It's not the proxy.test application that requests a token.
What happens is that the proxy.web application makes a call to RPPS which
then requests a token from the STS.
It may be helpful if you could tell us the exact error message you are
getting.
But in any case, I agree it seems wrong that the <TokenType> and <Claims>
elements are empty.
Does anyone on the list know why a getTokenObject() RPPS call like the
following:
TokenResponseTO tokenResponseNotEncrypted = sei.getTokenObject(
username,
password,
policy,
"cardspace",
"",
new String[] { selectedCardTo.getCardId() } ,
"ITSUsernamePasswordCredential",
new String[] {
"url",
"saveCard",
"saveCredential",
"address",
"metadataAddress",
"username",
"password"
},
new String[] {
request.getRequestURL().toString(),
"false",
saveCredential ? "true" : "false",
uiTokenServiceCredential == null ? "" :
uiTokenServiceCredential.getAddress(),
uiTokenServiceCredential == null ? "" :
uiTokenServiceCredential.getMetadataAddress(),
cardUsername == null ? "" : cardUsername,
cardPassword == null ? "" : cardPassword
});
... could result in RPPS sending an RST with empty <TokenType> and <Claims>
??
Markus
On Thu, Jan 21, 2010 at 11:48 AM, Booth, Michael <[email protected]>wrote:
>
> I have installed the TokenService, cardsync, rp-simple, and the cloud
> selector. I am able to create cards from the token service and import them
> into my local cardsync through azigo desktop by pointing it into my local
> version of cardsync. I am able to use that card on the rp-simple site
> running locally. I am able to get through ModeAuth in the CloudSelector
> (proxy.test) web application successfully, however if I try to use any of
> the other tabs on the proxy.test web app pointing to my local cloud selector
> I get an error on the Axis Error on the TokenService stating that there is
> no configuration. I have captured the successful soap request from the
> rp-simple app and the bad request from the proxy.test app using the cloud
> selector and noticed that the proxy.test app request does not contain a
> TokenType or Required Claims as the rp-simple request does (please see
> below).
>
> What and where do I have to configure to fix this.
>
>
> THE GOOD REQUEST (FROM RP-SIMPLE):
> ----------------------------------
> 11:57:17,680 DEBUG LogHelper.trace (71): Request: <S:Envelope xmlns:S="
> http://ww
> w.w3.org/2003/05/soap-envelope"><S:Header><Security xmlns="
> http://docs.oasis-ope
> n.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsu:Timestamp
> xml
> ns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utili
>
> ty-1.0.xsd"><wsu:Created>2010-01-20T16:57:13.258Z</wsu:Created><wsu:Expires>2010
> -01-27T16:57:13.258Z</wsu:Expires></wsu:Timestamp><wsse:UsernameToken
> xmlns:wsse
> ="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0
> .
> xsd"><wsse:Username>mbooth</wsse:Username><wsse:Password Type="
> http://docs.oasis
> -
> open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
> ">
> mbooth</wsse:Password></wsse:UsernameToken></Security><To xmlns="
> http://www.w3.o
> rg/2005/08/addressing">https://localhost:9443/TokenService/services/Trust
> </To><A
> ction xmlns="http://www.w3.org/2005/08/addressing";>
> http://schemas.xmlsoap.org/ws
> /2005/02/trust/RST/Issue</Action><ReplyTo xmlns="
> http://www.w3.org/2005/08/addre
> ssing">
> <Address>http://www.w3.org/2005/08/addressing/anonymous</Address>
> </ReplyTo><MessageID xmlns="http://www.w3.org/2005/08/addressing
> ">uuid:c050b9ff-
>
> c9d2-484b-928e-20067b301caf</MessageID></S:Header><S:Body><wst:RequestSecurityTo
> ken xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust"; xmlns:ns10="
> http://w
> ww.w3.org/2001/10/xml-exc-c14n#" xmlns:ns6="
> http://schemas.xmlsoap.org/ws/2006/0
> 2/addressingidentity" xmlns:ns7="http://www.w3.org/2000/09/xmldsig#";
> xmlns:wsa="
> http://www.w3.org/2005/08/addressing"; xmlns:wsp="
> http://schemas.xmlsoap.org/ws/2
> 004/09/policy" xmlns:wssc="http://schemas.xmlsoap.org/ws/2005/02/sc";
> xmlns:wsse=
> "
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.x
> sd" xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurit
> y-utility-1.0.xsd"><wst:RequestType>
> http://schemas.xmlsoap.org/ws/2005/02/trust/
> Issue</wst:RequestType><InformationCardReference:InformationCardReference
> xmlns:
> InformationCardReference="http://schemas.xmlsoap.org/ws/2005/05/identity";
> xmlns=
> "http://schemas.xmlsoap.org/ws/2005/05/identity
> "><InformationCardReference:CardI
>
> d>urn:Sample-XML-File&cardid=mbooth-local-wednesday</InformationCardReferenc
>
> e:CardId><InformationCardReference:CardVersion>1</InformationCardReference:CardV
>
> ersion></InformationCardReference:InformationCardReference><ic:RequestDisplayTok
> en xmlns:ic="http://schemas.xmlsoap.org/ws/2005/05/identity";
> xml:lang="en-us"/><
>
> wst:TokenType>urn:oasis:names:tc:SAML:1.0:assertion</wst:TokenType><wst:Claims><
> ic:ClaimType xmlns:ic="http://schemas.xmlsoap.org/ws/2005/05/identity";
> Uri="http
> ://
> schemas.xmlsoap.org/ws/2005/05/identity/claims/privatepersonalidentifier
> "/><i
> c:ClaimType xmlns:ic="http://schemas.xmlsoap.org/ws/2005/05/identity";
> Uri="http:
> //schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
> "/></wst:Claims><ws
>
> t:Lifetime><wsu:Created>2010-01-20T11:57:17.605Z</wsu:Created><wsu:Expires>2010-
> 01-21T11:57:17.605Z</wsu:Expires></wst:Lifetime><wst:KeyType>
> http://schemas.xmls
> oap.org/ws/2005/05/identity/NoProofKey</wst:KeyType><ic:ClientPseudonym
> xmlns:ic
> ="http://schemas.xmlsoap.org/ws/2005/05/identity
> "><ic:PPID>QbxIK8+UQzkJfozeqaUcb
>
> ACRO9fj33bqs3GG0/W2okI=</ic:PPID></ic:ClientPseudonym></wst:RequestSecurityToken
> ></S:Body></S:Envelope>
>
>
> THE BAD REQUEST (FROM PROXY.TEST):
> ----------------------------------
>
> 11:58:33,011 DEBUG LogHelper.trace (71): Request: <S:Envelope xmlns:S="
> http://ww
> w.w3.org/2003/05/soap-envelope"><S:Header><Security xmlns="
> http://docs.oasis-ope
> n.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd"><wsu:Timestamp
> xml
> ns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utili
>
> ty-1.0.xsd"><wsu:Created>2010-01-20T16:58:32.862Z</wsu:Created><wsu:Expires>2010
> -01-27T16:58:32.862Z</wsu:Expires></wsu:Timestamp><wsse:UsernameToken
> xmlns:wsse
> ="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0
> .
> xsd"><wsse:Username>mbooth</wsse:Username><wsse:Password Type="
> http://docs.oasis
> -
> open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText
> ">
> mbooth</wsse:Password></wsse:UsernameToken></Security><To xmlns="
> http://www.w3.o
> rg/2005/08/addressing">https://localhost:9443/TokenService/services/Trust
> </To><A
> ction xmlns="http://www.w3.org/2005/08/addressing";>
> http://schemas.xmlsoap.org/ws
> /2005/02/trust/RST/Issue</Action><ReplyTo xmlns="
> http://www.w3.org/2005/08/addre
> ssing">
> <Address>http://www.w3.org/2005/08/addressing/anonymous</Address>
> </ReplyTo><MessageID xmlns="http://www.w3.org/2005/08/addressing
> ">uuid:c0d27080-
>
> e2de-4428-b294-505b4c5c85d2</MessageID></S:Header><S:Body><wst:RequestSecurityTo
> ken xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust"; xmlns:ns10="
> http://w
> ww.w3.org/2001/10/xml-exc-c14n#" xmlns:ns6="
> http://schemas.xmlsoap.org/ws/2006/0
> 2/addressingidentity" xmlns:ns7="http://www.w3.org/2000/09/xmldsig#";
> xmlns:wsa="
> http://www.w3.org/2005/08/addressing"; xmlns:wsp="
> http://schemas.xmlsoap.org/ws/2
> 004/09/policy" xmlns:wssc="http://schemas.xmlsoap.org/ws/2005/02/sc";
> xmlns:wsse=
> "
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.x
> sd" xmlns:wsu="
> http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurit
> y-utility-1.0.xsd"><wst:RequestType>
> http://schemas.xmlsoap.org/ws/2005/02/trust/
> Issue</wst:RequestType><InformationCardReference:InformationCardReference
> xmlns:
> InformationCardReference="http://schemas.xmlsoap.org/ws/2005/05/identity";
> xmlns=
> "http://schemas.xmlsoap.org/ws/2005/05/identity
> "><InformationCardReference:CardI
>
> d>urn:Sample-XML-File&cardid=mbooth-local-wednesday</InformationCardReferenc
>
> e:CardId><InformationCardReference:CardVersion>1</InformationCardReference:CardV
>
> ersion></InformationCardReference:InformationCardReference><ic:RequestDisplayTok
> en xmlns:ic="http://schemas.xmlsoap.org/ws/2005/05/identity";
> xml:lang="en-us"/><
>
> wst:TokenType/><wst:Claims/><wst:Lifetime><wsu:Created>2010-01-20T11:58:32.966Z<
>
> /wsu:Created><wsu:Expires>2010-01-21T11:58:32.966Z</wsu:Expires></wst:Lifetime><
> wst:KeyType>http://schemas.xmlsoap.org/ws/2005/05/identity/NoProofKey
> </wst:KeyTy
> pe><ic:ClientPseudonym xmlns:ic="
> http://schemas.xmlsoap.org/ws/2005/05/identity";
>
> ><ic:PPID>FDnw3jHirmTKn7byTvNx+1rGhEVE//3RYa+MSkUVvMk=</ic:PPID></ic:ClientPseud
> onym></wst:RequestSecurityToken></S:Body></S:Envelope>
>
> ______________________________________________________________________
> Disclaimer: This email message and any attachments are for the sole use of
> the intended recipient(s) and may contain information that is confidential,
> legally privileged or otherwise exempt from disclosure under applicable law.
> If you are not the intended recipient(s) or have received this message in
> error, you are instructed to immediately notify the sender by return email
> and required to delete this message from your computer system. This
> communication does not form any contractual obligation on behalf of the
> sender, the sender's employer or such employer's parent company, affiliates
> or subsidiaries.
>
> _______________________________________________
> higgins-dev mailing list
> [email protected]
> https://dev.eclipse.org/mailman/listinfo/higgins-dev
>
>
_______________________________________________
higgins-dev mailing list
[email protected]
https://dev.eclipse.org/mailman/listinfo/higgins-dev
