如何在安全对话方案中配置sct-issuer-config参数

时间:2014-05-25 07:33:34

标签: wso2 ws-security wso2is

我正在安全对话场景中使用WSO2 Identity Server 4.6.0中的STS服务与场景5的安全性和WSO2 Application Server 5.2.1中的Web服务使用场景15进行安全保护。

当我从WSO2 IS请求令牌时,我收到了这个错误:

SEVERE: errorInObtainingToken
org.apache.axis2.AxisFault: Expected parameter missing : "sct-issuer-config" 
    at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:531)
    at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:375)
    at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:421)
    at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
    at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
    at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:555)
    at org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:150)
org.apache.rahas.TrustException: Error in obtaining token from : "https://localhost:9449/services/wso2carbon-sts"
    at org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:159)

有关如何在我的代码中配置sct-issuer-config参数的任何想法?它是客户端还是服务器端?

编辑:我将配置不在WSO2 AS中部署的服务中,而是在WSO2 IS中部署的STS服务中,并且错误更改。现在是这样的:

org.apache.rahas.TrustException: Error in obtaining token from : "https://localhost:9449/services/wso2carbon-sts"
    at org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:159)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:601)
    at com.intellij.rt.execution.application.AppMain.main(AppMain.java:120)
Caused by: org.apache.axis2.AxisFault: java.lang.RuntimeException: Undefined 'Unsupported WS-SecureConversation version' resource property
    at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:531)
    at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:375)
    at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:421)
    at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
    at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
    at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:555)
    at org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:150)
    ... 6 more

感谢。

1 个答案:

答案 0 :(得分:0)

当您通过UI使用安全方案保护它时,

sct-issuer-config应作为axis2参数添加到AS中的服务中。它通常如下所示。您可以尝试手动将此参数添加到服务中,然后尝试。

  <parameter name="sct-issuer-config" type="2">
     <sct-issuer-config>
        <cryptoProperties>
           <crypto provider="org.wso2.carbon.security.util.ServerCrypto">
              <property name="org.wso2.carbon.security.crypto.alias">wso2carbon</property>
              <property name="org.wso2.carbon.security.crypto.privatestore">wso2carbon.jks</property>
           </crypto>
        </cryptoProperties>
        <keyComputation>3</keyComputation>
        <proofKeyType>BinarySecret</proofKeyType>
        <addRequestedAttachedRef/>
        <addRequestedUnattachedRef/>
     </sct-issuer-config>
  </parameter>
  <parameter name="token-canceler-config" type="2">
     <token-canceler-config/>
     <parameter name="token-canceler-config" type="1">
        <token-canceler-config/>
     </parameter>
  </parameter>
相关问题
最新问题