Re: Configuration Issue with FEDIZ

Wed, 17 Sep 2014 09:39:42 -0700 

Colm:
Thank you for the tip, that was the problem, Ioannis had suggested the same to me. I think the basic configuration listed on 
http://cxf.apache.org/fediz-configuration.html
is misleading (wrong issuer and no realm) and should be updated, it currently reads: 

|<?||xml| |version="1.0" encoding="UTF-8" standalone="yes"?>|
|<||FedizConfig||>|
|||<||contextConfig| |name="/fedizhelloworld">|
|        ..|

|||<||protocol| |xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; 
<http://www.w3.org/2001/XMLSchema-instance%22> 
xsi:type="federationProtocolType" version="1.2">|

|||<||issuer||>https://localhost:9443/fediz-idp/</||issuer||>|
|||</||protocol||>|
|||</||contextConfig||>|
|</||FedizConfig||>

should be

<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<FedizConfig>
    <contextConfig name="/fedizhelloworld">
        ..

        <protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"; 
xsi:type="federationProtocolType" version="1.2">

<issuer>https://localhost:9443/fediz-idp/federation</issuer>
 <realm>urn:org:apache:cxf:fediz:fedizhelloworld</realm>
        </protocol>
    </contextConfig>
</FedizConfig>
|

Many Thanks

On 9/17/2014 9:27 AM, Colm O hEigeartaigh wrote:

Hi,

The problem appears to be that the IdP URL is misconfigured - the value for
the "issuer" URL in the "fediz_config.xml" you are using should be "
https://localhost:9443/fediz-idp/federation"; and not "
https://localhost:9443/fediz-idp";.

Colm.

On Mon, Sep 15, 2014 at 7:00 PM, Rajeev Parekh <[email protected]

wrote:
Hello

I am a newbie to both CXF and FEDIZ, I wanted to install and configure the
basic test case with one IDP, STS & one RP. here is what I have so far:

* The default IDP & STS wars deployed and configured in one tomcat
instance running on https/9443 for REALM A as explained in the config doc
* The FEDIZ HelloWorld RP deployed in a separate TOMCAT instance available
on https/8443
* The default trust keystores available to both the IDP/STS and RP
instances

Here is the problem I am facing:
* Access the RP: https://localhost:8443/fedizhelloworld/secure/fedservlet
* Redirected to https://localhost:9443/fediz-idp/?wa=wsignin1.0&wreply=
https://localhost:8443/fedizhelloworld/secure/fedservlet&wtrealm=https://
localhost:8443/fedizhelloworld/&wct=2014-09-15T17:25:48.112Z

** NOW The IDP does not redirect to Login, but instead just displays the
IDP index.html

Can you please guide me to the required config so as to get the basic flow
working. I am attaching the config files from the IDP side

Thanks In Advance

































					Reply via email to