Bug #317: esign.eid-service.de and eid.eid-service.de hangs after InitialFrameworkResponse - Common eID - Open eCard Development Center

Actions

Copy link

Bug #317

open

esign.eid-service.de and eid.eid-service.de hangs after InitialFrameworkResponse

Added by Tobias Wich over 10 years ago. Updated over 10 years ago.

Status:

New

Priority:

Normal

Assignee:

Category:

eID-Server

Start date:

07/14/2014

Due date:

% Done:

Estimated time:

Reviewer:

Description

The services mentioned above fail to send the next request message over the PAOS channel to the eCard Client in case the version number in the InitializeFrameworkResponse is set to the currently active version of the eCard API Framework (1.1.4) as requested in BSI TR-03112-3, Sec. 3.1.1

The following log fragmet shows the commonication with eid.eid-service.de. After the InitializeFrameworkResponse is sent, a StartPAOSResponse is sent back after a timeout is triggered in the server. Depending on the service the SP receives an error or is stuck as well.


2014-07-14 14:55:51,879 [PAOS] DEBUG org.openecard.transport.paos.PAOS:-1 - Message received:
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<ns1:Envelope xmlns:ns1="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns2="urn:liberty:paos:2003-08" xmlns:ns3="urn:liberty:paos:2006-08" xmlns:ns5="http://www.w3.org/2005/03/addressing">
  <ns1:Header>
    <ns5:MessageID>urn:uuid9cbd01a836dbdc4776b7f2da408fa38da6b84f7f</ns5:MessageID>
    <ns5:ReplyTo>
      <ns5:Address>https://eid.eid-service.de:443</ns5:Address>
    </ns5:ReplyTo>
    <ns5:Action>http://www.bsi.bund.de/ecard/api/1.1/PAOS/GetNextCommand</ns5:Action>
  </ns1:Header>
  <ns1:Body>
    <ns3:InitializeFramework xmlns:ns10="http://uri.etsi.org/01903/v1.3.2#" xmlns:ns11="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ns12="http://www.w3.org/2001/04/xmlenc#" xmlns:ns13="urn:oasis:names:tc:dss:1.0:core:schema" xmlns:ns14="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:ns15="http://www.w3.org/2001/04/xmldsig-more#" xmlns:ns16="http://paos.eidserver.openlimit.com/" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" xmlns:ns3="http://www.bsi.bund.de/ecard/api/1.1" xmlns:ns4="urn:iso:std:iso-iec:24727:tech:schema" xmlns:ns5="http://uri.etsi.org/02231/v3.1.2#" xmlns:ns6="http://uri.etsi.org/02231/v2.1.1#" xmlns:ns7="http://uri.etsi.org/02231/v2.x#" xmlns:ns8="http://www.setcce.org/schemas/ers" xmlns:ns9="urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:schema#"/>
  </ns1:Body>
</ns1:Envelope>

2014-07-14 14:55:51,881 [PAOS] DEBUG org.openecard.transport.httpcore.HttpUtils:-1 - HTTP Request (before adding content):
  POST /?sessionid=4f184b91494fc99b9e99754f4950 HTTP/1.1
  Connection: keep-alive
  User-Agent: Open-eCard-App/1.1.0-SNAPSHOT
  Host: eid.eid-service.de:443
  PAOS: ver="urn:liberty:paos:2006-08" 
  Accept: text/html; application/vnd.paos+xml

2014-07-14 14:55:51,882 [PAOS] DEBUG org.openecard.transport.paos.PAOS:-1 - Message sent:
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<Envelope xmlns="http://schemas.xmlsoap.org/soap/envelope/">
  <Header>
    <PAOS xmlns:ns0="http://schemas.xmlsoap.org/soap/envelope/" ns0:actor="http://schemas.xmlsoap.org/soap/actor/next" xmlns:ns1="http://schemas.xmlsoap.org/soap/envelope/" ns1:mustUnderstand="1" xmlns="urn:liberty:paos:2006-08">
      <Version>urn:liberty:paos:2006-08</Version>
      <EndpointReference>
        <Address>http://www.projectliberty.org/2006/01/role/paos</Address>
        <MetaData>
          <ServiceType>http://www.bsi.bund.de/ecard/api/1.1/PAOS/GetNextCommand</ServiceType>
        </MetaData>
      </EndpointReference>
    </PAOS>
    <ReplyTo xmlns="http://www.w3.org/2005/03/addressing">
      <Address>http://www.projectliberty.org/2006/02/role/paos</Address>
    </ReplyTo>
    <RelatesTo xmlns="http://www.w3.org/2005/03/addressing">urn:uuid9cbd01a836dbdc4776b7f2da408fa38da6b84f7f</RelatesTo>
    <MessageID xmlns="http://www.w3.org/2005/03/addressing">urn:uuid:27118a4d-6e53-4851-a77c-025a062a9c98</MessageID>
  </Header>
  <Body>
    <ns4:InitializeFrameworkResponse xmlns:iso="urn:iso:std:iso-iec:24727:tech:schema" xmlns:ns10="http://uri.etsi.org/01903/v1.3.2#" xmlns:ns11="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:ns12="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ns13="http://www.w3.org/2001/04/xmlenc#" xmlns:ns14="http://ws.openecard.org/schema" xmlns:ns15="http://www.w3.org/2001/04/xmldsig-more#" xmlns:ns16="http://www.w3.org/2007/05/xmldsig-more#" xmlns:ns2="urn:oasis:names:tc:dss:1.0:core:schema" xmlns:ns3="http://www.w3.org/2000/09/xmldsig#" xmlns:ns4="http://www.bsi.bund.de/ecard/api/1.1" xmlns:ns5="http://uri.etsi.org/02231/v2.1.1#" xmlns:ns6="http://uri.etsi.org/02231/v2.x#" xmlns:ns7="http://uri.etsi.org/02231/v3.1.2#" xmlns:ns8="http://www.setcce.org/schemas/ers" xmlns:ns9="urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:schema#">
      <ns2:Result>
        <ns2:ResultMajor>http://www.bsi.bund.de/ecard/api/1.1/resultmajor#ok</ns2:ResultMajor>
      </ns2:Result>
      <ns4:Version>
        <ns4:Major>1</ns4:Major>
        <ns4:Minor>1</ns4:Minor>
        <ns4:SubMinor>4</ns4:SubMinor>
      </ns4:Version>
    </ns4:InitializeFrameworkResponse>
  </Body>
</Envelope>

2014-07-14 14:57:32,152 [PAOS] DEBUG org.openecard.transport.httpcore.HttpUtils:-1 - HTTP Response:
  HTTP/1.1 200 OK
  connection: keep-alive
  Content-Type: application/vnd.paos+xml
  Content-Length: 1534
  Date: Mon, 14 Jul 2014 12:57:30 GMT
  Server: Server
<ns1:Envelope xmlns:ns2="urn:liberty:paos:2003-08" xmlns:ns1="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns3="urn:liberty:paos:2006-08" xmlns:ns5="http://www.w3.org/2005/03/addressing"><ns1:Header><ns5:MessageID>urn:uuid2d54f801cc9f95703f9d37587924c695ad13fa17</ns5:MessageID><ns5:ReplyTo><ns5:Address>https://eid.eid-service.de:443</ns5:Address></ns5:ReplyTo><ns5:Action>http://www.bsi.bund.de/ecard/api/1.1/PAOS/GetNextCommand</ns5:Action></ns1:Header><ns1:Body><ns4:StartPAOSResponse xmlns:ns16="http://paos.eidserver.openlimit.com/" xmlns:ns14="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:ns15="http://www.w3.org/2001/04/xmldsig-more#" xmlns:ns9="urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:schema#" xmlns:ns12="http://www.w3.org/2001/04/xmlenc#" xmlns:ns5="http://uri.etsi.org/02231/v3.1.2#" xmlns:ns13="urn:oasis:names:tc:dss:1.0:core:schema" xmlns:ns6="http://uri.etsi.org/02231/v2.1.1#" xmlns:ns10="http://uri.etsi.org/01903/v1.3.2#" xmlns:ns7="http://uri.etsi.org/02231/v2.x#" xmlns:ns8="http://www.setcce.org/schemas/ers" xmlns:ns11="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" xmlns:ns4="urn:iso:std:iso-iec:24727:tech:schema" xmlns:ns3="http://www.bsi.bund.de/ecard/api/1.1"><ns13:Result><ns13:ResultMajor>http://www.bsi.bund.de/ecard/api/1.1/resultmajor#error</ns13:ResultMajor><ns13:ResultMinor>http://www.bsi.bund.de/ecard/api/1.1/resultminor/dp#timeout</ns13:ResultMinor><ns13:ResultMessage/></ns13:Result></ns4:StartPAOSResponse></ns1:Body></ns1:Envelope>

2014-07-14 14:57:32,154 [PAOS] DEBUG org.openecard.transport.paos.PAOS:-1 - Message received:
<?xml version="1.0" encoding="UTF-8" standalone="no"?>
<ns1:Envelope xmlns:ns1="http://schemas.xmlsoap.org/soap/envelope/" xmlns:ns2="urn:liberty:paos:2003-08" xmlns:ns3="urn:liberty:paos:2006-08" xmlns:ns5="http://www.w3.org/2005/03/addressing">
  <ns1:Header>
    <ns5:MessageID>urn:uuid2d54f801cc9f95703f9d37587924c695ad13fa17</ns5:MessageID>
    <ns5:ReplyTo>
      <ns5:Address>https://eid.eid-service.de:443</ns5:Address>
    </ns5:ReplyTo>
    <ns5:Action>http://www.bsi.bund.de/ecard/api/1.1/PAOS/GetNextCommand</ns5:Action>
  </ns1:Header>
  <ns1:Body>
    <ns4:StartPAOSResponse xmlns:ns10="http://uri.etsi.org/01903/v1.3.2#" xmlns:ns11="urn:oasis:names:tc:SAML:2.0:assertion" xmlns:ns12="http://www.w3.org/2001/04/xmlenc#" xmlns:ns13="urn:oasis:names:tc:dss:1.0:core:schema" xmlns:ns14="urn:oasis:names:tc:SAML:1.0:assertion" xmlns:ns15="http://www.w3.org/2001/04/xmldsig-more#" xmlns:ns16="http://paos.eidserver.openlimit.com/" xmlns:ns2="http://www.w3.org/2000/09/xmldsig#" xmlns:ns3="http://www.bsi.bund.de/ecard/api/1.1" xmlns:ns4="urn:iso:std:iso-iec:24727:tech:schema" xmlns:ns5="http://uri.etsi.org/02231/v3.1.2#" xmlns:ns6="http://uri.etsi.org/02231/v2.1.1#" xmlns:ns7="http://uri.etsi.org/02231/v2.x#" xmlns:ns8="http://www.setcce.org/schemas/ers" xmlns:ns9="urn:oasis:names:tc:dss-x:1.0:profiles:verificationreport:schema#">
      <ns13:Result>
        <ns13:ResultMajor>http://www.bsi.bund.de/ecard/api/1.1/resultmajor#error</ns13:ResultMajor>
        <ns13:ResultMinor>http://www.bsi.bund.de/ecard/api/1.1/resultminor/dp#timeout</ns13:ResultMinor>
        <ns13:ResultMessage/>
      </ns13:Result>
    </ns4:StartPAOSResponse>
  </ns1:Body>
</ns1:Envelope>

Actions

Copy link

Updated by Tobias Wich over 10 years ago

Tested with https://www.huk24.de/ and https://live.esign-service.de/esign/start.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

Common eID

Bug #317

esign.eid-service.de and eid.eid-service.de hangs after InitialFrameworkResponse

Updated by Tobias Wich over 10 years ago