JBoss Community

Unable to publish Apache CXF STS issue in EAP 6.1

created by Anu Raj in JBoss Web Services Development - View the full discussion

Hi,

 

I implemented the sample Apache CXF STS in EAP 6.1 as shown in the link below.

 

https://docs.jboss.org/author/display/JBWS/WS-Security

 

When I try to access the CXF TokenService WSDL, it says "

JBWEB000065: HTTP Status 404 - JBWEB000234: Servlet TestSecurityTokenService is currently unavailable

 

My code is exactly the same as shown in the link above.

 

web.xml

************

<?xml version="1.0" encoding="UTF-8"?>

 

 

<web-app

   version="2.5" xmlns="http://java.sun.com/xml/ns/javaee"

   xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"

   xsi:schemaLocation="http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">

   <servlet>

      <servlet-name>TestSecurityTokenService</servlet-name>

      <servlet-class>STS.SampleSTS</servlet-class>

   </servlet>

   <servlet-mapping>

      <servlet-name>TestSecurityTokenService</servlet-name>

      <url-pattern>/SecurityTokenService/*</url-pattern>

   </servlet-mapping>

</web-app>

 

 

Jboss-web.xml

*******************

<?xml version="1.0" encoding="UTF-8"?>

 

 

<!DOCTYPE jboss-web PUBLIC "-//JBoss//DTD Web Application 2.4//EN" "http://www.jboss.org/j2ee/dtd/jboss-web_4_0.dtd">

 

 

<jboss-web>

   <security-domain>java:/jaas/JBossWS-trust-sts</security-domain>

</jboss-web>

 

SampleSTS.java

************************

/*

* JBoss, Home of Professional Open Source.

* Copyright 2012, Red Hat Middleware LLC, and individual contributors

* as indicated by the @author tags. See the copyright.txt file in the

* distribution for a full listing of individual contributors.

*

* This is free software; you can redistribute it and/or modify it

* under the terms of the GNU Lesser General Public License as

* published by the Free Software Foundation; either version 2.1 of

* the License, or (at your option) any later version.

*

* This software is distributed in the hope that it will be useful,

* but WITHOUT ANY WARRANTY; without even the implied warranty of

* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU

* Lesser General Public License for more details.

*

* You should have received a copy of the GNU Lesser General Public

* License along with this software; if not, write to the Free

* Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA

* 02110-1301 USA, or see the FSF site: http://www.fsf.org.

*/

package STS;

 

 

import java.util.Arrays;

import java.util.LinkedList;

import java.util.List;

 

 

import javax.servlet.annotation.WebServlet;

import javax.xml.ws.WebServiceProvider;

 

 

import org.apache.cxf.annotations.EndpointProperties;

import org.apache.cxf.annotations.EndpointProperty;

import org.apache.cxf.interceptor.InInterceptors;

import org.apache.cxf.sts.StaticSTSProperties;

import org.apache.cxf.sts.operation.TokenIssueOperation;

import org.apache.cxf.sts.operation.TokenValidateOperation;

import org.apache.cxf.sts.service.ServiceMBean;

import org.apache.cxf.sts.service.StaticService;

import org.apache.cxf.sts.token.provider.SAMLTokenProvider;

import org.apache.cxf.sts.token.validator.SAMLTokenValidator;

import org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider;

import org.jboss.wsf.stack.cxf.client.configuration.JBossWSBusFactory;

 

 

 

 

@WebServiceProvider(serviceName = "SecurityTokenService",

      portName = "UT_Port",

      targetNamespace = "http://docs.oasis-open.org/ws-sx/ws-trust/200512/",

      wsdlLocation = "WEB-INF/wsdl/ws-trust-1.4-service.wsdl")

@EndpointProperties(value = {

      @EndpointProperty(key = "ws-security.signature.username", value = "mystskey"),

      @EndpointProperty(key = "ws-security.signature.properties", value = "stsKeystore.properties"),

      @EndpointProperty(key = "ws-security.callback-handler", value = "STSCallbackHandler"),

      @EndpointProperty(key = "ws-security.validate.token", value = "false") //to let the JAAS integration deal with validation through the interceptor below

})

@InInterceptors(interceptors = {"org.jboss.wsf.stack.cxf.security.authentication.SubjectCreatingPolicyInterceptor"})

 

 

public class SampleSTS extends SecurityTokenServiceProvider

{

   @SuppressWarnings("deprecation")

public SampleSTS() throws Exception

   {

      super();

     

      StaticSTSProperties props = new StaticSTSProperties();

      props.setSignaturePropertiesFile("stsKeystore.properties");

      props.setSignatureUsername("mystskey");

      props.setCallbackHandlerClass(STSCallbackHandler.class.getName());

      props.setIssuer("DoubleItSTSIssuer");

     

      List<ServiceMBean> services = new LinkedList<ServiceMBean>();

      StaticService service = new StaticService();

      service.setEndpoints(Arrays.asList("http://localhost:(\\d)*/PalmUtilServices/services/PalmUtilityService", "http://\\[::1\\]:(\\d)*/PalmUtilServices/services/PalmUtilityService"));

      services.add(service);

     

      TokenIssueOperation issueOperation = new TokenIssueOperation();

      issueOperation.setServices(services);

      issueOperation.getTokenProviders().add(new SAMLTokenProvider());

      issueOperation.setStsProperties(props);

     

      TokenValidateOperation validateOperation = new TokenValidateOperation();

      validateOperation.getTokenValidators().add(new SAMLTokenValidator());

      validateOperation.setStsProperties(props);

     

      this.setIssueOperation(issueOperation);

      this.setValidateOperation(validateOperation);

   }

 

}

 

I am not getting any deployment error.I am not sure what  I am missing.

Also please let me know if there is a way we can view the list of deployed webservices in EAP 6.1 from admin console similar to soa-p.

 

Your help will be appreciated.

 

Thanks,

Anu

Reply to this message by going to Community

Start a new discussion in JBoss Web Services Development at Community