Try removing the "SecurityTokenReference" wrapping from the SecurityContextToken.
Colm. On Thu, Oct 23, 2014 at 1:24 PM, SRog <[email protected]> wrote: > Hi, > I got a problem in validating the SCT I got from the STS. > The SCT has a format like this: > > <RequestSecurityTokenResponse > xmlns="http://docs.oasis-open.org/ws-sx/ws-trust/200512"; > xmlns:ns2=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd > " > xmlns:ns3=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd > " > xmlns:ns4="http://www.w3.org/2005/08/addressing"; > xmlns:ns5="http://docs.oasis-open.org/ws-sx/ws-trust/200802";> > <TokenType>http://schemas.xmlsoap.org/ws/2005/02/sc/sct > </TokenType> > <RequestedSecurityToken> > <wsc:SecurityContextToken > wsu:Id="sctId-F74AD7B5D8F0C5CC4E14140632571798" > xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc"; > xmlns:wsu=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd > "> > > <wsc:Identifier>bipro:F74AD7B5D8F0C5CC4E14140632571797</wsc:Identifier> > </wsc:SecurityContextToken> > </RequestedSecurityToken> > <Lifetime> > <ns2:Created>2014-10-23T11:21:13.852Z</ns2:Created> > <ns2:Expires>2014-10-23T11:51:13.852Z</ns2:Expires> > </Lifetime> > </RequestSecurityTokenResponse> > > Now I would like to call the STS to validate this token an get the status. > My request to STS include the whole token. > > <soap:Envelope xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"; > xmlns:wst="http://schemas.xmlsoap.org/ws/2005/02/trust"; > xmlns:wsse=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-secext-1.0.xsd > "> > <soap:Header/> > <soap:Body> > <wst:RequestSecurityToken > xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512";> > > <wst:RequestType>http://docs.oasis-open.org/ws-sx/ws-trust/200512/Validate > </wst:RequestType> > <wst:ValidateTarget> > <wsse:SecurityTokenReference> > <wsc:SecurityContextToken > wsu:Id="sctId-F74AD7B5D8F0C5CC4E14140632571798" > xmlns:wsc="http://schemas.xmlsoap.org/ws/2005/02/sc"; > xmlns:wsu=" > http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-wssecurity-utility-1.0.xsd > "> > > <wsc:Identifier>bipro:F74AD7B5D8F0C5CC4E14140632571797</wsc:Identifier> > </wsc:SecurityContextToken> > </wsse:SecurityTokenReference> > </wst:ValidateTarget> > > <wst:TokenType> > http://docs.oasis-open.org/ws-sx/ws-trust/200512/RSTR/Status > </wst:TokenType> > </wst:RequestSecurityToken> > <soap:Body> > </soap:Envelope> > > I got the error-message "*org.apache.xerces.dom.ElementNSImpl cannot be > cast > to javax.xml.bind.JAXBElement*" which is thrown in RequestParser, while > cast > requestObject to org.w3c.dom.Element. > > Is ther someone who could show me a correkt validate request or give me a > advice how to fix this. > > Thanks, > SRog > > > > > -- > View this message in context: > http://cxf.547215.n5.nabble.com/Validation-of-SCT-on-STS-tp5750228.html > Sent from the cxf-user mailing list archive at Nabble.com. > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
