One Star

Problem with the STS example in the getting started guide

Hi all,
I'm currently having a problem when running the STS example in the
Getting Started guide on OSX.
I unpacked TESB and the examples, copied the container and configured
the alternate container as described in chapter 4.1. Then I followed the
instructions in chapter 9 to build and run the STS, the STS-enabled services
and application.
When I run the car:GUI from the application container and click the
"browse"-Button, I see an incoming issue-request with a certificate
which looks ok, but processing fails a CRLDistributionPoints exception
(stacktrace @ end of post). To me it looks like the problem occurs
before processing is actually handed over to the implementation of the
issue operation.
When I try the same steps on a Ubuntu VM I got from a colleague,
everything works as expected.
Can anyone point me to what I'm doing wrong?
Best regards
Jerry
Request & Stacktrace from STS log:
May 17, 2011 3:55:31 PM
org.apache.cxf.interceptor.AbstractLoggingInterceptor log
INFO: Inbound Message
----------------------------
ID: 3
Address: http://localhost:9081/sts/SecurityTokenService/
Encoding: UTF-8
Http-Method: POST
Content-Type: text/xml; charset=UTF-8
Headers: {Accept=, Cache-Control=,
connection=, Content-Length=, content-type=, Host=, Pragma=,
SOAPAction=,
User-Agent=}
Payload: <soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><wst:RequestSecurityToken
xmlns:wst="http://docs.oasis-open.org/ws-sx/ws-trust/200512"><wstSmiley FrustratedecondaryParameters><t:TokenType
xmlns:t="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://docs.oasis-open.org/wss/oasis-wss-saml-toke...
xmlns:t="http://docs.oasis-open.org/ws-sx/ws-trust/200512">http://docs.oasis-open.org/ws-sx/ws-trust/200512/P...Smiley Frustrated
xmlns:wsp="http://schemas.xmlsoap.org/ws/2004/09/policy"><wsa:EndpointReference
xmlns:wsa="http://www.w3.org/2005/08/addressing"><wsa:Address>http://localhost:8080/services/CRMServiceProvider...
xmlns:dsig="http://www.w3.org/2000/09/xmldsig#"><X509Data
xmlns="http://www.w3.org/2000/09/xmldsig#">
<X509Certificate>
MIIEFjCCA3+gAwIBAgIJAJORWX2Xsa8DMA0GCSqGSIb3DQEBBQUAMIG5MQswCQYDVQQGEwJVUzER
MA8GA1UECBMITmV3IFlvcmsxFjAUBgNVBAcTDU5pYWdhcmEgRmFsbHMxLDAqBgNVBAoTI1NhbXBs
ZSBDbGllbnQgLS0gTk9UIEZPUiBQUk9EVUNUSU9OMRYwFAYDVQQLEw1JVCBEZXBhcnRtZW50MRcw
FQYDVQQDEw53d3cuY2xpZW50LmNvbTEgMB4GCSqGSIb3DQEJARYRY2xpZW50QGNsaWVudC5jb20w
HhcNMTEwMjA5MTgzMDI3WhcNMjEwMjA2MTgzMDI3WjCBuTELMAkGA1UEBhMCVVMxETAPBgNVBAgT
CE5ldyBZb3JrMRYwFAYDVQQHEw1OaWFnYXJhIEZhbGxzMSwwKgYDVQQKEyNTYW1wbGUgQ2xpZW50
IC0tIE5PVCBGT1IgUFJPRFVDVElPTjEWMBQGA1UECxMNSVQgRGVwYXJ0bWVudDEXMBUGA1UEAxMO
d3d3LmNsaWVudC5jb20xIDAeBgkqhkiG9w0BCQEWEWNsaWVudEBjbGllbnQuY29tMIGfMA0GCSqG
SIb3DQEBAQUAA4GNADCBiQKBgQDauFNVqi4B2+u/PC9ktDkn82bglEQYcL4o5JRUhQVEhTK2iElo
z1Rvo/qyfDhBPc1lzIUn4ams+DKBSSjZMCgop3XbeCXzIVP784ruC8HF5QrYsXUQfTc7lzqafXZX
H8Bk89gSScA1fFme6TpvYzM0zjBETSXADtKOs9oKB2VOIwIDAQABo4IBIjCCAR4wHQYDVR0OBBYE
FFIz+0BSZlLtXkA/udRjRgphtREuMIHuBgNVHSMEgeYwgeOAFFIz+0BSZlLtXkA/udRjRgphtREu
oYG/pIG8MIG5MQswCQYDVQQGEwJVUzERMA8GA1UECBMITmV3IFlvcmsxFjAUBgNVBAcTDU5pYWdh
cmEgRmFsbHMxLDAqBgNVBAoTI1NhbXBsZSBDbGllbnQgLS0gTk9UIEZPUiBQUk9EVUNUSU9OMRYw
FAYDVQQLEw1JVCBEZXBhcnRtZW50MRcwFQYDVQQDEw53d3cuY2xpZW50LmNvbTEgMB4GCSqGSIb3
DQEJARYRY2xpZW50QGNsaWVudC5jb22CCQCTkVl9l7GvAzAMBgNVHRMEBTADAQH/MA0GCSqGSIb3
DQEBBQUAA4GBAEjEr9QfaYsZf7ELnqB++OkWcKxpMt1Yj/VOyL99AekkVTM+rRHCU9Bu+tncMNsf
y8mIXUC1JqKQ+Cq5RlaDh/ujzt6i17G7uSGd6U1U/DPZBqTm3Dxwl1cMAGU/CoAKTWE+o+fS4Q2x
Hv7L1KiXQQc9EWJ4C34Ik45fB6g3DiTj
</X509Certificate>
</X509Data></dsig:KeyInfo></wst:UseKey></wst:RequestSecurityToken></soap:Body></soap:Envelope>
--------------------------------------
May 17, 2011 3:55:31 PM org.apache.cxf.phase.PhaseInterceptorChain
doDefaultLogging
WARNING: Application
{http://docs.oasis-open.org/ws-sx/ws-trust/200512/wsdl}SecurityTokenServiceProvider#{http://docs.oasi...
has thrown exception, unwinding now
org.apache.cxf.binding.soap.SoapFault: CRLDistributionPoints
at
org.apache.cxf.jaxws.AbstractJAXWSMethodInvoker.createFault(AbstractJAXWSMethodInvoker.java:76)
at
org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:121)
at
org.apache.cxf.jaxws.JAXWSMethodInvoker.invoke(JAXWSMethodInvoker.java:61)
at
org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:75)
at
org.apache.cxf.interceptor.ServiceInvokerInterceptor$1.run(ServiceInvokerInterceptor.java:58)
at
java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:441)
at java.util.concurrent.FutureTask$Sync.innerRun(FutureTask.java:303)
at java.util.concurrent.FutureTask.run(FutureTask.java:138)
at
org.apache.cxf.workqueue.SynchronousExecutor.execute(SynchronousExecutor.java:37)
at
org.apache.cxf.interceptor.ServiceInvokerInterceptor.handleMessage(ServiceInvokerInterceptor.java:106)
at
org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:263)
at
org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:118)
at
org.apache.cxf.transport.http.AbstractHTTPDestination.invoke(AbstractHTTPDestination.java:208)
at
org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:223)
at
org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:166)
at
org.apache.cxf.transport.servlet.CXFNonSpringServlet.invoke(CXFNonSpringServlet.java:113)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:184)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:107)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:727)
at
org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:163)
at
org.mortbay.jetty.servlet.ServletHolder.handle(ServletHolder.java:511)
at
org.mortbay.jetty.servlet.ServletHandler.handle(ServletHandler.java:390)
at
org.mortbay.jetty.security.SecurityHandler.handle(SecurityHandler.java:216)
at
org.mortbay.jetty.servlet.SessionHandler.handle(SessionHandler.java:182)
at
org.mortbay.jetty.handler.ContextHandler.handle(ContextHandler.java:765)
at
org.mortbay.jetty.webapp.WebAppContext.handle(WebAppContext.java:418)
at
org.mortbay.jetty.handler.ContextHandlerCollection.handle(ContextHandlerCollection.java:230)
at
org.mortbay.jetty.handler.HandlerCollection.handle(HandlerCollection.java:114)
at
org.mortbay.jetty.handler.HandlerWrapper.handle(HandlerWrapper.java:152)
at org.mortbay.jetty.Server.handle(Server.java:326)
at
org.mortbay.jetty.HttpConnection.handleRequest(HttpConnection.java:542)
at
org.mortbay.jetty.HttpConnection$RequestHandler.content(HttpConnection.java:943)
at org.mortbay.jetty.HttpParser.parseNext(HttpParser.java:756)
at org.mortbay.jetty.HttpParser.parseAvailable(HttpParser.java:218)
at org.mortbay.jetty.HttpConnection.handle(HttpConnection.java:404)
at
org.mortbay.io.nio.SelectChannelEndPoint.run(SelectChannelEndPoint.java:410)
at
org.mortbay.thread.QueuedThreadPool$PoolThread.run(QueuedThreadPool.java:582)
Caused by: javax.xml.ws.soap.SOAPFaultException: CRLDistributionPoints
at
org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider.invoke(SecurityTokenServiceProvider.java:243)
at
org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider.invoke(SecurityTokenServiceProvider.java:63)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at
sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at
sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at
org.apache.cxf.service.invoker.AbstractInvoker.performInvocation(AbstractInvoker.java:173)
at
org.apache.cxf.service.invoker.AbstractInvoker.invoke(AbstractInvoker.java:89)
... 35 more
May 17, 2011 3:55:31 PM
org.apache.cxf.interceptor.AbstractLoggingInterceptor log
INFO: Outbound Message
---------------------------
ID: 3
Response-Code: 500
Encoding: UTF-8
Content-Type: text/xml
Headers: {}
Payload: <soap:Envelope
xmlns:soap="http://schemas.xmlsoap.org/soap/envelope/"><soap:Body><soap:Fault><faultcode>soapSmiley Frustratederver</faultcode><f...
xmlns:ns="http://docs.oasis-open.org/ws-sx/ws-trust/200512"><ns:ErrorCode>sun.reflect.NativeMethodAccessorImpl...
Method)</ns:ErrorCode></ns:Fault></detail></soap:Fault></soap:Body></soap:Envelope>
6 REPLIES
Employee

Re: Problem with the STS example in the getting started guide

Hi,
Are you using different JDK versions?
Thanks
Employee

Re: Problem with the STS example in the getting started guide

Hi Jerry
I've deployed the demo on ubuntu but my client has the problem to connect to the STS even it is running. At least you reach the STS.
I was a little bit confused by the stacktrace because I couldn't find the invoke methods at the line in the cxf sources as listed in your stacktrace. I think the problem is here.
demo.sts.provider.cert.CRLVerifier.getCrlDistributionPoints
This would mean that the IssueOperation implementation is called. The code reads/parses a file. Don't know whether there is a similar problem as vgalopin and I noticed on Windows. The encoding of the schemas seem to be incorrect in the windows distribution.
Thanks
Oli
One Star

Re: Problem with the STS example in the getting started guide

Hi,
Are you using different JDK versions?
Thanks

I'm on OSX using the default JDK installation for all processes:
sopmac13:sts_issue_operation jerry$ java -version
java version "1.6.0_24"
Java(TM) SE Runtime Environment (build 1.6.0_24-b07-334-10M3326)
Java HotSpot(TM) 64-Bit Server VM (build 19.1-b02-334, mixed mode)
Employee

Re: Problem with the STS example in the getting started guide

The problem seems to be related to the bouncy castle implementation used in Issue operation.
Do you have the bouncy castle provider already registered statically in your enviornment ?
Employee

Re: Problem with the STS example in the getting started guide

Hm, I just did the sts sample together with Jerry on my machine and it worked like a charm :-)
Must be a problem with the environment ... maybe clearing the local Maven cache helps.
java version "1.6.0_24"
Java(TM) SE Runtime Environment (build 1.6.0_24-b07-334-10M3326)
Java HotSpot(TM) 64-Bit Server VM (build 19.1-b02-334, mixed mode)
... so Java is the same as Jerry has.
One Star

Re: Problem with the STS example in the getting started guide

The problem seems to be related to the bouncy castle implementation used in Issue operation.
Do you have the bouncy castle provider already registered statically in your enviornment ?

You might to be on to something here. I had Bouncy Castle 1.46 installed statically, and the STS has 1.45 in its lib directory. I have disabled my static installation now, but that did not help. I rebuild the example with a clean Maven repo as well, still no luck. Next one is redoing the whole example in a freshly unpacked installation.