Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
Re: [higgins-dev] Re: Problem sending cards to CardSync

Jonathan,

1. I did not found any critical error in your RPPS log. Suppose it
should successfully create and send p-cards. Is it correct?

2. Does you try to send a m-card of your STS? I see the following in
your STS log:

.....
AxisFault
 faultCode: {http://schemas.xmlsoap.org/ws/2005/02/trust}RequestFailed
 faultSubcode: 
 faultString: The specified request failed
 faultActor: 
 faultNode: 
 faultDetail: 
	{}Explanation:No Configuration Found.
....

Suppose it will be fixed after you set a correct "Issuer" URI
( https://207.162.8.222:8443/TokenService/services/Trust ) in
"AppliesToMapper" section of ManagedConfiguration.xml (373 line).

Thanks,
Sergey Lyakhov

On Wed, 31 Mar 2010 10:21:02 -0400
Jonathan Tellier <jonathan.tellier@xxxxxxxxx> wrote:

> I've had to redeploy everything on a new server, so I've taken the
> opportunity to use two instances of tomcat. One for CardSync and one
> for the STS/RP/CloudSelector. That way, configuration files and logs
> are more separated. I'm still not able to send card to CardSync
> though...
> 
> I've paid a close attention to the logs while I'm creating a user, a
> card and importing it using the Azigo Selector. There's no errors
> whatsoever during this process. Then, I've tried to manually make a
> getTokenObject SOAP call to CardSync. This is the call I've made:
> 
> <soapenv:Envelope
> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> xmlns:xsd="http://www.w3.org/2001/XMLSchema";
> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";
> xmlns:wsd="urn:RPPSService/wsdlRPPSService"
> xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/";>
>    <soapenv:Header/>
>    <soapenv:Body>
>       <wsd:getTokenObject
> soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/";>
>          <userId xsi:type="xsd:string">foo9</userId>
>          <password xsi:type="xsd:string">bar9</password>
>          <policy xsi:type="xsd:string">
> 	 &lt;object type="application/x-informationCard"
> name="xmlToken"&gt; &lt;param name="privacyUrl"
> value="http://wiki.eclipse.org/Cloud_Selector"; /&gt;
> 	   &lt;param name="privacyVersion" value="1" /&gt;
> 	   &lt;param name="tokenType"
> value="urn:oasis:names:tc:SAML:1.0:assertion" /&gt;
> 	   &lt;param name="requiredClaims"
> value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname";
> /&gt;
> 	   &lt;param name="optionalClaims"
> value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
> http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress";
> /&gt;
> 	 &lt;/object&gt;
> 	</policy>
>          <policytype xsi:type="xsd:string">cardspace</policytype>
>          <sslCert xsi:type="xsd:string"></sslCert>
>          <cuids xsi:type="wsd:ArrayOf_xsd_string"
> soapenc:arrayType="xsd:string[]">
> 	   <item>org.eclipse.higgins.icard.provider.cardspace.managed.db#https://localhost:8443/TokenService/services/Trust#urn:Higgins-LDAP-Server&amp;cardid=upass_foo9</item>
>          </cuids>
>          <typeofCredential
> xsi:type="xsd:string">ITSUsernamePasswordCredential</typeofCredential>
>          <credentialKey xsi:type="wsd:ArrayOf_xsd_string"
> soapenc:arrayType="xsd:string[]">
> 	   <item>url</item>
>            <item>saveCard</item>
> 	   <item>saveCredential</item>
> 	   <item>address</item>
>            <item>metadataAddress</item>
>            <item>username</item>
> 	   <item>password</item>
>          </credentialKey>
>          <credentialValue xsi:type="wsd:ArrayOf_xsd_string"
> soapenc:arrayType="xsd:string[]">
>            <item>http://<my server's
> IP>:8080/proxy.web/server-carddetails</item>
>            <item>false</item>
> 	   <item>false</item>
> 	   <item>https://localhost:8443/TokenService/services/Trust</item>
> 	   <item>https://localhost:8443/TokenService/services/MetadataUsernameToken</item>
> 	   <item>foo9</item>
>            <item>bar9</item>
>          </credentialValue>
>       </wsd:getTokenObject>
>    </soapenv:Body>
> </soapenv:Envelope>
> 
> I've attached the logs for CardSync and for the TokenService
> corresponding to that operation. Note that in the logs, I'm starting
> the server, making the SOAP request and stopping the server. Noting
> more. I've been scrutinizing the logs, my config files and trying to
> fix that problem for quite some time now, but I can't find the cause
> or the solution to my problem. I think that this part, in the
> TokenService logs might have something to do with it, but I'm not
> sure:
> 
> AxisFault
>  faultCode: {http://schemas.xmlsoap.org/ws/2005/02/trust}RequestFailed
>  faultSubcode:
>  faultString: The specified request failed
>  faultActor:
>  faultNode:
>  faultDetail:
>         {}Explanation:No Configuration Found.
> 
> What kind of configuration is this referring to?
> 
> Well anyway, If any of you has a couple of minutes to spare and could
> help, I'd really appreciate it.
> 
> Thanks,
> Jonathan
> 
> 
> On Tue, Mar 23, 2010 at 4:15 PM, Jonathan Tellier
> <jonathan.tellier@xxxxxxxxx> wrote:
> > Hello,
> >
> > I've attached logs for all steps in the process:
> >
> > - Staring the server
> > - Creating a card with the STS
> > - Importing a card with the Azigo selector
> > - Logging to the test RP with the CloudSelector
> >
> > As for my config files, which ones do you want?
> >
> > Since I start tomcat with the following java opts:
> >  -Dorg.eclipse.higgins.sts.conf=$CATALINA_HOME/webapps/TokenService/ConfigurationFiles
> > -Dorg.eclipse.higgins.sts.conf.file=ManagedConfiguration.xml
> > -Dorg.eclipse.higgins.sts.log4j.properties=$CATALINA_HOME/webapps/TokenService/ConfigurationFiles/log4j.properties
> > -Djavax.net.ssl.trustStore=$CATALINA_HOME/webapps/TokenService/ConfigurationFiles/localhost.jks
> > -Djava.library.path=$CATALINA_HOME/native_lib/
> > -Duser.home=/usr/share/higgins
> >
> > I've attached the content of:
> > - $CATALINA_HOME/webapps/TokenService/ConfigurationFiles
> > - /usr/share/higgins
> >
> > Is there any other info that you would need?
> >
> > Thanks,
> > Jonathan
> >
> >
> > On Tue, Mar 23, 2010 at 3:25 PM, Sergey Lyakhov
> > <slyakhov@xxxxxxxxxxxxxx> wrote:
> >> Jonathan,
> >>
> >>> So, are I-Card Providers defined in "ProvidersConfiguration.xml"?
> >>> If it's the case, where could I find a template of that file?
> >>
> >> ProvidersConfiguration.xml is just an alternative way of ICard
> >> providers configuration and should not affect on RPPS. What
> >> version of RPPS do you use? Can you provide your configuration
> >> files / error log?
> >>
> >> Thanks,
> >> Sergey Lyakhov
> >>
> >> On Tue, 23 Mar 2010 14:44:26 -0400
> >> Jonathan Tellier <jonathan.tellier@xxxxxxxxx> wrote:
> >>
> >>> I think I might have found something of interest. As I've
> >>> mentioned earlier, I get a FileNotFoundException on
> >>> "ProvidersConfiguration.xml". Now, I've just realized that this
> >>> error also occurs when I'm trying to import a card. After some
> >>> research, I've learned that I-Card Providers manage the
> >>> persistence of I-Cards. So, would it be possible that the reason
> >>> why I can't send I-Cards using the CloudSelector is actually
> >>> because the cards are not properly imported? From what I can
> >>> deduce, this would make sense since in the stack trace that I see
> >>> when trying to send a card, there seem to be some problems
> >>> parsing the card data.
> >>>
> >>> So, are I-Card Providers defined in "ProvidersConfiguration.xml"?
> >>> If it's the case, where could I find a template of that file?
> >>>
> >>> Thanks,
> >>> Jonathan
> >>>
> >>>
> >>> On Fri, Mar 19, 2010 at 4:49 PM, Jonathan Tellier
> >>> <jonathan.tellier@xxxxxxxxx> wrote:
> >>> > In the past few days, I've done some debugging and have found
> >>> > out a small piece of information that I hope could be useful.
> >>> > Basically, I've figured out the parameters which are used to
> >>> > when performing the getTokenObject SOAP call where trying to
> >>> > use a username/password card. Here there are:
> >>> >
> >>> > userId: foo
> >>> >
> >>> > password: bar
> >>> >
> >>> > policy:
> >>> > <object type="application/x-informationCard" name="xmlToken">
> >>> > <param name="privacyUrl"
> >>> > value="http://wiki.eclipse.org/Cloud_Selector"; /> <param
> >>> > name="privacyVersion" value="1" /> <param name="tokenType"
> >>> > value="urn:oasis:names:tc:SAML:1.0:assertion" /> <param
> >>> > name="requiredClaims"
> >>> > value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"; />
> >>> > <param name="optionalClaims"
> >>> > value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
> >>> > http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"; />
> >>> > </object>
> >>> >
> >>> > policytype: cardspace
> >>> >
> >>> > sslCert:
> >>> >
> >>> > cuids:
> >>> > org.eclipse.higgins.icard.provider.cardspace.managed.db#https://<my
> >>> > server's
> >>> > address>/TokenService/services/Trust#urn:Higgins-LDAP-Server&cardid=username_token1_not_appliesto
> >>> >
> >>> > typeofCredential: ITSUsernamePasswordCredential
> >>> >
> >>> > credentialKey:
> >>> > url
> >>> > saveCard
> >>> > saveCredential
> >>> > address
> >>> > metadataAddress
> >>> > username
> >>> > password
> >>> >
> >>> > credentialValue:
> >>> > http://<my server's address>/proxy.web/server-carddetails
> >>> > false
> >>> > false
> >>> > https://<my server's address>/TokenService/services/Trust
> >>> > https://<my server's
> >>> > address>/TokenService/services/MetadataUsernameToken foo
> >>> > bar
> >>> >
> >>> > I've also tried to manually send a SOAP request to CardSync and
> >>> > also to use a card from https://openidcards.sxip.com/, but in
> >>> > both cases, I get the same "The specified request failed"
> >>> > error. I would like to try the
> >>> > http://higgins.eclipse.org/TokenService STS, but for every
> >>> > action I try to perform using it, I get:
> >>> >
> >>> > exception: javax.naming.CommunicationException:
> >>> > higgins.watson.ibm.com:636 [Root exception is
> >>> > java.net.ConnectException: Connection refused]
> >>> >
> >>> > So, is there something wrong with the parameters that are used?
> >>> > Does anyone has an idea about how I could solve my problem?
> >>> >
> >>> > Thanks,
> >>> > Jonathan
> >>> >
> >>> >
> >>> > On Mon, Mar 15, 2010 at 8:59 PM, Jonathan Tellier
> >>> > <jonathan.tellier@xxxxxxxxx> wrote:
> >>> >> Hello there,
> >>> >>
> >>> >> I think that I'm almost done with my local deployment of the
> >>> >> CloudSelector/CardSync/TokenService, but I've still got some
> >>> >> problems. When I try to send a personal card or a card that
> >>> >> uses a Username Token, I get a STSFaultException caused by
> >>> >> this error:
> >>> >>
> >>> >> 15 Mar 2010 20:42:32,267 ERROR [http-8443-1] LogHelper.error
> >>> >> (LogHelper.java:119) - No Extension Configuration Found.
> >>> >>
> >>> >> 15 Mar 2010 20:42:32,268 ERROR [http-8443-1]
> >>> >> CardSpaceSelector.getIdentityToken
> >>> >> (CardSpaceSelector.java:495) - Returning
> >>> >>  STS Fault: No Configuration Found.
> >>> >>
> >>> >> 15 Mar 2010 20:42:32,269 ERROR [http-8443-1]
> >>> >> RPPSServiceImpl.getTokenObject (RPPSServiceImpl.java:833) -
> >>> >> org.eclipse.hig
> >>> >> gins.icard.provider.cardspace.common.STSFaultException
> >>> >>
> >>> >> org.eclipse.higgins.icard.provider.cardspace.common.STSFaultException
> >>> >>        at
> >>> >> org.eclipse.higgins.iss.cardspace.CardSpaceSelector.getIdentityToken(CardSpaceSelector.java:496)
> >>> >> at
> >>> >> org.eclipse.higgins.rpps.core.impl.RppsService.getTokenObject(RppsService.java:3245)
> >>> >> at
> >>> >> org.eclipse.higgins.rpps.core.impl.RppsService.getTokenObject(RppsService.java:3310)
> >>> >> at
> >>> >> org.eclipse.higgins.rpps.core.impl.RppsService.getTokenObject(RppsService.java:3438)
> >>> >> at
> >>> >> org.eclipse.higgins.rpps.webservices.RPPSServiceImpl.getTokenObject(RPPSServiceImpl.java:830)
> >>> >> [... stacktrace continues ...]
> >>> >>
> >>> >> 15 Mar 2010 20:42:32,275 ERROR [http-8080-6] CardsServlet.error
> >>> >> (CardsServlet.java:103) - Sorry, we could not process the
> >>> >> OpenID request: The specified request failed
> >>> >>
> >>> >> AxisFault
> >>> >>  faultCode:
> >>> >> {http://schemas.xmlsoap.org/ws/2005/02/trust}wstRequestFailed
> >>> >> faultSubcode: faultString: The specified request failed
> >>> >>  faultActor: STS
> >>> >>  faultNode:
> >>> >>  faultDetail:
> >>> >>        {http://xml.apache.org/axis/}hostname:salmond
> >>> >>
> >>> >> When I try to send a card that uses a Self Signed SAML Token, I
> >>> >> get: org.eclipse.higgins.iss.ISSException: Cannot find the
> >>> >> Personal card used to authenticate for this managed card.
> >>> >>
> >>> >> When logging with the card selector, I've also got this error,
> >>> >> but I don't know if it's relevant or not since it does not
> >>> >> prevent any actions.
> >>> >>
> >>> >> 15 Mar 2010 20:48:16,075 ERROR [http-8443-1]
> >>> >> ICardSelectorService.getICardSelector
> >>> >> (ICardSelectorService.java:148)
> >>> >> - org.eclipse.higgins.iss.PolicyParseException: Can not parse
> >>> >> password managed policy. Root element is not PwmPolicy
> >>> >>
> >>> >> 15 Mar 2010 20:48:16,121 ERROR [http-8443-1]
> >>> >> ConfigurationHandler.omFromFile
> >>> >> (ConfigurationHandler.java:180) -
> >>> >> java.io.FileNotFoundException: /home/jtellier/tomcat/apache-tomcat-6.0.24_sts_cloudselector_rp_cardsync/webapps/TokenService/ConfigurationFiles/ProvidersConfiguration.xml
> >>> >> (No such file or directory)
> >>> >>
> >>> >> 15 Mar 2010 20:48:16,121 ERROR [http-8443-1]
> >>> >> ConfigurationHandler.configure (ConfigurationHandler.java:288)
> >>> >> - /home/jtellier/tomcat/apache-tomcat-6.0.24_sts_cloudselector_rp_cardsync/webapps/TokenService/ConfigurationFiles/ProvidersConfiguration.xml
> >>> >> (No such file or directory)
> >>> >>
> >>> >> What is this "ProvidersConfiguration.xml" file? I could not
> >>> >> find any reference to it anywhere.
> >>> >>
> >>> >> Finally, when configuring my deployment, I've had to comment
> >>> >> out references to some classes in the
> >>> >> "ClientConfiguration.xml" file. I've had to comment references
> >>> >> to
> >>> >> "org.eclipse.higgins.configuration.xml.ContextFactoryHandler"
> >>> >> and
> >>> >> "org.eclipse.higgins.configuration.xml.IdentityAttributeServiceHandler"
> >>> >> because they don't seem to be present in B-1-1M7 and to
> >>> >> "org.eclipse.higgins.sts.client.MetadataExchangeServiceFactory"
> >>> >> because the instance returned was always null. Could this be
> >>> >> related to the problems I'm encountering when trying to send
> >>> >> cards?
> >>> >>
> >>> >> I would like to provide more information regarding those
> >>> >> errors, but I don't really understand them... So if any of you
> >>> >> has any ideas about the cause of those errors, please share
> >>> >> them because at this point, any help would be gladly
> >>> >> appreciated.
> >>> >>
> >>> >> Thanks,
> >>> >> Jonathan
> >>> >>
> >>> >
> >>> _______________________________________________
> >>> higgins-dev mailing list
> >>> higgins-dev@xxxxxxxxxxx
> >>> https://dev.eclipse.org/mailman/listinfo/higgins-dev
> >>>
> >>
> >>
> >>
> >




Back to the top