Hi,
thanks for your
response.
The
<Address>https://rh154.sohosmart.net/TokenService/services/Trust</Address>
in the configuration file was
https://localhost/TokenService/services/Trust
and with this
configuration I read these messages:
org.eclipse.higgins.rp.servlet.impl.DispatchCallbackHandler
redirect
INFO:
../MultiLogin.jsp?authsession=g5KVqdBhaEa400itu24a
org.eclipse.higgins.rp.servlet.server.AuthNFilter
doFilter
INFO: 127.0.0.1 tried
to access https://localhost:8443/RelyingPartyDemoApp2/protected/index.jsp on
Fri Dec 05 17:43:59 CET 2008
org.eclipse.higgins.rp.servlet.impl.DispatchCallbackHandler
redirect
INFO:
../MultiLogin.jsp?authsession=iWRCfFEnMxFnBLvhK6hF
org.eclipse.higgins.rp.icard.ICardProtocolHandler
getKeyStore
INFO: name:
C:\apache-tomcat-5.5.25\webapps\RelyingPartyDemoApp2\keystore.jks type:
JKS
org.eclipse.higgins.rp.icard.ICardProtocolHandler
processUserToken
GRAVE:
Unable to proecess token
org.eclipse.higgins.rp.icard.ICardProtocolHandler
processUserToken
INFO:
Error authenticating token
org.eclipse.higgins.rp.servlet.impl.ResultCallbackHandler
handleFailure
GRAVE:
authn failure - no token: forward to
NoXmlToken.jsp
If I modify the
configuration file and insert this configuration
https://localhost:8443/TokenService/services/Trust
(I add the number of port)
I read these
messages:
org.eclipse.higgins.rp.servlet.impl.DispatchCallbackHandler
redirect
INFO:
../MultiLogin.jsp?authsession=3qL2yMi20G52KZC3HqZX
org.eclipse.higgins.rp.servlet.server.AuthNFilter
doFilter
INFO: 127.0.0.1 tried
to access https://localhost:8443/RelyingPartyDemoApp2/protected/index.jsp on
Tue Dec 09 10:03:45 CET 2008
org.eclipse.higgins.rp.servlet.impl.DispatchCallbackHandler
redirect
INFO:
../MultiLogin.jsp?authsession=IUjAaf/gGz7VpV2NR8Ht
org.eclipse.higgins.rp.icard.ICardProtocolHandler
processUserToken
INFO:
Error authenticating token
org.eclipse.higgins.rp.servlet.impl.ResultCallbackHandler
handleFailure
GRAVE:
authn failure - no token: forward to
NoXmlToken.jsp
I dont read the
error Unable to proecess token but only the info message
org.eclipse.higgins.rp.icard.ICardProtocolHandler
processUserToken
INFO: Error
authenticating token.
I think now the STS
is working and have only authentication problem (certificate and
keystore???).
Is my idea
right?
Best
Regards,
Leonardo
Straniero.
From: Sergey Lyakhov
[mailto:slyakhov@xxxxxxxxxxxxxx]
Sent: venerdì 5 dicembre 2008
16.43
To: leonardo.straniero@xxxxxxxxxxxx; 'Higgins (Trust Framework) Project developer
discussions'
Subject: Re:
[higgins-dev] Problem with Managed I-Card
> The STS dont
write in the log file; is it a signal to be sure my STS does not
work?
If you open your .crd
file you can seethe following:
Most
likely, <Address> URI in your card does not respond to
your real STS endpoint URL. As a result, there is no any STS log,
because selector could not send a token request
to your STS. In this case you need to fix your STS configuration
file (set correct STS URIs) and reissue a card. Otherwise check
log4j.properties for STS to see errors (by the way, becauseProfile is a part
of STS, you should see STS log when you work with
profile).
----- Original Message -----
Sent: Friday,
December 05, 2008 4:23 PM
Subject:
[higgins-dev] Problem with Managed I-Card
From: Leonardo
[mailto:leonardo.straniero@xxxxxxxxxxxx]
Sent: venerdì 5 dicembre 2008
15.07
To: 'Sergey
Lyakhov'
Subject: RE:
[higgins-dev] Problem with Managed I-Card
Hi
Sergey,
I follow your
instruction and I think my STS dont work.
When I select the
I-Card generated by my STS with the bandit RP I read in the last rows of my
Catalina log file these messages:
5-dic-2008 14.48.40
org.apache.catalina.startup.Catalina start
INFO: Server
startup in 4346 ms
The STS dont write
in the log file; is it a signal to be sure my STS does not
work?
If I use my
Higgins RP with the Bandit Card I
can read in the Catalina log file these
messages:
5-dic-2008 15.01.20
org.eclipse.higgins.rp.servlet.server.Login
newAuthSession
INFO: Saving
Original URI to session: /
5-dic-2008 15.01.20
org.eclipse.higgins.rp.icard.ICardProtocolHandler
init
INFO:
initializing
5-dic-2008 15.01.20
org.eclipse.higgins.rp.servlet.impl.DispatchCallbackHandler
redirect
INFO:
../MultiLogin.jsp?authsession=XsEd6gtxxP3V7BLqW/Nu
INFO: name:
C:\apache-tomcat-5.5.25\webapps\RelyingPartyDemoApp2\localhost.jks type:
JKS
5-dic-2008 15.01.34
org.eclipse.higgins.rp.icard.ICardProtocolHandler
processUserToken
INFO: Decrypt token
using key Sun RSA private CRT key, 1024 bits
modulus:
5-dic-2008 15.01.35
org.eclipse.higgins.rp.icard.ICardProtocolHandler
processUserToken
INFO: Decrypted
token looks like
..
5-dic-2008 15.01.35
org.apache.xml.security.signature.Reference
verify
INFO: Verification
successful for URI
"#urn:uuid:EA1F11BE3F25561F111228485634921553"
5-dic-2008 15.01.35
org.eclipse.higgins.rp.icard.ICardProtocolHandler
processUserToken
..
5-dic-2008 15.01.35
org.eclipse.higgins.rp.icard.ICardProtocolHandler
processUserToken
INFO: Sucessfully
authenticated token
Is it a problem
with keystore and certificates?
Thanks,
Leonardo
Straniero.
From: Sergey Lyakhov
[mailto:slyakhov@xxxxxxxxxxxxxx]
Sent: venerdì 5 dicembre 2008
14.07
To: leonardo.straniero@xxxxxxxxxxxx; Higgins (Trust Framework) Project developer
discussions
Subject: Re:
[higgins-dev] Problem with Managed I-Card
> If I generate a card with the Higgins STS online, the different in size
between my card and this card is about 3 KB
> and if I use this card in my
Relying Party the authentication is ok.
Cards contain an image wihch can
have different size, so it is not a problem. In any case,the card is ok if
you are able to import this card into higgins or
cardspace.
> If I check my Tomcat Console I read the follow
error:
>
org.eclipse.higgins.rp.servlet.impl.DispatchCallbackHandler
redirect
> INFO:
../MultiLogin.jsp?authsession=PUqxNiwoxwV5WKSlsKJI
>
org.eclipse.higgins.rp.icard.ICardProtocolHandler
processUserToken
> INFO: Error authenticating
token
>
org.eclipse.higgins.rp.servlet.impl.ResultCallbackHandler
handleFailure
You need to do the
following:
1. Delete
tomcat/logs/catalina.out log file.
3. Login to RP mentioned
above.
4. Look/send errors in
catalina.out log file if your STS does not
work.
----- Original Message -----
Sent:
Friday, December 05, 2008 10:41 AM
Subject: RE:
[higgins-dev] Problem with Managed
I-Card
Any ideas?
Can is it a
problem with certifications?
Regards.
From: higgins-dev-bounces@xxxxxxxxxxx
[mailto:higgins-dev-bounces@xxxxxxxxxxx] On Behalf Of Leonardo
Sent: giovedì 4 dicembre 2008
10.15
To:
'Higgins (Trust Framework)
Project developer discussions'
Subject: [higgins-dev] Problem with
Managed I-Card
Hi All,
i have a problem with my Higgins STS.
I can generate a Card for a Digital Subject
Profile but when I use it in my Higgins Relying Party Demo i read this
error:
The card contents could not be
retrieved.
Check your network connection,
and verify that you have supplied the
correct authentication
credentials.
If I check my Tomcat Console I read the follow
error:
org.eclipse.higgins.rp.servlet.impl.DispatchCallbackHandler
redirect
INFO:
../MultiLogin.jsp?authsession=PUqxNiwoxwV5WKSlsKJI
org.eclipse.higgins.rp.icard.ICardProtocolHandler
processUserToken
INFO: Error authenticating
token
org.eclipse.higgins.rp.servlet.impl.ResultCallbackHandler
handleFailure
GRAVE: authn failure - no token: forward to
NoXmlToken.jsp
If I generate a card with the Higgins STS online, the different in size
between my card and this card is about 3 KB and if I use this
card in my Relying Party the authentication is
ok.
Is it a problem with the configuration or
installation of my Higgins STS?
Please help me to fix this
error.
Best Regars,
Leonardo Straniero.
_______________________________________________
higgins-dev
mailing
list
higgins-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/higgins-dev
_______________________________________________
higgins-dev
mailing
list
higgins-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/higgins-dev