Hi, After having configured the IDP/STS and the RP sample, I run into the issue that after the redirect to the IDP, a page with "*Access to the specified resource (Requesting security token failed) has been forbidden.*" appears. Tomcat's error trace suggests that there is something wrong with the certificates.
Caused by: sun.security.validator.ValidatorException: PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target Possibly this is caused by the rather unclear path to creating the keystores. It would seem that creating tomcat-idp.jks and tomcat-rp.jks is sufficient to get the web application up and running, but in this process stsstore.jks also needs to be created for MyIDP.cer. Strangely enough, fediz-config.xml points to stsstore.jks in the conf directory whereas the table for the keystores states that fediz-config.xml point tot tomcat-rp.jks, which according to the same table should be in the base directory of the RP samples. What is the way out of this situation? How can I get things up and running? Any help would be appreciated. I tried generating my own keystores as well as using the keystores provided in the source code samples. Neither of these work. Cheers, Frank
