You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by Rohit Chauhan <mo...@yahoo.com> on 2006/07/12 20:38:41 UTC
General security error (Unsupported key identification)
Hi,
I have a problem with sending a signed SAML token.
I am getting this error when my SAML token is signed
by my client application.
AxisFault
faultCode:
{http://schemas.xmlsoap.org/soap/envelope/}Server.generalException
faultSubcode:
faultString: WSHandler: Signed SAML: error during
message
processingorg.apache.ws.security.WSSecurityException:
General security error (Unsupported key
identification); nested exception is:
org.apache.ws.security.WSSecurityException:
WSHandler: Signed SAML: error during message
processingorg.apache.ws.security.WSSecurityException:
General security error (Unsupported key
identification)
I ran the code in debug mode with WSS4J SAML source
code.
It throws this error in
org\apache\ws\security\saml\WSSecSignatureSAML.java in
line # 364.
The “keyIdentifierType” sent by my keystore is 2
(equivalent to WSConstants.ISSUER_SERIAL )
The case block for this keyIdentifier is commented out
in this file for some reason.
Only the case block for keyIdentifierType= 1
(equivalent to WSConstants.BST_DIRECT_REFERENCE) has
the implementation.
I would appreciate any pointers to possible solution.
Thanks in advance.
-Rohit
PS:
Here are my properties configuration details.
My client-deploy.wsdd file is defined as :
<deployment xmlns="http://xml.apache.org/axis/wsdd/"
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">
<transport name="http"
pivot="java:org.apache.axis.transport.http.HTTPSender"/>
<globalConfiguration >
<requestFlow>
<handler
type="java:org.apache.ws.axis.security.WSDoAllSender"
>
<parameter name="action" value="Timestamp
SAMLTokenSigned"/>
<parameter name="samlPropFile"
value="saml.properties"/>
</handler>
</requestFlow>
</globalConfiguration >
</deployment>
My saml.properties file is as follows:
org.apache.ws.security.saml.issuerClass=org.apache.ws.security.saml.SAMLIssuerImpl
org.apache.ws.security.saml.issuer.cryptoProp.file=crypto.client.properties
org.apache.ws.security.saml.issuer.key.name=clientkey
org.apache.ws.security.saml.issuer.key.password=clientkeypassword
org.apache.ws.security.saml.issuer=www.example.com
org.apache.ws.security.saml.subjectNameId.name=myuser
org.apache.ws.security.saml.subjectNameId.qualifier=www.example.com
org.apache.ws.security.saml.authenticationMethod=password
org.apache.ws.security.saml.confirmationMethod=senderVouches
My crypto.client.properties file is follows:
org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin
org.apache.ws.security.crypto.merlin.keystore.type=jks
org.apache.ws.security.crypto.merlin.keystore.password=client
org.apache.ws.security.crypto.merlin.file=client.keystore
I have created a keystore using keytool from sun java.
__________________________________________________
Do You Yahoo!?
Tired of spam? Yahoo! Mail has the best spam protection around
http://mail.yahoo.com
---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org