Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [higgins-dev] [Solved] Error in RP / DecryptElement

alternatively, you could have a look at JInfoCard[1], a Java RP implementation I've been working on. It handles both protocols and is able to work with SAML1 and SAML2 assertions.

hth and sorry for the semi-off-topic message,
 --Chris

[1]: https://www.jinfocard.org/

Jeesmon Jacob schrieb:
AFAIK, rpdemo project is not coded to handle non-encrypted token from RP site without SSL cert.

rp.simple project at https://dev.eclipse.org/svnroot/technology/org.eclipse.higgins/trunk/app/org.eclipse.higgins.rp.simple can handle both encrypted and non-encrypted tokens.

You can get the pre-built package of rp.simple from

http://www.azigo.com/company/dev/higgins-rp/

Or you can use the code from rp.simple in rpdemo. All you need is the processToken method at https://dev.eclipse.org/svnroot/technology/org.eclipse.higgins/trunk/app/org.eclipse.higgins.rp.simple/src/org/eclipse/higgins/rp/simple/RPUtil.java

-Jeesmon
________________________________________
From: higgins-dev-bounces@xxxxxxxxxxx [higgins-dev-bounces@xxxxxxxxxxx] On Behalf Of maxi.combina@xxxxxxxxxxxxx [maxi.combina@xxxxxxxxxxxxx]
Sent: Wednesday, August 12, 2009 5:54 AM
To: higgins-dev@xxxxxxxxxxx
Subject: [higgins-dev] [Solved] Error in RP / DecryptElement

Hello everyone,

I finally got the RP up and going. The problem ended up being the version
of the xmlsec library.
The example RP now works correctly using https, but still does not work
with plain http (I am not sure if it should work at all, should it?)

Summarizing:

1) The error I obtained using http is still the same as described in
http://dev.eclipse.org/mhonarc/lists/higgins-dev/msg05931.html
2) The versions of xmlsec wich allow RP-1.1M6 to work are 1.3.0, 1.4.0 and
1.4.1 (maybe some older version may work as well)
3) xmlsec-1.4.2 causes [1]
4) xmlsec-1.4.3 causes [2]


Please note:
 - In order to deploy the RP 1.1M6 I followed the instructions from
http://wiki.eclipse.org/Extensible_Protocol_RP_Website_1.0
 - The site does not mention any dependency on a specific version of
xmlsec
 - It  does mention buildtime-dependenacy with
org.eclipse.higgins.sts.xmlsecurity.apache
 - The downloaded file
(org.eclipse.higgins.rp.servlet.sample-incubation-S20090325-war.zip) does
*not* include the xmlsec library
 - The prebuilt package suggested by Jeesmon (see
http://dev.eclipse.org/mhonarc/lists/higgins-dev/msg05939.html) includes
xmlsec-1.3.0

As a humble suggestion, I think it would be nice that the RP (or any
component, actually) checked if it finds the correct version of supporting
libs before trying to run. I do not know if this can be done, though.

Please feel free to point me in the right direction if I got something
wrong :)

Kind regards, thanks for everything!
Maxi

[1] xmlsec-1.4.2:
10:58:04,043 ERROR ICardProtocolHandler.processUserToken (156): Unable to
proecess token
java.lang.NullPointerException
        at
com.sun.org.apache.xerces.internal.dom.ElementImpl.setAttributeNS(ElementImpl.java:642)

        at
org.apache.xml.security.utils.XMLUtils.createElementInSignatureSpace(XMLUtils.java:258)

        at
org.apache.xml.security.utils.SignatureElementProxy.<init>(Unknown Source)

        at org.apache.xml.security.algorithms.Algorithm.<init>(Unknown
Source)
        at
org.apache.xml.security.algorithms.MessageDigestAlgorithm.<init>(Unknown
Source)
        at
org.apache.xml.security.algorithms.MessageDigestAlgorithm.getInstance(Unknown
Source)
        at
org.apache.xml.security.signature.Reference.getMessageDigestAlgorithm(Unknown
Source)
        at
org.apache.xml.security.signature.Reference.calculateDigest(Unknown
Source)
        at org.apache.xml.security.signature.Reference.verify(Unknown
Source)
        at
org.apache.xml.security.signature.Manifest.verifyReferences(Unknown
Source)
        at org.apache.xml.security.signature.SignedInfo.verify(Unknown
Source)
        at
org.apache.xml.security.signature.XMLSignature.checkSignatureValue(Unknown
Source)
        at
org.eclipse.higgins.sts.xmlsecurity.apache.XMLSecurityApacheExtension.VerifyEnveloped(XMLSecurityApacheExtension.java:568)
        at
org.eclipse.higgins.rp.icard.ICardProtocolHandler.processUserToken(ICardProtocolHandler.java:149)
        at
org.eclipse.higgins.rp.icard.ICardProtocolHandler.authenticate(ICardProtocolHandler.java:105)
        at
org.eclipse.higgins.rp.servlet.server.Login.ContinueAuthentication(Login.java:69)
        at
org.apache.jsp.MultiLogin_jsp._jspService(MultiLogin_jsp.java:71)
        at
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
        at
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:374)
        at
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:342)
        at
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:267)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
        at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
        at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
        at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
        at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
        at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
        at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
        at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
        at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
        at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
        at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
        at
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
        at java.lang.Thread.run(Thread.java:619)
10:58:04,046  INFO ICardProtocolHandler.processUserToken (166): Error
authenticating token
10:58:04,047 ERROR ResultCallbackHandler.handleFailure (58): authn failure
- no token: forward to NoXmlToken.jsp


[2] xmlsec-1.4.3:
Aug 12, 2009 10:54:50 AM org.apache.catalina.core.StandardWrapperValve
invoke
SEVERE: Servlet.service() for servlet jsp threw exception
java.lang.NoSuchFieldError: xencPrefix
        at
org.apache.xml.security.utils.ElementProxy.setDefaultPrefix(Unknown
Source)
        at org.apache.xml.security.Init.init(Unknown Source)
        at
org.eclipse.higgins.sts.xmlsecurity.apache.XMLSecurityApacheExtension.configure(XMLSecurityApacheExtension.java:596)
        at
org.eclipse.higgins.rp.icard.ICardProtocolHandler.processUserToken(ICardProtocolHandler.java:139)
        at
org.eclipse.higgins.rp.icard.ICardProtocolHandler.authenticate(ICardProtocolHandler.java:105)
        at
org.eclipse.higgins.rp.servlet.server.Login.ContinueAuthentication(Login.java:69)
        at
org.apache.jsp.MultiLogin_jsp._jspService(MultiLogin_jsp.java:71)
        at
org.apache.jasper.runtime.HttpJspBase.service(HttpJspBase.java:70)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
        at
org.apache.jasper.servlet.JspServletWrapper.service(JspServletWrapper.java:374)
        at
org.apache.jasper.servlet.JspServlet.serviceJspFile(JspServlet.java:342)
        at
org.apache.jasper.servlet.JspServlet.service(JspServlet.java:267)
        at javax.servlet.http.HttpServlet.service(HttpServlet.java:717)
        at
org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:290)
        at
org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:206)
        at
org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:233)
        at
org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:191)
        at
org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:128)
        at
org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
        at
org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
        at
org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:293)
        at
org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:849)
        at
org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
        at
org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:454)
        at java.lang.Thread.run(Thread.java:619)


_______________________________________________
higgins-dev mailing list
higgins-dev@xxxxxxxxxxx
https://dev.eclipse.org/mailman/listinfo/higgins-dev

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature


Back to the top