You are viewing a plain text version of this content. The canonical link for it is here.
Posted to fx-dev@ws.apache.org by Rohit Chauhan <mo...@yahoo.com> on 2006/07/12 20:38:41 UTC

General security error (Unsupported key identification)

Hi,

I have a problem with sending a signed SAML token.
I am getting this error when my SAML token is signed
by my client application.


AxisFault

 faultCode:
{http://schemas.xmlsoap.org/soap/envelope/}Server.generalException

 faultSubcode: 

 faultString: WSHandler: Signed SAML: error during
message
processingorg.apache.ws.security.WSSecurityException:
General security error (Unsupported key
identification); nested exception is: 

      org.apache.ws.security.WSSecurityException:
WSHandler: Signed SAML: error during message
processingorg.apache.ws.security.WSSecurityException:
General security error (Unsupported key
identification)

 

 

I ran the code in debug mode with WSS4J SAML source
code.

 

It throws this error in
org\apache\ws\security\saml\WSSecSignatureSAML.java in
line # 364.

The “keyIdentifierType” sent by my keystore is 2
(equivalent to WSConstants.ISSUER_SERIAL )

The case block for this keyIdentifier is commented out
in this file for some reason.

Only the case block for keyIdentifierType= 1
(equivalent to WSConstants.BST_DIRECT_REFERENCE) has
the implementation.

 

I would appreciate any pointers to possible solution.

 

Thanks in advance.

 

-Rohit

 

PS:

 

Here are my properties configuration details.

 

 My client-deploy.wsdd file is defined as :

 

<deployment xmlns="http://xml.apache.org/axis/wsdd/"
xmlns:java="http://xml.apache.org/axis/wsdd/providers/java">

 <transport name="http"
pivot="java:org.apache.axis.transport.http.HTTPSender"/>

  <globalConfiguration >

   <requestFlow>

      <handler
type="java:org.apache.ws.axis.security.WSDoAllSender"
>

       <parameter name="action" value="Timestamp
SAMLTokenSigned"/>

       <parameter name="samlPropFile"
value="saml.properties"/>       

      </handler>

  </requestFlow>

  </globalConfiguration >

</deployment>

 

My saml.properties file is as follows:

 

org.apache.ws.security.saml.issuerClass=org.apache.ws.security.saml.SAMLIssuerImpl

org.apache.ws.security.saml.issuer.cryptoProp.file=crypto.client.properties

org.apache.ws.security.saml.issuer.key.name=clientkey

org.apache.ws.security.saml.issuer.key.password=clientkeypassword

org.apache.ws.security.saml.issuer=www.example.com

org.apache.ws.security.saml.subjectNameId.name=myuser

org.apache.ws.security.saml.subjectNameId.qualifier=www.example.com

org.apache.ws.security.saml.authenticationMethod=password

org.apache.ws.security.saml.confirmationMethod=senderVouches

 

My crypto.client.properties file is follows:

 

org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin

org.apache.ws.security.crypto.merlin.keystore.type=jks

org.apache.ws.security.crypto.merlin.keystore.password=client

org.apache.ws.security.crypto.merlin.file=client.keystore

I have created a keystore using keytool from sun java.



__________________________________________________
Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 
http://mail.yahoo.com 

---------------------------------------------------------------------
To unsubscribe, e-mail: wss4j-dev-unsubscribe@ws.apache.org
For additional commands, e-mail: wss4j-dev-help@ws.apache.org