Yes, please start a new thread for the JAAS question, as it's nothing to do with Fediz as such.
Colm. On Fri, Sep 22, 2017 at 3:24 PM, Matthew Broadhead < [email protected]> wrote: > ok got it working. > > for some reason i had a really long version of fediz_config.xml in > catalina/conf but the one in the guide (http://coheigea.blogspot.com. > es/2015/06/apache-cxf-fediz-120-tutorial-part-i.html) was much shorter so > i swapped them and then it worked. > > sorry for wasting time i thought i had followed it correctly. > > the next thing i want to try is to set up a jaas config like a > DataSourceRealm. should i start a new thread for that? > > On 22/09/2017 16:11, Colm O hEigeartaigh wrote: > >> OK it sounds like something is not configured correctly. I would suggest >> starting again from a clean Tomcat install, and don't bother installing >> the >> IdP/STS, just the fedizhelloworld war, and associated configuration as >> outlined on my blog. When you hit the fedservlet page then you should see >> a >> 404 when it redirects to the IdP, which would tell you that the Fediz >> hello >> world app is working correctly. If it is still not working, please detail >> the exact configuration changes you are following and I'll see if there is >> anything missing. >> >> Colm. >> >> On Fri, Sep 22, 2017 at 2:59 PM, Matthew Broadhead < >> [email protected]> wrote: >> >> no. just a blank screen. it is like nothing is loading at all. >>> >>> On 22/09/2017 15:57, Colm O hEigeartaigh wrote: >>> >>> If you start with "https://localhost:9443/fedizh >>>> elloworld/secure/fedservlet" >>>> do you get redirected to the IdP? >>>> >>>> Colm. >>>> >>>> On Fri, Sep 22, 2017 at 1:15 PM, Matthew Broadhead < >>>> [email protected]> wrote: >>>> >>>> i tried https://localhost:9443/fedizhelloworld/secure/fedservlet and >>>> all >>>> >>>>> i get is a blank screen. if i try to go from >>>>> https://localhost:9443/fedizhelloworld to >>>>> https://localhost:9443/fedizhe >>>>> lloworld/secure/fedservlet the url does not change (Chrome). nothing >>>>> is >>>>> output in catalina.out. >>>>> >>>>> is there a way to increase the logging level or do i change tomcat >>>>> logging.properties to FINE? >>>>> >>>>> after poking around in sts i think i am getting to grips with jaas >>>>> setup. >>>>> it looks like i need to create fediz-1.4.2/services/sts/src/m >>>>> ain/webapp/WEB-INF/endpoints/jaas.xml. and also change the >>>>> fediz-1.4.2/services/sts/pom.xml to >>>>> <properties> >>>>> ... >>>>> <adapter.resource>jaas</adapter.resource> >>>>> ... >>>>> </properties> >>>>> but the tricky thing is configuring jaas.xml to work for a basic jaas >>>>> setup rather than ldap. my jaas loginmodule works like a >>>>> DataSourceRealm >>>>> e.g. >>>>> <Realm className="org.apache.catalina.realm.DataSourceRealm" >>>>> dataSourceName="directory" roleNameCol="rolename" >>>>> userCredCol="password" >>>>> userNameCol="username" userRoleTable="userrole" userTable="user" /> >>>>> so how to map the roles? >>>>> >>>>> On 22/09/2017 13:03, Colm O hEigeartaigh wrote: >>>>> >>>>> I would have thought that 401 would be expected here. You are starting >>>>> >>>>>> from >>>>>> the IDP and it is issuing a token and redirecting back to the client >>>>>> application, but the client application has no record of the request >>>>>> and >>>>>> hence a 401. What happens if instead you start from " >>>>>> https://localhost:9443/fedizhelloworld/secure/fedservlet";? >>>>>> >>>>>> Here is some information on using JAAS with CXF: >>>>>> http://coheigea.blogspot.ie/2014/10/using-jaas-with-apache-cxf.html >>>>>> >>>>>> Colm. >>>>>> >>>>>> On Thu, Sep 21, 2017 at 10:46 AM, Matthew Broadhead < >>>>>> [email protected]> wrote: >>>>>> >>>>>> hi, >>>>>> >>>>>> i have been following the instructions on >>>>>>> http://cxf.apache.org/fediz-id >>>>>>> p-11.html as well as reading the articles on Colm's blog e.g. >>>>>>> http://coheigea.blogspot.com.es/2015/06/apache-cxf-fediz-120 >>>>>>> -tutorial-part-i.html. >>>>>>> >>>>>>> the idp and sts seem to be working. i get a "hello world" at >>>>>>> https://localhost:9443/fedizhelloworld/ and i get available SOAP >>>>>>> services >>>>>>> at https://localhost:9443/fediz-idp-sts/. >>>>>>> >>>>>>> but when i go to (changed to 9443) https://localhost:9443/fediz-i >>>>>>> dp/federation?wa=wsignin1.0&wreply=https%3A%2F%2Flocalhost% >>>>>>> 3A9443%2Ffedizhelloworld%2Fsecure%2Ffedservlet&wtrealm= >>>>>>> urn%3Aorg%3Aapache%3Acxf%3Afediz%3Afedizhelloworld it prompts me for >>>>>>> the >>>>>>> realm. i specify realm a and enter alice:ecila but it gives me a 401 >>>>>>> at >>>>>>> https://localhost:9443/fedizhelloworld/secure/fedservlet. >>>>>>> >>>>>>> also i was wondering if i already have a JAAS LoginModule created >>>>>>> which >>>>>>> has users and roles can i plug that directly into the sts and is >>>>>>> there >>>>>>> a >>>>>>> tutorial for that? >>>>>>> >>>>>>> Matthew >>>>>>> >>>>>>> >>>>>>> >>>>>>> >> > -- Colm O hEigeartaigh Talend Community Coder http://coders.talend.com
