Skip to main content

Spring web services (v1.5) + XWSS (v3.0) problem with SAMLAssertion

1 reply [Last post]
mikegb
Offline
Joined: 2006-04-16
Points: 0

I'm having a problem understanding how to add a SAML assertion (sender-vouches) using the callback handlers. I'm getting the following stack trace when I add to my security configuration and can't figure out what I need to do.

[java] Mar 28, 2008 5:31:38 PM com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl populateSAMLPolicy
[java] SEVERE: WSS0237: An Error occurred while populating SAML Policy in Dynamic Policy Callback
[java] javax.security.auth.callback.UnsupportedCallbackException
[java] at org.springframework.ws.soap.security.callback.CallbackHandlerChain.handleInternal(CallbackHandlerChain.java:56)

[java] at org.springframework.ws.soap.security.xwss.callback.XwssCallbackHandlerChain.handleInternal(XwssCallbackHandlerC
ain.java:55)
[java] at org.springframework.ws.soap.security.callback.AbstractCallbackHandler.handle(AbstractCallbackHandler.java:49)
[java] at com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl.populateSAMLPolicy(DefaultSecurityEnvironmentImpl.java
1337)
[java] at com.sun.xml.wss.impl.filter.ExportSamlAssertionFilter.process(ExportSamlAssertionFilter.java:117)
[java] at com.sun.xml.wss.impl.filter.AuthenticationTokenFilter.processSamlToken(AuthenticationTokenFilter.java:106)
[java] at com.sun.xml.wss.impl.HarnessUtil.processWSSPolicy(HarnessUtil.java:111)
[java] at com.sun.xml.wss.impl.HarnessUtil.processDeep(HarnessUtil.java:263)
[java] at com.sun.xml.wss.impl.SecurityAnnotator.processMessagePolicy(SecurityAnnotator.java:186)
[java] at com.sun.xml.wss.impl.SecurityAnnotator.secureMessage(SecurityAnnotator.java:147)
[java] at com.sun.xml.wss.impl.misc.XWSSProcessor2_0Impl.secureOutboundMessage(XWSSProcessor2_0Impl.java:108)
[java] at org.springframework.ws.soap.security.xwss.XwsSecurityInterceptor.secureMessage(XwsSecurityInterceptor.java:135)

[java] at org.springframework.ws.soap.security.AbstractWsSecurityInterceptor.handleRequest(AbstractWsSecurityInterceptor.
ava:182)
[java] at org.springframework.ws.client.core.WebServiceTemplate.doSendAndReceive(WebServiceTemplate.java:480)
[java] at org.springframework.ws.client.core.WebServiceTemplate.sendAndReceive(WebServiceTemplate.java:440)
[java] at org.springframework.ws.client.core.WebServiceTemplate.doSendAndReceive(WebServiceTemplate.java:395)
[java] at org.springframework.ws.client.core.WebServiceTemplate.sendSourceAndReceiveToResult(WebServiceTemplate.java:341)

[java] at org.springframework.ws.client.core.WebServiceTemplate.sendSourceAndReceiveToResult(WebServiceTemplate.java:332)

[java] at org.springframework.ws.client.core.WebServiceTemplate.sendSourceAndReceiveToResult(WebServiceTemplate.java:322)

Reply viewing options

Select your preferred way to display the comments and click "Save settings" to activate your changes.
V B Kumar Jayanti

Please see attached CBH and config files. The CBH is more complex than
necessary if you just want to handle SV assertions (you can remove the
HOK related code which requires access to keystores and certs etc).

Thanks
metro@javadesktop.org wrote:

>I'm having a problem understanding how to add a SAML assertion (sender-vouches) using the callback handlers. I'm getting the following stack trace when I add to my security configuration and can't figure out what I need to do.
>
> [java] Mar 28, 2008 5:31:38 PM com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl populateSAMLPolicy
> [java] SEVERE: WSS0237: An Error occurred while populating SAML Policy in Dynamic Policy Callback
> [java] javax.security.auth.callback.UnsupportedCallbackException
> [java] at org.springframework.ws.soap.security.callback.CallbackHandlerChain.handleInternal(CallbackHandlerChain.java:56)
>
> [java] at org.springframework.ws.soap.security.xwss.callback.XwssCallbackHandlerChain.handleInternal(XwssCallbackHandlerC
>ain.java:55)
> [java] at org.springframework.ws.soap.security.callback.AbstractCallbackHandler.handle(AbstractCallbackHandler.java:49)
> [java] at com.sun.xml.wss.impl.misc.DefaultSecurityEnvironmentImpl.populateSAMLPolicy(DefaultSecurityEnvironmentImpl.java
>1337)
> [java] at com.sun.xml.wss.impl.filter.ExportSamlAssertionFilter.process(ExportSamlAssertionFilter.java:117)
> [java] at com.sun.xml.wss.impl.filter.AuthenticationTokenFilter.processSamlToken(AuthenticationTokenFilter.java:106)
> [java] at com.sun.xml.wss.impl.HarnessUtil.processWSSPolicy(HarnessUtil.java:111)
> [java] at com.sun.xml.wss.impl.HarnessUtil.processDeep(HarnessUtil.java:263)
> [java] at com.sun.xml.wss.impl.SecurityAnnotator.processMessagePolicy(SecurityAnnotator.java:186)
> [java] at com.sun.xml.wss.impl.SecurityAnnotator.secureMessage(SecurityAnnotator.java:147)
> [java] at com.sun.xml.wss.impl.misc.XWSSProcessor2_0Impl.secureOutboundMessage(XWSSProcessor2_0Impl.java:108)
> [java] at org.springframework.ws.soap.security.xwss.XwsSecurityInterceptor.secureMessage(XwsSecurityInterceptor.java:135)
>
> [java] at org.springframework.ws.soap.security.AbstractWsSecurityInterceptor.handleRequest(AbstractWsSecurityInterceptor.
>ava:182)
> [java] at org.springframework.ws.client.core.WebServiceTemplate.doSendAndReceive(WebServiceTemplate.java:480)
> [java] at org.springframework.ws.client.core.WebServiceTemplate.sendAndReceive(WebServiceTemplate.java:440)
> [java] at org.springframework.ws.client.core.WebServiceTemplate.doSendAndReceive(WebServiceTemplate.java:395)
> [java] at org.springframework.ws.client.core.WebServiceTemplate.sendSourceAndReceiveToResult(WebServiceTemplate.java:341)
>
> [java] at org.springframework.ws.client.core.WebServiceTemplate.sendSourceAndReceiveToResult(WebServiceTemplate.java:332)
>
> [java] at org.springframework.ws.client.core.WebServiceTemplate.sendSourceAndReceiveToResult(WebServiceTemplate.java:322)
>[Message sent by forum member 'mikegb' (mikegb)]
>
>http://forums.java.net/jive/thread.jspa?messageID=266528
>
>---------------------------------------------------------------------
>To unsubscribe, e-mail: users-unsubscribe@metro.dev.java.net
>For additional commands, e-mail: users-help@metro.dev.java.net
>
>
>

[sv-saml-client.xml]
[sv-saml-server.xml]
[SecurityEnvironmentHandler.java]
---------------------------------------------------------------------
To unsubscribe, e-mail: users-unsubscribe@metro.dev.java.net
For additional commands, e-mail: users-help@metro.dev.java.net