Hi,
I am new to CXF and am wondering if someone has any insight on how to add
saml 1.0 token using CXF. I tried creating a SAMLcallbackhandler, using
adding an wss4joutinterceptor with these properties.
org.apache.cxf.endpoint.Client client = ClientProxy.getClient(service);
org.apache.cxf.endpoint.Endpoint cxfEndpoint =
client.getEndpoint();
Map<String, Object> outProps = new HashMap<String, Object>();
// configure properties
outProps.put(WSHandlerConstants.ACTION,
WSHandlerConstants.SIGNATURE);
outProps.put(WSHandlerConstants.USER, KEY_ALIAS);
outProps.put(WSHandlerConstants.PW_CALLBACK_CLASS,
ClientCallbackHandler.class.getName());
outProps.put(WSHandlerConstants.SIG_PROP_FILE,
"client_sign.properties");
// outProps.put(WSHandlerConstants.SIG_ALGO,
// "http://www.w3c.org/2000/09/xmldsig#rsa-sha1";);
outProps.put(WSHandlerConstants.SIG_KEY_ID, "DirectReference");
outProps.put(WSHandlerConstants.SAML_CALLBACK_CLASS,
SAMLCallbackHandler.class.getName());
outProps.put(WSHandlerConstants.ACTION,
WSHandlerConstants.SAML_TOKEN_SIGNED);
outProps.put(WSHandlerConstants.SAML_PROP_FILE,
"saml.properties");
WSS4JOutInterceptor wssOut = new WSS4JOutInterceptor(outProps);
cxfEndpoint.getOutInterceptors().add(wssOut);
my saml.properties look like this
org.apache.ws.security.saml.issuer.cryptoProp.file=client_sign.properties
org.apache.ws.security.saml.issuer.key.name=myKey
org.apache.ws.security.saml.issuer.key.password=password
org.apache.ws.security.saml.issuer=CN=me, OU=CSD, O=some company, L=Los
angeles, ST=CA, C=US
org.apache.ws.security.saml.issuer.sendKeyValue=true
org.apache.ws.security.saml.issuer.signAssertion=true
org.apache.ws.security.saml.callback=client.SamlCallbackHandler
Right now I'm getting a nullpointerexception
java.lang.NullPointerException
at
org.apache.ws.security.saml.WSSecSignatureSAML.prepare(WSSecSignatureSAML.java:270)
at
org.apache.ws.security.saml.WSSecSignatureSAML.build(WSSecSignatureSAML.java:122)
at
org.apache.ws.security.action.SAMLTokenSignedAction.execute(SAMLTokenSignedAction.java:95)
at
org.apache.ws.security.handler.WSHandler.doSenderAction(WSHandler.java:202)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor.access$200(WSS4JOutInterceptor.java:52)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:260)
at
org.apache.cxf.ws.security.wss4j.WSS4JOutInterceptor$WSS4JOutInterceptorInternal.handleMessage(WSS4JOutInterceptor.java:136)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
at org.apache.cxf.endpoint.ClientImpl.doInvoke(ClientImpl.java:535)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:465)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:368)
at org.apache.cxf.endpoint.ClientImpl.invoke(ClientImpl.java:321)
at org.apache.cxf.frontend.ClientProxy.invokeSync(ClientProxy.java:88)
at
org.apache.cxf.jaxws.JaxWsClientProxy.invoke(JaxWsClientProxy.java:134)
at $Proxy30.getMap(Unknown Source)
at MapUser$1.run(MapUser.java:77)
at java.lang.Thread.run(Thread.java:662)
In my callbackhandler, I set the samlversion to 1.0 which I'm not sure will
even work.
Any suggestion is appreciated. Thanks.
Newbie
--
View this message in context:
http://cxf.547215.n5.nabble.com/cxf-and-saml1-0-tp5034076p5034076.html
Sent from the cxf-user mailing list archive at Nabble.com.
