[jboss-svn-commits] JBL Code SVN: r30315 - labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml.
jboss-svn-commits at lists.jboss.org
jboss-svn-commits at lists.jboss.org
Mon Nov 23 12:16:38 EST 2009
Author: beve
Date: 2009-11-23 12:16:38 -0500 (Mon, 23 Nov 2009)
New Revision: 30315
Added:
labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/jboss-service.xml
labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/login-config-unfiltered.xml
Removed:
labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/login-config.xml
Modified:
labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/build.xml
labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/deployment.xml
labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/readme.txt
Log:
Work for https://jira.jboss.org/jira/browse/JBESB-2997 "security_saml quickstart: Remove the need to manually update the servers login-config.xml"
Modified: labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/build.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/build.xml 2009-11-23 16:34:15 UTC (rev 30314)
+++ labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/build.xml 2009-11-23 17:16:38 UTC (rev 30315)
@@ -6,7 +6,7 @@
</description>
<!-- additional deploys -->
- <property name="additional.deploys" value="jboss-wsse-client.xml, smooks/*.xml, picketlink-sts-client.properties"/>
+ <property name="additional.deploys" value="jboss-wsse-client.xml, smooks/*.xml, picketlink-sts-client.properties, jboss-service.xml, login-config.xml"/>
<target name="quickstart-specific-checks" depends="assert-ws-available, assert-as5"/>
@@ -38,6 +38,12 @@
<include name="**/*"/>
</fileset>
</war>
+
+ <copy file="${basedir}/login-config-unfiltered.xml" tofile="${basedir}/login-config.xml" filtering="true" overwrite="true">
+ <filterset>
+ <filter token="STS_CONFIG_FILE_PATH" value="${basedir}/picketlink-sts-client.properties"/>
+ </filterset>
+ </copy>
</target>
<target name="runtest" depends="compile"
@@ -52,20 +58,4 @@
</java>
</target>
-
- <target name="quickstart-specific-deploys">
- <copy todir="${build.dir}" filtering="true" overwrite="true">
-
- <filterset>
- <filter token="KEYSTORE_PATH" value="${basedir}/keystore"/>
- <filter token="ROLES_FILE_PATH" value="${basedir}/roles.properties"/>
- <filter token="STS_CONFIG_FILE_PATH" value="${basedir}/picketlink-sts-client.properties"/>
- </filterset>
- <fileset dir="${basedir}">
- <include name="login-config.xml"/>
- </fileset>
- </copy>
- </target>
-
-
</project>
Modified: labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/deployment.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/deployment.xml 2009-11-23 16:34:15 UTC (rev 30314)
+++ labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/deployment.xml 2009-11-23 17:16:38 UTC (rev 30315)
@@ -1,5 +1,6 @@
<jbossesb-deployment>
<depends>jboss.esb:deployment=soap.esb</depends>
+ <depends>org.jboss.esb.samples.quickstarts.security_saml:service=LoginModule</depends>
<depends>jboss.esb.quickstart.destination:service=Queue,name=quickstart_security_saml_gw</depends>
<depends>jboss.esb.quickstart.destination:service=Queue,name=quickstart_security_saml_esb</depends>
<depends>jboss.esb.quickstart.destination:service=Queue,name=quickstart_security_saml_esb_reply</depends>
Added: labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/jboss-service.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/jboss-service.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/jboss-service.xml 2009-11-23 17:16:38 UTC (rev 30315)
@@ -0,0 +1,8 @@
+<server>
+ <mbean code="org.jboss.security.auth.login.DynamicLoginConfig" name="org.jboss.esb.samples.quickstarts.security_saml:service=LoginModule">
+ <attribute name="AuthConfig">login-config.xml</attribute>
+ <depends optional-attribute-name="LoginConfigService">jboss.security:service=XMLLoginConfig</depends>
+ <depends optional-attribute-name="SecurityManagerService">jboss.security:service=JaasSecurityManager</depends>
+ </mbean>
+</server>
+
Added: labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/login-config-unfiltered.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/login-config-unfiltered.xml (rev 0)
+++ labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/login-config-unfiltered.xml 2009-11-23 17:16:38 UTC (rev 30315)
@@ -0,0 +1,24 @@
+<policy>
+ <application-policy name="saml-issue-token">
+ <authentication>
+ <login-module code="org.picketlink.identity.federation.core.wstrust.auth.STSIssuingLoginModule" flag="required">
+ <module-option name="configFile">@STS_CONFIG_FILE_PATH@</module-option>
+ <module-option name="endpointURI">http://security_saml/goodbyeworld</module-option>
+ <module-option name="password-stacking">true</module-option>
+ </login-module>
+ <login-module code="org.picketlink.identity.federation.core.wstrust.auth.STSValidatingLoginModule" flag="required">
+ <module-option name="configFile">@STS_CONFIG_FILE_PATH@</module-option>
+ <module-option name="password-stacking">useFirstPass</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+
+ <application-policy name="saml-validate-token">
+ <authentication>
+ <login-module code="org.picketlink.identity.federation.core.wstrust.auth.STSValidatingLoginModule" flag="required">
+ <module-option name="configFile">@STS_CONFIG_FILE_PATH@</module-option>
+ <module-option name="useOptionsCredentials">true</module-option>
+ </login-module>
+ </authentication>
+ </application-policy>
+</policy>
Deleted: labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/login-config.xml
===================================================================
--- labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/login-config.xml 2009-11-23 16:34:15 UTC (rev 30314)
+++ labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/login-config.xml 2009-11-23 17:16:38 UTC (rev 30315)
@@ -1,24 +0,0 @@
-
- <application-policy name="saml-issue-token">
- <authentication>
- <login-module code="org.picketlink.identity.federation.core.wstrust.auth.STSIssuingLoginModule" flag="required">
- <module-option name="configFile">@STS_CONFIG_FILE_PATH@</module-option>
- <module-option name="endpointURI">http://security_saml/goodbyeworld</module-option>
- <module-option name="password-stacking">true</module-option>
- </login-module>
- <login-module code="org.picketlink.identity.federation.core.wstrust.auth.STSValidatingLoginModule" flag="required">
- <module-option name="configFile">@STS_CONFIG_FILE_PATH@</module-option>
- <module-option name="password-stacking">useFirstPass</module-option>
- </login-module>
- </authentication>
- </application-policy>
-
- <application-policy name="saml-validate-token">
- <authentication>
- <login-module code="org.picketlink.identity.federation.core.wstrust.auth.STSValidatingLoginModule" flag="required">
- <module-option name="configFile">@STS_CONFIG_FILE_PATH@</module-option>
- <module-option name="useOptionsCredentials">true</module-option>
- </login-module>
- </authentication>
- </application-policy>
-
Modified: labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/readme.txt
===================================================================
--- labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/readme.txt 2009-11-23 16:34:15 UTC (rev 30314)
+++ labs/jbossesb/branches/JBESB_4_7_CP/product/samples/quickstarts/security_saml/readme.txt 2009-11-23 17:16:38 UTC (rev 30315)
@@ -19,16 +19,14 @@
To Run:
========================
1. Type 'ant deploy'.
- 2. Copy & Paste the contents of build/login-config.xml into <server>/<configname>/conf/login-config.xml
- 3. Start the server.
- 4. 'ant runtest' will send a HTTP request to a JBossRemoting Gatway
+ 2. 'ant runtest' will send a HTTP request to a JBossRemoting Gatway
# Please refer to the "Security" section of the ServiceGuide.pdf for more details on the security features of JBossESB.
and http://www.jboss.org/community/wiki/JBossESBSAMLSupport for SAML specific information.
Quickstart content
==================
-# jboss-sts.war
+# picketlink-sts.war
The PicketLinkSTS.war is the PicketLink WS-Trust Security Token Service implementation.
# picketlink-sts-client.properties
@@ -37,11 +35,13 @@
The STSIssuingLoginModule uses callbacks to retreive the username and password from the authentication
request, which is extraced from the SOAP Security header (see soap-request.xml below).
-# login-config.xml
+# login-config-unfiltered.xml
The JBoss security configuration fragment required for this quickstart. This will be filtered by Ant
-and the outputted login-config.xml content in the build directory should be copied into the servers
-login-config.xml
+and the added to the esb archive.
+# jboss-service.xml
+Will dynamically add the login modules configured in login-config.xml.
+
# soap-request.xml
The soap request sent to the esb. The UsernameToken security header information is used by the STSIssuingLoginModule
as the username/credential for the user for whom a security token should be issued.
More information about the jboss-svn-commits
mailing list