| Re: [higgins-dev] Error in RP / DecryptElement |
Something to add: the example in the email below is using http. If I use
https, I get a different error, in the same function (
org.eclipse.higgins.rp.icard.ICardProtocolHandler
processUserToken)
What differs in the https case is:
* I can see the info log from line 147 (I do *not* see this output when
using plain http):
log.info("Decrypted token looks
like\n"+ie.getAs(java.lang.String.class));
* The error in catalina.out [1]
Regards,
Maxi
[1]
Did not find an X509Data element in the KeyInfo
Aug 10, 2009 1:00:29 PM org.eclipse.higgins.rp.icard.ICardProtocolHandler
processUserToken
SEVERE: Unable to proecess token
java.lang.NullPointerException
at
com.sun.org.apache.xerces.internal.dom.ElementImpl.setAttributeNS(ElementImpl.java:642)
at
org.apache.xml.security.utils.XMLUtils.createElementInSignatureSpace(XMLUtils.java:258)
at
org.apache.xml.security.utils.SignatureElementProxy.<init>(Unknown Source)
at org.apache.xml.security.algorithms.Algorithm.<init>(Unknown
Source)
at
org.apache.xml.security.algorithms.MessageDigestAlgorithm.<init>(Unknown
Source)
at
org.apache.xml.security.algorithms.MessageDigestAlgorithm.getInstance(Unknown
Source)
at
org.apache.xml.security.signature.Reference.getMessageDigestAlgorithm(Unknown
Source)
at
org.apache.xml.security.signature.Reference.calculateDigest(Unknown
Source)
at org.apache.xml.security.signature.Reference.verify(Unknown
Source)
at
org.apache.xml.security.signature.Manifest.verifyReferences(Unknown
Source)
at org.apache.xml.security.signature.SignedInfo.verify(Unknown
Source)
at
org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Unknown
Source)
at
org.eclipse.higgins.sts.xmlsecurity.apache.XMLSecurityApacheExtension.VerifyEnveloped(XMLSecurityApacheExtension.java:568)
at
org.eclipse.higgins.rp.icard.ICardProtocolHandler.processUserToken(ICardProtocolHandler.java:149)
at
org.eclipse.higgins.rp.icard.ICardProtocolHandler.authenticate(ICardProtocolHandler.java:105)
at
org.eclipse.higgins.rp.servlet.server.Login.ContinueAuthentication(Login.java:69)
at
org.apache.jsp.MultiLogin_jsp._jspService(MultiLogin_jsp.java:71)
at
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:374)
at
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:342)
at
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:267)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
at java.lang.Thread.run(Thread.java:619)
Aug 10, 2009 1:00:29 PM org.eclipse.higgins.rp.icard.ICardProtocolHandler
processUserToken
INFO: Error authenticating token
Aug 10, 2009 1:00:29 PM
org.eclipse.higgins.rp.servlet.impl.ResultCallbackHandler handleFailure
SEVERE: authn failure - no token: forward to NoXmlToken.jsp
maxi.combina@xxxxxxxxxxxxx
Sent by: higgins-dev-bounces@xxxxxxxxxxx
07/08/2009 16:18
Please respond to
"Higgins \(Trust Framework\) Project developer discussions"
<higgins-dev@xxxxxxxxxxx>
To
higgins-dev@xxxxxxxxxxx
cc
Subject
[higgins-dev] Error in RP / DecryptElement
Hello,
I am trying to configure the RP from Higgins Milestone 6. It is running
using Tomcat 6, with Java 1.6.0_14.
The problem I am facing seems to happen when the RP needs to decrypt the
user token. More specifically, the method
org.eclipse.higgins.rp.icard.ICardProtocolHandler.processUserToken() is
throwing an exception in (apparently) line 146:
ie = secext.DecryptElement(elemToken,
(PrivateKey)(keyStore.getKey(keyStoreAlias,keyStorePwd.toCharArray())));
The output I see in catalina.out is [1]
Could you please give me some hint on what may be wrong?
Thanks in advance,
Maxi
[1]
INFO: Decrypt token using key Sun RSA private CRT key, 1024 bits
modulus: (long number)
public exponent: 65537
private exponent: (long number)
prime p: (long number)
prime q: (long number)
prime exponent p: (long number)
prime exponent q: (long number)
crt coefficient: (long number)
key algorithm RSA
Aug 7, 2009 3:39:54 PM org.eclipse.higgins.rp.icard.ICardProtocolHandler
processUserToken
SEVERE: Unable to proecess token
java.lang.NullPointerException
at
org.eclipse.higgins.rp.icard.ICardProtocolHandler.processUserToken(ICardProtocolHandler.java:147)
at
org.eclipse.higgins.rp.icard.ICardProtocolHandler.authenticate(ICardProtocolHandler.java:105)
at
org.eclipse.higgins.rp.servlet.server.Login.ContinueAuthentication(Login.java:69)
at
org.apache.jsp.MultiLogin_jsp._jspService(MultiLogin_jsp.java:71)
at
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:374)
at
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:342)
at
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:267)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
at
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
at java.lang.Thread.run(Thread.java:619)
Aug 7, 2009 3:39:54 PM org.eclipse.higgins.rp.icard.ICardProtocolHandler
processUserToken
INFO: Error authenticating token
Aug 7, 2009 3:39:54 PM
org.eclipse.higgins.rp.servlet.impl.ResultCallbackHandler handleFailure
SEVERE: authn failure - no token: forward to NoXmlToken.jsp
_______________________________________________
higgins-dev mailing list
higgins-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/higgins-dev
Attachment:
smime.p7s
Description: Binary data
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature