Hi Matthew, you should take a look into the log files from IDP and STS. Most likely you have a connection error here. There are several places in the IDP configuration to update your STS URL. Make sure to update all of these when you change the STS location. Also be aware that some configuration is stored within an embedded database. Most likely you need to delete a "target" folder relative to the location from where your started Tomcat. Otherwise config changes in the entities-* files will have no effect after a restart.
And yes, the STS also supports JAAS LoginModules. You just have to use the JAAS Token Validator. Best regards Jan > -----Ursprüngliche Nachricht----- > Von: Matthew Broadhead [mailto:[email protected]] > Gesendet: Donnerstag, 21. September 2017 11:47 > An: [email protected] > Betreff: fediz 401 > > hi, > > i have been following the instructions on http://cxf.apache.org/fediz-idp- > 11.html as well as reading the articles on Colm's blog e.g. > http://coheigea.blogspot.com.es/2015/06/apache-cxf-fediz-120-tutorial-part- > i.html. > > the idp and sts seem to be working. i get a "hello world" at > https://localhost:9443/fedizhelloworld/ and i get available SOAP services at > https://localhost:9443/fediz-idp-sts/. > > but when i go to (changed to 9443) > https://localhost:9443/fediz- > idp/federation?wa=wsignin1.0&wreply=https%3A%2F%2Flocalhost%3A9443% > 2Ffedizhelloworld%2Fsecure%2Ffedservlet&wtrealm=urn%3Aorg%3Aapache% > 3Acxf%3Afediz%3Afedizhelloworld > it prompts me for the realm. i specify realm a and enter alice:ecila but it > gives > me a 401 at https://localhost:9443/fedizhelloworld/secure/fedservlet. > > also i was wondering if i already have a JAAS LoginModule created which has > users and roles can i plug that directly into the sts and is there a tutorial > for that? > > Matthew
