WSO2 Сервер идентификации - не могу получить SAML маркер от STS

Question

С много проблем, я получил консольное приложение образец работает до момента отправки запроса на сервер идентификации STS, чтобы получить маркер безопасности ..

Вот исключение, сообщает сервер Идентичность:

[2013-03-15 14:31:04,563] ERROR {org.wso2.carbon.identity.provider.AttributeCallbackHandler} - Error occuerd while populating claim 
java.lang.NullPointerException 
     at org.wso2.carbon.identity.provider.AttributeCallbackHandler.loadClaims(AttributeCallbackHandler.java:136) 
     at org.wso2.carbon.identity.provider.AttributeCallbackHandler.handle(AttributeCallbackHandler.java:68) 
     at org.apache.rahas.impl.SAMLTokenIssuer.createAttributeAssertion(SAMLTokenIssuer.java:544) 
     at org.apache.rahas.impl.SAMLTokenIssuer.createHoKAssertion(SAMLTokenIssuer.java:419) 
     at org.apache.rahas.impl.SAMLTokenIssuer.issue(SAMLTokenIssuer.java:173) 
     at org.apache.rahas.TokenRequestDispatcher.handle(TokenRequestDispatcher.java:69) 
     at org.apache.rahas.STSMessageReceiver.invokeBusinessLogic(STSMessageReceiver.java:57) 
     at org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40) 
     at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:110) 
     at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180) 
     at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172) 
     at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:146) 
     at org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231) 
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:641) 
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:722) 
     at org.eclipse.equinox.http.servlet.internal.ServletRegistration.handleRequest(ServletRegistration.java:90) 
     at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:111) 
     at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:67) 
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:722) 
     at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68) 
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) 
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) 
     at org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61) 
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243) 
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) 
     at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:225) 
     at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123) 
     at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) 
     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168) 
     at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98) 
     at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:172) 
     at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:156) 
     at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927) 
     at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:52) 
     at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) 
     at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407) 
     at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1001) 
     at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:579) 
     at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1653) 
     at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) 
     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) 
     at java.lang.Thread.run(Thread.java:662) 
org.apache.rahas.TrustException: Error in creating a SAMLToken using Opensaml library 
     at org.apache.rahas.impl.SAMLTokenIssuer.createAttributeAssertion(SAMLTokenIssuer.java:585) 
     at org.apache.rahas.impl.SAMLTokenIssuer.createHoKAssertion(SAMLTokenIssuer.java:419) 
     at org.apache.rahas.impl.SAMLTokenIssuer.issue(SAMLTokenIssuer.java:173) 
     at org.apache.rahas.TokenRequestDispatcher.handle(TokenRequestDispatcher.java:69) 
     at org.apache.rahas.STSMessageReceiver.invokeBusinessLogic(STSMessageReceiver.java:57) 
     at org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40) 
     at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:110) 
     at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180) 
     at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:172) 
     at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:146) 
     at org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231) 
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:641) 
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:722) 
     at org.eclipse.equinox.http.servlet.internal.ServletRegistration.handleRequest(ServletRegistration.java:90) 
     at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:111) 
     at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:67) 
     at javax.servlet.http.HttpServlet.service(HttpServlet.java:722) 
     at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68) 
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305) 
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) 
     at org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61) 
     at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243) 
     at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210) 
     at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:225) 
     at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123) 
     at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472) 
     at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168) 
     at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:98) 
     at org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:172) 
     at org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:156) 
     at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:927) 
     at org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:52) 
     at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118) 
     at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407) 
     at org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1001) 
     at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:579) 
     at org.apache.tomcat.util.net.NioEndpoint$SocketProcessor.run(NioEndpoint.java:1653) 
     at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886) 
     at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908) 
     at java.lang.Thread.run(Thread.java:662) 
Caused by: org.opensaml.MalformedException: AttributeStatement is invalid, requires at least one attribute 
     at org.opensaml.SAMLAttributeStatement.checkValidity(Unknown Source) 
     at org.opensaml.SAMLObject.toDOM(Unknown Source) 
     at org.opensaml.SAMLSubjectStatement.toDOM(Unknown Source) 
     at org.opensaml.SAMLAttributeStatement.toDOM(Unknown Source) 
     at org.opensaml.SAMLAssertion.toDOM(Unknown Source) 
     at org.opensaml.SAMLObject.toDOM(Unknown Source) 
     at org.opensaml.SAMLSignedObject.toDOM(Unknown Source) 
     at org.opensaml.SAMLObject.toDOM(Unknown Source) 
     at org.opensaml.SAMLSignedObject.sign(Unknown Source) 
     at org.opensaml.SAMLSignedObject.sign(Unknown Source) 
     at org.apache.rahas.impl.SAMLTokenIssuer.createAttributeAssertion(SAMLTokenIssuer.java:581) 
     ... 39 more 

Из всей документации, я выполнил все шаги по обеспечению службы STS и настроить его правильно. Кажется, что что-то не настроено, чтобы узнать, какие претензии отправить назад.

клиентский код из документации сервера удостоверений для выпуска 4.1.0 для «Security Token Server»

Может кто-нибудь помочь?

Answer 1

проблема заключается в том, что вам нужно отправить по крайней мере 1 претензии, я sugest сделать это следующим образом:

private static OMElement getRSTTemplate() throws Exception { 
     OMFactory fac = OMAbstractFactory.getOMFactory(); 
     OMElement elem = fac.createOMElement(Constants.RST_TEMPLATE); 
     TrustUtil.createTokenTypeElement(RahasConstants.VERSION_05_02, elem) 
       .setText(XML.SAML_NS); 
     TrustUtil.createKeyTypeElement(RahasConstants.VERSION_05_02, elem, 
       RahasConstants.KEY_TYPE_SYMM_KEY); 
     TrustUtil.createKeySizeElement(RahasConstants.VERSION_05_02, elem, 256); 
     TrustUtil.createClaims(RahasConstants.VERSION_05_02, elem,"http://wso2.org"); 
     addClaimType(elem,"http://wso2.org/claims/givenname"); 
     return elem; 
     } 

     private static void addClaimType(OMElement parent,String uri) { 
     OMElement element = null; 
     element = parent.getOMFactory().createOMElement(new QName("http://schemas.xmlsoap.org/ws/2005/05/identity", "ClaimType", "wsid"), 
         parent); 
     element.addAttribute(parent.getOMFactory().createOMAttribute("Uri",null,uri)); 
     }