If you start with "https://localhost:9443/fedizhelloworld/secure/fedservlet"; do you get redirected to the IdP?
Colm. On Fri, Sep 22, 2017 at 1:15 PM, Matthew Broadhead < [email protected]> wrote: > i tried https://localhost:9443/fedizhelloworld/secure/fedservlet and all > i get is a blank screen. if i try to go from > https://localhost:9443/fedizhelloworld to https://localhost:9443/fedizhe > lloworld/secure/fedservlet the url does not change (Chrome). nothing is > output in catalina.out. > > is there a way to increase the logging level or do i change tomcat > logging.properties to FINE? > > after poking around in sts i think i am getting to grips with jaas setup. > it looks like i need to create fediz-1.4.2/services/sts/src/m > ain/webapp/WEB-INF/endpoints/jaas.xml. and also change the > fediz-1.4.2/services/sts/pom.xml to > <properties> > ... > <adapter.resource>jaas</adapter.resource> > ... > </properties> > but the tricky thing is configuring jaas.xml to work for a basic jaas > setup rather than ldap. my jaas loginmodule works like a DataSourceRealm > e.g. > <Realm className="org.apache.catalina.realm.DataSourceRealm" > dataSourceName="directory" roleNameCol="rolename" userCredCol="password" > userNameCol="username" userRoleTable="userrole" userTable="user" /> > so how to map the roles? > > On 22/09/2017 13:03, Colm O hEigeartaigh wrote: > >> I would have thought that 401 would be expected here. You are starting >> from >> the IDP and it is issuing a token and redirecting back to the client >> application, but the client application has no record of the request and >> hence a 401. What happens if instead you start from " >> https://localhost:9443/fedizhelloworld/secure/fedservlet";? >> >> Here is some information on using JAAS with CXF: >> http://coheigea.blogspot.ie/2014/10/using-jaas-with-apache-cxf.html >> >> Colm. >> >> On Thu, Sep 21, 2017 at 10:46 AM, Matthew Broadhead < >> [email protected]> wrote: >> >> hi, >>> >>> i have been following the instructions on http://cxf.apache.org/fediz-id >>> p-11.html as well as reading the articles on Colm's blog e.g. >>> http://coheigea.blogspot.com.es/2015/06/apache-cxf-fediz-120 >>> -tutorial-part-i.html. >>> >>> the idp and sts seem to be working. i get a "hello world" at >>> https://localhost:9443/fedizhelloworld/ and i get available SOAP >>> services >>> at https://localhost:9443/fediz-idp-sts/. >>> >>> but when i go to (changed to 9443) https://localhost:9443/fediz-i >>> dp/federation?wa=wsignin1.0&wreply=https%3A%2F%2Flocalhost% >>> 3A9443%2Ffedizhelloworld%2Fsecure%2Ffedservlet&wtrealm= >>> urn%3Aorg%3Aapache%3Acxf%3Afediz%3Afedizhelloworld it prompts me for the >>> realm. i specify realm a and enter alice:ecila but it gives me a 401 at >>> https://localhost:9443/fedizhelloworld/secure/fedservlet. >>> >>> also i was wondering if i already have a JAAS LoginModule created which >>> has users and roles can i plug that directly into the sts and is there a >>> tutorial for that? >>> >>> Matthew >>> >>> >> >> > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
