From asoldano at redhat.com Fri Jan 31 09:03:09 2014 From: asoldano at redhat.com (Alessio Soldano) Date: Fri, 31 Jan 2014 15:03:09 +0100 Subject: [jbossws-dev] WS-Trust ActAs testcase In-Reply-To: <1196141946.11968263.1391122032966.JavaMail.root@redhat.com> References: <1196141946.11968263.1391122032966.JavaMail.root@redhat.com> Message-ID: <52EBAD1D.6060501@redhat.com> Hi Rebecca, I've had a preliminary look at the ActAs sample and it looks good to me. I didn't check the actual messages going over the wire, but afaics the scenario you implemented is one of those ActAs has been meant to (a client C calling service A which also needs to call service B, with A needing to act as C and get a token from the STS too). There's a similar scenario described for instance in [1]. Regarding the question on the security domain for the STS, there's no real requirement, it's just that when I originally created the first WS-Trust / STS example I thought it would have been reasonable in a real world to have the STS protected in some way. But that might just be no more then an assumption from me. Cheers Alessio [1] http://weblogs.asp.net/cibrax/archive/2010/01/04/actas-in-ws-trust-1-4.aspx (see "Scenario 1: A Service A calling a Service B") On 30/01/14 23:47, Rebecca Searls wrote: > > I've checked into jbossws ( https://svn.jboss.org/repos/jbossws/stack/cxf/trunk) > a testcase for WS-Trust ActAs. (see list of files at the bottom.) > > I have not found any on-line examples that enable me to confirm this implementation > is correct. It works but is it correct? Any feed back you care to provide would > be appreciated. Documentation based upon this testcase and your feedback is forth > coming. (I am working on another pass at code cleanup and refinement.) > > I do have the following question. > > Where does the requirement for a (JBossWS-trust-sts) security-realm for the STS come from? > I do not find any discussion of this in any of our JBossWS docs or the CXF docs. > Is it tied to the wsdl in some way? > (see files) > trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/trust/WEB-INF/jboss-web.xml > trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/trust/WEB-INF/jbossws-roles.properties > trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/trust/WEB-INF/jbossws-users.properties > > > > -- File list -- > > trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/trust/ActAsCallbackH > andler.java > trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/trust/ActAsOutInterc > eptor.java > trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/trust/ActAsServiceIm > pl.java > trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/trust/ServiceImpl.ja > va > trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/trust/WSTrustActAsTe > stCase.java > trunk/modules/testsuite/cxf-tests/src/test/java/org/jboss/test/ws/jaxws/samples/wsse/policy/trust/WSTrustTestUti > ls.java > trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/trust/WEB-INF/jbossws-roles.prope > rties > trunk/modules/testsuite/cxf-tests/src/test/resources/jaxws/samples/wsse/policy/trust/WEB-INF/jbossws-users.prope > rties > trunk/modules/testsuite/cxf-tests/scripts/cxf-samples-jars-jaxws.xml > -- Alessio Soldano Web Service Lead, JBoss