Hi Ming, Seems like everything was installed successfully, but when I tried to access trader_client in domain2, I get the following error:
"opensso agent exception starting filter richfaces java.lang.classnotfoundexception: org.ajax4jsf.filter" Do you think I'm missing a file in the lib folder? Joby ________________________________________ From: Ming Jin [[email protected]] Sent: Thursday, September 17, 2009 6:51 AM To: [email protected] Subject: Re: Metro CBS Hi Ben, > 1. Can you give examples of domain1,2,3? First, let me clarify the reason why we need so many domains here: - sp and idp should be installed and configured in two domains separately with different names - the policy agent should be installed into a third domain in which no opensso.war is deployed - the trader_client app should be deployed in the same domain with policy agent Due to these constraints, I recommend that you create three domains under glassfish, for example, domain1, domain2, domain3. The deployment should be like this: - domain1(sp): opensso.war - domain2(agent): policy agent business_service.war Order_processor.war config_service.war trader_client.war active_sts.war - domain3(idp): opensso.war To avoid confusion of the domain names, I suggest: sp: www.sp.comidp: www.idp.com policy agent: www.stonehenge.com For more information of how to install OpenSSO & Policy agent, please refer to the document. 2. When do I have to use https and regular http? The document seems to > interchange them. The HTTPS should be used in the communication between SP and IdP, while the regular HTTP is used between trader_client and SP. That's why we use " http://openssohost:openssoport/opensso/WSFederationServlet/metaAlias/Fedsp"; as the OpenSSO login Url in document while using HTTPS to verify the installation of SP & IdP. 3. Which version of Metro should I be using? We should use Metro 2.0ea here, because Act_As is supported from the version. I don't think we've met the error you met, can you paste the detailed error message, like the exception stack? Please let me know if you have any problem in setting Metro CBS up. On Wed, Sep 16, 2009 at 11:40 PM, Ben Dewey <[email protected]> wrote: > Ming, > > So I seem to be making some progress with the Metro Claims Based Security. > I have a few starting questions: > > 1. Can you give examples of domain1,2,3? > a. I'm trying to use sp.stonehenge.com, dev.stonehenge.com, and > agent.stonehenge.com, correct?, should one be called idp? Which one? > > > 2. When do I have to use https and regular http? The document seems to > interchange them. > > > 3. Which version of Metro should I be using? > a. With 1.5 and 1.5.1, I get a Cannot find symbol class > STSIssuedTokenFeature, building trader_client > b. With 2.0ea, I get a Cannot find symbol variable ACT_AS, building > trader_client > > > > Additionally, I'm a bit confused as to what war files get deployed to what > domains? Can you correct me if I'm wrong here? > > Domain1 (SP): > opensso.war > > Domain2 (DEV): > opensso.war > business_service.war > Order_processor.war > config_service.war > trader_client.war > active_sts.war > > Domain3 (AGENT): > opensso.war > agentapp.war > > > Sorry in advance for my lack of understanding for Metro CBS. > > > -Ben Dewey > > -- Ming Jin Consultant Thoughtworks, Inc Mobile: +44 07503 144174(London) +86 135 2125 6300(Beijing) Gtalk: [email protected] MSN: [email protected] Blog: http://blogjava.net/mingj Twitter: https://twitter.com/mingjin
