.core.StandardService
startInternal
INFO: Starting service Catalina
Mar 7, 2012 10:55:42 AM org.apache.catalina.core.StandardEngine
startInternal
INFO: Starting Servlet Engine: Apache Tomcat/7.0.25
Mar 7, 2012 10:55:42 AM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
C:\apache-tomcat-7.0.25\tomcat-instance2\webapps\fedizidp.war
Mar 7, 2012 10:55:47 AM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
C:\apache-tomcat-7.0.25\tomcat-instance2\webapps\fedizidpsts.war
Mar 7, 2012 10:55:48 AM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
C:\apache-tomcat-7.0.25\tomcat-instance2\webapps\wsfedidp.war
Mar 7, 2012 10:55:50 AM org.apache.catalina.startup.HostConfig deployWAR
INFO: Deploying web application archive
C:\apache-tomcat-7.0.25\tomcat-instance2\webapps\wsfedidpsts.war
Mar 7, 2012 10:55:51 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\tomcat-instance2\webapps\build
Mar 7, 2012 10:55:51 AM org.apache.catalina.startup.ContextConfig webConfig
SEVERE: Unable to determine URL for WEB-INF/classes
javax.naming.NameNotFoundException: Resource /WEB-INF/classes not found
Mar 7, 2012 10:55:52 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\tomcat-instance2\webapps\docs
Mar 7, 2012 10:55:54 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\tomcat-instance2\webapps\examples
Mar 7, 2012 10:55:56 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\tomcat-instance2\webapps\host-manager
Mar 7, 2012 10:55:56 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\tomcat-instance2\webapps\manager
Mar 7, 2012 10:55:56 AM org.apache.catalina.startup.HostConfig
deployDirectory
INFO: Deploying web application directory
C:\apache-tomcat-7.0.25\tomcat-instance2\webapps\ROOT
Mar 7, 2012 10:55:56 AM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-apr-8282"]
Mar 7, 2012 10:55:56 AM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-apr-8283"]
Mar 7, 2012 10:55:56 AM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["http-nio-8222"]
Mar 7, 2012 10:55:56 AM org.apache.coyote.AbstractProtocol start
INFO: Starting ProtocolHandler ["ajp-apr-8209"]
Mar 7, 2012 10:55:56 AM org.apache.catalina.startup.Catalina start
INFO: Server startup in 14133 ms
HTTP Status 403 - Requesting security token failed
type Status report
message Requesting security token failed
description Access to the specified resource (Requesting security token
failed) has been forbidden
https://localhost:8222/fedizidp/?wa=wsignin1.0&wreply=http%3A%2F%2Flocalhost%3A8282%2Fmanager%2Fhtml&wtrealm=http%3A%2F%2Flocalhost%3A8282%2Fmanager%2F
--
View this message in context: http://cxf.547215.n5.nabble.com/HTTP-Status-403-Requesting-security-token-failed-tp5543684p5543684.html
Sent from the cxf-user mailing list archive at Nabble.com.