我使用AD LDS用户存储设置了WSO2IS,并且具有用ASP.NET MVC编写的WS-Federation Passive STS原型,该原型可以作为AD LDS中定义的用户进行身份验证。我现在正在尝试编写一个简单的.NET控制台应用程序来手动连接到WS-Trust端点并进行身份验证,因为这个用户(或管理员用户同时尝试过)。我使用UserNamePassword保护了WS-Trust端点,并选择了哪些用户可以进行身份验证。
然而,当我运行这个原型时,我得到了一个" java.lang.NullPointerException"来自WSO2IS。
我做错了什么或离开了?
发生System.ServiceModel.FaultException HResult = 0x80131501
Message = java.lang.NullPointerException Source = System.ServiceModel
StackTrace:at System.ServiceModel.Security.WSTrustChannel.ReadResponse(消息 回应) System.ServiceModel.Security.WSTrustChannel.Issue(RequestSecurityToken rst,RequestSecurityTokenResponse& rstr)at WsTrustActiveSTSClient.Program.Main(String [] args)in C:\来源\ CACI \ MFOMID 原型\ STS \ WSO2IS-RP \ WsTrustActiveSTSClient \ Program.cs:第38行
我查看了日志中的异常信息,似乎是在org.apache.rahas.impl.SAMLTokenIssuer.createHoKAssertion中抛出的。
TID:[ - 1234] [] [2017-10-12 20:10:34,719]错误 {org.apache.axis2.transport.http.AxisServlet} -
java.lang.NullPointerException at org.apache.rahas.impl.SAMLTokenIssuer.createHoKAssertion(SAMLTokenIssuer.java:452) 在 org.apache.rahas.impl.SAMLTokenIssuer.issue(SAMLTokenIssuer.java:202) 在 org.apache.rahas.TokenRequestDispatcher.handle(TokenRequestDispatcher.java:69) 在 org.apache.rahas.STSMessageReceiver.invokeBusinessLogic(STSMessageReceiver.java:57) 在 org.apache.axis2.receivers.AbstractInOutMessageReceiver.invokeBusinessLogic(AbstractInOutMessageReceiver.java:40) 在 org.apache.axis2.receivers.AbstractMessageReceiver.receive(AbstractMessageReceiver.java:110) 在org.apache.axis2.engine.AxisEngine.receive(AxisEngine.java:180) 在 org.apache.axis2.transport.http.HTTPTransportUtils.processHTTPPostRequest(HTTPTransportUtils.java:173) 在 org.apache.axis2.transport.http.AxisServlet.doPost(AxisServlet.java:146) 在 org.wso2.carbon.core.transports.CarbonServlet.doPost(CarbonServlet.java:231) 在javax.servlet.http.HttpServlet.service(HttpServlet.java:650)at javax.servlet.http.HttpServlet.service(HttpServlet.java:731)at at org.eclipse.equinox.http.servlet.internal.ServletRegistration.service(ServletRegistration.java:61) 在 org.eclipse.equinox.http.servlet.internal.ProxyServlet.processAlias(ProxyServlet.java:128) 在 org.eclipse.equinox.http.servlet.internal.ProxyServlet.service(ProxyServlet.java:68) 在javax.servlet.http.HttpServlet.service(HttpServlet.java:731)at org.wso2.carbon.tomcat.ext.servlet.DelegationServlet.service(DelegationServlet.java:68) 在 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:303) 在 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) 在 org.apache.tomcat.websocket.server.WsFilter.doFilter(WsFilter.java:52) 在 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) 在 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) 在 org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:120) 在 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) 在 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) 在 org.wso2.carbon.tomcat.ext.filter.CharacterSetFilter.doFilter(CharacterSetFilter.java:61) 在 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) 在 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) 在 org.apache.catalina.filters.HttpHeaderSecurityFilter.doFilter(HttpHeaderSecurityFilter.java:120) 在 org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:241) 在 org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:208) 在 org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:218) 在 org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:122) 在 org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:505) 在 org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:169) 在 org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:103) 在 org.wso2.carbon.identity.context.rewrite.valve.TenantContextRewriteValve.invoke(TenantContextRewriteValve.java:72) 在 org.wso2.carbon.identity.authz.valve.AuthorizationValve.invoke(AuthorizationValve.java:91) 在 org.wso2.carbon.identity.auth.valve.AuthenticationValve.invoke(AuthenticationValve.java:60) 在 org.wso2.carbon.tomcat.ext.valves.CompositeValve.continueInvocation(CompositeValve.java:99) 在 org.wso2.carbon.tomcat.ext.valves.CarbonTomcatValve $ 1.invoke(CarbonTomcatValve.java:47) 在 org.wso2.carbon.webapp.mgt.TenantLazyLoaderValve.invoke(TenantLazyLoaderValve.java:57) 在 org.wso2.carbon.tomcat.ext.valves.TomcatValveContainer.invokeValves(TomcatValveContainer.java:47) 在 org.wso2.carbon.tomcat.ext.valves.CompositeValve.invoke(CompositeValve.java:62) 在 org.wso2.carbon.tomcat.ext.valves.CarbonStuckThreadDetectionValve.invoke(CarbonStuckThreadDetectionValve.java:159) 在 org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:958) 在 org.wso2.carbon.tomcat.ext.valves.CarbonContextCreatorValve.invoke(CarbonContextCreatorValve.java:57) 在 org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:116) 在 org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:452) 在 org.apache.coyote.http11.AbstractHttp11Processor.process(AbstractHttp11Processor.java:1087) 在 org.apache.coyote.AbstractProtocol $ AbstractConnectionHandler.process(AbstractProtocol.java:637) 在 org.apache.tomcat.util.net.NioEndpoint $ SocketProcessor.doRun(NioEndpoint.java:1756) 在 org.apache.tomcat.util.net.NioEndpoint $ SocketProcessor.run(NioEndpoint.java:1715) 在 java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149) 在 java.util.concurrent.ThreadPoolExecutor中的$ Worker.run(ThreadPoolExecutor.java:624) 在 org.apache.tomcat.util.threads.TaskThread $ WrappingRunnable.run(TaskThread.java:61) 在java.lang.Thread.run(Thread.java:748)
以下是使用.NET Framework 4.5.2下的WIF 4.5编写的这个简单WS-Trust STS客户端的源代码。
using System;
using System.IdentityModel.Claims;
using System.IdentityModel.Protocols.WSTrust;
using System.IdentityModel.Tokens;
using System.ServiceModel;
using System.ServiceModel.Security;
namespace WsTrustActiveSTSClient
{
internal class Program
{
private static void Main(string[] args)
{
WS2007HttpBinding binding = new WS2007HttpBinding(SecurityMode.TransportWithMessageCredential, false);
binding.Security.Message.ClientCredentialType = MessageCredentialType.UserName;
binding.Security.Message.EstablishSecurityContext = false;
EndpointAddress endpoint = new EndpointAddress("https://localhost:9443/services/wso2carbon-sts");
WSTrustChannelFactory factory = new WSTrustChannelFactory(binding, endpoint);
factory.Credentials.UserName.UserName = "admin";
factory.Credentials.UserName.Password = "admin";
WSTrustChannel channel = (WSTrustChannel) factory.CreateChannel();
RequestSecurityToken rst = new RequestSecurityToken
{
RequestType = RequestTypes.Issue,
KeyType = KeyTypes.Symmetric,
Claims =
{
new RequestClaim(ClaimTypes.Name)
}
};
RequestSecurityTokenResponse rstr = null;
SecurityToken token = channel.Issue(rst, out rstr);
Console.WriteLine("{0}", token);
Console.ReadLine();
}
}
}
答案 0 :(得分:0)
问题是我正在请求对称密钥令牌,看起来我没有为此配置。我将其更改为Bearer令牌并且工作正常。不过,我仍然在研究Symmetric密钥用例。