RE: Redirecting Fediz GreeterService to ADFS2.0

Tue, 22 May 2012 13:35:50 -0700 

Hi Gina

The configuration file is here:
http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webapp/src/main/webapp/WEB-INF/beans.xml?view=markup

The bean jaxws:client contains all the configuration to call the helloworld 
service. The property "ws-security.sts.client" contains all sts related 
configuration.

You also have to configure the trustore for the https communication which is 
here:
68     <!-- STS WSDL download -->
69     <http:conduit name="https://localhost:9443/.*";>
70     <http:tlsClientParameters disableCNCheck="true">
71     <sec:trustManagers>
72     <sec:keyStore type="jks" password="tompass" 
resource="tomcatKeystore.jks" />
73     </sec:trustManagers>
74     </http:tlsClientParameters>
75     </http:conduit>

where you can update the conduit name by the hostname of ADFS.




------

Oliver Wulff

Blog: http://owulff.blogspot.com<http://owulff.blogspot.com/>
Solution Architect
http://coders.talend.com

<http://coders.talend.com>Talend Application Integration Division 
http://www.talend.com

________________________________
From: Gina Choi [[email protected]]
Sent: 22 May 2012 21:59
To: Oliver Wulff
Cc: [email protected]
Subject: Redirecting Fediz GreeterService to ADFS2.0

Hi Oliver,

With your help, previously I have successfully connected Fediz Helloworld web 
app(http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webapp/)
 to ADFS2.0 using WS-Federation. My next goal is to change Fediz 
GreeterService(http://svn.apache.org/viewvc/cxf/fediz/trunk/examples/wsclientWebapp/webservice/service/)
 to point to ADFS2.0 using Assertion token previously obtained from 
WS-Federation. This Assertion token will be used as actas token. I am planning 
to use Symmetric bindings for Web service-client-ADFS2.0 and ADFS2.0 end point 
will be adfs/services/trust/13/usernamemixed. Everything pretty much same as 
your blog (SSO across Web Applications and Web Services - Part IV b : 
http://owulff.blogspot.com/2012/04/sso-across-web-applications-and-web_16.html) 
except that my STS is ADFS2.0. I have attached zipped mex file for my ADFS and 
wsdl file for my final .NET web service. I will send you wsdl file for 
GreeterService using Symmetric bindings later.

You previously mentioned configuring the password with the property 
"ws-security.password". Do you have a configuration file in the client side to 
add ws-security.password?

Thanks.
Gina

Reply via email to