Hi, I am new to CXF and am wondering if someone has any insight on how to add saml 1.0 token using CXF. I tried creating a SAMLcallbackhandler, using adding an wss4joutinterceptor with these properties.
org.apache.cxf.endpoint.Client client = ClientProxy.getClient(service); org.apache.cxf.endpoint.Endpoint cxfEndpoint = client.getEndpoint(); Map<String, Object> outProps = new HashMap<String, Object>(); // configure properties outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.SIGNATURE); outProps.put(WSHandlerConstants.USER, KEY_ALIAS); outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS, ClientCallbackHandler.class.getName()); outProps.put(WSHandlerConstants.SIG_PROP_FILE, "client_sign.properties"); // outProps.put(WSHandlerConstants.SIG_ALGO, // "http://www.w3c.org/2000/09/xmldsig#rsa-sha1"); outProps.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference"); outProps.put(WSHandlerConstants.SAML_CALLBACK_CLASS, SAMLCallbackHandler.class.getName()); outProps.put(WSHandlerConstants.ACTION, WSHandlerConstants.SAML_TOKEN_SIGNED); outProps.put(WSHandlerConstants.SAML_PROP_FILE, "saml.properties"); WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps); cxfEndpoint.getOutInterceptors().add(wssOut); my saml.properties look like this org.apache.ws.security.saml.issuer.cryptoProp.file=client_sign.properties org.apache.ws.security.saml.issuer.key.name=myKey org.apache.ws.security.saml.issuer.key.password=password org.apache.ws.security.saml.issuer=CN=me, OU=CSD, O=some company, L=Los angeles, ST=CA, C=US org.apache.ws.security.saml.issuer.sendKeyValue=true org.apache.ws.security.saml.issuer.signAssertion=true org.apache.ws.security.saml.callback=client.SamlCallbackHandler Right now I'm getting a nullpointerexception java.lang.NullPointerException at org.apache.ws.security.saml.WSSecSignatureSAML.prepare(WSSecSignatureSAML.java:270) at org.apache.ws.security.saml.WSSecSignatureSAML.build(WSSecSignatureSAML.java:122) at org.apache.ws.security.action.SAMLTokenSignedAction.execute(SAMLTokenSignedAction.java:95) at org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:202) at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:52) at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:260) at org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:136) at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263) at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:535) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:465) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:368) at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:321) at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:88) at org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134) at $Proxy30.getMap(Unknown Source) at MapUser$1.run(MapUser.java:77) at java.lang.Thread.run(Thread.java:662) In my callbackhandler, I set the samlversion to 1.0 which I'm not sure will even work. Any suggestion is appreciated. Thanks. Newbie -- View this message in context: http://cxf.547215.n5.nabble.com/cxf-and-saml1-0-tp5034076p5034076.html Sent from the cxf-user mailing list archive at Nabble.com.