Re: [Dev] Enabling security with user name token

2015-10-16 Thread Rajith Vitharana
Hi Hasintha,

What I'm saying is that Soap UI doesn't send basic auth header, we have to
manually add that.

Thanks,

On Fri, Oct 16, 2015 at 3:05 PM, Hasintha Indrajee 
wrote:

> Hi Rajith,
>
> Ideally even if you do not add authorization headers (xml), it should
> work. Ie POX handler converts basicAuth headers to xml security headers. In
> the current master branch of carbon-identity, this works as expected.
>
> On Fri, Oct 16, 2015 at 10:08 AM, Rajith Vitharana 
> wrote:
>
>> Hi Hasintha,
>>
>> I was able to resolve the error with help of ESB team, There was an error
>> in our deployment flow as well. How ever when we use Soap UI, it still
>> doesn't send the security headers itself, where as we have to manually add
>> the security header to the request
>>
>> This was working fine with earlier ESB versions (4.8.0 where security was
>> enabled via security management UI) the same flow doesn't work in ESB
>> 4.9.0. In DSS as well, this is the case now (have to add authorization
>> header manually).
>>
>> Soap UI version I'm using is 5.0.0
>>
>> Thanks,
>>
>> On Thu, Oct 15, 2015 at 2:45 PM, Hasintha Indrajee 
>> wrote:
>>
>>> Are you calling the service with security headers in the request it self
>>> ?.
>>>
>>> On Wed, Oct 14, 2015 at 8:37 PM, Rajith Vitharana 
>>> wrote:
>>>
 Hi Hasintha,

 We are using carbon-identity 4.5.6

 @Firzan we are using [1] as the policy file which contains the element
 you mentioned above.

 [1] -
 http://svn.wso2.org/repos/wso2/people/isuruu/qos/synapse-configs/default/local-entries/p1.xml

 Thanks,

 On Wed, Oct 14, 2015 at 5:12 PM, Hasintha Indrajee 
 wrote:

> Can you please tell me the carbon-identity version you are using ?
>
> On Wed, Oct 14, 2015 at 3:04 PM, Rajith Vitharana 
> wrote:
>
>> + Asela
>>
>> On Wed, Oct 14, 2015 at 1:13 PM, Rajith Vitharana 
>> wrote:
>>
>>> Hi,
>>>
>>> I have enabled security in DSS service specifying the policy file
>>> (roles included in the policy). But when invoking the service with 
>>> username
>>> password, it throws below exception.
>>>
>>> java.lang.ClassCastException:
>>> org.apache.axiom.om.impl.dom.ElementImpl cannot be cast to
>>> org.apache.axiom.soap.SOAPHeaderBlock
>>> at
>>> org.wso2.carbon.security.pox.POXSecurityHandler.isSOAPWithoutSecHeader(POXSecurityHandler.java:362)
>>> at
>>> org.wso2.carbon.security.pox.POXSecurityHandler.invoke(POXSecurityHandler.java:102)
>>> at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
>>> at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
>>> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261)
>>> at org.apache.axis2.engine.AxisEngine.sendFault(AxisEngine.java:515)
>>> at
>>> org.apache.axis2.transport.http.AxisServlet.handleFault(AxisServlet.java:433)
>>> at
>>> org.apache.axis2.transport.http.AxisServlet.processAxisFault(AxisServlet.java:398)
>>> at
>>> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:188)
>>> at
>>> org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
>>> at
>>> org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
>>> at
>>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
>>> at
>>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
>>> at
>>> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>>> at
>>> org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>>> at
>>> org.wso2.carbon.ui.filters.CSRFPreventionFilter.doFilter(CSRFPreventionFilter.java:88)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>>> at
>>> org.wso2.carbon.ui.filters.CRLFPreventionFilter.doFilter(CRLFPreventionFilter.java:59)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>>> at
>>> org.

Re: [Dev] Enabling security with user name token

2015-10-16 Thread Hasintha Indrajee
Hi Rajith,

Ideally even if you do not add authorization headers (xml), it should work.
Ie POX handler converts basicAuth headers to xml security headers. In the
current master branch of carbon-identity, this works as expected.

On Fri, Oct 16, 2015 at 10:08 AM, Rajith Vitharana  wrote:

> Hi Hasintha,
>
> I was able to resolve the error with help of ESB team, There was an error
> in our deployment flow as well. How ever when we use Soap UI, it still
> doesn't send the security headers itself, where as we have to manually add
> the security header to the request
>
> This was working fine with earlier ESB versions (4.8.0 where security was
> enabled via security management UI) the same flow doesn't work in ESB
> 4.9.0. In DSS as well, this is the case now (have to add authorization
> header manually).
>
> Soap UI version I'm using is 5.0.0
>
> Thanks,
>
> On Thu, Oct 15, 2015 at 2:45 PM, Hasintha Indrajee 
> wrote:
>
>> Are you calling the service with security headers in the request it self
>> ?.
>>
>> On Wed, Oct 14, 2015 at 8:37 PM, Rajith Vitharana 
>> wrote:
>>
>>> Hi Hasintha,
>>>
>>> We are using carbon-identity 4.5.6
>>>
>>> @Firzan we are using [1] as the policy file which contains the element
>>> you mentioned above.
>>>
>>> [1] -
>>> http://svn.wso2.org/repos/wso2/people/isuruu/qos/synapse-configs/default/local-entries/p1.xml
>>>
>>> Thanks,
>>>
>>> On Wed, Oct 14, 2015 at 5:12 PM, Hasintha Indrajee 
>>> wrote:
>>>
 Can you please tell me the carbon-identity version you are using ?

 On Wed, Oct 14, 2015 at 3:04 PM, Rajith Vitharana 
 wrote:

> + Asela
>
> On Wed, Oct 14, 2015 at 1:13 PM, Rajith Vitharana 
> wrote:
>
>> Hi,
>>
>> I have enabled security in DSS service specifying the policy file
>> (roles included in the policy). But when invoking the service with 
>> username
>> password, it throws below exception.
>>
>> java.lang.ClassCastException:
>> org.apache.axiom.om.impl.dom.ElementImpl cannot be cast to
>> org.apache.axiom.soap.SOAPHeaderBlock
>> at
>> org.wso2.carbon.security.pox.POXSecurityHandler.isSOAPWithoutSecHeader(POXSecurityHandler.java:362)
>> at
>> org.wso2.carbon.security.pox.POXSecurityHandler.invoke(POXSecurityHandler.java:102)
>> at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
>> at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
>> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261)
>> at org.apache.axis2.engine.AxisEngine.sendFault(AxisEngine.java:515)
>> at
>> org.apache.axis2.transport.http.AxisServlet.handleFault(AxisServlet.java:433)
>> at
>> org.apache.axis2.transport.http.AxisServlet.processAxisFault(AxisServlet.java:398)
>> at
>> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:188)
>> at
>> org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231)
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
>> at
>> org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
>> at
>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
>> at
>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
>> at
>> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>> at
>> org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>> at
>> org.wso2.carbon.ui.filters.CSRFPreventionFilter.doFilter(CSRFPreventionFilter.java:88)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>> at
>> org.wso2.carbon.ui.filters.CRLFPreventionFilter.doFilter(CRLFPreventionFilter.java:59)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>> at
>> org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java

Re: [Dev] Enabling security with user name token

2015-10-15 Thread Rajith Vitharana
Hi Hasintha,

I was able to resolve the error with help of ESB team, There was an error
in our deployment flow as well. How ever when we use Soap UI, it still
doesn't send the security headers itself, where as we have to manually add
the security header to the request

This was working fine with earlier ESB versions (4.8.0 where security was
enabled via security management UI) the same flow doesn't work in ESB
4.9.0. In DSS as well, this is the case now (have to add authorization
header manually).

Soap UI version I'm using is 5.0.0

Thanks,

On Thu, Oct 15, 2015 at 2:45 PM, Hasintha Indrajee 
wrote:

> Are you calling the service with security headers in the request it self
> ?.
>
> On Wed, Oct 14, 2015 at 8:37 PM, Rajith Vitharana 
> wrote:
>
>> Hi Hasintha,
>>
>> We are using carbon-identity 4.5.6
>>
>> @Firzan we are using [1] as the policy file which contains the element
>> you mentioned above.
>>
>> [1] -
>> http://svn.wso2.org/repos/wso2/people/isuruu/qos/synapse-configs/default/local-entries/p1.xml
>>
>> Thanks,
>>
>> On Wed, Oct 14, 2015 at 5:12 PM, Hasintha Indrajee 
>> wrote:
>>
>>> Can you please tell me the carbon-identity version you are using ?
>>>
>>> On Wed, Oct 14, 2015 at 3:04 PM, Rajith Vitharana 
>>> wrote:
>>>
 + Asela

 On Wed, Oct 14, 2015 at 1:13 PM, Rajith Vitharana 
 wrote:

> Hi,
>
> I have enabled security in DSS service specifying the policy file
> (roles included in the policy). But when invoking the service with 
> username
> password, it throws below exception.
>
> java.lang.ClassCastException: org.apache.axiom.om.impl.dom.ElementImpl
> cannot be cast to org.apache.axiom.soap.SOAPHeaderBlock
> at
> org.wso2.carbon.security.pox.POXSecurityHandler.isSOAPWithoutSecHeader(POXSecurityHandler.java:362)
> at
> org.wso2.carbon.security.pox.POXSecurityHandler.invoke(POXSecurityHandler.java:102)
> at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261)
> at org.apache.axis2.engine.AxisEngine.sendFault(AxisEngine.java:515)
> at
> org.apache.axis2.transport.http.AxisServlet.handleFault(AxisServlet.java:433)
> at
> org.apache.axis2.transport.http.AxisServlet.processAxisFault(AxisServlet.java:398)
> at
> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:188)
> at
> org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
> at
> org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
> at
> org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
> at
> org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
> at
> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
> at
> org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
> at
> org.wso2.carbon.ui.filters.CSRFPreventionFilter.doFilter(CSRFPreventionFilter.java:88)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
> at
> org.wso2.carbon.ui.filters.CRLFPreventionFilter.doFilter(CRLFPreventionFilter.java:59)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
> at
> org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
> at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
> at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
> at
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)
> at
>

Re: [Dev] Enabling security with user name token

2015-10-15 Thread Hasintha Indrajee
Are you calling the service with security headers in the request it self ?.

On Wed, Oct 14, 2015 at 8:37 PM, Rajith Vitharana  wrote:

> Hi Hasintha,
>
> We are using carbon-identity 4.5.6
>
> @Firzan we are using [1] as the policy file which contains the element you
> mentioned above.
>
> [1] -
> http://svn.wso2.org/repos/wso2/people/isuruu/qos/synapse-configs/default/local-entries/p1.xml
>
> Thanks,
>
> On Wed, Oct 14, 2015 at 5:12 PM, Hasintha Indrajee 
> wrote:
>
>> Can you please tell me the carbon-identity version you are using ?
>>
>> On Wed, Oct 14, 2015 at 3:04 PM, Rajith Vitharana 
>> wrote:
>>
>>> + Asela
>>>
>>> On Wed, Oct 14, 2015 at 1:13 PM, Rajith Vitharana 
>>> wrote:
>>>
 Hi,

 I have enabled security in DSS service specifying the policy file
 (roles included in the policy). But when invoking the service with username
 password, it throws below exception.

 java.lang.ClassCastException: org.apache.axiom.om.impl.dom.ElementImpl
 cannot be cast to org.apache.axiom.soap.SOAPHeaderBlock
 at
 org.wso2.carbon.security.pox.POXSecurityHandler.isSOAPWithoutSecHeader(POXSecurityHandler.java:362)
 at
 org.wso2.carbon.security.pox.POXSecurityHandler.invoke(POXSecurityHandler.java:102)
 at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
 at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
 at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261)
 at org.apache.axis2.engine.AxisEngine.sendFault(AxisEngine.java:515)
 at
 org.apache.axis2.transport.http.AxisServlet.handleFault(AxisServlet.java:433)
 at
 org.apache.axis2.transport.http.AxisServlet.processAxisFault(AxisServlet.java:398)
 at
 org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:188)
 at
 org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231)
 at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
 at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
 at
 org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
 at
 org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
 at
 org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
 at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
 at
 org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
 at
 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
 at
 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
 at
 org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
 at
 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
 at
 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
 at
 org.wso2.carbon.ui.filters.CSRFPreventionFilter.doFilter(CSRFPreventionFilter.java:88)
 at
 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
 at
 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
 at
 org.wso2.carbon.ui.filters.CRLFPreventionFilter.doFilter(CRLFPreventionFilter.java:59)
 at
 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
 at
 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
 at
 org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
 at
 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
 at
 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
 at
 org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
 at
 org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
 at
 org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)
 at
 org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
 at
 org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
 at
 org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
 at
 org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
 at
 org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57)
 at
 org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
 at
 org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
 at
 org.wso2.carbon.tomcat.ex

Re: [Dev] Enabling security with user name token

2015-10-14 Thread Rajith Vitharana
Hi Hasintha,

We are using carbon-identity 4.5.6

@Firzan we are using [1] as the policy file which contains the element you
mentioned above.

[1] -
http://svn.wso2.org/repos/wso2/people/isuruu/qos/synapse-configs/default/local-entries/p1.xml

Thanks,

On Wed, Oct 14, 2015 at 5:12 PM, Hasintha Indrajee 
wrote:

> Can you please tell me the carbon-identity version you are using ?
>
> On Wed, Oct 14, 2015 at 3:04 PM, Rajith Vitharana 
> wrote:
>
>> + Asela
>>
>> On Wed, Oct 14, 2015 at 1:13 PM, Rajith Vitharana 
>> wrote:
>>
>>> Hi,
>>>
>>> I have enabled security in DSS service specifying the policy file (roles
>>> included in the policy). But when invoking the service with username
>>> password, it throws below exception.
>>>
>>> java.lang.ClassCastException: org.apache.axiom.om.impl.dom.ElementImpl
>>> cannot be cast to org.apache.axiom.soap.SOAPHeaderBlock
>>> at
>>> org.wso2.carbon.security.pox.POXSecurityHandler.isSOAPWithoutSecHeader(POXSecurityHandler.java:362)
>>> at
>>> org.wso2.carbon.security.pox.POXSecurityHandler.invoke(POXSecurityHandler.java:102)
>>> at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
>>> at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
>>> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261)
>>> at org.apache.axis2.engine.AxisEngine.sendFault(AxisEngine.java:515)
>>> at
>>> org.apache.axis2.transport.http.AxisServlet.handleFault(AxisServlet.java:433)
>>> at
>>> org.apache.axis2.transport.http.AxisServlet.processAxisFault(AxisServlet.java:398)
>>> at
>>> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:188)
>>> at
>>> org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
>>> at
>>> org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
>>> at
>>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
>>> at
>>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
>>> at
>>> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>>> at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>>> at
>>> org.wso2.carbon.ui.filters.CSRFPreventionFilter.doFilter(CSRFPreventionFilter.java:88)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>>> at
>>> org.wso2.carbon.ui.filters.CRLFPreventionFilter.doFilter(CRLFPreventionFilter.java:59)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>>> at
>>> org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>>> at
>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
>>> at
>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
>>> at
>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)
>>> at
>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
>>> at
>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
>>> at
>>> org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
>>> at
>>> org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
>>> at
>>> org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57)
>>> at
>>> org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
>>> at
>>> org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
>>> at
>>> org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159)
>>> at
>>> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
>>> at
>>> org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(Carbon

Re: [Dev] Enabling security with user name token

2015-10-14 Thread Firzhan Naqash
Hi Rajith,

This is related to permission issue from your policy file.

We also encountered same issue some times ago and later figured out we were
missing the following configuration in the policy file

 http://www.wso2.org/products/carbon/security";>

admin,sys-admin





Regards,
Firzhan


-- 
*Firzhan Naqash*
Senior Software Engineer - Integration Platform Team
WSO2 Inc. http://wso2.com

email: firz...@wso2.com 
mobile: (+94) 77 9785674 <%28%2B94%29%2071%205247551>*|
blog: http://firzhanblogger.blogspot.com/
  *
*twitter: https://twitter.com/firzhan007  |
linked-in: **https://www.linkedin.com/in/firzhan
*

On Wed, Oct 14, 2015 at 5:12 PM, Hasintha Indrajee 
wrote:

> Can you please tell me the carbon-identity version you are using ?
>
> On Wed, Oct 14, 2015 at 3:04 PM, Rajith Vitharana 
> wrote:
>
>> + Asela
>>
>> On Wed, Oct 14, 2015 at 1:13 PM, Rajith Vitharana 
>> wrote:
>>
>>> Hi,
>>>
>>> I have enabled security in DSS service specifying the policy file (roles
>>> included in the policy). But when invoking the service with username
>>> password, it throws below exception.
>>>
>>> java.lang.ClassCastException: org.apache.axiom.om.impl.dom.ElementImpl
>>> cannot be cast to org.apache.axiom.soap.SOAPHeaderBlock
>>> at
>>> org.wso2.carbon.security.pox.POXSecurityHandler.isSOAPWithoutSecHeader(POXSecurityHandler.java:362)
>>> at
>>> org.wso2.carbon.security.pox.POXSecurityHandler.invoke(POXSecurityHandler.java:102)
>>> at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
>>> at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
>>> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261)
>>> at org.apache.axis2.engine.AxisEngine.sendFault(AxisEngine.java:515)
>>> at
>>> org.apache.axis2.transport.http.AxisServlet.handleFault(AxisServlet.java:433)
>>> at
>>> org.apache.axis2.transport.http.AxisServlet.processAxisFault(AxisServlet.java:398)
>>> at
>>> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:188)
>>> at
>>> org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
>>> at
>>> org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
>>> at
>>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
>>> at
>>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
>>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
>>> at
>>> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>>> at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>>> at
>>> org.wso2.carbon.ui.filters.CSRFPreventionFilter.doFilter(CSRFPreventionFilter.java:88)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>>> at
>>> org.wso2.carbon.ui.filters.CRLFPreventionFilter.doFilter(CRLFPreventionFilter.java:59)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>>> at
>>> org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>>> at
>>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>>> at
>>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
>>> at
>>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
>>> at
>>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)
>>> at
>>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
>>> at
>>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
>>> at
>>> org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
>>> at
>>> org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
>>> a

Re: [Dev] Enabling security with user name token

2015-10-14 Thread Hasintha Indrajee
Can you please tell me the carbon-identity version you are using ?

On Wed, Oct 14, 2015 at 3:04 PM, Rajith Vitharana  wrote:

> + Asela
>
> On Wed, Oct 14, 2015 at 1:13 PM, Rajith Vitharana 
> wrote:
>
>> Hi,
>>
>> I have enabled security in DSS service specifying the policy file (roles
>> included in the policy). But when invoking the service with username
>> password, it throws below exception.
>>
>> java.lang.ClassCastException: org.apache.axiom.om.impl.dom.ElementImpl
>> cannot be cast to org.apache.axiom.soap.SOAPHeaderBlock
>> at
>> org.wso2.carbon.security.pox.POXSecurityHandler.isSOAPWithoutSecHeader(POXSecurityHandler.java:362)
>> at
>> org.wso2.carbon.security.pox.POXSecurityHandler.invoke(POXSecurityHandler.java:102)
>> at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
>> at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
>> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261)
>> at org.apache.axis2.engine.AxisEngine.sendFault(AxisEngine.java:515)
>> at
>> org.apache.axis2.transport.http.AxisServlet.handleFault(AxisServlet.java:433)
>> at
>> org.apache.axis2.transport.http.AxisServlet.processAxisFault(AxisServlet.java:398)
>> at
>> org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:188)
>> at
>> org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231)
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
>> at
>> org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
>> at
>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
>> at
>> org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
>> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
>> at
>> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>> at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>> at
>> org.wso2.carbon.ui.filters.CSRFPreventionFilter.doFilter(CSRFPreventionFilter.java:88)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>> at
>> org.wso2.carbon.ui.filters.CRLFPreventionFilter.doFilter(CRLFPreventionFilter.java:59)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>> at
>> org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
>> at
>> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
>> at
>> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
>> at
>> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
>> at
>> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)
>> at
>> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
>> at
>> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
>> at
>> org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
>> at
>> org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
>> at
>> org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57)
>> at
>> org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
>> at
>> org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
>> at
>> org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159)
>> at
>> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
>> at
>> org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57)
>> at
>> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
>> at
>> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421)
>> at
>> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1074)
>> at
>> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611)
>> 

Re: [Dev] Enabling security with user name token

2015-10-14 Thread Rajith Vitharana
+ Asela

On Wed, Oct 14, 2015 at 1:13 PM, Rajith Vitharana  wrote:

> Hi,
>
> I have enabled security in DSS service specifying the policy file (roles
> included in the policy). But when invoking the service with username
> password, it throws below exception.
>
> java.lang.ClassCastException: org.apache.axiom.om.impl.dom.ElementImpl
> cannot be cast to org.apache.axiom.soap.SOAPHeaderBlock
> at
> org.wso2.carbon.security.pox.POXSecurityHandler.isSOAPWithoutSecHeader(POXSecurityHandler.java:362)
> at
> org.wso2.carbon.security.pox.POXSecurityHandler.invoke(POXSecurityHandler.java:102)
> at org.apache.axis2.engine.Phase.invokeHandler(Phase.java:340)
> at org.apache.axis2.engine.Phase.invoke(Phase.java:313)
> at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:261)
> at org.apache.axis2.engine.AxisEngine.sendFault(AxisEngine.java:515)
> at
> org.apache.axis2.transport.http.AxisServlet.handleFault(AxisServlet.java:433)
> at
> org.apache.axis2.transport.http.AxisServlet.processAxisFault(AxisServlet.java:398)
> at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:188)
> at
> org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:646)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
> at
> org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61)
> at
> org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128)
> at
> org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68)
> at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
> at
> org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
> at org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
> at
> org.wso2.carbon.ui.filters.CSRFPreventionFilter.doFilter(CSRFPreventionFilter.java:88)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
> at
> org.wso2.carbon.ui.filters.CRLFPreventionFilter.doFilter(CRLFPreventionFilter.java:59)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
> at
> org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61)
> at
> org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241)
> at
> org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208)
> at
> org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:220)
> at
> org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122)
> at
> org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:504)
> at
> org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:170)
> at
> org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103)
> at
> org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99)
> at
> org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve$1.invoke(CarbonTomcatValve.java:47)
> at
> org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57)
> at
> org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47)
> at
> org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62)
> at
> org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159)
> at
> org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:950)
> at
> org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57)
> at
> org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116)
> at
> org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:421)
> at
> org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1074)
> at
> org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:611)
> at
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.doRun(NioEndpoint.java:1739)
> at
> org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1698)
> at
> java.util.concurrent.ThreadPoolExecutor.runWorker