5 Replies Latest reply on Sep 19, 2005 12:10 PM by 807573

    Fail to get SSO Token

    807573
      I'm working with a project supporting SSO. My dev env is Identity Server 5.1 as LDAP server, our application is deployed over IAS 7.0 with agent.

      The problem I encountered is:
      SSOException: Service URL not found
      When I tried sample codes to obtain SSO token:
      SSOTokenManager manager = SSOTokenManager.getInstance();     
      SSOToken token = manager.createSSOToken(request);

      More detail error info is found in amJSS:
      12/25/2003 01:51:11:474 涓嬪崍 CST: Thread[service-j2ee,5,main]
      ERROR: Crypt: Initialize JSS
      java.security.AccessControlException: access denied (java.security.SecurityPermission putProviderProperty.Mozilla-JSS)
           at java.security.AccessControlContext.checkPermission(AccessControlContext.java:270)
           at java.security.AccessController.checkPermission(AccessController.java:401)
           at java.lang.SecurityManager.checkPermission(SecurityManager.java:542)
           at java.lang.SecurityManager.checkSecurityAccess(SecurityManager.java:1698)
           at java.security.Provider.check(Provider.java:384)
           at java.security.Provider.put(Provider.java:339)
           at org.mozilla.jss.provider.Provider.<init>(Provider.java:45)
           at org.mozilla.jss.CryptoManager.initialize(CryptoManager.java:795)
           at com.iplanet.services.util.JSSEncryption.<clinit>(JSSEncryption.java:146)
           at com.iplanet.services.util.Crypt.<clinit>(Crypt.java:68)
           at com.iplanet.dpro.session.SessionID.parseSessionString(SessionID.java:266)
           at com.iplanet.dpro.session.SessionID.getSessionServerProtocol(SessionID.java:164)
           at com.iplanet.dpro.session.Session.getSessionServiceURL(Session.java:654)
           at com.iplanet.dpro.session.Session.getSession(Session.java:526)
           at com.iplanet.sso.providers.dpro.SSOProviderImpl.createSSOToken(SSOProviderImpl.java:56)
           at com.iplanet.sso.SSOTokenManager.createSSOToken(SSOTokenManager.java:226)
           at com.iss.system.security.SecurityFilter.doFilter(Unknown Source)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213)
           at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:98)
           at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:176)
           at java.security.AccessController.doPrivileged(Native Method)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:172)
           at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:265)
           at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
           at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
           at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
           at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:203)
           at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
           at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:157)
           at com.iplanet.ias.web.WebContainer.service(WebContainer.java:598)

      12/25/2003 01:51:11:521 &#28051;&#23338;&#23821; CST: Thread[service-j2ee,5,main]
      ERROR: createing symKey
      java.lang.NullPointerException
           at com.iplanet.services.util.JSSEncryption.initSymmetricKeysAndInitializationVectors(JSSEncryption.java:200)
           at com.iplanet.services.util.JSSEncryption.<clinit>(JSSEncryption.java:176)
           at com.iplanet.services.util.Crypt.<clinit>(Crypt.java:68)
           at com.iplanet.dpro.session.SessionID.parseSessionString(SessionID.java:266)
           at com.iplanet.dpro.session.SessionID.getSessionServerProtocol(SessionID.java:164)
           at com.iplanet.dpro.session.Session.getSessionServiceURL(Session.java:654)
           at com.iplanet.dpro.session.Session.getSession(Session.java:526)
           at com.iplanet.sso.providers.dpro.SSOProviderImpl.createSSOToken(SSOProviderImpl.java:56)
           at com.iplanet.sso.SSOTokenManager.createSSOToken(SSOTokenManager.java:226)
           at com.iss.system.security.SecurityFilter.doFilter(Unknown Source)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213)
           at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:98)
           at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:176)
           at java.security.AccessController.doPrivileged(Native Method)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:172)
           at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:265)
           at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
           at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
           at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
           at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:203)
           at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
           at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:157)
           at com.iplanet.ias.web.WebContainer.service(WebContainer.java:598)

      12/25/2003 01:51:11:521 &#28051;&#23338;&#23821; CST: Thread[service-j2ee,5,main]
      ERROR: createing symKey
      java.lang.NullPointerException
           at com.iplanet.services.util.JSSEncryption.initSymmetricKeysAndInitializationVectors(JSSEncryption.java:200)
           at com.iplanet.services.util.JSSEncryption.<clinit>(JSSEncryption.java:176)
           at com.iplanet.services.util.Crypt.<clinit>(Crypt.java:68)
           at com.iplanet.dpro.session.SessionID.parseSessionString(SessionID.java:266)
           at com.iplanet.dpro.session.SessionID.getSessionServerProtocol(SessionID.java:164)
           at com.iplanet.dpro.session.Session.getSessionServiceURL(Session.java:654)
           at com.iplanet.dpro.session.Session.getSession(Session.java:526)
           at com.iplanet.sso.providers.dpro.SSOProviderImpl.createSSOToken(SSOProviderImpl.java:56)
           at com.iplanet.sso.SSOTokenManager.createSSOToken(SSOTokenManager.java:226)
           at com.iss.system.security.SecurityFilter.doFilter(Unknown Source)
           at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:213)
           at org.apache.catalina.core.ApplicationFilterChain.access$000(ApplicationFilterChain.java:98)
           at org.apache.catalina.core.ApplicationFilterChain$1.run(ApplicationFilterChain.java:176)
           at java.security.AccessController.doPrivileged(Native Method)
           at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:172)
           at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:265)
           at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
           at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:212)
           at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
           at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:203)
           at org.apache.catalina.core.StandardPipeline.invoke(StandardPipeline.java:505)
           at com.iplanet.ias.web.connector.nsapi.NSAPIProcessor.process(NSAPIProcessor.java:157)
           at com.iplanet.ias.web.WebContainer.service(WebContainer.java:598)


      I encounted the same problem in both Win2000 and Solaris8 platform.

      Strangely I tested it before and succeeded, but I can't replay the pleasant case after the reinstallation.
      I suppose that maybe I gave some misconfiguration in the installation. Can anybody give me some hints? Thanks ahead!