[jboss-user] [Security & JAAS/JBoss] - JBoss SSO CR2 problems
msystems
do-not-reply at jboss.com
Fri Dec 5 17:38:26 EST 2008
I have downloaded and builded http://anonsvn.jboss.org/repos/jboss-sso/dev/tags/jboss-sso-1.0CR2/ - and it fails when I'm using it :-(
Environment:
JBoss 4.2.3.GA
JBoss Seam 2.1.1.CR1
Java 6
Everything works fine with CR1.
I have three servers and I choose to start only one of the servers. When the server is ready I hit the site and something really bad happens:
| 23:13:23,972 INFO [Server] JBoss (MX MicroKernel) [4.2.3.GA (build: SVNTag=JBoss_4_2_3_GA date=200807181417)] Started in 31s:1ms
| 23:19:00,563 DEBUG [header] >> "GET /federate/partners HTTP/1.1[\r][\n]"
| 23:19:00,589 DEBUG [header] >> "User-Agent: Jakarta Commons-HttpClient/3.0.1[\r][\n]"
| 23:19:00,589 DEBUG [header] >> "Host: pf.ms.com:8080[\r][\n]"
| 23:19:00,589 DEBUG [header] >> "[\r][\n]"
| 23:19:02,344 ERROR [[SSOFederationServlet]] Servlet.service() for servlet SSOFederationServlet threw exception
| java.lang.OutOfMemoryError: PermGen space
| at java.lang.ClassLoader.defineClass1(Native Method)
| at java.lang.ClassLoader.defineClass(ClassLoader.java:675)
| at java.security.SecureClassLoader.defineClass(SecureClassLoader.java:124)
| at java.net.URLClassLoader.defineClass(URLClassLoader.java:260)
| at java.net.URLClassLoader.access$000(URLClassLoader.java:56)
| at java.net.URLClassLoader$1.run(URLClassLoader.java:195)
| at java.security.AccessController.doPrivileged(Native Method)
| at java.net.URLClassLoader.findClass(URLClassLoader.java:188)
| at org.jboss.mx.loading.RepositoryClassLoader.findClassLocally(RepositoryClassLoader.java:690)
| at org.jboss.mx.loading.RepositoryClassLoader.findClass(RepositoryClassLoader.java:670)
| at java.lang.ClassLoader.loadClass(ClassLoader.java:316)
| at org.jboss.mx.loading.RepositoryClassLoader.loadClassLocally(RepositoryClassLoader.java:200)
| at org.jboss.mx.loading.ClassLoadingTask$ThreadTask.run(ClassLoadingTask.java:131)
| at org.jboss.mx.loading.LoadMgr3.nextTask(LoadMgr3.java:399)
| at org.jboss.mx.loading.RepositoryClassLoader.loadClassImpl(RepositoryClassLoader.java:527)
| at org.jboss.mx.loading.RepositoryClassLoader.loadClass(RepositoryClassLoader.java:415)
| at java.lang.ClassLoader.loadClass(ClassLoader.java:251)
| at java.lang.ClassLoader.loadClassInternal(ClassLoader.java:374)
| at org.jboss.security.saml.JBossSingleSignOn.marshalPartners(JBossSingleSignOn.java:382)
| at org.jboss.security.sso.util.SSOUtil.marshalPartners(SSOUtil.java:200)
| at org.jboss.security.federation.service.Federation.getPartnerInfo(Federation.java:273)
| at sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)
| at sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)
| at sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)
| at java.lang.reflect.Method.invoke(Method.java:597)
| at org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)
| at org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)
| at org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
| at org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142)
| at org.jboss.mx.server.Invocation.invoke(Invocation.java:88)
| at org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)
| 23:19:02,359 DEBUG [header] << "HTTP/1.1 500 Internal Server Error[\r][\n]"
| 23:19:02,361 DEBUG [header] << "Server: Apache-Coyote/1.1[\r][\n]"
| 23:19:02,361 DEBUG [header] << "Content-Type: text/html;charset=utf-8[\r][\n]"
| 23:19:02,361 DEBUG [header] << "Content-Length: 7286[\r][\n]"
| 23:19:02,362 DEBUG [header] << "Date: Fri, 05 Dec 2008 22:19:02 GMT[\r][\n]"
| 23:19:02,362 DEBUG [header] << "Connection: close[\r][\n]"
| 23:19:02,364 DEBUG [content] << "<html><head><title>JBossWeb/2.0.1.GA - Error report</title><style><!--H1 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:22px;} H2 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:16px;} H3 {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;font-size:14px;} BODY {font-family:Tahoma,Arial,sans-serif;color:black;background-color:white;} B {font-family:Tahoma,Arial,sans-serif;color:white;background-color:#525D76;} P {font-family:Tahoma,Arial,sans-serif;background:white;color:black;font-size:12px;}A {color : black;}A.name {color : black;}HR {color : #525D76;}--></style> </head><body><h1>HTTP Status 500 - </h1><HR size="1" noshade="noshade"><p><b>type</b> Exception report</p><p><b>message</b> <u></u></p><p><b>description</b> <u>The server encountered an internal error () that prevented it from fulfilling this request.</u></p><p><b>exception</b> <pre>javax.servlet.ServletException: Servlet execution threw an exception[\n]"
| 23:19:02,364 DEBUG [content] << "[0x9]org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)[\n]"
| 23:19:02,364 DEBUG [content] << "</pre></p><p><b>root cause</b> <pre>java.lang.NoClassDefFoundError: org/opensaml/SAMLAttribute[\n]"
| 23:19:02,364 DEBUG [content] << "[0x9]org.jboss.security.saml.JBossSingleSignOn.marshalPartners(JBossSingleSignOn.java:382)[\n]"
| 23:19:02,364 DEBUG [content] << "[0x9]org.jboss.security.sso.util.SSOUtil.marshalPartners(SSOUtil.java:200)[\n]"
| 23:19:02,364 DEBUG [content] << "[0x9]org.jboss.security.federation.service.Federation.getPartnerInfo(Federation.java:273)[\n]"
| 23:19:02,364 DEBUG [content] << "[0x9]sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[\n]"
| 23:19:02,364 DEBUG [content] << "[0x9]sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)[\n]"
| 23:19:02,364 DEBUG [content] << "[0x9]sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[\n]"
| 23:19:02,364 DEBUG [content] << "[0x9]java.lang.reflect.Method.invoke(Method.java:597)[\n]"
| 23:19:02,364 DEBUG [content] << "[0x9]org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)[\n]"
| 23:19:02,364 DEBUG [content] << "[0x9]org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)[\n]"
| 23:19:02,364 DEBUG [content] << "[0x9]org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133)[\n]"
| 23:19:02,364 DEBUG [content] << "[0x9]org.jboss.mx.server.Invocation.invoke(Invocation.java:88)[\n]"
| 23:19:02,365 DEBUG [content] << "[0x9]org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142)[\n]"
| 23:19:02,365 DEBUG [content] << "[0x9]org.jboss.mx.server.Invocation.invoke(Invocation.java:88)[\n]"
| 23:19:02,365 DEBUG [content] << "[0x9]org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)[\n]"
| 23:19:02,365 DEBUG [content] << "[0x9]org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)[\n]"
| 23:19:02,365 DEBUG [content] << "[0x9]org.jboss.mx.util.JMXInvocationHandler.invoke(JMXInvocationHandler.java:287)[\n]"
| 23:19:02,365 DEBUG [content] << "[0x9]$Proxy56.getPartnerInfo(Unknown Source)[\n]"
| 23:19:02,365 DEBUG [content] << "[0x9]org.jboss.security.federation.servlet.SSOFederationServer.doGet(SSOFederationServer.java:362)[\n]"
| 23:19:02,366 DEBUG [content] << "[0x9]javax.servlet.http.HttpServlet.service(HttpServlet.java:690)[\n]"
| 23:19:02,366 DEBUG [content] << "[0x9]javax.servlet.http.HttpServlet.service(HttpServlet.java:803)[\n]"
| 23:19:02,366 DEBUG [content] << "[0x9]org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)[\n]"
| 23:19:02,366 DEBUG [content] << "</pre></p><p><b>root cause</b> <pre>java.lang.ClassNotFoundException: Unexpected error during load of: org.opensaml.SAMLAttribute, msg=PermGen space[\n]"
| 23:19:02,366 DEBUG [content] << "[0x9]org.jboss.mx.loading.RepositoryClassLoader.loadClassImpl(RepositoryClassLoader.java:560)[\n]"
| 23:19:02,366 DEBUG [content] << "[0x9]org.jboss.mx.loading.RepositoryClassLoader.loadClass(RepositoryClassLoader.java:415)[\n]"
| 23:19:02,366 DEBUG [content] << "[0x9]java.lang.ClassLoader.loadClass(ClassLoader.java:251)[\n]"
| 23:19:02,366 DEBUG [content] << "[0x9]java.lang.ClassLoader.loadClassInternal(ClassLoader.java:374)[\n]"
| 23:19:02,366 DEBUG [content] << "[0x9]org.jboss.security.saml.JBossSingleSignOn.marshalPartners(JBossSingleSignOn.java:382)[\n]"
| 23:19:02,367 DEBUG [content] << "[0x9]org.jboss.security.sso.util.SSOUtil.marshalPartners(SSOUtil.java:200)[\n]"
| 23:19:02,367 DEBUG [content] << "[0x9]org.jboss.security.federation.service.Federation.getPartnerInfo(Federation.java:273)[\n]"
| 23:19:02,367 DEBUG [content] << "[0x9]sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[\n]"
| 23:19:02,367 DEBUG [content] << "[0x9]sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)[\n]"
| 23:19:02,367 DEBUG [content] << "[0x9]sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[\n]"
| 23:19:02,367 DEBUG [content] << "[0x9]java.lang.reflect.Method.invoke(Method.java:597)[\n]"
| 23:19:02,367 DEBUG [content] << "[0x9]org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)[\n]"
| 23:19:02,367 DEBUG [content] << "[0x9]org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)[\n]"
| 23:19:02,367 DEBUG [content] << "[0x9]org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133)[\n]"
| 23:19:02,367 DEBUG [content] << "[0x9]org.jboss.mx.server.Invocation.invoke(Invocation.java:88)[\n]"
| 23:19:02,367 DEBUG [content] << "[0x9]org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142)[\n]"
| 23:19:02,367 DEBUG [content] << "[0x9]org.jboss.mx.server.Invocation.invoke(Invocation.java:88)[\n]"
| 23:19:02,367 DEBUG [content] << "[0x9]org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)[\n]"
| 23:19:02,367 DEBUG [content] << "[0x9]org.jboss.mx.server.MBeanServerImpl.invoke(MBeanServerImpl.java:659)[\n]"
| 23:19:02,367 DEBUG [content] << "[0x9]org.jboss.mx.util.JMXInvocationHandler.invoke(JMXInvocationHandler.java:287)[\n]"
| 23:19:02,367 DEBUG [content] << "[0x9]$Proxy56.getPartnerInfo(Unknown Source)[\n]"
| 23:19:02,368 DEBUG [content] << "[0x9]org.jboss.security.federation.servlet.SSOFederationServer.doGet(SSOFederationServer.java:362)[\n]"
| 23:19:02,368 DEBUG [content] << "[0x9]javax.servlet.http.HttpServlet.service(HttpServlet.java:690)[\n]"
| 23:19:02,368 DEBUG [content] << "[0x9]javax.servlet.http.HttpServlet.service(HttpServlet.java:803)[\n]"
| 23:19:02,368 DEBUG [content] << "[0x9]org.jboss.web.tomcat.filters.ReplyHeaderFilter.doFilter(ReplyHeaderFilter.java:96)[\n]"
| 23:19:02,368 DEBUG [content] << "</pre></p><p><b>root cause</b> <pre>java.lang.OutOfMemoryError: PermGen space[\n]"
| 23:19:02,368 DEBUG [content] << "[0x9]java.lang.ClassLoader.defineClass1(Native Method)[\n]"
| 23:19:02,368 DEBUG [content] << "[0x9]java.lang.ClassLoader.defineClass(ClassLoader.java:675)[\n]"
| 23:19:02,368 DEBUG [content] << "[0x9]java.security.SecureClassLoader.defineClass(SecureClassLoader.java:124)[\n]"
| 23:19:02,369 DEBUG [content] << "[0x9]java.net.URLClassLoader.defineClass(URLClassLoader.java:260)[\n]"
| 23:19:02,369 DEBUG [content] << "[0x9]java.net.URLClassLoader.access$000(URLClassLoader.java:56)[\n]"
| 23:19:02,369 DEBUG [content] << "[0x9]java.net.URLClassLoader$1.run(URLClassLoader.java:195)[\n]"
| 23:19:02,369 DEBUG [content] << "[0x9]java.security.AccessController.doPrivileged(Native Method)[\n]"
| 23:19:02,369 DEBUG [content] << "[0x9]java.net.URLClassLoader.findClass(URLClassLoader.java:188)[\n]"
| 23:19:02,369 DEBUG [content] << "[0x9]org.jboss.mx.loading.RepositoryClassLoader.findClassLocally(RepositoryClassLoader.java:690)[\n]"
| 23:19:02,369 DEBUG [content] << "[0x9]org.jboss.mx.loading.RepositoryClassLoader.findClass(RepositoryClassLoader.java:670)[\n]"
| 23:19:02,369 DEBUG [content] << "[0x9]java.lang.ClassLoader.loadClass(ClassLoader.java:316)[\n]"
| 23:19:02,369 DEBUG [content] << "[0x9]org.jboss.mx.loading.RepositoryClassLoader.loadClassLocally(RepositoryClassLoader.java:200)[\n]"
| 23:19:02,369 DEBUG [content] << "[0x9]org.jboss.mx.loading.ClassLoadingTask$ThreadTask.run(ClassLoadingTask.java:131)[\n]"
| 23:19:02,369 DEBUG [content] << "[0x9]org.jboss.mx.loading.LoadMgr3.nextTask(LoadMgr3.java:399)[\n]"
| 23:19:02,369 DEBUG [content] << "[0x9]org.jboss.mx.loading.RepositoryClassLoader.loadClassImpl(RepositoryClassLoader.java:527)[\n]"
| 23:19:02,369 DEBUG [content] << "[0x9]org.jboss.mx.loading.RepositoryClassLoader.loadClass(RepositoryClassLoader.java:415)[\n]"
| 23:19:02,370 DEBUG [content] << "[0x9]java.lang.ClassLoader.loadClass(ClassLoader.java:251)[\n]"
| 23:19:02,370 DEBUG [content] << "[0x9]java.lang.ClassLoader.loadClassInternal(ClassLoader.java:374)[\n]"
| 23:19:02,370 DEBUG [content] << "[0x9]org.jboss.security.saml.JBossSingleSignOn.marshalPartners(JBossSingleSignOn.java:382)[\n]"
| 23:19:02,370 DEBUG [content] << "[0x9]org.jboss.security.sso.util.SSOUtil.marshalPartners(SSOUtil.java:200)[\n]"
| 23:19:02,370 DEBUG [content] << "[0x9]org.jboss.security.federation.service.Federation.getPartnerInfo(Federation.java:273)[\n]"
| 23:19:02,370 DEBUG [content] << "[0x9]sun.reflect.NativeMethodAccessorImpl.invoke0(Native Method)[\n]"
| 23:19:02,370 DEBUG [content] << "[0x9]sun.reflect.NativeMethodAccessorImpl.invoke(NativeMethodAccessorImpl.java:39)[\n]"
| 23:19:02,370 DEBUG [content] << "[0x9]sun.reflect.DelegatingMethodAccessorImpl.invoke(DelegatingMethodAccessorImpl.java:25)[\n]"
| 23:19:02,370 DEBUG [content] << "[0x9]java.lang.reflect.Method.invoke(Method.java:597)[\n]"
| 23:19:02,370 DEBUG [content] << "[0x9]org.jboss.mx.interceptor.ReflectedDispatcher.invoke(ReflectedDispatcher.java:155)[\n]"
| 23:19:02,370 DEBUG [content] << "[0x9]org.jboss.mx.server.Invocation.dispatch(Invocation.java:94)[\n]"
| 23:19:02,370 DEBUG [content] << "[0x9]org.jboss.mx.interceptor.AbstractInterceptor.invoke(AbstractInterceptor.java:133)[\n]"
| 23:19:02,370 DEBUG [content] << "[0x9]org.jboss.mx.server.Invocation.invoke(Invocation.java:88)[\n]"
| 23:19:02,371 DEBUG [content] << "[0x9]org.jboss.mx.interceptor.ModelMBeanOperationInterceptor.invoke(ModelMBeanOperationInterceptor.java:142)[\n]"
| 23:19:02,371 DEBUG [content] << "[0x9]org.jboss.mx.server.Invocation.invoke(Invocation.java:88)[\n]"
| 23:19:02,371 DEBUG [content] << "[0x9]org.jboss.mx.server.AbstractMBeanInvoker.invoke(AbstractMBeanInvoker.java:264)[\n]"
| 23:19:02,371 DEBUG [content] << "</pre></p><p><b>note</b> <u>The full stack trace of the root cause is available in the JBossWeb/2.0.1.GA logs.</u></p><HR size="1" noshade="noshade"><h3>JBossWeb/2.0.1.GA</h3></body></html>"
| 23:19:02,393 ERROR [SAMLObject] caught an exception while parsing a stream:
| cvc-elt.1: Cannot find the declaration of element 'html'.
| 23:19:02,394 ERROR [SSOFederationRouter] org.jboss.security.valve.SSOFederationRouter[]
| org.jboss.security.saml.SSOException: org.xml.sax.SAXParseException: cvc-elt.1: Cannot find the declaration of element 'html'.
| at org.jboss.security.saml.JBossSingleSignOn.unmarshalPartners(JBossSingleSignOn.java:440)
| at org.jboss.security.sso.util.SSOUtil.unmarshalPartners(SSOUtil.java:217)
| at org.jboss.security.valve.SSOFederationRouter.lookupPartners(SSOFederationRouter.java:171)
| at org.jboss.security.valve.SSOFederationRouter.invoke(SSOFederationRouter.java:68)
| at org.jboss.web.tomcat.security.JaccContextValve.invoke(JaccContextValve.java:84)
| at org.apache.catalina.core.StandardHostValve.invoke(StandardHostValve.java:127)
| at org.apache.catalina.valves.ErrorReportValve.invoke(ErrorReportValve.java:102)
| at org.jboss.web.tomcat.service.jca.CachedConnectionValve.invoke(CachedConnectionValve.java:157)
| at org.apache.catalina.core.StandardEngineValve.invoke(StandardEngineValve.java:109)
| at org.apache.catalina.connector.CoyoteAdapter.service(CoyoteAdapter.java:262)
| at org.apache.coyote.http11.Http11Processor.process(Http11Processor.java:844)
| at org.apache.coyote.http11.Http11Protocol$Http11ConnectionHandler.process(Http11Protocol.java:583)
| at org.apache.tomcat.util.net.JIoEndpoint$Worker.run(JIoEndpoint.java:446)
| at java.lang.Thread.run(Thread.java:637)
| Caused by: org.xml.sax.SAXParseException: cvc-elt.1: Cannot find the declaration of element 'html'.
| at org.opensaml.SAMLObject.fromStream(Unknown Source)
| at org.opensaml.SAMLAttributeStatement.<init>(Unknown Source)
| at org.jboss.security.saml.JBossSingleSignOn.unmarshalPartners(JBossSingleSignOn.java:420)
| ... 13 more
| Caused by: org.xml.sax.SAXParseException: cvc-elt.1: Cannot find the declaration of element 'html'.
| at org.apache.xerces.util.ErrorHandlerWrapper.createSAXParseException(Unknown Source)
| at org.apache.xerces.util.ErrorHandlerWrapper.error(Unknown Source)
| at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
| at org.apache.xerces.impl.XMLErrorReporter.reportError(Unknown Source)
| at org.apache.xerces.impl.xs.XMLSchemaValidator.handleStartElement(Unknown Source)
| at org.apache.xerces.impl.xs.XMLSchemaValidator.startElement(Unknown Source)
| at org.apache.xerces.impl.XMLNSDocumentScannerImpl.scanStartElement(Unknown Source)
| at org.apache.xerces.impl.XMLNSDocumentScannerImpl$NSContentDispatcher.scanRootElementHook(Unknown Source)
| at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl$FragmentContentDispatcher.dispatch(Unknown Source)
| at org.apache.xerces.impl.XMLDocumentFragmentScannerImpl.scanDocument(Unknown Source)
| at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
| at org.apache.xerces.parsers.XML11Configuration.parse(Unknown Source)
| at org.apache.xerces.parsers.XMLParser.parse(Unknown Source)
| at org.apache.xerces.parsers.DOMParser.parse(Unknown Source)
| at org.apache.xerces.jaxp.DocumentBuilderImpl.parse(Unknown Source)
| at org.opensaml.XML$ParserPool.parse(Unknown Source)
| at org.opensaml.XML$ParserPool.parse(Unknown Source)
| ... 16 more
|
Here is the configuration:
jboss-federation-server.sar/conf/server.cfg.xml:
| <jboss-sso>
|
| <!--
| partners configuration of the federation server...
| partners are the collection of sites which are part of the Single Sign On Federation
| it lists the web domains and their corresponding federation servers in this domain
| -->
| <federation-server>
| <partners>
| <partner domain="ms.com" server="https://pf.ms.com:8443/federate">
| <host>
| <id>pf.ms.com</id>
| <secret>pf.ms.com/somesecret</secret>
| </host>
| <host>
| <id>ge.ms.com</id>
| <secret>ge.ms.com/somesecret</secret>
| </host>
| <!--
| Used to configure the TrustPlugin which is responsible for validation of an incoming assertion/token
| Basically this verifies the token against the partner sending the assertion and makes sure with
| the partner that this assertion/token is valid so the user can be granted access without
| challenging them for credentials
| -->
| <trust>
| <url>https://pf.ms.com:8443/federate/trust/validateSecret</url>
| <plugin class="org.jboss.security.federation.trust.JBossSSOTrustPlugin">
| <property name="allowSelfSignedSSLCert">true</property>
| </plugin>
| </trust>
| </partner>
| <partner domain="wj.com" server="https://www.wj.com:8443/federate">
| <host>
| <id>www.wj.com</id>
| <secret>www.wj.com/somesecret</secret>
| </host>
| <trust>
| <url>https://www.wj.com:8443/federate/trust/validateSecret</url>
| <plugin class="org.jboss.security.federation.trust.JBossSSOTrustPlugin">
| <property name="allowSelfSignedSSLCert">true</property>
| </plugin>
| </trust>
| </partner>
| </partners>
| </federation-server>
|
| </jboss-sso>
|
jboss-sso.sar/conf/sso.cfg.xml:
| <jboss-sso>
| <!-- sso processor for SingleSignOn, the default JBossSingleSignOn processor uses OpenSAML-1.0,
| the next version of this processor will use the latest SAML specification
| -->
| <sso-processor>
| <processor class="org.jboss.security.saml.JBossSingleSignOn">
| <property name="trustServer">https://pf.ms.com:8443/federate/trust</property>
| <property name="allowSelfSignedSSLCert">true</property>
| <!--
| Change these values to something different than the one shipped out-of-the-box
| -->
| <property name="hostId">pf.ms.com</property>
| <property name="hostAuthenticationSecret">pf.ms.com/somesecret</property>
| </processor>
| </sso-processor>
|
| <!--
| identity management related configuration, this is the LDAP based module
| Technically, this can be a provider that can integrate with thirdparty identity systems like SiteMinder etc
| -->
| <identity-management>
| <login>
| <provider id="si:jboss-sso:seam:login" class="com.mediatorsystems.pf.sso.StubLoginProvider"/>
| </login>
| </identity-management>
| </jboss-sso>
|
app/war/WEB-INF/context.xml:
| <Context>
|
| <!-- a federation routing valve -->
| <!--
| This valve eliminates the need for cross domain federation links
| to be of the form /federate?target={some link in the other domain}
| With this link, your link can be straight to the resource in the
| other domain
| -->
| <Valve className="org.jboss.security.valve.SSOFederationRouter"/>
|
| <!--
| logoutURL - URL for performing logout/signout function in your application
| -->
| <Valve className="org.jboss.security.valve.PlainSSOAutoLogout"
| logoutURL="/xhtml/logout.xhtml"/>
|
| <!--
| assertingParty -
| this is the partnerId of this application as a part of a federation of multiple partner sites
| -->
| <Valve className="org.jboss.security.valve.PlainSSOTokenManager"
| assertingParty="pf_ms_com"/>
|
| <!--
| autologin performing valve
| -->
| <Valve className="org.jboss.security.valve.PlainSSOAutoLogin"/>
| </Context>
|
Looks like I need to use JBoss SSO CR1 instead of JBoss SSO CR2.
Regards
Kenneth
View the original post : http://www.jboss.com/index.html?module=bb&op=viewtopic&p=4194725#4194725
Reply to the post : http://www.jboss.com/index.html?module=bb&op=posting&mode=reply&p=4194725
More information about the jboss-user
mailing list