Skip to main content

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [List Home]
[higgins-dev] Re: Problem sending cards to CardSync

In the past few days, I've done some debugging and have found out a
small piece of information that I hope could be useful. Basically,
I've figured out the parameters which are used to when performing the
getTokenObject SOAP call where trying to use a username/password card.
Here there are:

userId: foo

password: bar

policy:
<object type="application/x-informationCard" name="xmlToken">
<param name="privacyUrl" value="http://wiki.eclipse.org/Cloud_Selector"; />
<param name="privacyVersion" value="1" />
<param name="tokenType" value="urn:oasis:names:tc:SAML:1.0:assertion" />
<param name="requiredClaims"
value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname";
/>
<param name="optionalClaims"
value="http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress"; />
</object>

policytype: cardspace

sslCert:

cuids:
org.eclipse.higgins.icard.provider.cardspace.managed.db#https://<my
server's address>/TokenService/services/Trust#urn:Higgins-LDAP-Server&cardid=username_token1_not_appliesto

typeofCredential: ITSUsernamePasswordCredential

credentialKey:
url
saveCard
saveCredential
address
metadataAddress
username
password

credentialValue:
http://<my server's address>/proxy.web/server-carddetails
false
false
https://<my server's address>/TokenService/services/Trust
https://<my server's address>/TokenService/services/MetadataUsernameToken
foo
bar

I've also tried to manually send a SOAP request to CardSync and also
to use a card from https://openidcards.sxip.com/, but in both cases, I
get the same "The specified request failed" error. I would like to try
the http://higgins.eclipse.org/TokenService STS, but for every action
I try to perform using it, I get:

exception: javax.naming.CommunicationException:
higgins.watson.ibm.com:636 [Root exception is
java.net.ConnectException: Connection refused]

So, is there something wrong with the parameters that are used? Does
anyone has an idea about how I could solve my problem?

Thanks,
Jonathan


On Mon, Mar 15, 2010 at 8:59 PM, Jonathan Tellier
<jonathan.tellier@xxxxxxxxx> wrote:
> Hello there,
>
> I think that I'm almost done with my local deployment of the
> CloudSelector/CardSync/TokenService, but I've still got some problems.
> When I try to send a personal card or a card that uses a Username
> Token, I get a STSFaultException caused by this error:
>
> 15 Mar 2010 20:42:32,267 ERROR [http-8443-1] LogHelper.error
> (LogHelper.java:119) - No Extension Configuration Found.
>
> 15 Mar 2010 20:42:32,268 ERROR [http-8443-1]
> CardSpaceSelector.getIdentityToken (CardSpaceSelector.java:495) -
> Returning
>  STS Fault: No Configuration Found.
>
> 15 Mar 2010 20:42:32,269 ERROR [http-8443-1]
> RPPSServiceImpl.getTokenObject (RPPSServiceImpl.java:833) -
> org.eclipse.hig
> gins.icard.provider.cardspace.common.STSFaultException
>
> org.eclipse.higgins.icard.provider.cardspace.common.STSFaultException
>        at org.eclipse.higgins.iss.cardspace.CardSpaceSelector.getIdentityToken(CardSpaceSelector.java:496)
>        at org.eclipse.higgins.rpps.core.impl.RppsService.getTokenObject(RppsService.java:3245)
>        at org.eclipse.higgins.rpps.core.impl.RppsService.getTokenObject(RppsService.java:3310)
>        at org.eclipse.higgins.rpps.core.impl.RppsService.getTokenObject(RppsService.java:3438)
>        at org.eclipse.higgins.rpps.webservices.RPPSServiceImpl.getTokenObject(RPPSServiceImpl.java:830)
> [... stacktrace continues ...]
>
> 15 Mar 2010 20:42:32,275 ERROR [http-8080-6] CardsServlet.error
> (CardsServlet.java:103) - Sorry, we could not process the OpenID
> request: The specified request failed
>
> AxisFault
>  faultCode: {http://schemas.xmlsoap.org/ws/2005/02/trust}wstRequestFailed
>  faultSubcode:
>  faultString: The specified request failed
>  faultActor: STS
>  faultNode:
>  faultDetail:
>        {http://xml.apache.org/axis/}hostname:salmond
>
> When I try to send a card that uses a Self Signed SAML Token, I get:
> org.eclipse.higgins.iss.ISSException: Cannot find the Personal card
> used to authenticate for this managed card.
>
> When logging with the card selector, I've also got this error, but I
> don't know if it's relevant or not since it does not prevent any
> actions.
>
> 15 Mar 2010 20:48:16,075 ERROR [http-8443-1]
> ICardSelectorService.getICardSelector (ICardSelectorService.java:148)
> - org.eclipse.higgins.iss.PolicyParseException: Can not parse password
> managed policy. Root element is not PwmPolicy
>
> 15 Mar 2010 20:48:16,121 ERROR [http-8443-1]
> ConfigurationHandler.omFromFile (ConfigurationHandler.java:180) -
> java.io.FileNotFoundException:
> /home/jtellier/tomcat/apache-tomcat-6.0.24_sts_cloudselector_rp_cardsync/webapps/TokenService/ConfigurationFiles/ProvidersConfiguration.xml
> (No such file or directory)
>
> 15 Mar 2010 20:48:16,121 ERROR [http-8443-1]
> ConfigurationHandler.configure (ConfigurationHandler.java:288) -
> /home/jtellier/tomcat/apache-tomcat-6.0.24_sts_cloudselector_rp_cardsync/webapps/TokenService/ConfigurationFiles/ProvidersConfiguration.xml
> (No such file or directory)
>
> What is this "ProvidersConfiguration.xml" file? I could not find any
> reference to it anywhere.
>
> Finally, when configuring my deployment, I've had to comment out
> references to some classes in the "ClientConfiguration.xml" file. I've
> had to comment references to
> "org.eclipse.higgins.configuration.xml.ContextFactoryHandler" and
> "org.eclipse.higgins.configuration.xml.IdentityAttributeServiceHandler"
> because they don't seem to be present in B-1-1M7 and to
> "org.eclipse.higgins.sts.client.MetadataExchangeServiceFactory"
> because the instance returned was always null. Could this be related
> to the problems I'm encountering when trying to send cards?
>
> I would like to provide more information regarding those errors, but I
> don't really understand them... So if any of you has any ideas about
> the cause of those errors, please share them because at this point,
> any help would be gladly appreciated.
>
> Thanks,
> Jonathan
>


Back to the top