CMDBuild Forum

Webservice e CAS

Old Versions
#1

Salve a tutti,

nell'installazione di CMDBuild che abbiamo nel nostro progetto abbiamo configurato l'autenticazione tramite CAS. Ora dovremmo collegarci ai webservice esposti ma quando effettuiamo la connessione ci viene restituito il seguente errore:

the security token could not be authenticated or authorized

Immagino che sia ovviamente per la configurazione con CAS, qualcuno sa come è possibile effettuare una connessione ai webservice in questa modalità?

 

#2

Sul log trovo quest'errore

 

<pre>

WARN  2014-01-24 11:11:38 [org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor]

org.apache.ws.security.WSSecurityException: The security token could not be authenticated or authorized

    at org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:133)

    at org.apache.ws.security.processor.UsernameTokenProcessor.handleToken(UsernameTokenProcessor.java:61)

    at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:328)

    at org.apache.ws.security.WSSecurityEngine.processSecurityHeader(WSSecurityEngine.java:245)

    at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:219)

    at org.apache.cxf.ws.security.wss4j.WSS4JInInterceptor.handleMessage(WSS4JInInterceptor.java:81)

    at org.apache.cxf.phase.PhaseInterceptorChain.doIntercept(PhaseInterceptorChain.java:255)

    at org.apache.cxf.transport.ChainInitiationObserver.onMessage(ChainInitiationObserver.java:113)

    at org.apache.cxf.transport.servlet.ServletDestination.invoke(ServletDestination.java:102)

    at org.apache.cxf.transport.servlet.ServletController.invokeDestination(ServletController.java:464)

    at org.apache.cxf.transport.servlet.ServletController.invoke(ServletController.java:188)

    at org.apache.cxf.transport.servlet.AbstractCXFServlet.invoke(AbstractCXFServlet.java:148)

    at org.apache.cxf.transport.servlet.AbstractHTTPServlet.handleRequest(AbstractHTTPServlet.java:179)

    at org.apache.cxf.transport.servlet.AbstractHTTPServlet.doPost(AbstractHTTPServlet.java:103)

    at javax.servlet.http.HttpServlet.service(HttpServlet.java:641)

    at org.apache.cxf.transport.servlet.AbstractHTTPServlet.service(AbstractHTTPServlet.java:159)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:305)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

    at org.cmdbuild.filters.AuthFilter.doFilter(AuthFilter.java:54)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

    at org.cmdbuild.filters.PatchManagerFilter.doFilter(PatchManagerFilter.java:28)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

    at org.cmdbuild.filters.ConfCheckFilter.doFilter(ConfCheckFilter.java:31)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

    at org.cmdbuild.filters.TranslationFilter.doFilter(TranslationFilter.java:37)

    at org.apache.catalina.core.ApplicationFilterChain.internalDoFilter(ApplicationFilterChain.java:243)

    at org.apache.catalina.core.ApplicationFilterChain.doFilter(ApplicationFilterChain.java:210)

    at org.apache.catalina.core.StandardWrapperValve.invoke(StandardWrapperValve.java:222)

    at org.apache.catalina.core.StandardContextValve.invoke(StandardContextValve.java:123)

    at org.apache.catalina.authenticator.AuthenticatorBase.invoke(AuthenticatorBase.java:472)

    at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:168)

    at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:99)

    at org.apache.catalina.valves.AccessLogValve.invoke(AccessLogValve.java:929)

    at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:118)

    at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:407)

    at org.apache.coyote.ajp.AjpProcessor.process(AjpProcessor.java:200)

    at org.apache.coyote.AbstractProtocol$AbstractConnectionHandler.process(AbstractProtocol.java:585)

    at org.apache.tomcat.util.net.JIoEndpoint$SocketProcessor.run(JIoEndpoint.java:310)

    at java.util.concurrent.ThreadPoolExecutor$Worker.runTask(ThreadPoolExecutor.java:886)

    at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:908)

    at java.lang.Thread.run(Thread.java:662)

Caused by: javax.security.auth.callback.UnsupportedCallbackException

    at org.cmdbuild.services.soap.security.PasswordHandler.handle(PasswordHandler.java:29)

    at org.apache.ws.security.processor.UsernameTokenProcessor.handleUsernameToken(UsernameTokenProcessor.java:121)

    ... 43 more

</pre>

 

Praticamente se CMDBuild è configurato con l'autenticazione CAS, è impossibile richiamare i webservice?