[jboss-dev-forums] [JBoss Web Services Development] - Unable to publish Apache CXF STS issue in EAP 6.1

Mon Jul 8 16:13:13 EDT 2013

Anu Raj [https://community.jboss.org/people/mpag1980] created the discussion

"Unable to publish Apache CXF STS issue in EAP 6.1"

To view the discussion, visit: https://community.jboss.org/message/826945#826945

--------------------------------------------------------------
Hi,

I implemented the sample Apache CXF STS in EAP 6.1 as shown in the link below.

 https://docs.jboss.org/author/display/JBWS/WS-Security https://docs.jboss.org/author/display/JBWS/WS-Security

When I try to access the CXF TokenService WSDL, it says "
h1. JBWEB000065: HTTP Status 404 - JBWEB000234: Servlet TestSecurityTokenService is currently unavailable

My code is exactly the same as shown in the link above.

web.xml
************
<?xml version="1.0" encoding="UTF-8"?>

<web-app
   version="2.5" xmlns=" http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee"
   xmlns:xsi=" http://www.w3.org/2001/XMLSchema-instance http://www.w3.org/2001/XMLSchema-instance"
   xsi:schemaLocation=" http://java.sun.com/xml/ns/javaee http://java.sun.com/xml/ns/javaee  http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd http://java.sun.com/xml/ns/javaee/web-app_2_5.xsd">
   <servlet>
      <servlet-name>TestSecurityTokenService</servlet-name>
      <servlet-class>STS.SampleSTS</servlet-class>
   </servlet>
   <servlet-mapping>
      <servlet-name>TestSecurityTokenService</servlet-name>
      <url-pattern>/SecurityTokenService/*</url-pattern>
   </servlet-mapping>
</web-app>

Jboss-web.xml
*******************
<?xml version="1.0" encoding="UTF-8"?>

<!DOCTYPE jboss-web PUBLIC "-//JBoss//DTD Web Application 2.4//EN" " http://www.jboss.org/j2ee/dtd/jboss-web_4_0.dtd http://www.jboss.org/j2ee/dtd/jboss-web_4_0.dtd">

<jboss-web>
   <security-domain>java:/jaas/JBossWS-trust-sts</security-domain>
</jboss-web>

SampleSTS.java
************************
/*
 * JBoss, Home of Professional Open Source.
 * Copyright 2012, Red Hat Middleware LLC, and individual contributors
 * as indicated by the @author tags. See the copyright.txt file in the
 * distribution for a full listing of individual contributors.
 *
 * This is free software; you can redistribute it and/or modify it
 * under the terms of the GNU Lesser General Public License as
 * published by the Free Software Foundation; either version 2.1 of
 * the License, or (at your option) any later version.
 *
 * This software is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
 * Lesser General Public License for more details.
 *
 * You should have received a copy of the GNU Lesser General Public
 * License along with this software; if not, write to the Free
 * Software Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA
 * 02110-1301 USA, or see the FSF site:  http://www.fsf.org http://www.fsf.org.
 */
package STS;

import java.util.Arrays;
import java.util.LinkedList;
import java.util.List;

import javax.servlet.annotation.WebServlet;
import javax.xml.ws.WebServiceProvider;

import org.apache.cxf.annotations.EndpointProperties;
import org.apache.cxf.annotations.EndpointProperty;
import org.apache.cxf.interceptor.InInterceptors;
import org.apache.cxf.sts.StaticSTSProperties;
import org.apache.cxf.sts.operation.TokenIssueOperation;
import org.apache.cxf.sts.operation.TokenValidateOperation;
import org.apache.cxf.sts.service.ServiceMBean;
import org.apache.cxf.sts.service.StaticService;
import org.apache.cxf.sts.token.provider.SAMLTokenProvider;
import org.apache.cxf.sts.token.validator.SAMLTokenValidator;
import org.apache.cxf.ws.security.sts.provider.SecurityTokenServiceProvider;
import org.jboss.wsf.stack.cxf.client.configuration.JBossWSBusFactory;

@WebServiceProvider(serviceName = "SecurityTokenService",
      portName = "UT_Port",
      targetNamespace = " http://docs.oasis-open.org/ws-sx/ws-trust/200512/ http://docs.oasis-open.org/ws-sx/ws-trust/200512/",
      wsdlLocation = "WEB-INF/wsdl/ws-trust-1.4-service.wsdl")
@EndpointProperties(value = {
      @EndpointProperty(key = "ws-security.signature.username", value = "mystskey"),
      @EndpointProperty(key = "ws-security.signature.properties", value = "stsKeystore.properties"),
      @EndpointProperty(key = "ws-security.callback-handler", value = "STSCallbackHandler"),
      @EndpointProperty(key = "ws-security.validate.token", value = "false") //to let the JAAS integration deal with validation through the interceptor below
})
@InInterceptors(interceptors = {"org.jboss.wsf.stack.cxf.security.authentication.SubjectCreatingPolicyInterceptor"})

public class SampleSTS extends SecurityTokenServiceProvider
{
   @SuppressWarnings("deprecation")
public SampleSTS() throws Exception
   {
      super();

      StaticSTSProperties props = new StaticSTSProperties();
      props.setSignaturePropertiesFile("stsKeystore.properties");
      props.setSignatureUsername("mystskey");
      props.setCallbackHandlerClass(STSCallbackHandler.class.getName());
      props.setIssuer("DoubleItSTSIssuer");

      List<ServiceMBean> services = new LinkedList<ServiceMBean>();
      StaticService service = new StaticService();
      service.setEndpoints(Arrays.asList(" http://localhost:(\\d)*/PalmUtilServices/services/PalmUtilityService http://localhost:(\\d)*/PalmUtilServices/services/PalmUtilityService", " http:// http://\\[::1\\]:(\\d)*/PalmUtilServices/services/PalmUtilityService"));
      services.add(service);

      TokenIssueOperation issueOperation = new TokenIssueOperation();
      issueOperation.setServices(services);
      issueOperation.getTokenProviders().add(new SAMLTokenProvider());
      issueOperation.setStsProperties(props);

      TokenValidateOperation validateOperation = new TokenValidateOperation();
      validateOperation.getTokenValidators().add(new SAMLTokenValidator());
      validateOperation.setStsProperties(props);

      this.setIssueOperation(issueOperation);
      this.setValidateOperation(validateOperation);
   }

}

I am not getting any deployment error.I am not sure what  I am missing.
Also please let me know if there is a way we can view the list of deployed webservices in EAP 6.1 from admin console similar to soa-p.

Your help will be appreciated.

Thanks,
Anu
--------------------------------------------------------------

Reply to this message by going to Community
[https://community.jboss.org/message/826945#826945]

Start a new discussion in JBoss Web Services Development at Community
[https://community.jboss.org/choose-container!input.jspa?contentType=1&containerType=14&container=2047]

-------------- next part --------------
An HTML attachment was scrubbed...
URL: http://lists.jboss.org/pipermail/jboss-dev-forums/attachments/20130708/6faa58f3/attachment.html 