2 Replies Latest reply: Jan 3, 2012 12:22 PM by dlaprade RSS

Cannot validate sts token with sign/encrypt

dlaprade Newbie

Hello,

 

I am hoping someone can help me quickly solve my issue. It seems that I can verify an STS token using a handler defined in my configuration:

 

<jaxws:handlers>
        <bean class="org.picketlink.identity.federation.core.wstrust.handlers.STSSaml20Handler"/>
</jaxws:handlers>

 

If I comment out that handler then try my sign/encryption seems to work as well:

 

<jaxws:outInterceptors>
            <bean class="org.apache.cxf.binding.soap.saaj.SAAJOutInterceptor"/>
            <ref bean="SignResponse"/>
</jaxws:outInterceptors>

 <jaxws:inInterceptors>
            <bean class="org.apache.cxf.binding.soap.saaj.SAAJInInterceptor"/>
            <ref bean="SignRequest"/>
 </jaxws:inInterceptors>

 

and:

 

<bean id="SignRequest" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
.....
</bean>
<bean id="SignResponse" class="org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor">
.....
</bean>

 

The problem exists when I have both turned on:

 

Caused by: org.apache.cxf.binding.soap.SoapFault: PL00092: Null Value:No security token could be found in the SOAP Header

 

Does anyone know what I am doing wrong? All help is appreciated.