You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by Philippe Camus <Ph...@imail.org> on 2008/09/30 17:52:13 UTC
Rampart 1.4 STS sample not working
Hi,
The Rahas sample (05) works fine with Rampart 1.3. With 1.4, I get an exception:
[java] [SimpleHTTPServer] Started
[java] org.apache.rahas.TrustException: Error in building encrypted key for principal : "CN=Sample Service, OU=Rampart, O=Apache, L=Colombo, ST=W
estern, C=LK"
[java] at org.apache.rahas.impl.SAMLTokenIssuer.createHoKAssertion(SAMLTokenIssuer.java:330)
[java] at org.apache.rahas.impl.SAMLTokenIssuer.issue(SAMLTokenIssuer.java:159)
[java] at org.apache.rahas.TokenRequestDispatcher.handle(TokenRequestDispatcher.java:70)
[java] at org.apache.rahas.STSMessageReceiver.invokeBusinessLogic(STSMessageReceiver.java:57)
[java] at org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
[java] at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:100)
[java] at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:176)
[java] at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275)
[java] at org.apache.axis2.transport.http.HTTPWorker.service(HTTPWorker.java:278)
[java] at org.apache.axis2.transport.http.server.AxisHttpService.doService(AxisHttpService.java:281)
[java] at org.apache.axis2.transport.http.server.AxisHttpService.handleRequest(AxisHttpService.java:187)
[java] at org.apache.axis2.transport.http.server.HttpServiceProcessor.run(HttpServiceProcessor.java:82)
[java] at edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1061)
[java] at edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:575)
[java] at java.lang.Thread.run(Thread.java:619)
[java] Caused by: org.apache.ws.security.WSSecurityException: An unsupported signature or encryption algorithm was used (unsupported key transpor
t encryption algorithm: No such algorithm: http://www.w3.org/2001/04/xmlenc#rsa-1_5)
[java] at org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityUtil.java:689)
[java] at org.apache.ws.security.message.WSSecEncryptedKey.prepareInternal(WSSecEncryptedKey.java:195)
[java] at org.apache.ws.security.message.WSSecEncryptedKey.prepare(WSSecEncryptedKey.java:173)
[java] at org.apache.rahas.impl.SAMLTokenIssuer.createHoKAssertion(SAMLTokenIssuer.java:318)
I am (painfully) working my way through the policy file to understand what is mis-configured, but any help would be appreciated!
Thanks and best regards,
Phil
Re: Rampart 1.4 STS sample not working
Posted by Nandana Mihindukulasooriya <na...@gmail.com>.
Hi Phil,
Sample 05 is extended in Rampart 1.4 to demonstrate a complete trust
scenario but it seems now we use basic256 algorithm. Do you have
boncycastle installed as a crypto provider and what is the platform you are
in ?. In some OSes you only need to have the bouncycastle jar in your
classpath but it some OSes (like solaris) you need to edit the java.security
file. This thread [1] shows how to do it.
thanks,
nandana
[1] -
http://www.nabble.com/-SOLVED--No-such-algorithm%3A-http%3A--www.w3.org-2001-04-xmlenc-rsa-1_5-p6100235.html
On Tue, Sep 30, 2008 at 9:52 PM, Philippe Camus <Ph...@imail.org>wrote:
> Hi,
>
> The Rahas sample (05) works fine with Rampart 1.3. With 1.4, I get an
> exception:
>
> [java] [SimpleHTTPServer] Started
> [java] org.apache.rahas.TrustException: Error in building encrypted key
> for principal : "CN=Sample Service, OU=Rampart, O=Apache, L=Colombo, ST=W
> estern, C=LK"
> [java] at
> org.apache.rahas.impl.SAMLTokenIssuer.createHoKAssertion(SAMLTokenIssuer.java:330)
> [java] at
> org.apache.rahas.impl.SAMLTokenIssuer.issue(SAMLTokenIssuer.java:159)
> [java] at
> org.apache.rahas.TokenRequestDispatcher.handle(TokenRequestDispatcher.java:70)
> [java] at
> org.apache.rahas.STSMessageReceiver.invokeBusinessLogic(STSMessageReceiver.java:57)
> [java] at
> org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40)
> [java] at
> org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:100)
> [java] at
> org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:176)
> [java] at
> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:275)
> [java] at
> org.apache.axis2.transport.http.HTTPWorker.service(HTTPWorker.java:278)
> [java] at
> org.apache.axis2.transport.http.server.AxisHttpService.doService(AxisHttpService.java:281)
> [java] at
> org.apache.axis2.transport.http.server.AxisHttpService.handleRequest(AxisHttpService.java:187)
> [java] at
> org.apache.axis2.transport.http.server.HttpServiceProcessor.run(HttpServiceProcessor.java:82)
> [java] at
> edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1061)
> [java] at
> edu.emory.mathcs.backport.java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:575)
> [java] at java.lang.Thread.run(Thread.java:619)
> [java] Caused by: org.apache.ws.security.WSSecurityException: An
> unsupported signature or encryption algorithm was used (unsupported key
> transpor
> t encryption algorithm: No such algorithm:
> http://www.w3.org/2001/04/xmlenc#rsa-1_5)
> [java] at
> org.apache.ws.security.util.WSSecurityUtil.getCipherInstance(WSSecurityUtil.java:689)
> [java] at
> org.apache.ws.security.message.WSSecEncryptedKey.prepareInternal(WSSecEncryptedKey.java:195)
> [java] at
> org.apache.ws.security.message.WSSecEncryptedKey.prepare(WSSecEncryptedKey.java:173)
> [java] at
> org.apache.rahas.impl.SAMLTokenIssuer.createHoKAssertion(SAMLTokenIssuer.java:318)
>
> I am (painfully) working my way through the policy file to understand what
> is mis-configured, but any help would be appreciated!
>
> Thanks and best regards,
>
> Phil
>
--
Nandana Mihindukulasooriya
WSO2 inc.
http://nandana83.blogspot.com/
http://www.wso2.org