Author: nandana
Date: Mon Jun 23 07:37:14 2008
New Revision: 670638
URL: http://svn.apache.org/viewvc?rev=670638&view=rev
Log:
Giving Rampart site a new look :)
Added:
webservices/rampart/trunk/java/modules/documentation/src/site/xdoc/setting-up-sts.xml
Added:
webservices/rampart/trunk/java/modules/documentation/src/site/xdoc/setting-up-sts.xml
URL:
http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/documentation/src/site/xdoc/setting-up-sts.xml?rev=670638&view=auto
==============================================================================
---
webservices/rampart/trunk/java/modules/documentation/src/site/xdoc/setting-up-sts.xml
(added)
+++
webservices/rampart/trunk/java/modules/documentation/src/site/xdoc/setting-up-sts.xml
Mon Jun 23 07:37:14 2008
@@ -0,0 +1,64 @@
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+ <document>
+ <properties>
+ <title>Setting up a Security Token Service</title>
+ </properties>
+ <head>
+ </head>
+ <body>
+ <h1>Setting up a Security Token Service</h1>
+ <h3>Setting up a Security Token Service</h3>
+ <p>Security Token Service can be set up as per WS-Trust specification
using Rampart. The default security token service shipped with the rampart
distribution is contained in the rampart-trust.mar module. It can issue SCT
tokens and SAML tokens. Sample05 contains a client that connects to the default
STS and obtain a SAML token. The services.xml in the sample contains
"saml-issuer-config" parameter that is used to configure the default SAML
issuer.</p>
+ <strong>STS with a custom issuer</strong>
+ <p>First the default rampart.mar has to be removed from the modules.
Then write you own issuer implementing the
<code>"org.apache.rahas.TokenIssuer"</code> interface. Let's say that your
issuer is <code>"org.custom.MyIssuer"</code>. Then create a Axis2 service
archive with the following in the services.xml. Drop the archive into the
repository and you have a STS with a CustomToken issuer.</p>
+
+ <pre>
+
+<module ref="rampart" />
+
+<operation name="IssueToken"
+ mep="http://www.w3.org/2006/01/wsdl/in-out">
+ <messageReceiver
+ class="org.apache.rahas.STSMessageReceiver"/>
+
+ <!-- Action mapping to accept RST requests -->
+
<actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT</actionMapping>
+
<actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</actionMapping>
+
<actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Renew</actionMapping>
+
<actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Cancel</actionMapping>
+
<actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel</actionMapping>
+
<actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Validate</actionMapping>
+
+ <parameter name="token-dispatcher-configuration">
+ <token-dispatcher-configuration>
+ <!-- Issuers. You may have many issuers. -->
+ <issuer class="org.custom.MyIssuer" default="true">
+ <configuration
+
type="parameter">saml-issuer-config</configuration>
+
<tokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</tokenType>
+ </issuer>
+ </token-dispatcher-configuration>
+ </parameter>
+
+</operation>
+
+</pre>
+ </body>
+ </document>
\ No newline at end of file
