0

使用 CXF STS-STS 客户端示例我遵循了https://web-gmazza.rhcloud.com/blog/entry/cxf-sts-tutorial中的示例,我的示例代码位于https://github.com/sampleref/ CXFSecurity供参考。在调试时,我在 STS 提供商处发现了如下错误

    <<||2014-07-13 18:26:50,286||http-apr-8080-exec-3|DEBUG|org.apache.ws.security.processor.UsernameTokenProcessor:50||||>> Found UsernameToken list element 
<<||2014-07-13 18:26:50,287||http-apr-8080-exec-3|DEBUG|org.apache.ws.security.validate.UsernameTokenValidator:78||||>> UsernameToken user alice 
<<||2014-07-13 18:26:50,287||http-apr-8080-exec-3|DEBUG|org.apache.ws.security.validate.UsernameTokenValidator:79||||>> UsernameToken password type http://docs.oasis-open.org/wss/2004/01/oasis-200401-wss-username-token-profile-1.0#PasswordText 
<<||2014-07-13 18:26:50,287||http-apr-8080-exec-3|DEBUG|org.apache.ws.security.processor.SignatureProcessor:115||||>> Found signature element 
<<||2014-07-13 18:26:50,288||http-apr-8080-exec-3|DEBUG|org.apache.ws.security.processor.SignatureProcessor:380||||>> Verify XML Signature 
<<||2014-07-13 18:26:50,292||http-apr-8080-exec-3|DEBUG|org.apache.ws.security.processor.SignatureProcessor:428||||>> XML Signature verification has failed 
<<||2014-07-13 18:26:50,292||http-apr-8080-exec-3|DEBUG|org.apache.ws.security.processor.SignatureProcessor:431||||>> Signature Validation check: false

请提供一些输入,这对我来说真的很重要。我在CXF STS client throws Request does not contain Security header/Response message does not contain WS-Addressing properties 上发布了来自 STS Client 的更详细错误

4

2 回答 2

0

问题是您没有在 STS 中提供私钥的密码。因此,例如,将以下内容添加到 StsPasswordCallbackHandler 使解密工作:

x509Passwords.put("stskeyalias", "stskeypassword");

您还需要从 STS pom 中删除 BouncyCastle 依赖项。

科尔姆。

于 2014-07-14T10:01:26.613 回答
0

我认为问题,https://issues.apache.org/jira/browse/CXF-5679https://issues.apache.org/jira/browse/CXF-5724正在造成问题。我使用了 CXF 3.0.0 版,现在能够获得 SAML 断言

谢谢

于 2014-07-16T11:12:06.527 回答