That error is thrown if the SAML token contains a "holder-of-key" Subject Confirmation Method, but does not contain a Subject KeyInfo (or WSS4J can not parse the KeyInfo if it exists). Can you post the SAML Token that is causing the failure?
Colm. On Sat, Nov 12, 2011 at 7:19 PM, danlee100 <[email protected]> wrote: > I am getting the following error while trying to have CXF consume a SAML > token. What could be the cause of this error? > > Caused by: org.apache.ws.security.WSSecurityException: General security > error (Provided SAML token does not contain a suitable key) > at > org.apache.ws.security.validate.SamlAssertionValidator.validate(SamlAssertionValidator.java:61) > at > org.apache.ws.security.processor.SAMLTokenProcessor.handleSAMLToken(SAMLTokenProcessor.java:118) > at > org.apache.ws.security.processor.SAMLTokenProcessor.handleToken(SAMLTokenProcessor.java:53) > at > org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:396) > at > org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:249) > > By the way, I am using CXF 2.5.0 for the server while the client is .NET. > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/General-security-error-Provided-SAML-token-does-not-contain-a-suitable-key-tp4987459p4987459.html > Sent from the cxf-issues mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
