Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
RE: [higgins-dev] CardName and CardId

Hi Mike,

Please see the attached tomcat log. I'm also attaching the cardspace error. I had generated a card that uses Username Token to authenticate to the IdP/STS.

11:08:36,597 TRACE LogHelper.trace (54): ProfileServiceServerBinding::getManagedCard
11:08:36,598 TRACE LogHelper.trace (54): ProfileService::getManagedCard
11:08:36,598 TRACE LogHelper.trace (54): CredentialType: UsernamePassword
11:08:36,599 TRACE LogHelper.trace (54): ProfileService::getManagedCard-0
11:08:36,599 TRACE LogHelper.trace (54): ProfileService::getManagedCard-1
11:08:36,599 TRACE LogHelper.trace (54): ProfileService::getManagedCard-2

I was able to use the imported card to sign into RP using CardSpace if I change the line #306 in org.eclipse.higgins.sts.server.profile/src/org/eclipse/Higgins/sts/server/profile/ProfileService.java (getManagedCard method)

from

                + "<CardId>" + ((java.net.URI)this.mapComponentSettings.get("CardId")).toString() + "&amp;cardid=" + strEscapedCardName + "</CardId>"

To

                + "<CardId>" + ((java.net.URI)this.mapComponentSettings.get("CardId")).toString() + "&amp;cardid=" + strUsername + "</CardId>"

Please let me know if you need more details.

Thanks for looking into this.

-Jeesmon

-----Original Message-----
From: higgins-dev-bounces@xxxxxxxxxxx [mailto:higgins-dev-bounces@xxxxxxxxxxx] On Behalf Of Michael McIntosh
Sent: Friday, November 16, 2007 5:07 PM
To: Higgins (Trust Framework) Project developer discussions
Cc: Higgins (Trust Framework) Project developer discussions; higgins-dev-bounces@xxxxxxxxxxx
Subject: Re: [higgins-dev] CardName and CardId

Jeesmon,

Please send more info form the log - there should be lines with either:
        Creating Username/Password Credential:
or:
        Creating PPID/Modulus/Exponent Credential

Regards,
Mike

higgins-dev-bounces@xxxxxxxxxxx wrote on 11/15/2007 08:36:58 PM:

> Hi Mike/Jim,
>
> I was running some tests on a locally deployed TokenService which
> uses JNDI CP. I successfully created a Digital Subject Profile,
> generated the card and imported to CardSpace. When I used the card
> to sign into an RP, I got the following error
>
> 20:03:07,887 TRACE LogHelper.trace (54): before IContext::open
> 20:03:07,892 DEBUG JNDIContext._setupContext (600): Attempting to
> create initial context: ldap://localhost:389
> 20:03:07,905 DEBUG JNDIContext.open (518): Context opened: urn:
> Higgins-LDAP-Server,  as: jjacob10@xxxxxxxxxxxxx
> 20:03:07,906 TRACE LogHelper.trace (54): after IContext::open
> 20:03:07,907 TRACE LogHelper.trace (54): before IContext::getSubject
> 20:03:07,907 DEBUG JNDIContext.getSubject (1164): Searching for
> Digital Subject: Test-Card as: jjacob10@xxxxxxxxxxxxx in context:
> urn:Higgins-LDAP-Server,
> 20:03:07,920 ERROR LogHelper.error (102): A request failed with the
> exception {0}.
> 20:03:07,921 ERROR LogHelper.error (102): org.eclipse.higgins.idas.
> api.NoSuchSubjectException: javax.naming.NameNotFoundException:
> [LDAP: error code 32 - No Such Object]; remaining name 'uid=Test-
> Card,ou=identities,dc=higgins,dc=eclipse,dc=org'
> 20:03:07,922 ERROR LogHelper.error (102): {0}::{1} JNDIContext.java:569.
> 20:03:07,922 ERROR LogHelper.error (102): {0}::{1}
JNDIContext.java:1202.
> 20:03:07,923 ERROR LogHelper.error (102): {0}::{1}
JNDIContext.java:1150.
> 20:03:07,924 ERROR LogHelper.error (102): {0}::{1}
> DigitalIdentityHandler.java:351.
> 20:03:07,924 ERROR LogHelper.error (102): {0}::{1}
CompoundHandler.java:100.
> 20:03:07,925 ERROR LogHelper.error (102): {0}::{1}
> SecurityTokenService.java:158.
> 20:03:07,925 ERROR LogHelper.error (102): {0}::{1}
> SecurityTokenServiceServerBinding.java:113.
> 20:03:07,926 ERROR LogHelper.error (102): {0}::{1}
TrustBindingImpl.java:41.
> 20:03:07,926 ERROR LogHelper.error (102): {0}::{1}
> TrustBindingSkeleton.java:70.
> 20:03:07,927 ERROR LogHelper.error (102): {0}::{1}
> NativeMethodAccessorImpl.java:-2.
> 20:03:07,935 ERROR LogHelper.error (102): {0}::{1}
> NativeMethodAccessorImpl.java:39.
> 20:03:07,937 ERROR LogHelper.error (102): {0}::{1}
> DelegatingMethodAccessorImpl.java:25.
> 20:03:07,938 ERROR LogHelper.error (102): {0}::{1} Method.java:585.
>
> I had used the card name as ?Test Card? when generating the card.
> Looking at the .crd file, I found that the card name is also added
> as part of the CardId (space char replaced with - char)
>
> <InformationCardReference><CardId>urn:Higgins-LDAP-Server&amp;
> cardid=Test-
>
Card</CardId><CardVersion>1</CardVersion></InformationCardReference><CardName>Test
> Card</CardName>??.
>
> If I use the user name as card name when generating card, I?m able
> to successfully login to the RP with that card.
>
> Is it a bug or something wrong with my configuration or working as
expected?
>
> Thanks,
> Jeesmon_______________________________________________
> higgins-dev mailing list
> higgins-dev@xxxxxxxxxxx
> https://dev.eclipse.org/mailman/listinfo/higgins-dev

_______________________________________________
higgins-dev mailing list
higgins-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/higgins-dev
There was a failure making a WS-Trust exchange with an external application.  Could not retrieve token from identity provider.

Inner Exception: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail.
Inner Exception: The specified request failed


Additional Information:
Microsoft.InfoCards.TrustExchangeException: Could not retrieve token from identity provider. ---> System.ServiceModel.Security.MessageSecurityException: An unsecured or incorrectly secured fault was received from the other party. See the inner FaultException for the fault code and detail. ---> System.ServiceModel.FaultException: The specified request failed
   --- End of inner exception stack trace ---

Server stack trace: 
   at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.ProcessReply(Message reply, SecurityProtocolCorrelationState correlationState, TimeSpan timeout)
   at System.ServiceModel.Channels.SecurityChannelFactory`1.SecurityRequestChannel.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Dispatcher.RequestChannelBinder.Request(Message message, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs, TimeSpan timeout)
   at System.ServiceModel.Channels.ServiceChannel.Call(String action, Boolean oneway, ProxyOperationRuntime operation, Object[] ins, Object[] outs)
   at System.ServiceModel.Channels.ServiceChannelProxy.InvokeService(IMethodCallMessage methodCall, ProxyOperationRuntime operation)
   at System.ServiceModel.Channels.ServiceChannelProxy.Invoke(IMessage message)

Exception rethrown at [0]: 
   at System.Runtime.Remoting.Proxies.RealProxy.HandleReturnMessage(IMessage reqMsg, IMessage retMsg)
   at System.Runtime.Remoting.Proxies.RealProxy.PrivateInvoke(MessageData& msgData, Int32 type)
   at Microsoft.InfoCards.RemoteTokenFactory.ISts.ProcessRequestSecurityTokenFeb2005(Message rstMessage)
   at Microsoft.InfoCards.RemoteTokenFactory.ProduceToken(InfoCard card, TokenCreationParameter parameter, TokenFactoryCredential credential, InfoCardPolicy policy, Boolean discloseOptional)
   --- End of inner exception stack trace ---

Attachment: catalina.out
Description: catalina.out


Back to the top