Bug 1183620

Summary: SAML2Handler cannot create security context during web service invocation
Product: [JBoss] JBoss Enterprise Application Platform 6 Reporter: Ondrej Kotek <okotek>
Component: PicketLinkAssignee: Boleslaw Dawidowicz <bdawidow>
Status: CLOSED CURRENTRELEASE QA Contact: Ondrej Kotek <okotek>
Severity: urgent Docs Contact:
Priority: unspecified    
Version: 6.3.3CC: anmiller, cdewolf, myarboro, psilva, pskopek
Target Milestone: CR2Keywords: Regression
Target Release: EAP 6.3.3   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2019-08-19 12:39:32 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:
Bug Depends On: 1181632    
Bug Blocks: 1151405, 1184035    

Description Ondrej Kotek 2015-01-19 10:34:02 UTC 
Description of problem:
SAML2Handler cannot create security context during web service invocation. Test AbstractPOJOWSAuthorizationTestCase#testWSInteraction from [1] fails with following exception:

java.lang.RuntimeException: org.picketlink.common.exceptions.ConfigurationException: The security domain name could not be found. Check your jboss-web.xml.
...
Caused by: java.lang.RuntimeException: org.picketlink.common.exceptions.ConfigurationException: The security domain name could not be found. Check your jboss-web.xml.
	at org.picketlink.trust.jbossws.handler.AbstractSAML2Handler.createSecurityContext(AbstractSAML2Handler.java:141)
	at org.picketlink.trust.jbossws.handler.SAML2Handler.createSecurityContext(SAML2Handler.java:50)
	at org.picketlink.trust.jbossws.handler.AbstractSAML2Handler.handleInbound(AbstractSAML2Handler.java:102)
	at org.picketlink.trust.jbossws.handler.AbstractPicketLinkTrustHandler.handleMessage(AbstractPicketLinkTrustHandler.java:253)
	at com.sun.xml.internal.ws.handler.HandlerProcessor.callHandleMessageReverse(HandlerProcessor.java:325)
	at com.sun.xml.internal.ws.handler.HandlerProcessor.callHandlersResponse(HandlerProcessor.java:198)
	at com.sun.xml.internal.ws.handler.ClientSOAPHandlerTube.callHandlersOnResponse(ClientSOAPHandlerTube.java:148)
	... 95 more
Caused by: org.picketlink.common.exceptions.ConfigurationException: The security domain name could not be found. Check your jboss-web.xml.
	at org.picketlink.common.DefaultPicketLinkLogger.securityDomainNotFound(DefaultPicketLinkLogger.java:2298)
	at org.picketlink.trust.jbossws.handler.AbstractPicketLinkTrustHandler.getSecurityDomainName(AbstractPicketLinkTrustHandler.java:135)
	at org.picketlink.trust.jbossws.handler.AbstractSAML2Handler.createSecurityContext(AbstractSAML2Handler.java:138)
	... 101 more

Seems to have same cause as BZ1181632.


Version-Release number of selected component (if applicable):
2.5.3.SP15-redhat1


How reproducible:
Run the test.


Steps to Reproduce:
Follow readme [2], run test with something like:

mvn clean test -Dmaven.repo.local=/home/user/test/jboss-eap-6.4.0.ER1-maven-repository/ -Djboss.dist=/home/user/test/jboss-eap-6.3 -Dtest=POJOWSAuthorizationTestCase#testWSInteraction



Customer impact
===============
Customers using PicketLink are unable to authorize to web services secured by security token service on JBoss EAP server.
Comment 5 Ondrej Kotek 2015-01-27 10:12:18 UTC 
Verified in JBoss EAP 6.3.3.CR2.