Hi,

I'm setting up Office 365 federation and I have some problems using
active authentication.
I have set up federation according to documentation and passive
authentication works without any problem.

But when I try to perform active authentication (WS-Trust) with for
example word or onedrive for business I get following error in
catalina.log:

Code:
--------------------
Dec 10, 2014 5:50:54 PM com.sun.xml.ws.api.message.Packet populateAddressingHeaders
INFO: WSA headers are not added as value for wsa:Action cannot be resolved for this message
Dec 10, 2014 5:50:55 PM com.sun.xml.wss.impl.misc.DefaultSecurityEnvironme ntImpl authenticateUser
SEVERE: WSS0225: Exception occured in Password Validation Callback
java.lang.NullPointerException
at com.novell.nidp.wstrust.auth.validators.NAMRealmAu thenticationAdapter.A(y:2389)
at com.novell.nidp.wstrust.auth.validators.NAMRealmAu thenticationAdapter.authenticate(y:351)
at com.sun.xml.wss.RealmAuthenticationAdapter.authent icate(RealmAuthenticationAdapter.java:93)
at com.sun.xml.wss.impl.misc.DefaultSecurityEnvironme ntImpl.authenticateUser(DefaultSecurityEnvironment Impl.java:1173)
at com.sun.xml.ws.security.opt.impl.incoming.Username TokenHeader.validate(UsernameTokenHeader.java:160)
at com.sun.xml.ws.security.opt.impl.incoming.Security Recipient.handleSecurityHeader(SecurityRecipient.j ava:368)
at com.sun.xml.ws.security.opt.impl.incoming.Security Recipient.cacheHeaders(SecurityRecipient.java:296)
at com.sun.xml.ws.security.opt.impl.incoming.Security Recipient.validateMessage(SecurityRecipient.java:2 45)
at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.verify InboundMessage(SecurityTubeBase.java:455)
at com.sun.xml.wss.jaxws.impl.SecurityServerTube.proc essRequest(SecurityServerTube.java:295)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:1 136)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:10 50)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:101 9)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:8 77)
at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSE ndpointImpl.java:420)
at com.sun.xml.ws.transport.http.HttpAdapter$HttpTool kit.handle(HttpAdapter.java:687)
at com.sun.xml.ws.transport.http.HttpAdapter.handle(H ttpAdapter.java:266)
at com.sun.xml.ws.transport.http.servlet.ServletAdapt er.invokeAsync(ServletAdapter.java:225)
at com.sun.xml.ws.transport.http.servlet.WSServletDel egate.doGet(WSServletDelegate.java:161)
at com.sun.xml.ws.transport.http.servlet.WSServletDel egate.doPost(WSServletDelegate.java:197)
at com.sun.xml.ws.transport.http.servlet.WSServlet.do Post(WSServlet.java:81)
at com.novell.nidp.wstrust.servlet.CustomSTSServlet.d oPost(y:393)
at javax.servlet.http.HttpServlet.service(HttpServlet .java:647)
at javax.servlet.http.HttpServlet.service(HttpServlet .java:728)
at org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:305)
at org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invo ke(StandardWrapperValve.java:222)
at org.apache.catalina.core.StandardContextValve.invo ke(StandardContextValve.java:123)
at org.apache.catalina.authenticator.AuthenticatorBas e.invoke(AuthenticatorBase.java:502)
at org.apache.catalina.core.StandardHostValve.invoke( StandardHostValve.java:171)
at org.apache.catalina.valves.ErrorReportValve.invoke (ErrorReportValve.java:99)
at org.apache.catalina.core.StandardEngineValve.invok e(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.servic e(CoyoteAdapter.java:408)
at org.apache.coyote.http11.AbstractHttp11Processor.p rocess(AbstractHttp11Processor.java:1023)
at org.apache.coyote.AbstractProtocol$AbstractConnect ionHandler.process(AbstractProtocol.java:589)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProce ssor.run(JIoEndpoint.java:310)
at java.util.concurrent.ThreadPoolExecutor.runWorker( ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run (ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:724)

Dec 10, 2014 5:50:55 PM com.sun.xml.wss.jaxws.impl.SecurityServerTube processRequest
SEVERE: WSSTUBE0025: Error in Verifying Security in the Inbound Message.
com.sun.xml.wss.XWSSecurityException: java.lang.NullPointerException
at com.sun.xml.wss.impl.misc.DefaultSecurityEnvironme ntImpl.authenticateUser(DefaultSecurityEnvironment Impl.java:1180)
at com.sun.xml.ws.security.opt.impl.incoming.Username TokenHeader.validate(UsernameTokenHeader.java:160)
at com.sun.xml.ws.security.opt.impl.incoming.Security Recipient.handleSecurityHeader(SecurityRecipient.j ava:368)
at com.sun.xml.ws.security.opt.impl.incoming.Security Recipient.cacheHeaders(SecurityRecipient.java:296)
at com.sun.xml.ws.security.opt.impl.incoming.Security Recipient.validateMessage(SecurityRecipient.java:2 45)
at com.sun.xml.wss.jaxws.impl.SecurityTubeBase.verify InboundMessage(SecurityTubeBase.java:455)
at com.sun.xml.wss.jaxws.impl.SecurityServerTube.proc essRequest(SecurityServerTube.java:295)
at com.sun.xml.ws.api.pipe.Fiber.__doRun(Fiber.java:1 136)
at com.sun.xml.ws.api.pipe.Fiber._doRun(Fiber.java:10 50)
at com.sun.xml.ws.api.pipe.Fiber.doRun(Fiber.java:101 9)
at com.sun.xml.ws.api.pipe.Fiber.runSync(Fiber.java:8 77)
at com.sun.xml.ws.server.WSEndpointImpl$2.process(WSE ndpointImpl.java:420)
at com.sun.xml.ws.transport.http.HttpAdapter$HttpTool kit.handle(HttpAdapter.java:687)
at com.sun.xml.ws.transport.http.HttpAdapter.handle(H ttpAdapter.java:266)
at com.sun.xml.ws.transport.http.servlet.ServletAdapt er.invokeAsync(ServletAdapter.java:225)
at com.sun.xml.ws.transport.http.servlet.WSServletDel egate.doGet(WSServletDelegate.java:161)
at com.sun.xml.ws.transport.http.servlet.WSServletDel egate.doPost(WSServletDelegate.java:197)
at com.sun.xml.ws.transport.http.servlet.WSServlet.do Post(WSServlet.java:81)
at com.novell.nidp.wstrust.servlet.CustomSTSServlet.d oPost(y:393)
at javax.servlet.http.HttpServlet.service(HttpServlet .java:647)
at javax.servlet.http.HttpServlet.service(HttpServlet .java:728)
at org.apache.catalina.core.ApplicationFilterChain.in ternalDoFilter(ApplicationFilterChain.java:305)
at org.apache.catalina.core.ApplicationFilterChain.do Filter(ApplicationFilterChain.java:210)
at org.apache.catalina.core.StandardWrapperValve.invo ke(StandardWrapperValve.java:222)
at org.apache.catalina.core.StandardContextValve.invo ke(StandardContextValve.java:123)
at org.apache.catalina.authenticator.AuthenticatorBas e.invoke(AuthenticatorBase.java:502)
at org.apache.catalina.core.StandardHostValve.invoke( StandardHostValve.java:171)
at org.apache.catalina.valves.ErrorReportValve.invoke (ErrorReportValve.java:99)
at org.apache.catalina.core.StandardEngineValve.invok e(StandardEngineValve.java:118)
at org.apache.catalina.connector.CoyoteAdapter.servic e(CoyoteAdapter.java:408)
at org.apache.coyote.http11.AbstractHttp11Processor.p rocess(AbstractHttp11Processor.java:1023)
at org.apache.coyote.AbstractProtocol$AbstractConnect ionHandler.process(AbstractProtocol.java:589)
at org.apache.tomcat.util.net.JIoEndpoint$SocketProce ssor.run(JIoEndpoint.java:310)
at java.util.concurrent.ThreadPoolExecutor.runWorker( ThreadPoolExecutor.java:1145)
at java.util.concurrent.ThreadPoolExecutor$Worker.run (ThreadPoolExecutor.java:615)
at java.lang.Thread.run(Thread.java:724)
Caused by: java.lang.NullPointerException
at com.novell.nidp.wstrust.auth.validators.NAMRealmAu thenticationAdapter.A(y:2389)
at com.novell.nidp.wstrust.auth.validators.NAMRealmAu thenticationAdapter.authenticate(y:351)
at com.sun.xml.wss.RealmAuthenticationAdapter.authent icate(RealmAuthenticationAdapter.java:93)
at com.sun.xml.wss.impl.misc.DefaultSecurityEnvironme ntImpl.authenticateUser(DefaultSecurityEnvironment Impl.java:1173)
... 35 more

Dec 10, 2014 5:50:55 PM com.sun.xml.ws.api.message.Packet populateAddressingHeaders
INFO: WSA headers are not added as value for wsa:Action cannot be resolved for this message
--------------------


And there is nothing in NIDP*.xml log.

I have manually tested "Name/Password - Form - WebService" method (added
to class and performed authentication) and it works.

Can anybody help?

regs S


--
sebastijan
------------------------------------------------------------------------
sebastijan's Profile: https://forums.netiq.com/member.php?userid=271
View this thread: https://forums.netiq.com/showthread.php?t=52395