1183620 – SAML2Handler cannot create security context during web service invocation

Bug 1183620 - SAML2Handler cannot create security context during web service invocation

Summary: SAML2Handler cannot create security context during web service invocation

Keywords:
Status:	CLOSED CURRENTRELEASE
Alias:	None
Product:	JBoss Enterprise Application Platform 6
Classification:	JBoss
Component:	PicketLink
Sub Component:
Version:	6.3.3
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	urgent
Target Milestone:	CR2
Target Release:	EAP 6.3.3
Assignee:	Boleslaw Dawidowicz
QA Contact:	Ondrej Kotek
Docs Contact:
URL:
Whiteboard:
Depends On:	1181632
Blocks:	eap633-payload 1184035
TreeView+	depends on / blocked

Reported:	2015-01-19 10:34 UTC by Ondrej Kotek
Modified:	2019-08-19 12:39 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Clone Of:
Environment:
Last Closed:	2019-08-19 12:39:32 UTC
Type:	Bug
Embargoed:

Attachments	(Terms of Use)

Description Ondrej Kotek 2015-01-19 10:34:02 UTC

Description of problem:
SAML2Handler cannot create security context during web service invocation. Test AbstractPOJOWSAuthorizationTestCase#testWSInteraction from [1] fails with following exception:

java.lang.RuntimeException: org.picketlink.common.exceptions.ConfigurationException: The security domain name could not be found. Check your jboss-web.xml.
...
Caused by: java.lang.RuntimeException: org.picketlink.common.exceptions.ConfigurationException: The security domain name could not be found. Check your jboss-web.xml.
	at org.picketlink.trust.jbossws.handler.AbstractSAML2Handler.createSecurityContext(AbstractSAML2Handler.java:141)
	at org.picketlink.trust.jbossws.handler.SAML2Handler.createSecurityContext(SAML2Handler.java:50)
	at org.picketlink.trust.jbossws.handler.AbstractSAML2Handler.handleInbound(AbstractSAML2Handler.java:102)
	at org.picketlink.trust.jbossws.handler.AbstractPicketLinkTrustHandler.handleMessage(AbstractPicketLinkTrustHandler.java:253)
	at com.sun.xml.internal.ws.handler.HandlerProcessor.callHandleMessageReverse(HandlerProcessor.java:325)
	at com.sun.xml.internal.ws.handler.HandlerProcessor.callHandlersResponse(HandlerProcessor.java:198)
	at com.sun.xml.internal.ws.handler.ClientSOAPHandlerTube.callHandlersOnResponse(ClientSOAPHandlerTube.java:148)
	... 95 more
Caused by: org.picketlink.common.exceptions.ConfigurationException: The security domain name could not be found. Check your jboss-web.xml.
	at org.picketlink.common.DefaultPicketLinkLogger.securityDomainNotFound(DefaultPicketLinkLogger.java:2298)
	at org.picketlink.trust.jbossws.handler.AbstractPicketLinkTrustHandler.getSecurityDomainName(AbstractPicketLinkTrustHandler.java:135)
	at org.picketlink.trust.jbossws.handler.AbstractSAML2Handler.createSecurityContext(AbstractSAML2Handler.java:138)
	... 101 more

Seems to have same cause as BZ1181632.


Version-Release number of selected component (if applicable):
2.5.3.SP15-redhat1


How reproducible:
Run the test.


Steps to Reproduce:
Follow readme [2], run test with something like:

mvn clean test -Dmaven.repo.local=/home/user/test/jboss-eap-6.4.0.ER1-maven-repository/ -Djboss.dist=/home/user/test/jboss-eap-6.3 -Dtest=POJOWSAuthorizationTestCase#testWSInteraction



Customer impact
===============
Customers using PicketLink are unable to authorize to web services secured by security token service on JBoss EAP server.

Comment 5 Ondrej Kotek 2015-01-27 10:12:18 UTC

Verified in JBoss EAP 6.3.3.CR2.

Note You need to log in before you can comment on or make changes to this bug.