Hi Hasintha, Thanks for the prompt response. I checked the corresponding policy files in both the versions ( */_system/config/repository/axis2/service-groups/org.wso2.carbon.sts-5.0* in registry). 'rampartConfig' section wasn't there in the latest pack, even though it was in the older pack. (i.e when service is secured with UTOverTransport policy)
Thanks, Kasun. On Tue, Jun 21, 2016 at 11:42 AM, Hasintha Indrajee <hasin...@wso2.com> wrote: > Services which are secured with policies are stored in registry . Can you > please check whether "rampartConfig" section is there in the policy which > is stored in the registry after applying the policy ? Please check in both > versions. > > On Tue, Jun 21, 2016 at 11:34 AM, Kasun Bandara <kas...@wso2.com> wrote: > >> Hi all, >> >> I'm attempting $subject on latest IS pack [1] . Below is the sample STS >> request that's I'm attempting. >> >> <s:Envelope xmlns:s="http://www.w3.org/2003/05/soap-envelope"; xmlns:wsa=" >> http://www.w3.org/2005/08/addressing"; >> xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"; >> xmlns:saml="urn:oasis:names:tc:SAML:1.0:assertion" >> xmlns:wssc="http://schemas.xmlsoap.org/ws/2005/02/sc"; xmlns:wst=" >> http://schemas.xmlsoap.org/ws/2005/02/trust"; >> xmlns:wsu=" >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd"; >> xmlns:wsse=" >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"; >> >> xmlns:ps="http://schemas.microsoft.com/Passport/SoapServices/PPCRL";> >> <s:Header> >> <wsa:Action s:mustUnderstand="1"> >> http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</wsa:Action> >> <wsa:To s:mustUnderstand="1"> >> https://localhost:9443/services/wso2carbon-sts.wso2carbon-stsHttpsSoap12Endpoint >> </wsa:To> >> <wsa:MessageID>1454429880</wsa:MessageID> >> <wsse:Security> >> <wsse:UsernameToken wsu:Id="user"> >> <wsse:Username>kasun</wsse:Username> >> <wsse:Password>kasun8888</wsse:Password> >> </wsse:UsernameToken> >> <wsu:Timestamp Id="Timestamp"> >> <wsu:Created>2016-06-02T15:40:01Z</wsu:Created> >> <wsu:Expires>2018-02-02T16:23:01Z</wsu:Expires> >> </wsu:Timestamp> >> </wsse:Security> >> </s:Header> >> <s:Body> >> <wst:RequestSecurityToken Id="RST0"> >> <wst:RequestType> >> http://schemas.xmlsoap.org/ws/2005/02/trust/Issue</wst:RequestType> >> <wsp:AppliesTo> >> <wsa:EndpointReference> >> <wsa:Address>urn:federation:MicrosoftOnline</wsa:Address> >> </wsa:EndpointReference> >> </wsp:AppliesTo> >> <wst:KeyType> >> http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey</wst:KeyType> >> </wst:RequestSecurityToken> >> </s:Body> >> </s:Envelope> >> >> >> I get the following SOAP response error after invoking the above request. >> >> <soapenv:Envelope xmlns:soapenv="http://www.w3.org/2003/05/soap-envelope >> "> >> <soapenv:Header xmlns:wsa="http://www.w3.org/2005/08/addressing";> >> <wsse:Security soapenv:mustUnderstand="true" xmlns:wsse=" >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd >> "> >> <wsu:Timestamp wsu:Id="Timestamp-1" xmlns:wsu=" >> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd >> "> >> <wsu:Created>2016-06-21T05:49:42.359Z</wsu:Created> >> <wsu:Expires>2016-06-21T05:54:42.359Z</wsu:Expires> >> </wsu:Timestamp> >> </wsse:Security> >> <wsa:Action>http://www.w3.org/2005/08/addressing/soap/fault >> </wsa:Action> >> <wsa:RelatesTo>1454429880</wsa:RelatesTo> >> </soapenv:Header> >> <soapenv:Body> >> <soapenv:Fault> >> <soapenv:Code> >> <soapenv:Value>soapenv:Receiver</soapenv:Value> >> </soapenv:Code> >> <soapenv:Reason> >> <soapenv:Text >> xml:lang="en-US">java.lang.NullPointerException</soapenv:Text> >> </soapenv:Reason> >> <soapenv:Detail/> >> </soapenv:Fault> >> </soapenv:Body> >> </soapenv:Envelope> >> >> In addition to this i can see following error stack in carbon logs. >> >> >> >> >> >> >> >> >> >> >> *TID: [-1234] [] [2016-06-21 11:19:42,267] ERROR >> {org.apache.axis2.transport.http.AxisServlet} - >> java.lang.NullPointerException at >> org.apache.rampart.PolicyBasedResultsValidator.validate(PolicyBasedResultsValidator.java:93) >> at org.apache.rampart.RampartEngine.process(RampartEngine.java:470) at >> org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92) >> at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340) at >> org.apache.axis2.engine.Phase.invoke(Phase.java:313) at >> org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261) at >> org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:167) at >> org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:173)* >> >> The same request works as expected with a older rampart version. When >> debugging this issue it was found that the Rampart Configuration class >> isn't initiated in the latest pack when starting the server, even though it >> initiates in the older pack. (i.e STS endpoint is secured with a >> UTOverTransport policy) >> >> Appreciate any feedback on this. >> >> >> >> Thanks, >> Kasun. >> >> >> [1] >> http://maven.wso2.org/nexus/content/repositories/snapshots/org/wso2/is/wso2is/5.2.0-SNAPSHOT/ >> >> >> >> >> >> -- >> Kasun Bandara >> *Software Engineer* >> Mobile : +94 (0) 718 338 360 >> <%2B94%20%280%29%20773%20451194> >> kas...@wso2.com <thili...@wso2.com> >> > > > > -- > Hasintha Indrajee > WSO2, Inc. > Mobile:+94 771892453 > > -- Kasun Bandara *Software Engineer* Mobile : +94 (0) 718 338 360 <%2B94%20%280%29%20773%20451194> kas...@wso2.com <thili...@wso2.com>
_______________________________________________ Dev mailing list Dev@wso2.org http://wso2.org/cgi-bin/mailman/listinfo/dev
