SAMLTokenSigned does not work

[Garzon Maldonado, Jesus Javier]

Hello all,

 

I'm working with AXIS 1.2 RC3 and jdk 1.5.0. I've appended unsigned SAML assertions to SOAP messages using SAMLTokenUnsigned action with no problems. Even I've applied SAMLTokenUnsigned Encrypt and Signature actions together successfully.

 

However if I try with SAMLTokenSigned action, an exception is thrown from WSDoAllReceiver handler because no signature crypto file is defined. (This exception is thrown from WSSecurityEngine class, line 531at verifyXMLSignature method).

 

Moreover, if I try to apply SAMLTokenSigned and any other action together (Encrypt or Signature) I get an error and the following message is shown:

WSDoAllReceiver: security processing failed (actions number mismatch)

 

Anybody could help me with these issues?. Someone has tried this before?

 

Thank you very much.

 

Bellow you can find configuration files I use in these examples.

 

client-config.wsdd

<handler name="DoSecuritySender" type="java:org.apache.ws.axis.security.WSDoAllSender">

<parameter name="user" value="wssecurity"/>

<parameter name="passwordCallbackClass" value="xxx.CPWCallback"/>

<parameter name="action" value="SAMLTokenSigned"/>

<parameter name="signaturePropFile" value="WEB-INF/wssecurity.properties"/>

<parameter name="encryptionPropFile" value="WEB-INF/wssecurity.properties"/>

<parameter name="encryptionSymAlgorithm" value="http://www.w3.org/2001/04/xmlenc#aes256-cbc"/>

<parameter name="signatureKeyIdentifier" value="DirectReference"/>

<parameter name="encryptionKeyIdentifier" value="X509KeyIdentifier"/>

<parameter name="samlPropFile" value="WEB-INF/saml.properties"/>

</handler>

 

server-config.wsdd

 

<handler name="DoSecurityReceiver" type="java:org.apache.ws.axis.security.WSDoAllReceiver">

<parameter name="passwordCallbackClass" value="xxx.CPWCallback"/>

<parameter name="action" value="SAMLTokenSigned"/>

<parameter name="signaturePropFile" value="WEB-INF/wssecurity.properties"/>

<parameter name="decryptionPropFile" value="WEB-INF/wssecurity.properties"/>

<parameter name="samlPropFile" value="WEB-INF/bpc2saml.properties"/>

</handler>

wssecurity.properties

 

org.apache.ws.security.crypto.provider=org.apache.ws.security.components.crypto.Merlin

org.apache.ws.security.crypto.merlin.keystore.type=jks

org.apache.ws.security.crypto.merlin.keystore.password=xxx

org.apache.ws.security.crypto.merlin.keystore.alias=wssecurity

org.apache.ws.security.crypto.merlin.alias.password=xxx

org.apache.ws.security.crypto.merlin.file=WEB-INF/wssecurity.jks

 

saml.properties

 

org.apache.ws.security.saml.issuerClass=org.apache.ws.security.saml.SAMLIssuerImpl

org.apache.ws.security.saml.issuer.cryptoProp.file=WEB-INF/wssecurity.properties

org.apache.ws.security.saml.issuer.key.name=wssecurity

org.apache.ws.security.saml.issuer.key.password=xxx

org.apache.ws.security.saml.issuer=xxx

org.apache.ws.security.saml.subjectNameId.name=yyyy

org.apache.ws.security.saml.subjectNameId.qualifier=xxx

org.apache.ws.security.saml.authenticationMethod=password

org.apache.ws.security.saml.confirmationMethod=senderVouches