Re: [higgins-dev] Re: Problem sending cards to CardSync

[Sergey Lyakhov <slyakhov@xxxxxxxxxxxxxx>]

Jonathan,

> First, I get the same error when I try to send a p-card to a RP using
> the Azigo Selector. And to answer the question in your last message, I
> was not sending a m-card to identityblog.com. I was sending a p-card.

1. Replace fixed extension mapper jar in RPPS too.

2. Try to use m-card with username/password credentials. I
suppose your RPPS can not calculate a correct PPID when looks for
p-card used to authenticate on STS. This is caused by a problem to build
a certificate chain of the site used to issue m-card with PPID
credentials.

Thanks,
Sergey Lyakhov

On Tue, 13 Apr 2010 15:56:47 -0400
Jonathan Tellier <jonathan.tellier@xxxxxxxxx> wrote:

> Sergey,
> 
> By using your new higgins-sts-server-mapper-extension, some things are
> now working, but others are not.
> 
> First, I get the same error when I try to send a p-card to a RP using
> the Azigo Selector. And to answer the question in your last message, I
> was not sending a m-card to identityblog.com. I was sending a p-card.
> I've attached the logs (catalina_p-card_to_identityblog.out) that I'm
> now getting with your new higgins-sts-server-mapper-extension, but the
> error seems to be pretty much the same.
> 
> As for sending a p-card to my test RP using the CloudSelector. It's
> still not working. I've attached the RPPS logs
> (catalina_rpps_p-card_cloudselector.out) and the STS/CloudSelector
> logs (catalina_sts_p-card_cloudselector.out).
> 
> I've also tried to send a m-card to my test RP using the
> CloudSelector. Username Tokens are now working. As for Self Signed
> SAML Tokens, they are still not working. When I'm trying to send that
> kind of token, I get "Cannot find the Personal card used to
> authenticate for this managed card". I've attached the RPPS logs
> (catalina_rpps_saml_cloudselector.out) and the STS/CloudSelector logs
> (catalina_sts_saml_cloudselector.out).
> 
> I was also wondering why you jar ends with "1.0.600". All the
> libraries I'm using end with "1.0.700". Is your code based on 1.1M6
> while I'm using 1.1M7? Could that cause problems?
> 
> Thanks,
> Jonathan
> 
> 
> On Tue, Apr 13, 2010 at 2:24 PM, Sergey Lyakhov
> <slyakhov@xxxxxxxxxxxxxx> wrote:
> > Jonathan,
> >
> >> I've attached the logs corresponding to the following:
> >
> >> 1. Starting Tomcat
> >> 2. Logging with the Azigo Selector to this site:
> >> http://www.identityblog.com/. The Azigo Selector shows an error
> >> message saying that the request failed.
> >> 3. Closing Tomcat.
> >
> > I've looked at the log. It looks you've used m-card, not p-card. Am
> > I correct?
> >
> > Thanks,
> > Sergey Lyakhov
> >
> > On Fri, 9 Apr 2010 15:04:38 -0400
> > Jonathan Tellier <jonathan.tellier@xxxxxxxxx> wrote:
> >
> >> Sergey,
> >>
> >> Thanks for your help.
> >>
> >> > I need more info about this error. But, briefly, RPPS uses
> >> > ClientConfiguration.xml (for m-card) and
> >> > PersonalConfiguration.xml (for p-card). Your
> >> > PersonalConfiguration.xml looks correct.
> >> > RPPS should be configured in the same way as STS: you need to set
> >> > "org.eclipse.higgins.sts.conf" property with a path to your
> >> > ConfigurationFile folder.
> >>
> >> Here are the JAVA_OPTS I use to start the tomcat instance hosting
> >> the RPPS:
> >> -Dorg.eclipse.higgins.sts.conf=/home/higgins/ConfigurationFile
> >> -Djavax.net.ssl.trustStore=/home/higgins/localhost.jks
> >> -Djava.library.path=/home/higgins/native/ -Dlog4j.debug
> >> -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
> >>
> >> ... and the STS:
> >> -Dorg.eclipse.higgins.sts.conf=/opt/tomcat/apache-tomcat-6.0.26/webapps/TokenService/ConfigurationFiles
> >> -Dorg.eclipse.higgins.sts.conf.file=ManagedConfiguration.xml
> >> -Dorg.eclipse.higgins.sts.log4j.properties=/opt/tomcat/apache-tomcat-6.0.26/webapps/TokenService/ConfigurationFiles/log4j.properties
> >> -Dlog4j.debug
> >> -Djava.util.logging.manager=org.apache.juli.ClassLoaderLogManager
> >>
> >> > sts_error.log is rather a log of Cloud Selector than STS.
> >>
> >> It's possible. Sorry. Both services are hosted by the same Tomcat
> >> instance.
> >>
> >> > Please, do the following:
> >> >
> >> > 1. set RPPS logging level to ERROR.
> >> > 2. clean catalina.out.
> >> > 3. start RPPS.
> >> > 4. try to log in with a p-card using Azigo Selector (not Cloud
> >> > Selector).
> >> > 5. send the result log file.
> >>
> >> I've attached the logs corresponding to the following:
> >>
> >> 1. Starting Tomcat
> >> 2. Logging with the Azigo Selector to this site:
> >> http://www.identityblog.com/. The Azigo Selector shows an error
> >> message saying that the request failed.
> >> 3. Closing Tomcat.
> >>
> >> Unfortunately, I can't find any information that helps me figuring
> >> out the problem. Do you?
> >>
> >> Thanks,
> >> Jonathan
> >>
> >>
> >> >
> >> > Thanks,
> >> > Sergey Lyakhov
> >> >
> >> > On Thu, 8 Apr 2010 21:28:46 -0400
> >> > Jonathan Tellier <jonathan.tellier@xxxxxxxxx> wrote:
> >> >
> >> >> OK, so I took a step back. Now, I'm only trying to send a
> >> >> personal card that I've created with the Azigo selector. I've
> >> >> looked at the database and it seems that the card has been
> >> >> correctly imported. Here are the errors that I get.
> >> >>
> >> >> First, the cloud selector gives me:
> >> >> RP discovery / realm validation disabled; this option SHOULD be
> >> >> enabled for OPs
> >> >>
> >> >> Then, on the RPPS side, I get those errors that I find
> >> >> concerning: 08 Apr 2010 20:45:40,752 ERROR [http-8081-1]
> >> >> LogHelper.error (LogHelper.java:119) - No Extension
> >> >> Configuration Found.
> >> >>
> >> >> 08 Apr 2010 20:45:40,752 ERROR [http-8081-1]
> >> >> CardSpaceSelector.getIdentityToken (CardSpaceSelector.java:495)
> >> >> - Returning STS Fault: No Configuration Found.
> >> >>
> >> >> 08 Apr 2010 20:45:40,752 ERROR [http-8081-1]
> >> >> RPPSServiceImpl.getTokenObject (RPPSServiceImpl.java:833) -
> >> >> org.eclipse.higgins.icard.provider.cardspace.common.STSFaultException
> >> >>
> >> >> I've attached the remaining of the logs for both the STS and the
> >> >> RPPS along with the ~/.higgins and ~/ConfigurationFile folders
> >> >> used by CardSync.
> >> >>
> >> >> Does this additional information gives any more insights about
> >> >> my problem?
> >> >>
> >> >> Thanks,
> >> >> Jonathan
> >> >>
> >> >>
> >> >> On Wed, Apr 7, 2010 at 12:20 PM, Jonathan Tellier
> >> >> <jonathan.tellier@xxxxxxxxx> wrote:
> >> >> > Hi,
> >> >> >
> >> >> > Thank you for taking the time to try to help me.
> >> >> >
> >> >> >> 1. I did not found any critical error in your RPPS log.
> >> >> >> Suppose it should successfully create and send p-cards. Is
> >> >> >> it correct?
> >> >> >
> >> >> > No. I can create personal (and managed) cards, but I can't
> >> >> > send any. When I try to send a personal card, I get:
> >> >> >
> >> >> > AxisFault
> >> >> >  faultCode:
> >> >> > {http://schemas.xmlsoap.org/ws/2005/02/trust}wstRequestFailed
> >> >> > faultSubcode: faultString: The specified request failed
> >> >> >  faultActor: STS
> >> >> >  faultNode:
> >> >> >  faultDetail:
> >> >> >        {http://xml.apache.org/axis/}hostname:higgins
> >> >> >
> >> >> > By looking at that error, I would imagine that some
> >> >> > configuration that should point to my host is not set
> >> >> > correctly, but I can't find it.
> >> >> >
> >> >> >> 2. Does you try to send a m-card of your STS? I see the
> >> >> >> following in your STS log:
> >> >> >> ......
> >> >> >
> >> >> > Yes, this error occurs when I try to send a managed card. I've
> >> >> > updated my ManagedConfiguration.xml, but the error still
> >> >> > happens. I've attached my new and updated config file so you
> >> >> > can see if I've made any errors (note that the address of the
> >> >> > server changed since I've deployed it elsewhere). If you need
> >> >> > some other configuration files, I can also send them.
> >> >> >
> >> >> > Thanks for your time,
> >> >> > Jonathan
> >> >> >
> >> >> >
> >> >> >>
> >> >> >> .....
> >> >> >> AxisFault
> >> >> >>  faultCode:
> >> >> >> {http://schemas.xmlsoap.org/ws/2005/02/trust}RequestFailed
> >> >> >> faultSubcode: faultString: The specified request failed
> >> >> >>  faultActor:
> >> >> >>  faultNode:
> >> >> >>  faultDetail:
> >> >> >>        {}Explanation:No Configuration Found.
> >> >> >> ....
> >> >> >>
> >> >> >> Suppose it will be fixed after you set a correct "Issuer" URI
> >> >> >> ( https://207.162.8.222:8443/TokenService/services/Trust ) in
> >> >> >> "AppliesToMapper" section of ManagedConfiguration.xml (373
> >> >> >> line).
> >> >> >>
> >> >> >> Thanks,
> >> >> >> Sergey Lyakhov
> >> >> >>
> >> >> >> On Wed, 31 Mar 2010 10:21:02 -0400
> >> >> >> Jonathan Tellier <jonathan.tellier@xxxxxxxxx> wrote:
> >> >> >>
> >> >> >>> I've had to redeploy everything on a new server, so I've
> >> >> >>> taken the opportunity to use two instances of tomcat. One
> >> >> >>> for CardSync and one for the STS/RP/CloudSelector. That way,
> >> >> >>> configuration files and logs are more separated. I'm still
> >> >> >>> not able to send card to CardSync though...
> >> >> >>>
> >> >> >>> I've paid a close attention to the logs while I'm creating a
> >> >> >>> user, a card and importing it using the Azigo Selector.
> >> >> >>> There's no errors whatsoever during this process. Then,
> >> >> >>> I've tried to manually make a getTokenObject SOAP call to
> >> >> >>> CardSync. This is the call I've made:
> >> >> >>>
> >> >> >>> <soapenv:Envelope
> >> >> >>> xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance";
> >> >> >>> xmlns:xsd="http://www.w3.org/2001/XMLSchema";
> >> >> >>> xmlns:soapenv="http://schemas.xmlsoap.org/soap/envelope/";
> >> >> >>> xmlns:wsd="urn:RPPSService/wsdlRPPSService"
> >> >> >>> xmlns:soapenc="http://schemas.xmlsoap.org/soap/encoding/";>
> >> >> >>>    <soapenv:Header/>
> >> >> >>>    <soapenv:Body>
> >> >> >>>       <wsd:getTokenObject
> >> >> >>> soapenv:encodingStyle="http://schemas.xmlsoap.org/soap/encoding/";>
> >> >> >>>          <userId xsi:type="xsd:string">foo9</userId>
> >> >> >>>          <password xsi:type="xsd:string">bar9</password>
> >> >> >>>          <policy xsi:type="xsd:string">
> >> >> >>>        &lt;object type="application/x-informationCard"
> >> >> >>> name="xmlToken"&gt; &lt;param name="privacyUrl"
> >> >> >>> value="http://wiki.eclipse.org/Cloud_Selector"; /&gt;
> >> >> >>>          &lt;param name="privacyVersion" value="1" /&gt;
> >> >> >>>          &lt;param name="tokenType"
> >> >> >>> value="urn:oasis:names:tc:SAML:1.0:assertion" /&gt;
> >> >> >>>          &lt;param name="requiredClaims"
> >> >> >>> value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname";
> >> >> >>> /&gt;
> >> >> >>>          &lt;param name="optionalClaims"
> >> >> >>> value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
> >> >> >>> http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress";
> >> >> >>> /&gt;
> >> >> >>>        &lt;/object&gt;
> >> >> >>>       </policy>
> >> >> >>>          <policytype
> >> >> >>> xsi:type="xsd:string">cardspace</policytype> <sslCert
> >> >> >>> xsi:type="xsd:string"></sslCert> <cuids
> >> >> >>> xsi:type="wsd:ArrayOf_xsd_string"
> >> >> >>> soapenc:arrayType="xsd:string[]">
> >> >> >>> <item>org.eclipse.higgins.icard.provider.cardspace.managed.db#https://localhost:8443/TokenService/services/Trust#urn:Higgins-LDAP-Server&amp;cardid=upass_foo9</item>
> >> >> >>> </cuids> <typeofCredential
> >> >> >>> xsi:type="xsd:string">ITSUsernamePasswordCredential</typeofCredential>
> >> >> >>>          <credentialKey xsi:type="wsd:ArrayOf_xsd_string"
> >> >> >>> soapenc:arrayType="xsd:string[]">
> >> >> >>>          <item>url</item>
> >> >> >>>            <item>saveCard</item>
> >> >> >>>          <item>saveCredential</item>
> >> >> >>>          <item>address</item>
> >> >> >>>            <item>metadataAddress</item>
> >> >> >>>            <item>username</item>
> >> >> >>>          <item>password</item>
> >> >> >>>          </credentialKey>
> >> >> >>>          <credentialValue xsi:type="wsd:ArrayOf_xsd_string"
> >> >> >>> soapenc:arrayType="xsd:string[]">
> >> >> >>>            <item>http://<my server's
> >> >> >>> IP>:8080/proxy.web/server-carddetails</item>
> >> >> >>>            <item>false</item>
> >> >> >>>          <item>false</item>
> >> >> >>>          <item>https://localhost:8443/TokenService/services/Trust</item>
> >> >> >>>          <item>https://localhost:8443/TokenService/services/MetadataUsernameToken</item>
> >> >> >>>          <item>foo9</item>
> >> >> >>>            <item>bar9</item>
> >> >> >>>          </credentialValue>
> >> >> >>>       </wsd:getTokenObject>
> >> >> >>>    </soapenv:Body>
> >> >> >>> </soapenv:Envelope>
> >> >> >>>
> >> >> >>> I've attached the logs for CardSync and for the TokenService
> >> >> >>> corresponding to that operation. Note that in the logs, I'm
> >> >> >>> starting the server, making the SOAP request and stopping
> >> >> >>> the server. Noting more. I've been scrutinizing the logs,
> >> >> >>> my config files and trying to fix that problem for quite
> >> >> >>> some time now, but I can't find the cause or the solution
> >> >> >>> to my problem. I think that this part, in the TokenService
> >> >> >>> logs might have something to do with it, but I'm not sure:
> >> >> >>>
> >> >> >>> AxisFault
> >> >> >>>  faultCode:
> >> >> >>> {http://schemas.xmlsoap.org/ws/2005/02/trust}RequestFailed
> >> >> >>> faultSubcode: faultString: The specified request failed
> >> >> >>>  faultActor:
> >> >> >>>  faultNode:
> >> >> >>>  faultDetail:
> >> >> >>>         {}Explanation:No Configuration Found.
> >> >> >>>
> >> >> >>> What kind of configuration is this referring to?
> >> >> >>>
> >> >> >>> Well anyway, If any of you has a couple of minutes to spare
> >> >> >>> and could help, I'd really appreciate it.
> >> >> >>>
> >> >> >>> Thanks,
> >> >> >>> Jonathan
> >> >> >>>
> >> >> >>>
> >> >> >>> On Tue, Mar 23, 2010 at 4:15 PM, Jonathan Tellier
> >> >> >>> <jonathan.tellier@xxxxxxxxx> wrote:
> >> >> >>> > Hello,
> >> >> >>> >
> >> >> >>> > I've attached logs for all steps in the process:
> >> >> >>> >
> >> >> >>> > - Staring the server
> >> >> >>> > - Creating a card with the STS
> >> >> >>> > - Importing a card with the Azigo selector
> >> >> >>> > - Logging to the test RP with the CloudSelector
> >> >> >>> >
> >> >> >>> > As for my config files, which ones do you want?
> >> >> >>> >
> >> >> >>> > Since I start tomcat with the following java opts:
> >> >> >>> >  -Dorg.eclipse.higgins.sts.conf=$CATALINA_HOME/webapps/TokenService/ConfigurationFiles
> >> >> >>> > -Dorg.eclipse.higgins.sts.conf.file=ManagedConfiguration.xml
> >> >> >>> > -Dorg.eclipse.higgins.sts.log4j.properties=$CATALINA_HOME/webapps/TokenService/ConfigurationFiles/log4j.properties
> >> >> >>> > -Djavax.net.ssl.trustStore=$CATALINA_HOME/webapps/TokenService/ConfigurationFiles/localhost.jks
> >> >> >>> > -Djava.library.path=$CATALINA_HOME/native_lib/
> >> >> >>> > -Duser.home=/usr/share/higgins
> >> >> >>> >
> >> >> >>> > I've attached the content of:
> >> >> >>> > - $CATALINA_HOME/webapps/TokenService/ConfigurationFiles
> >> >> >>> > - /usr/share/higgins
> >> >> >>> >
> >> >> >>> > Is there any other info that you would need?
> >> >> >>> >
> >> >> >>> > Thanks,
> >> >> >>> > Jonathan
> >> >> >>> >
> >> >> >>> >
> >> >> >>> > On Tue, Mar 23, 2010 at 3:25 PM, Sergey Lyakhov
> >> >> >>> > <slyakhov@xxxxxxxxxxxxxx> wrote:
> >> >> >>> >> Jonathan,
> >> >> >>> >>
> >> >> >>> >>> So, are I-Card Providers defined in
> >> >> >>> >>> "ProvidersConfiguration.xml"? If it's the case, where
> >> >> >>> >>> could I find a template of that file?
> >> >> >>> >>
> >> >> >>> >> ProvidersConfiguration.xml is just an alternative way of
> >> >> >>> >> ICard providers configuration and should not affect on
> >> >> >>> >> RPPS. What version of RPPS do you use? Can you provide
> >> >> >>> >> your configuration files / error log?
> >> >> >>> >>
> >> >> >>> >> Thanks,
> >> >> >>> >> Sergey Lyakhov
> >> >> >>> >>
> >> >> >>> >> On Tue, 23 Mar 2010 14:44:26 -0400
> >> >> >>> >> Jonathan Tellier <jonathan.tellier@xxxxxxxxx> wrote:
> >> >> >>> >>
> >> >> >>> >>> I think I might have found something of interest. As
> >> >> >>> >>> I've mentioned earlier, I get a FileNotFoundException on
> >> >> >>> >>> "ProvidersConfiguration.xml". Now, I've just realized
> >> >> >>> >>> that this error also occurs when I'm trying to import a
> >> >> >>> >>> card. After some research, I've learned that I-Card
> >> >> >>> >>> Providers manage the persistence of I-Cards. So, would
> >> >> >>> >>> it be possible that the reason why I can't send I-Cards
> >> >> >>> >>> using the CloudSelector is actually because the cards
> >> >> >>> >>> are not properly imported? From what I can deduce, this
> >> >> >>> >>> would make sense since in the stack trace that I see
> >> >> >>> >>> when trying to send a card, there seem to be some
> >> >> >>> >>> problems parsing the card data.
> >> >> >>> >>>
> >> >> >>> >>> So, are I-Card Providers defined in
> >> >> >>> >>> "ProvidersConfiguration.xml"? If it's the case, where
> >> >> >>> >>> could I find a template of that file?
> >> >> >>> >>>
> >> >> >>> >>> Thanks,
> >> >> >>> >>> Jonathan
> >> >> >>> >>>
> >> >> >>> >>>
> >> >> >>> >>> On Fri, Mar 19, 2010 at 4:49 PM, Jonathan Tellier
> >> >> >>> >>> <jonathan.tellier@xxxxxxxxx> wrote:
> >> >> >>> >>> > In the past few days, I've done some debugging and
> >> >> >>> >>> > have found out a small piece of information that I
> >> >> >>> >>> > hope could be useful. Basically, I've figured out the
> >> >> >>> >>> > parameters which are used to when performing the
> >> >> >>> >>> > getTokenObject SOAP call where trying to use a
> >> >> >>> >>> > username/password card. Here there are:
> >> >> >>> >>> >
> >> >> >>> >>> > userId: foo
> >> >> >>> >>> >
> >> >> >>> >>> > password: bar
> >> >> >>> >>> >
> >> >> >>> >>> > policy:
> >> >> >>> >>> > <object type="application/x-informationCard"
> >> >> >>> >>> > name="xmlToken"> <param name="privacyUrl"
> >> >> >>> >>> > value="http://wiki.eclipse.org/Cloud_Selector"; />
> >> >> >>> >>> > <param name="privacyVersion" value="1" /> <param
> >> >> >>> >>> > name="tokenType"
> >> >> >>> >>> > value="urn:oasis:names:tc:SAML:1.0:assertion" />
> >> >> >>> >>> > <param name="requiredClaims"
> >> >> >>> >>> > value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname"; />
> >> >> >>> >>> > <param name="optionalClaims"
> >> >> >>> >>> > value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
> >> >> >>> >>> > http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"; />
> >> >> >>> >>> > </object>
> >> >> >>> >>> >
> >> >> >>> >>> > policytype: cardspace
> >> >> >>> >>> >
> >> >> >>> >>> > sslCert:
> >> >> >>> >>> >
> >> >> >>> >>> > cuids:
> >> >> >>> >>> > org.eclipse.higgins.icard.provider.cardspace.managed.db#https://<my
> >> >> >>> >>> > server's
> >> >> >>> >>> > address>/TokenService/services/Trust#urn:Higgins-LDAP-Server&cardid=username_token1_not_appliesto
> >> >> >>> >>> >
> >> >> >>> >>> > typeofCredential: ITSUsernamePasswordCredential
> >> >> >>> >>> >
> >> >> >>> >>> > credentialKey:
> >> >> >>> >>> > url
> >> >> >>> >>> > saveCard
> >> >> >>> >>> > saveCredential
> >> >> >>> >>> > address
> >> >> >>> >>> > metadataAddress
> >> >> >>> >>> > username
> >> >> >>> >>> > password
> >> >> >>> >>> >
> >> >> >>> >>> > credentialValue:
> >> >> >>> >>> > http://<my server's
> >> >> >>> >>> > address>/proxy.web/server-carddetails false
> >> >> >>> >>> > false
> >> >> >>> >>> > https://<my server's
> >> >> >>> >>> > address>/TokenService/services/Trust https://<my
> >> >> >>> >>> > address>server's /TokenService/services/MetadataUsernameToken
> >> >> >>> >>> > address>foo
> >> >> >>> >>> > bar
> >> >> >>> >>> >
> >> >> >>> >>> > I've also tried to manually send a SOAP request to
> >> >> >>> >>> > CardSync and also to use a card from
> >> >> >>> >>> > https://openidcards.sxip.com/, but in both cases, I
> >> >> >>> >>> > get the same "The specified request failed" error. I
> >> >> >>> >>> > would like to try the
> >> >> >>> >>> > http://higgins.eclipse.org/TokenService STS, but for
> >> >> >>> >>> > every action I try to perform using it, I get:
> >> >> >>> >>> >
> >> >> >>> >>> > exception: javax.naming.CommunicationException:
> >> >> >>> >>> > higgins.watson.ibm.com:636 [Root exception is
> >> >> >>> >>> > java.net.ConnectException: Connection refused]
> >> >> >>> >>> >
> >> >> >>> >>> > So, is there something wrong with the parameters that
> >> >> >>> >>> > are used? Does anyone has an idea about how I could
> >> >> >>> >>> > solve my problem?
> >> >> >>> >>> >
> >> >> >>> >>> > Thanks,
> >> >> >>> >>> > Jonathan
> >> >> >>> >>> >
> >> >> >>> >>> >
> >> >> >>> >>> > On Mon, Mar 15, 2010 at 8:59 PM, Jonathan Tellier
> >> >> >>> >>> > <jonathan.tellier@xxxxxxxxx> wrote:
> >> >> >>> >>> >> Hello there,
> >> >> >>> >>> >>
> >> >> >>> >>> >> I think that I'm almost done with my local
> >> >> >>> >>> >> deployment of the
> >> >> >>> >>> >> CloudSelector/CardSync/TokenService, but I've still
> >> >> >>> >>> >> got some problems. When I try to send a personal
> >> >> >>> >>> >> card or a card that uses a Username Token, I get a
> >> >> >>> >>> >> STSFaultException caused by this error:
> >> >> >>> >>> >>
> >> >> >>> >>> >> 15 Mar 2010 20:42:32,267 ERROR [http-8443-1]
> >> >> >>> >>> >> LogHelper.error (LogHelper.java:119) - No Extension
> >> >> >>> >>> >> Configuration Found.
> >> >> >>> >>> >>
> >> >> >>> >>> >> 15 Mar 2010 20:42:32,268 ERROR [http-8443-1]
> >> >> >>> >>> >> CardSpaceSelector.getIdentityToken
> >> >> >>> >>> >> (CardSpaceSelector.java:495) - Returning
> >> >> >>> >>> >>  STS Fault: No Configuration Found.
> >> >> >>> >>> >>
> >> >> >>> >>> >> 15 Mar 2010 20:42:32,269 ERROR [http-8443-1]
> >> >> >>> >>> >> RPPSServiceImpl.getTokenObject
> >> >> >>> >>> >> (RPPSServiceImpl.java:833) - org.eclipse.hig
> >> >> >>> >>> >> gins.icard.provider.cardspace.common.STSFaultException
> >> >> >>> >>> >>
> >> >> >>> >>> >> org.eclipse.higgins.icard.provider.cardspace.common.STSFaultException
> >> >> >>> >>> >>        at
> >> >> >>> >>> >> org.eclipse.higgins.iss.cardspace.CardSpaceSelector.getIdentityToken(CardSpaceSelector.java:496)
> >> >> >>> >>> >> at
> >> >> >>> >>> >> org.eclipse.higgins.rpps.core.impl.RppsService.getTokenObject(RppsService.java:3245)
> >> >> >>> >>> >> at
> >> >> >>> >>> >> org.eclipse.higgins.rpps.core.impl.RppsService.getTokenObject(RppsService.java:3310)
> >> >> >>> >>> >> at
> >> >> >>> >>> >> org.eclipse.higgins.rpps.core.impl.RppsService.getTokenObject(RppsService.java:3438)
> >> >> >>> >>> >> at
> >> >> >>> >>> >> org.eclipse.higgins.rpps.webservices.RPPSServiceImpl.getTokenObject(RPPSServiceImpl.java:830)
> >> >> >>> >>> >> [... stacktrace continues ...]
> >> >> >>> >>> >>
> >> >> >>> >>> >> 15 Mar 2010 20:42:32,275 ERROR [http-8080-6]
> >> >> >>> >>> >> CardsServlet.error (CardsServlet.java:103) - Sorry,
> >> >> >>> >>> >> we could not process the OpenID request: The
> >> >> >>> >>> >> specified request failed
> >> >> >>> >>> >>
> >> >> >>> >>> >> AxisFault
> >> >> >>> >>> >>  faultCode:
> >> >> >>> >>> >> {http://schemas.xmlsoap.org/ws/2005/02/trust}wstRequestFailed
> >> >> >>> >>> >> faultSubcode: faultString: The specified request
> >> >> >>> >>> >> failed faultActor: STS
> >> >> >>> >>> >>  faultNode:
> >> >> >>> >>> >>  faultDetail:
> >> >> >>> >>> >>        {http://xml.apache.org/axis/}hostname:salmond
> >> >> >>> >>> >>
> >> >> >>> >>> >> When I try to send a card that uses a Self Signed
> >> >> >>> >>> >> SAML Token, I get:
> >> >> >>> >>> >> org.eclipse.higgins.iss.ISSException: Cannot find
> >> >> >>> >>> >> the Personal card used to authenticate for this
> >> >> >>> >>> >> managed card.
> >> >> >>> >>> >>
> >> >> >>> >>> >> When logging with the card selector, I've also got
> >> >> >>> >>> >> this error, but I don't know if it's relevant or not
> >> >> >>> >>> >> since it does not prevent any actions.
> >> >> >>> >>> >>
> >> >> >>> >>> >> 15 Mar 2010 20:48:16,075 ERROR [http-8443-1]
> >> >> >>> >>> >> ICardSelectorService.getICardSelector
> >> >> >>> >>> >> (ICardSelectorService.java:148)
> >> >> >>> >>> >> - org.eclipse.higgins.iss.PolicyParseException: Can
> >> >> >>> >>> >> not parse password managed policy. Root element is
> >> >> >>> >>> >> not PwmPolicy
> >> >> >>> >>> >>
> >> >> >>> >>> >> 15 Mar 2010 20:48:16,121 ERROR [http-8443-1]
> >> >> >>> >>> >> ConfigurationHandler.omFromFile
> >> >> >>> >>> >> (ConfigurationHandler.java:180) -
> >> >> >>> >>> >> java.io.FileNotFoundException: /home/jtellier/tomcat/apache-tomcat-6.0.24_sts_cloudselector_rp_cardsync/webapps/TokenService/ConfigurationFiles/ProvidersConfiguration.xml
> >> >> >>> >>> >> (No such file or directory)
> >> >> >>> >>> >>
> >> >> >>> >>> >> 15 Mar 2010 20:48:16,121 ERROR [http-8443-1]
> >> >> >>> >>> >> ConfigurationHandler.configure
> >> >> >>> >>> >> (ConfigurationHandler.java:288)
> >> >> >>> >>> >> - /home/jtellier/tomcat/apache-tomcat-6.0.24_sts_cloudselector_rp_cardsync/webapps/TokenService/ConfigurationFiles/ProvidersConfiguration.xml
> >> >> >>> >>> >> (No such file or directory)
> >> >> >>> >>> >>
> >> >> >>> >>> >> What is this "ProvidersConfiguration.xml" file? I
> >> >> >>> >>> >> could not find any reference to it anywhere.
> >> >> >>> >>> >>
> >> >> >>> >>> >> Finally, when configuring my deployment, I've had to
> >> >> >>> >>> >> comment out references to some classes in the
> >> >> >>> >>> >> "ClientConfiguration.xml" file. I've had to comment
> >> >> >>> >>> >> references to
> >> >> >>> >>> >> "org.eclipse.higgins.configuration.xml.ContextFactoryHandler"
> >> >> >>> >>> >> and
> >> >> >>> >>> >> "org.eclipse.higgins.configuration.xml.IdentityAttributeServiceHandler"
> >> >> >>> >>> >> because they don't seem to be present in B-1-1M7 and
> >> >> >>> >>> >> to
> >> >> >>> >>> >> "org.eclipse.higgins.sts.client.MetadataExchangeServiceFactory"
> >> >> >>> >>> >> because the instance returned was always null. Could
> >> >> >>> >>> >> this be related to the problems I'm encountering
> >> >> >>> >>> >> when trying to send cards?
> >> >> >>> >>> >>
> >> >> >>> >>> >> I would like to provide more information regarding
> >> >> >>> >>> >> those errors, but I don't really understand them...
> >> >> >>> >>> >> So if any of you has any ideas about the cause of
> >> >> >>> >>> >> those errors, please share them because at this
> >> >> >>> >>> >> point, any help would be gladly appreciated.
> >> >> >>> >>> >>
> >> >> >>> >>> >> Thanks,
> >> >> >>> >>> >> Jonathan
> >> >> >>> >>> >>
> >> >> >>> >>> >
> >> >> >>> >>> _______________________________________________
> >> >> >>> >>> higgins-dev mailing list
> >> >> >>> >>> higgins-dev@xxxxxxxxxxx
> >> >> >>> >>> https://dev.eclipse.org/mailman/listinfo/higgins-dev
> >> >> >>> >>>
> >> >> >>> >>
> >> >> >>> >>
> >> >> >>> >>
> >> >> >>> >
> >> >> >>
> >> >> >>
> >> >> >> _______________________________________________
> >> >> >> higgins-dev mailing list
> >> >> >> higgins-dev@xxxxxxxxxxx
> >> >> >> https://dev.eclipse.org/mailman/listinfo/higgins-dev
> >> >> >>
> >> >> >
> >> >
> >> >
> >> >
> >
> >
> >