You must use this constructor:

public ServiceClient(ConfigurationContext configContext, URL wsdlURL,
QName wsdlServiceName, String portName) throws AxisFault

options.setProperty(RampartMessageData.KEY_CUSTOM_ISSUED_TOKEN, responseToken.getId());

And that’s great, but I’m getting the following Exception in my tests:

[2009-11-04 12:22:14,966] ERROR – Referenced security token could not be retrieved (Reference “#urn:uuid:C8926E6973FAD8DB361257333746854″)
org.apache.axis2.AxisFault: Referenced security token could not be retrieved (Reference “#urn:uuid:C8926E6973FAD8DB361257333746854″)
at org.apache.rampart.handler.RampartReceiver.setFaultCodeAndThrowAxisFault(RampartReceiver.java:172)
at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:95)
at org.apache.axis2.engine.Phase.invoke(Phase.java:318)
at org.apache.axis2.engine.AxisEngine.invoke(AxisEngine.java:256)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:165)
at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:167)
at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:142)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.eclipse.equinox.http.servlet.internal.ServletRegistration.handleRequest(ServletRegistration.java:90)
at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:111)
at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:67)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.wso2.carbon.bridge.BridgeServlet.service(BridgeServlet.java:135)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:870)
at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
at java.lang.Thread.run(Thread.java:637)
Caused by: org.apache.ws.security.WSSecurityException: Referenced security token could not be retrieved (Reference “#urn:uuid:C8926E6973FAD8DB361257333746854″)
at org.apache.ws.security.message.token.SecurityTokenReference.getTokenElement(SecurityTokenReference.java:217)
at org.apache.ws.security.processor.SignatureProcessor.verifyXMLSignature(SignatureProcessor.java:244)
at org.apache.ws.security.processor.SignatureProcessor.handleToken(SignatureProcessor.java:99)
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:329)
at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:246)
at org.apache.rampart.RampartEngine.process(RampartEngine.java:144)
at org.apache.rampart.handler.RampartReceiver.invoke(RampartReceiver.java:92)
… 27 more
SecurityManagerException: Unable to obtain the security token from local STS!
at SecurityManagerServer.getToken(SecurityManagerServer.java:985)
at SecurityManagerServer.getEncodedReqRep(SecurityManagerServer.java:359)
at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
at java.lang.reflect.Method.invoke(Method.java:597)
at org.apache.axis2.receivers.RawXMLINOutMessageReceiver.invokeBusinessLogic(RawXMLINOutMessageReceiver.java:97)
at org.apache.axis2.receivers.AbstractInOutSyncMessageReceiver.invokeBusinessLogic(AbstractInOutSyncMessageReceiver.java:42)
at org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:114)
at org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:178)
at org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:167)
at org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:142)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:709)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.eclipse.equinox.http.servlet.internal.ServletRegistration.handleRequest(ServletRegistration.java:90)
at org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:111)
at org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:67)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.wso2.carbon.bridge.BridgeServlet.service(BridgeServlet.java:135)
at javax.servlet.http.HttpServlet.service(HttpServlet.java:802)
at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:269)
at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:188)
at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:210)
at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:174)
at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:117)
at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:108)
at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:151)
at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:870)
at org.apache.coyote.http11.Http11BaseProtocol$Http11ConnectionHandler.processConnection(Http11BaseProtocol.java:665)
at org.apache.tomcat.util.net.PoolTcpEndpoint.processSocket(PoolTcpEndpoint.java:528)
at org.apache.tomcat.util.net.LeaderFollowerWorkerThread.runIt(LeaderFollowerWorkerThread.java:81)
at org.apache.tomcat.util.threads.ThreadPool$ControlRunnable.run(ThreadPool.java:685)
at java.lang.Thread.run(Thread.java:637)
Caused by: org.apache.axis2.AxisFault: Referenced security token could not be retrieved (Reference “#urn:uuid:C8926E6973FAD8DB361257333746854″)
at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:518)
at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:371)
at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:417)
at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:549)
at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:525)
at SecurityManagerServer.getToken(SecurityManagerServer.java:980)
… 33 more

What could cause it?

Thanks

that was really useful!
I was looking forward to a SAML 2.0 consuming guide on Rampart 1.5.

Just one thing, I didn’t catch quite well where it is decribed how the service consumes the SAML Assertion. Could you please underline me the point or how does it do it?

Thanks

IMO at the service end, Rampart should be the first handler. This is how we are doing it in Axis2. Then Rampart will carry out all the necessary cryptographic and policy validations and hand over the security processed message to the next handler. So in server side, placing the Rampart handler before the custom handler will resolve your issue.

/ thilina

Thank you for your interest on WSO2 Identity Server. WSO2 has only officially released Identity Server 1.5, and we are about to release WSO2 Identity Server 2.0 which is contains some fabulous features.