Wso2 如何在安全对话场景中配置sct issuer config参数

我正在使用WSO2 Identity Server 4.6.0安全场景5中的STS服务和WSO2应用服务器5.2.1安全场景15中的webservice进行secureconversation场景中的工作

当我从WSO2请求令牌时，我收到此错误：

SEVERE: errorInObtainingToken
org.apache.axis2.AxisFault: Expected parameter missing : "sct-issuer-config" 
    at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:531)
    at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:375)
    at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:421)
    at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
    at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
    at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:555)
    at org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:150)
org.apache.rahas.TrustException: Error in obtaining token from : "https://localhost:9449/services/wso2carbon-sts"
    at org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:159)

您知道如何在我的代码中配置sct issuer config参数吗？它是客户端还是服务器端

编辑：我将配置不放在部署在WSO2中的服务中，而是放在部署在WSO2中的STS服务中，并且错误更改。现在是这样：

org.apache.rahas.TrustException: Error in obtaining token from : "https://localhost:9449/services/wso2carbon-sts"
    at org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:159)
    at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
    at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:57)
    at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:43)
    at java.lang.reflect.Method.invoke(Method.java:601)
    at com.intellij.rt.execution.application.AppMain.main(AppMain.java:120)
Caused by: org.apache.axis2.AxisFault: java.lang.RuntimeException: Undefined 'Unsupported WS-SecureConversation version' resource property
    at org.apache.axis2.util.Utils.getInboundFaultFromMessageContext(Utils.java:531)
    at org.apache.axis2.description.OutInAxisOperationClient.handleResponse(OutInAxisOperation.java:375)
    at org.apache.axis2.description.OutInAxisOperationClient.send(OutInAxisOperation.java:421)
    at org.apache.axis2.description.OutInAxisOperationClient.executeImpl(OutInAxisOperation.java:229)
    at org.apache.axis2.client.OperationClient.execute(OperationClient.java:165)
    at org.apache.axis2.client.ServiceClient.sendReceive(ServiceClient.java:555)
    at org.apache.rahas.client.STSClient.requestSecurityToken(STSClient.java:150)
    ... 6 more

---

谢谢。

sct issuer config

应该作为axis2参数添加到您的服务中，当您通过UI使用安全方案对其进行保护时。它通常如下所示。您可以尝试手动将此参数添加到服务中，然后重试

  <parameter name="sct-issuer-config" type="2">
     <sct-issuer-config>
        <cryptoProperties>
           <crypto provider="org.wso2.carbon.security.util.ServerCrypto">
              <property name="org.wso2.carbon.security.crypto.alias">wso2carbon</property>
              <property name="org.wso2.carbon.security.crypto.privatestore">wso2carbon.jks</property>
           </crypto>
        </cryptoProperties>
        <keyComputation>3</keyComputation>
        <proofKeyType>BinarySecret</proofKeyType>
        <addRequestedAttachedRef/>
        <addRequestedUnattachedRef/>
     </sct-issuer-config>
  </parameter>
  <parameter name="token-canceler-config" type="2">
     <token-canceler-config/>
     <parameter name="token-canceler-config" type="1">
        <token-canceler-config/>
     </parameter>
  </parameter>

WSO2碳
wso2carbon.jks
3.
二进制秘密

要验证是否添加了sct issuer config参数，请打开carbon_home/repository/deployment/server/serviceMatafiles/.xml，检查我问题中的编辑…现在错误更改为：org.apache.axis2.AxisFault:java.lang.RuntimeException:Undefined'Unsupported WS-SecureConversation version'资源属性我将此配置放在HelloService.xml文件中重新启动AS服务器，并通过UI检查参数是否正确。然后重新启动IS to，问题仍然存在……但现在我遇到了另一个错误：org.apache.rahas.TrustException:从以下位置获取令牌时出错：“”，原因是：org.apache.axis2.AxisFault:第一个元素必须包含本地名称信封，但是发现了html…当我登录WSO2并更新STS服务中的安全策略时，更多的html消失了。