Are you sure that the private key is in "truststore_dev.jks"? It seems unusual to store a private key in a file called "truststore". If you do a keytool -list -keystore truststore_dev.jks -v, compare the issuer + serial no. to the X509Data structure received in the message from the IdP.
Colm. On Fri, Mar 13, 2015 at 1:19 AM, Vishnu Radhakrishnan <vis...@10point1.com> wrote: > Hey Guys, > > The IDP team was not very helpful they are microsoft shop and don¹t even > know how things work. All they pretty much have to do is check boxes and > everything magically works. I am kind of stuck without progress. > > I am trying to log the soap messages the logging is also not working. The > certificate fingerprints match but for some reason it still errors out. > The IDP team is able to consume the same token from their end. > > If I can get working fediz.xml file it would be great I could compare it > with mine and learn from it. > > log4j config > > <appender name="WS_LOG_FILE" > class="ch.qos.logback.core.rolling.RollingFileAppender"> > <param name="file" value="ws.log"/> > <rollingPolicy > class="ch.qos.logback.core.rolling.TimeBasedRollingPolicy"> > <param name="fileNamePattern" value="ws.log.%d{yyyy-MM-dd}.log"/> > > </rollingPolicy> > > </appender> > > <!-- LOGGERS --> > <logger name="info.source4code.soap.http.cxf"> > <level value="DEBUG"/> > </logger> > > <logger name="org.springframework"> > <level value="DEBUG"/> > </logger> > <logger name="org.apache.cxf"> > <level value="DEBUG"/> > </logger> > <!-- level INFO needed to log SOAP messages --> > <logger name="org.apache.cxf.services" > additivity="false"> > <level value="DEBUG"/> > <!-- specify a dedicated appender for the SOAP messages --> > <appender-ref ref="WS_LOG_FILE"/> > </logger> > > > ---------------------- > I tried an interceptor doesn¹t seem to help either. > public class CustomSoapMessageLogger extends AbstractSoapInterceptor { > > > > > private static final Log LOG = > LogFactory.getLog(CustomSoapMessageLogger.class); > > > public CustomSoapMessageLogger(){ > > // set phase here > //super(Phase.PRE_PROTOCOL); > super(Phase.RECEIVE); > } > @Override > public void handleMessage(SoapMessage message) throws Fault { > Fault fault = null; > String soapMessage = null; > > StringBuilder strMessage = null; > HttpServletRequest httpRequest = (HttpServletRequest) > message.get(AbstractHTTPDestination.HTTP_REQUEST); > if (httpRequest != null) { > > > InputStream ist = message.getContent(InputStream.class); > if (ist != null) { > CachedOutputStream bos = new CachedOutputStream(); > try { > IOUtils.copy(ist, bos); > > bos.flush(); > ist.close(); > message.setContent(InputStream.class, > bos.getInputStream()); > soapMessage = new String(bos.getBytes());//this > soap message is what you want > bos.close(); > > LOG.debug("Soap Message: ---------->" + > soapMessage==null?"null":soapMessage); > LOG.debug("String Request: ---------->" + > soapMessage); > > > } catch (IOException e) { > throw new Fault(e); > } > } > > > > } > } > > } > > > > ‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹ > Error log > > > 20:58:56,264 DEBUG > [org.springframework.security.authentication.ProviderManager] > (http--0.0.0.0-8080-1) Authentication attempt using > com.w1.auth.sso.FedizAuthenticationProvider > 20:58:56,267 DEBUG [org.apache.cxf.fediz.spring.FederationConfigImpl] > (http--0.0.0.0-8080-1) Reading federation configuration for context > '/instreamdev' > 20:58:56,271 DEBUG [org.apache.cxf.fediz.core.FederationProcessorImpl] > (http--0.0.0.0-8080-1) RST: [xenc:EncryptedData: null] > 20:58:56,273 DEBUG [org.apache.cxf.fediz.core.FederationProcessorImpl] > (http--0.0.0.0-8080-1) Lifetime: [trust:Lifetime: null] > 20:58:56,275 DEBUG [org.apache.cxf.fediz.core.FederationProcessorImpl] > (http--0.0.0.0-8080-1) Tokentype: urn:oasis:names:tc:SAML:1.0:assertion > 20:58:56,284 DEBUG [org.apache.ws.security.util.Loader] > (http--0.0.0.0-8080-1) Trying to find [truststore_dev.jks] using > ModuleClassLoader for Module "deployment.instreamdev.war:main" from > Service Module Loader class loader. > 20:58:56,311 DEBUG [org.apache.ws.security.components.crypto.Merlin] > (http--0.0.0.0-8080-1) The KeyStore truststore_dev.jks of type JKS has > been loaded > 20:58:56,316 DEBUG > [org.apache.ws.security.processor.EncryptedDataProcessor] > (http--0.0.0.0-8080-1) Found EncryptedData element > 20:58:56,322 DEBUG [org.apache.ws.security.processor.X509Util] > (http--0.0.0.0-8080-1) Sym Enc Algo: > http://www.w3.org/2001/04/xmlenc#aes256-cbc > 20:58:56,325 DEBUG > [org.apache.ws.security.processor.EncryptedKeyProcessor] > (http--0.0.0.0-8080-1) Found encrypted key element > 20:58:56,327 DEBUG [org.apache.ws.security.processor.X509Util] > (http--0.0.0.0-8080-1) Sym Enc Algo: > http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p > 20:58:56,330 DEBUG [org.apache.xml.security.algorithms.JCEMapper] > (http--0.0.0.0-8080-1) Request for URI > http://www.w3.org/2001/04/xmlenc#rsa-oaep-mgf1p > 20:58:56,347 DEBUG [org.apache.cxf.fediz.core.FederationProcessorImpl] > (http--0.0.0.0-8080-1) General security error (No certificates were found > for decryption (KeyId)): org.apache.ws.security.WSSecurityException: > General security error (No certificates were found for decryption (KeyId)) > at > org.apache.ws.security.processor.EncryptedKeyProcessor.getCertificatesFromE > ncryptedKey(EncryptedKeyProcessor.java:325) [wss4j-1.6.17.jar:1.6.17] > at > org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(Encrypte > dKeyProcessor.java:127) [wss4j-1.6.17.jar:1.6.17] > at > org.apache.ws.security.processor.EncryptedKeyProcessor.handleToken(Encrypte > dKeyProcessor.java:66) [wss4j-1.6.17.jar:1.6.17] > at > org.apache.ws.security.processor.EncryptedDataProcessor.handleToken(Encrypt > edDataProcessor.java:113) [wss4j-1.6.17.jar:1.6.17] > at > org.apache.cxf.fediz.core.FederationProcessorImpl.decryptEncryptedRST(Feder > ationProcessorImpl.java:292) [fediz-core-1.1.2.jar:1.1.2] > at > org.apache.cxf.fediz.core.FederationProcessorImpl.processSignInRequest(Fede > rationProcessorImpl.java:188) [fediz-core-1.1.2.jar:1.1.2] > at > org.apache.cxf.fediz.core.FederationProcessorImpl.processRequest(Federation > ProcessorImpl.java:98) [fediz-core-1.1.2.jar:1.1.2] > at > org.apache.cxf.fediz.spring.authentication.FederationAuthenticationProvider > .authenticateNow(FederationAuthenticationProvider.java:121) > [fediz-spring-1.1.2.jar:1.1.2] > at > org.apache.cxf.fediz.spring.authentication.FederationAuthenticationProvider > .authenticate(FederationAuthenticationProvider.java:109) > [fediz-spring-1.1.2.jar:1.1.2] > at > com.w1.auth.sso.FedizAuthenticationProvider.authenticate(FedizAuthenticatio > nProvider.java:20) [classes:] > at > org.springframework.security.authentication.ProviderManager.authenticate(Pr > oviderManager.java:156) > [spring-security-core-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.apache.cxf.fediz.spring.web.FederationAuthenticationFilter.attemptAuthe > ntication(FederationAuthenticationFilter.java:62) > [fediz-spring-1.1.2.jar:1.1.2] > at > com.w1.auth.sso.InstreamFederationAuthenticationFilter.attemptAuthenticatio > n(InstreamFederationAuthenticationFilter.java:27) [classes:] > at > org.springframework.security.web.authentication.AbstractAuthenticationProce > ssingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:195) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > com.w1.auth.sso.DelegatingAuthenticationProcessingFilter.doFilter(Delegatin > gAuthenticationProcessingFilter.java:42) [classes:] > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilt > er(FilterChainProxy.java:342) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.context.SecurityContextPersistenceFilter.d > oFilter(SecurityContextPersistenceFilter.java:65) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilt > er(FilterChainProxy.java:342) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterCh > ainProxy.java:192) [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy > .java:166) [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.config.debug.DebugFilter.doFilter(DebugFilter. > java:60) [spring-security-config-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(Delegat > ingFilterProxy.java:237) [spring-web-3.0.6.RELEASE.jar:3.0.6.RELEASE] > at > org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFil > terProxy.java:167) [spring-web-3.0.6.RELEASE.jar:3.0.6.RELEASE] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicatio > nFilterChain.java:280) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterC > hain.java:248) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher > .java:734) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDi > spatcher.java:541) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatc > her.java:479) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatche > r.java:407) [jbossweb-7.0.10.Final.jar:] > at > com.w1.auth.sso.AutenticationResource.federationLogout(AutenticationResourc > e.java:188) [classes:] > at > com.w1.auth.sso.AutenticationResource$Proxy$_$$_WeldClientProxy.federationL > ogout(AutenticationResource$Proxy$_$$_WeldClientProxy.java) [classes:] > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > [rt.jar:1.7.0_71] > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:5 > 7) [rt.jar:1.7.0_71] > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImp > l.java:43) [rt.jar:1.7.0_71] > at java.lang.reflect.Method.invoke(Method.java:606) > [rt.jar:1.7.0_71] > at > org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:1 > 55) [resteasy-jaxrs-2.3.1.GA.jar:] > at > org.jboss.resteasy.core.ResourceMethod.invokeOnTarget(ResourceMethod.java:2 > 57) [resteasy-jaxrs-2.3.1.GA.jar:] > at > org.jboss.resteasy.core.ResourceMethod.invoke(ResourceMethod.java:222) > [resteasy-jaxrs-2.3.1.GA.jar:] > at > org.jboss.resteasy.core.ResourceMethod.invoke(ResourceMethod.java:211) > [resteasy-jaxrs-2.3.1.GA.jar:] > at > org.jboss.resteasy.core.SynchronousDispatcher.getResponse(SynchronousDispat > cher.java:525) [resteasy-jaxrs-2.3.1.GA.jar:] > at > org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher. > java:502) [resteasy-jaxrs-2.3.1.GA.jar:] > at > org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher. > java:119) [resteasy-jaxrs-2.3.1.GA.jar:] > at > org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.servic > e(ServletContainerDispatcher.java:208) [resteasy-jaxrs-2.3.1.GA.jar:] > at > org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(Htt > pServletDispatcher.java:55) [resteasy-jaxrs-2.3.1.GA.jar:] > at > org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(Htt > pServletDispatcher.java:50) [resteasy-jaxrs-2.3.1.GA.jar:] > at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) > [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicatio > nFilterChain.java:329) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterC > hain.java:248) [jbossweb-7.0.10.Final.jar:] > at > org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationP > ropagationFilter.java:62) [weld-core-1.1.5.AS71.Final.jar:2012-02-10 15:31] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicatio > nFilterChain.java:280) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterC > hain.java:248) [jbossweb-7.0.10.Final.jar:] > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilt > er(FilterChainProxy.java:330) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.access.intercept.FilterSecurityInterceptor > .invoke(FilterSecurityInterceptor.java:118) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.access.intercept.FilterSecurityInterceptor > .doFilter(FilterSecurityInterceptor.java:84) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilt > er(FilterChainProxy.java:342) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.access.ExceptionTranslationFilter.doFilter > (ExceptionTranslationFilter.java:113) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilt > er(FilterChainProxy.java:342) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.session.SessionManagementFilter.doFilter(S > essionManagementFilter.java:103) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilt > er(FilterChainProxy.java:342) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.authentication.AnonymousAuthenticationFilt > er.doFilter(AnonymousAuthenticationFilter.java:113) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilt > er(FilterChainProxy.java:342) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.servletapi.SecurityContextHolderAwareReque > stFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilt > er(FilterChainProxy.java:342) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFil > ter(RequestCacheAwareFilter.java:45) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilt > er(FilterChainProxy.java:342) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.authentication.AbstractAuthenticationProce > ssingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:183) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > com.w1.auth.sso.DelegatingAuthenticationProcessingFilter.doFilter(Delegatin > gAuthenticationProcessingFilter.java:42) [classes:] > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilt > er(FilterChainProxy.java:342) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.context.SecurityContextPersistenceFilter.d > oFilter(SecurityContextPersistenceFilter.java:87) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilt > er(FilterChainProxy.java:342) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterCh > ainProxy.java:192) [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy > .java:160) [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.config.debug.DebugFilter.invokeWithWrappedRequ > est(DebugFilter.java:69) > [spring-security-config-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.config.debug.DebugFilter.doFilter(DebugFilter. > java:58) [spring-security-config-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(Delegat > ingFilterProxy.java:237) [spring-web-3.0.6.RELEASE.jar:3.0.6.RELEASE] > at > org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFil > terProxy.java:167) [spring-web-3.0.6.RELEASE.jar:3.0.6.RELEASE] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicatio > nFilterChain.java:280) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterC > hain.java:248) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.j > ava:275) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.j > ava:161) [jbossweb-7.0.10.Final.jar:] > at > org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityCo > ntextAssociationValve.java:154) [jboss-as-web-7.1.0.Final.jar:7.1.0.Final] > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:15 > 5) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:10 > 2) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.jav > a:109) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) > [jbossweb-7.0.10.Final.jar:] > at > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) > [jbossweb-7.0.10.Final.jar:] > at > org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Htt > p11Protocol.java:671) [jbossweb-7.0.10.Final.jar:] > at > org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) > [jbossweb-7.0.10.Final.jar:] > at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_71] > > > 20:58:56,621 ERROR > [org.apache.cxf.fediz.spring.authentication.FederationAuthenticationProvide > r] (http--0.0.0.0-8080-1) Failed to validate SignIn request: > org.apache.cxf.fediz.core.exception.ProcessingException: Security token > has been revoked > at > org.apache.cxf.fediz.core.FederationProcessorImpl.decryptEncryptedRST(Feder > ationProcessorImpl.java:304) [fediz-core-1.1.2.jar:1.1.2] > at > org.apache.cxf.fediz.core.FederationProcessorImpl.processSignInRequest(Fede > rationProcessorImpl.java:188) [fediz-core-1.1.2.jar:1.1.2] > at > org.apache.cxf.fediz.core.FederationProcessorImpl.processRequest(Federation > ProcessorImpl.java:98) [fediz-core-1.1.2.jar:1.1.2] > at > org.apache.cxf.fediz.spring.authentication.FederationAuthenticationProvider > .authenticateNow(FederationAuthenticationProvider.java:121) > [fediz-spring-1.1.2.jar:1.1.2] > at > org.apache.cxf.fediz.spring.authentication.FederationAuthenticationProvider > .authenticate(FederationAuthenticationProvider.java:109) > [fediz-spring-1.1.2.jar:1.1.2] > at > com.w1.auth.sso.FedizAuthenticationProvider.authenticate(FedizAuthenticatio > nProvider.java:20) [classes:] > at > org.springframework.security.authentication.ProviderManager.authenticate(Pr > oviderManager.java:156) > [spring-security-core-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.apache.cxf.fediz.spring.web.FederationAuthenticationFilter.attemptAuthe > ntication(FederationAuthenticationFilter.java:62) > [fediz-spring-1.1.2.jar:1.1.2] > at > com.w1.auth.sso.InstreamFederationAuthenticationFilter.attemptAuthenticatio > n(InstreamFederationAuthenticationFilter.java:27) [classes:] > at > org.springframework.security.web.authentication.AbstractAuthenticationProce > ssingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:195) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > com.w1.auth.sso.DelegatingAuthenticationProcessingFilter.doFilter(Delegatin > gAuthenticationProcessingFilter.java:42) [classes:] > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilt > er(FilterChainProxy.java:342) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.context.SecurityContextPersistenceFilter.d > oFilter(SecurityContextPersistenceFilter.java:65) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilt > er(FilterChainProxy.java:342) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterCh > ainProxy.java:192) [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy > .java:166) [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.config.debug.DebugFilter.doFilter(DebugFilter. > java:60) [spring-security-config-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(Delegat > ingFilterProxy.java:237) [spring-web-3.0.6.RELEASE.jar:3.0.6.RELEASE] > at > org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFil > terProxy.java:167) [spring-web-3.0.6.RELEASE.jar:3.0.6.RELEASE] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicatio > nFilterChain.java:280) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterC > hain.java:248) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.core.ApplicationDispatcher.invoke(ApplicationDispatcher > .java:734) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.core.ApplicationDispatcher.processRequest(ApplicationDi > spatcher.java:541) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.core.ApplicationDispatcher.doForward(ApplicationDispatc > her.java:479) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.core.ApplicationDispatcher.forward(ApplicationDispatche > r.java:407) [jbossweb-7.0.10.Final.jar:] > at > com.w1.auth.sso.AutenticationResource.federationLogout(AutenticationResourc > e.java:188) [classes:] > at > com.w1.auth.sso.AutenticationResource$Proxy$_$$_WeldClientProxy.federationL > ogout(AutenticationResource$Proxy$_$$_WeldClientProxy.java) [classes:] > at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method) > [rt.jar:1.7.0_71] > at > sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:5 > 7) [rt.jar:1.7.0_71] > at > sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImp > l.java:43) [rt.jar:1.7.0_71] > at java.lang.reflect.Method.invoke(Method.java:606) > [rt.jar:1.7.0_71] > at > org.jboss.resteasy.core.MethodInjectorImpl.invoke(MethodInjectorImpl.java:1 > 55) [resteasy-jaxrs-2.3.1.GA.jar:] > at > org.jboss.resteasy.core.ResourceMethod.invokeOnTarget(ResourceMethod.java:2 > 57) [resteasy-jaxrs-2.3.1.GA.jar:] > at > org.jboss.resteasy.core.ResourceMethod.invoke(ResourceMethod.java:222) > [resteasy-jaxrs-2.3.1.GA.jar:] > at > org.jboss.resteasy.core.ResourceMethod.invoke(ResourceMethod.java:211) > [resteasy-jaxrs-2.3.1.GA.jar:] > at > org.jboss.resteasy.core.SynchronousDispatcher.getResponse(SynchronousDispat > cher.java:525) [resteasy-jaxrs-2.3.1.GA.jar:] > at > org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher. > java:502) [resteasy-jaxrs-2.3.1.GA.jar:] > at > org.jboss.resteasy.core.SynchronousDispatcher.invoke(SynchronousDispatcher. > java:119) [resteasy-jaxrs-2.3.1.GA.jar:] > at > org.jboss.resteasy.plugins.server.servlet.ServletContainerDispatcher.servic > e(ServletContainerDispatcher.java:208) [resteasy-jaxrs-2.3.1.GA.jar:] > at > org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(Htt > pServletDispatcher.java:55) [resteasy-jaxrs-2.3.1.GA.jar:] > at > org.jboss.resteasy.plugins.server.servlet.HttpServletDispatcher.service(Htt > pServletDispatcher.java:50) [resteasy-jaxrs-2.3.1.GA.jar:] > at javax.servlet.http.HttpServlet.service(HttpServlet.java:847) > [jboss-servlet-api_3.0_spec-1.0.0.Final.jar:1.0.0.Final] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicatio > nFilterChain.java:329) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterC > hain.java:248) [jbossweb-7.0.10.Final.jar:] > at > org.jboss.weld.servlet.ConversationPropagationFilter.doFilter(ConversationP > ropagationFilter.java:62) [weld-core-1.1.5.AS71.Final.jar:2012-02-10 15:31] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicatio > nFilterChain.java:280) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterC > hain.java:248) [jbossweb-7.0.10.Final.jar:] > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilt > er(FilterChainProxy.java:330) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.access.intercept.FilterSecurityInterceptor > .invoke(FilterSecurityInterceptor.java:118) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.access.intercept.FilterSecurityInterceptor > .doFilter(FilterSecurityInterceptor.java:84) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilt > er(FilterChainProxy.java:342) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.access.ExceptionTranslationFilter.doFilter > (ExceptionTranslationFilter.java:113) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilt > er(FilterChainProxy.java:342) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.session.SessionManagementFilter.doFilter(S > essionManagementFilter.java:103) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilt > er(FilterChainProxy.java:342) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.authentication.AnonymousAuthenticationFilt > er.doFilter(AnonymousAuthenticationFilter.java:113) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilt > er(FilterChainProxy.java:342) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.servletapi.SecurityContextHolderAwareReque > stFilter.doFilter(SecurityContextHolderAwareRequestFilter.java:54) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilt > er(FilterChainProxy.java:342) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.savedrequest.RequestCacheAwareFilter.doFil > ter(RequestCacheAwareFilter.java:45) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilt > er(FilterChainProxy.java:342) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.authentication.AbstractAuthenticationProce > ssingFilter.doFilter(AbstractAuthenticationProcessingFilter.java:183) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > com.w1.auth.sso.DelegatingAuthenticationProcessingFilter.doFilter(Delegatin > gAuthenticationProcessingFilter.java:42) [classes:] > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilt > er(FilterChainProxy.java:342) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.context.SecurityContextPersistenceFilter.d > oFilter(SecurityContextPersistenceFilter.java:87) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy$VirtualFilterChain.doFilt > er(FilterChainProxy.java:342) > [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy.doFilterInternal(FilterCh > ainProxy.java:192) [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.web.FilterChainProxy.doFilter(FilterChainProxy > .java:160) [spring-security-web-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.config.debug.DebugFilter.invokeWithWrappedRequ > est(DebugFilter.java:69) > [spring-security-config-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.security.config.debug.DebugFilter.doFilter(DebugFilter. > java:58) [spring-security-config-3.1.4.RELEASE.jar:3.1.4.RELEASE] > at > org.springframework.web.filter.DelegatingFilterProxy.invokeDelegate(Delegat > ingFilterProxy.java:237) [spring-web-3.0.6.RELEASE.jar:3.0.6.RELEASE] > at > org.springframework.web.filter.DelegatingFilterProxy.doFilter(DelegatingFil > terProxy.java:167) [spring-web-3.0.6.RELEASE.jar:3.0.6.RELEASE] > at > org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(Applicatio > nFilterChain.java:280) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterC > hain.java:248) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.j > ava:275) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.j > ava:161) [jbossweb-7.0.10.Final.jar:] > at > org.jboss.as.web.security.SecurityContextAssociationValve.invoke(SecurityCo > ntextAssociationValve.java:154) [jboss-as-web-7.1.0.Final.jar:7.1.0.Final] > at > org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:15 > 5) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:10 > 2) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.jav > a:109) [jbossweb-7.0.10.Final.jar:] > at > org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:368) > [jbossweb-7.0.10.Final.jar:] > at > org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:877) > [jbossweb-7.0.10.Final.jar:] > at > org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Htt > p11Protocol.java:671) [jbossweb-7.0.10.Final.jar:] > at > org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:930) > [jbossweb-7.0.10.Final.jar:] > at java.lang.Thread.run(Thread.java:745) [rt.jar:1.7.0_71] > > > 20:58:56,867 DEBUG > [org.springframework.beans.factory.support.DefaultListableBeanFactory] > (http--0.0.0.0-8080-1) Returning cached instance of singleton bean > 'jaasAuthenticationProvider' > 20:58:56,871 DEBUG > [org.springframework.beans.factory.support.DefaultListableBeanFactory] > (http--0.0.0.0-8080-1) Returning cached instance of singleton bean > 'recordLoginAuthenticationSuccessHandler' > 20:58:56,875 DEBUG > [org.springframework.beans.factory.support.DefaultListableBeanFactory] > (http--0.0.0.0-8080-1) Returning cached instance of singleton bean 'cxf' > 20:58:56,878 DEBUG > [com.w1.auth.sso.InstreamFederationAuthenticationFilter] > (http--0.0.0.0-8080-1) Authentication request failed: > org.springframework.security.authentication.BadCredentialsException: > Security token has been revoked > 20:58:56,882 DEBUG > [com.w1.auth.sso.InstreamFederationAuthenticationFilter] > (http--0.0.0.0-8080-1) Updated SecurityContextHolder to contain null > Authentication > 20:58:56,885 DEBUG > [com.w1.auth.sso.InstreamFederationAuthenticationFilter] > (http--0.0.0.0-8080-1) Delegating to authentication failure handler > org.springframework.security.web.authentication.SimpleUrlAuthenticationFail > ureHandler@11dd736 > 20:58:56,890 DEBUG > [org.springframework.security.web.authentication.SimpleUrlAuthenticationFai > lureHandler] (http--0.0.0.0-8080-1) No failure URL set, sending 401 > Unauthorized error > 20:58:56,893 DEBUG > [org.springframework.security.web.context.HttpSessionSecurityContextReposit > ory] (http--0.0.0.0-8080-1) SecurityContext is empty or contents are > anonymous - context will not be stored in HttpSession. > 20:58:56,897 DEBUG > [org.apache.catalina.core.ContainerBase.[jboss.web].[default-host].[/instre > amdev].[javax.ws.rs.core.Application]] (http--0.0.0.0-8080-1) Disabling > the response for futher output > 20:58:56,901 DEBUG > [org.apache.catalina.core.ContainerBase.[jboss.web].[default-host].[/instre > amdev].[javax.ws.rs.core.Application]] (http--0.0.0.0-8080-1) The > Response is vehiculed using a wrapper: > org.jboss.weld.servlet.ConversationPropagationFilter$1 > 20:58:56,907 DEBUG > [org.springframework.security.web.context.HttpSessionSecurityContextReposit > ory] (http--0.0.0.0-8080-1) SecurityContext is empty or contents are > anonymous - context will not be stored in HttpSession. > 20:58:56,912 DEBUG > [org.springframework.security.web.access.ExceptionTranslationFilter] > (http--0.0.0.0-8080-1) Chain processed normally > 20:58:56,914 DEBUG > [org.springframework.security.web.context.SecurityContextPersistenceFilter] > (http--0.0.0.0-8080-1) SecurityContextHolder now cleared, as request > processing completed > 20:59:11,511 DEBUG [org.apache.catalina.session.ManagerBase] > (ContainerBackgroundProcessor[StandardEngine[jboss.web]]) Start expire > sessions StandardManager at 1426208351511 sessioncount 0 > 20:59:11,515 DEBUG [org.apache.catalina.session.ManagerBase] > (ContainerBackgroundProcessor[StandardEngine[jboss.web]]) End expire > sessions StandardManager processingTime 4 expired sessions: 0 > 20:59:21,519 DEBUG [org.apache.catalina.session.ManagerBase] > (ContainerBackgroundProcessor[StandardEngine[jboss.web]]) Start expire > sessions StandardManager at 1426208361519 sessioncount 1 > 20:59:21,522 DEBUG [org.apache.catalina.session.ManagerBase] > (ContainerBackgroundProcessor[StandardEngine[jboss.web]]) End expire > sessions StandardManager processingTime 3 expired sessions: 0 > 21:00:11,527 DEBUG [org.apache.catalina.session.ManagerBase] > (ContainerBackgroundProcessor[StandardEngine[jboss.web]]) Start expire > sessions StandardManager at 1426208411527 sessioncount 0 > 21:00:11,530 DEBUG [org.apache.catalina.session.ManagerBase] > (ContainerBackgroundProcessor[StandardEngine[jboss.web]]) End expire > sessions StandardManager processingTime 3 expired sessions: 0 > 21:00:21,534 DEBUG [org.apache.catalina.session.ManagerBase] > (ContainerBackgroundProcessor[StandardEngine[jboss.web]]) Start expire > sessions StandardManager at 1426208421534 sessioncount 1 > 21:00:21,538 DEBUG [org.apache.catalina.session.ManagerBase] > (ContainerBackgroundProcessor[StandardEngine[jboss.web]]) End expire > sessions StandardManager processingTime 4 expired sessions: 0 > > > > ‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹‹ > MY fediz config file one more time. > > <?xml version="1.0" encoding="UTF-8" standalone="yes"?> > <FedizConfig> > <contextConfig name="/${context.name}"> > <audienceUris> > > <audienceItem>urn:com:10point1:instream:instreamportal</audienceItem> > </audienceUris> > <certificateStores> > <trustManager> > <keyStore file="truststore_dev.jks" password="secret" > type="JKS" /> > </trustManager> > </certificateStores> > <signingKey keyPassword="secret"> > <keyStore file="certstore_dev.jks" password="secret" > type="JKS" /> > </signingKey> > <tokenDecryptionKey keyPassword="secret"> > <keyStore file="truststore_dev.jks" password="secret" > type="JKS" /> > </tokenDecryptionKey> > <trustedIssuers> > <issuer certificateValidation="PeerTrust" /> > </trustedIssuers> > <maximumClockSkew>1000</maximumClockSkew> > <protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance" > xsi:type="federationProtocolType" version="1.2"> > <realm > type="Class">com.w1.auth.sso.InstreamCallbackHandler</realm> > <!-- realm type="Class" > value="com.w1.auth.sso.InstreamCallbackHandler" / --> > <issuer>https://stsinstreamlab.thebamalliance.com/</issuer> > <reply>/instream/j_spring_fediz_security_check</reply> > <claimTypesRequested> > <claimType > type="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name" > optional="false" /> > </claimTypesRequested> > <!--authenticationType type="String" > value=" > http://docs.oasis-open.org/wsfed/authorization/200706/authntypes/sma > rtcard" /--> > <!--tokenValidators> > > <validator>org.apache.cxf.fediz.core.CustomValidator</validator> > </tokenValidators --> > </protocol> > </contextConfig> > </FedizConfig> > > > > > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com