I am developing an STS with some customized behavior. In particular, I need to use a custom TokenValidator, and possibly a custom TokenProvider as well. I've read (and am trying to follow) Colm and Oliver's blog series on how the CXF STS works. I believe I've set up and configured my STS project correctly.
My next step is to develop a unit test to send security token request messages to my STS web service. I've followed the approach taken by IssueUnitTest in the CXF codebase. Specifically, the test initiates and starts an STSServer in the setup. I am running the test with standalone=true, which (as I understand it) means that the STSServer allocates an open port, starts up an http(s) jax-ws endpoint, and enables the service. Then the test creates an STSClient, which sends a proper RST message to the service. Unfortunately, I'm not getting past square one...when the STSClient initiates, it is hitting the WSDL URL (created from the allocated port) but is getting a "ConnectionRefused" exception. So it appears the endpoint is never fully starting. First of all...is this the right approach to unit testing an STS with custom token validators/providers? Or is there an easier/better way to do this? Any examples from outside the CXF codebase I can follow? Assuming this is the right approach...any hints on how to track down where the problem is happening with standing up the endpoint? Thanks for any help you can offer. --Scott
