----- Original Message -----
Sent: Tuesday, December
09, 2008 11:24 AM
Subject: RE: [higgins-dev]
Problem with Managed I-Card
Hi,
thanks for your response.
The
<Address>https://rh154.sohosmart.net/TokenService/services/Trust</Address>
in the configuration file was
https://localhost/TokenService/services/Trust
and with this
configuration I read these messages:
org.eclipse.higgins.rp.servlet.impl.DispatchCallbackHandler
redirect
INFO:
../MultiLogin.jsp?authsession=g5KVqdBhaEa400itu24a
org.eclipse.higgins.rp.servlet.server.AuthNFilter
doFilter
INFO: 127.0.0.1 tried to
access https://localhost:8443/RelyingPartyDemoApp2/protected/index.jsp on Fri
Dec 05 17:43:59 CET 2008
org.eclipse.higgins.rp.servlet.impl.DispatchCallbackHandler
redirect
INFO:
../MultiLogin.jsp?authsession=iWRCfFEnMxFnBLvhK6hF
org.eclipse.higgins.rp.icard.ICardProtocolHandler
getKeyStore
INFO: name:
C:\apache-tomcat-5.5.25\webapps\RelyingPartyDemoApp2\keystore.jks type: JKS
org.eclipse.higgins.rp.icard.ICardProtocolHandler
processUserToken
GRAVE:
Unable to proecess token
org.eclipse.higgins.rp.icard.ICardProtocolHandler
processUserToken
INFO:
Error authenticating token
org.eclipse.higgins.rp.servlet.impl.ResultCallbackHandler
handleFailure
GRAVE:
authn failure - no token: forward to NoXmlToken.jsp
If I modify the
configuration file and insert this configuration
https://localhost:8443/TokenService/services/Trust
(I add the number of port)
I read these messages:
org.eclipse.higgins.rp.servlet.impl.DispatchCallbackHandler
redirect
INFO: ../MultiLogin.jsp?authsession=3qL2yMi20G52KZC3HqZX
org.eclipse.higgins.rp.servlet.server.AuthNFilter
doFilter
INFO: 127.0.0.1 tried to
access https://localhost:8443/RelyingPartyDemoApp2/protected/index.jsp on Tue
Dec 09 10:03:45 CET 2008
org.eclipse.higgins.rp.servlet.impl.DispatchCallbackHandler
redirect
INFO:
../MultiLogin.jsp?authsession=IUjAaf/gGz7VpV2NR8Ht
org.eclipse.higgins.rp.icard.ICardProtocolHandler
processUserToken
INFO:
Error authenticating token
org.eclipse.higgins.rp.servlet.impl.ResultCallbackHandler
handleFailure
GRAVE:
authn failure - no token: forward to NoXmlToken.jsp
I don’t read the
error “Unable to proecess token” but only the info message
“org.eclipse.higgins.rp.icard.ICardProtocolHandler processUserToken
INFO: Error
authenticating token”.
I think now the STS is
working and have only authentication problem (certificate and keystore???).
Is my idea right?
Best Regards,
Leonardo Straniero.
From:
Sergey Lyakhov [mailto:slyakhov@xxxxxxxxxxxxxx]
Sent: venerdì 5 dicembre 2008
16.43
To: leonardo.straniero@xxxxxxxxxxxx;
'Higgins (Trust Framework) Project
developer discussions'
Subject: Re: [higgins-dev] Problem
with Managed I-Card
> The STS don’t
write in the log file; is it a signal to be sure my STS does not work?
If you open your .crd
file you can seethe following:
Most
likely, <Address> URI in your card does not respond to
your real STS endpoint URL. As a result, there is no any STS log,
because selector could not send a token request
to your STS. In this case you need to fix your STS configuration
file (set correct STS URIs) and reissue a card. Otherwise check
log4j.properties for STS to see errors (by the way, becauseProfile is a part of
STS, you should see STS log when you work with profile).
----- Original Message -----
Sent: Friday, December
05, 2008 4:23 PM
Subject: [higgins-dev]
Problem with Managed I-Card
From:
Leonardo [mailto:leonardo.straniero@xxxxxxxxxxxx]
Sent: venerdì 5 dicembre 2008
15.07
To: 'Sergey Lyakhov'
Subject: RE: [higgins-dev] Problem
with Managed I-Card
Hi Sergey,
I follow your instruction
and I think my STS don’t work.
When I select the I-Card
generated by my STS with the bandit RP I read in the last rows of my Catalina
log file these messages:
5-dic-2008 14.48.40
org.apache.catalina.startup.Catalina start
INFO: Server startup in
4346 ms
The STS don’t write
in the log file; is it a signal to be sure my STS does not work?
If I use my Higgins RP with the Bandit Card I can read in the
Catalina log file these messages:
5-dic-2008 15.01.20
org.eclipse.higgins.rp.servlet.server.Login newAuthSession
INFO: Saving Original URI
to session: /
5-dic-2008 15.01.20
org.eclipse.higgins.rp.icard.ICardProtocolHandler init
INFO: initializing
5-dic-2008 15.01.20
org.eclipse.higgins.rp.servlet.impl.DispatchCallbackHandler redirect
INFO:
../MultiLogin.jsp?authsession=XsEd6gtxxP3V7BLqW/Nu
……
INFO: name:
C:\apache-tomcat-5.5.25\webapps\RelyingPartyDemoApp2\localhost.jks type: JKS
5-dic-2008 15.01.34
org.eclipse.higgins.rp.icard.ICardProtocolHandler processUserToken
INFO: Decrypt token using
key Sun RSA private CRT key, 1024 bits
modulus:
………
5-dic-2008 15.01.35
org.eclipse.higgins.rp.icard.ICardProtocolHandler processUserToken
INFO: Decrypted token
looks like
……..
5-dic-2008 15.01.35
org.apache.xml.security.signature.Reference verify
INFO: Verification
successful for URI "#urn:uuid:EA1F11BE3F25561F111228485634921553"
5-dic-2008 15.01.35
org.eclipse.higgins.rp.icard.ICardProtocolHandler processUserToken
……..
5-dic-2008 15.01.35 org.eclipse.higgins.rp.icard.ICardProtocolHandler
processUserToken
INFO: Sucessfully
authenticated token
Is it a problem with
keystore and certificates?
Thanks,
Leonardo Straniero.
From:
Sergey Lyakhov [mailto:slyakhov@xxxxxxxxxxxxxx]
Sent: venerdì 5 dicembre 2008
14.07
To: leonardo.straniero@xxxxxxxxxxxx;
Higgins (Trust Framework) Project
developer discussions
Subject: Re: [higgins-dev] Problem
with Managed I-Card
> If I generate a card with the Higgins STS online, the different in size between
my card and this card is about 3 KB
> and if I use this card in my Relying
Party the authentication is ok.
Cards contain an image wihch can have different size,
so it is not a problem. In any case,the card is ok if you are able to
import this card into higgins or cardspace.
> If I check my Tomcat Console I read the follow
error:
>
org.eclipse.higgins.rp.servlet.impl.DispatchCallbackHandler redirect
> INFO:
../MultiLogin.jsp?authsession=PUqxNiwoxwV5WKSlsKJI
> org.eclipse.higgins.rp.icard.ICardProtocolHandler
processUserToken
> INFO: Error authenticating token
>
org.eclipse.higgins.rp.servlet.impl.ResultCallbackHandler handleFailure
You need to do the following:
1. Delete tomcat/logs/catalina.out log file.
3. Login to RP mentioned above.
4. Look/send errors in catalina.out log file if your STS
does not work.
----- Original Message -----
Sent: Friday, December
05, 2008 10:41 AM
Subject: RE: [higgins-dev]
Problem with Managed I-Card
Any ideas?
Can is it a problem with
certifications?
Regards.
From:
higgins-dev-bounces@xxxxxxxxxxx
[mailto:higgins-dev-bounces@xxxxxxxxxxx] On
Behalf Of Leonardo
Sent: giovedì 4 dicembre 2008
10.15
To: 'Higgins
(Trust Framework) Project developer discussions'
Subject: [higgins-dev] Problem
with Managed I-Card
Hi All,
i have a problem with my Higgins
STS.
I can generate a Card for a Digital Subject Profile
but when I use it in my Higgins
Relying Party Demo i read this error:
The card contents could not be
retrieved.
Check your network connection, and
verify that you have supplied the
correct authentication credentials.
If I check my Tomcat Console I read the follow error:
org.eclipse.higgins.rp.servlet.impl.DispatchCallbackHandler
redirect
INFO:
../MultiLogin.jsp?authsession=PUqxNiwoxwV5WKSlsKJI
org.eclipse.higgins.rp.icard.ICardProtocolHandler
processUserToken
INFO: Error authenticating token
org.eclipse.higgins.rp.servlet.impl.ResultCallbackHandler
handleFailure
GRAVE: authn failure - no token: forward to
NoXmlToken.jsp
If I generate a card with the Higgins
STS online, the different in size between my card and this card is about
3 KB and if I use this card in my Relying Party the authentication
is ok.
Is it a problem with the configuration or
installation of my Higgins STS?
Please help me to fix this error.
Best Regars,
Leonardo Straniero.
_______________________________________________
higgins-dev mailing list
higgins-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/higgins-dev
_______________________________________________
higgins-dev mailing list
higgins-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/higgins-dev