ok got it working.
for some reason i had a really long version of fediz_config.xml in
catalina/conf but the one in the guide
(http://coheigea.blogspot.com.es/2015/06/apache-cxf-fediz-120-tutorial-part-i.html)
was much shorter so i swapped them and then it worked.
sorry for wasting time i thought i had followed it correctly.
the next thing i want to try is to set up a jaas config like a
DataSourceRealm. should i start a new thread for that?
On 22/09/2017 16:11, Colm O hEigeartaigh wrote:
OK it sounds like something is not configured correctly. I would suggest
starting again from a clean Tomcat install, and don't bother installing the
IdP/STS, just the fedizhelloworld war, and associated configuration as
outlined on my blog. When you hit the fedservlet page then you should see a
404 when it redirects to the IdP, which would tell you that the Fediz hello
world app is working correctly. If it is still not working, please detail
the exact configuration changes you are following and I'll see if there is
anything missing.
Colm.
On Fri, Sep 22, 2017 at 2:59 PM, Matthew Broadhead <
[email protected]> wrote:
no. just a blank screen. it is like nothing is loading at all.
On 22/09/2017 15:57, Colm O hEigeartaigh wrote:
If you start with "https://localhost:9443/fedizh
elloworld/secure/fedservlet"
do you get redirected to the IdP?
Colm.
On Fri, Sep 22, 2017 at 1:15 PM, Matthew Broadhead <
[email protected]> wrote:
i tried https://localhost:9443/fedizhelloworld/secure/fedservlet and all
i get is a blank screen. if i try to go from
https://localhost:9443/fedizhelloworld to https://localhost:9443/fedizhe
lloworld/secure/fedservlet the url does not change (Chrome). nothing is
output in catalina.out.
is there a way to increase the logging level or do i change tomcat
logging.properties to FINE?
after poking around in sts i think i am getting to grips with jaas setup.
it looks like i need to create fediz-1.4.2/services/sts/src/m
ain/webapp/WEB-INF/endpoints/jaas.xml. and also change the
fediz-1.4.2/services/sts/pom.xml to
<properties>
...
<adapter.resource>jaas</adapter.resource>
...
</properties>
but the tricky thing is configuring jaas.xml to work for a basic jaas
setup rather than ldap. my jaas loginmodule works like a DataSourceRealm
e.g.
<Realm className="org.apache.catalina.realm.DataSourceRealm"
dataSourceName="directory" roleNameCol="rolename" userCredCol="password"
userNameCol="username" userRoleTable="userrole" userTable="user" />
so how to map the roles?
On 22/09/2017 13:03, Colm O hEigeartaigh wrote:
I would have thought that 401 would be expected here. You are starting
from
the IDP and it is issuing a token and redirecting back to the client
application, but the client application has no record of the request and
hence a 401. What happens if instead you start from "
https://localhost:9443/fedizhelloworld/secure/fedservlet";?
Here is some information on using JAAS with CXF:
http://coheigea.blogspot.ie/2014/10/using-jaas-with-apache-cxf.html
Colm.
On Thu, Sep 21, 2017 at 10:46 AM, Matthew Broadhead <
[email protected]> wrote:
hi,
i have been following the instructions on
http://cxf.apache.org/fediz-id
p-11.html as well as reading the articles on Colm's blog e.g.
http://coheigea.blogspot.com.es/2015/06/apache-cxf-fediz-120
-tutorial-part-i.html.
the idp and sts seem to be working. i get a "hello world" at
https://localhost:9443/fedizhelloworld/ and i get available SOAP
services
at https://localhost:9443/fediz-idp-sts/.
but when i go to (changed to 9443) https://localhost:9443/fediz-i
dp/federation?wa=wsignin1.0&wreply=https%3A%2F%2Flocalhost%
3A9443%2Ffedizhelloworld%2Fsecure%2Ffedservlet&wtrealm=
urn%3Aorg%3Aapache%3Acxf%3Afediz%3Afedizhelloworld it prompts me for
the
realm. i specify realm a and enter alice:ecila but it gives me a 401
at
https://localhost:9443/fedizhelloworld/secure/fedservlet.
also i was wondering if i already have a JAAS LoginModule created which
has users and roles can i plug that directly into the sts and is there
a
tutorial for that?
Matthew
