You are viewing a plain text version of this content. The canonical link for it is here.
Posted to rampart-dev@ws.apache.org by na...@apache.org on 2008/06/23 16:37:14 UTC
svn commit: r670638 -
/webservices/rampart/trunk/java/modules/documentation/src/site/xdoc/setting-up-sts.xml
Author: nandana
Date: Mon Jun 23 07:37:14 2008
New Revision: 670638
URL: http://svn.apache.org/viewvc?rev=670638&view=rev
Log:
Giving Rampart site a new look :)
Added:
webservices/rampart/trunk/java/modules/documentation/src/site/xdoc/setting-up-sts.xml
Added: webservices/rampart/trunk/java/modules/documentation/src/site/xdoc/setting-up-sts.xml
URL: http://svn.apache.org/viewvc/webservices/rampart/trunk/java/modules/documentation/src/site/xdoc/setting-up-sts.xml?rev=670638&view=auto
==============================================================================
--- webservices/rampart/trunk/java/modules/documentation/src/site/xdoc/setting-up-sts.xml (added)
+++ webservices/rampart/trunk/java/modules/documentation/src/site/xdoc/setting-up-sts.xml Mon Jun 23 07:37:14 2008
@@ -0,0 +1,64 @@
+<!--
+ ~ Licensed to the Apache Software Foundation (ASF) under one
+ ~ or more contributor license agreements. See the NOTICE file
+ ~ distributed with this work for additional information
+ ~ regarding copyright ownership. The ASF licenses this file
+ ~ to you under the Apache License, Version 2.0 (the
+ ~ "License"); you may not use this file except in compliance
+ ~ with the License. You may obtain a copy of the License at
+ ~
+ ~ http://www.apache.org/licenses/LICENSE-2.0
+ ~
+ ~ Unless required by applicable law or agreed to in writing,
+ ~ software distributed under the License is distributed on an
+ ~ * "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY
+ ~ KIND, either express or implied. See the License for the
+ ~ specific language governing permissions and limitations
+ ~ under the License.
+ -->
+ <document>
+ <properties>
+ <title>Setting up a Security Token Service</title>
+ </properties>
+ <head>
+ </head>
+ <body>
+ <h1>Setting up a Security Token Service</h1>
+ <h3>Setting up a Security Token Service</h3>
+ <p>Security Token Service can be set up as per WS-Trust specification using Rampart. The default security token service shipped with the rampart distribution is contained in the rampart-trust.mar module. It can issue SCT tokens and SAML tokens. Sample05 contains a client that connects to the default STS and obtain a SAML token. The services.xml in the sample contains "saml-issuer-config" parameter that is used to configure the default SAML issuer.</p>
+ <strong>STS with a custom issuer</strong>
+ <p>First the default rampart.mar has to be removed from the modules. Then write you own issuer implementing the <code>"org.apache.rahas.TokenIssuer"</code> interface. Let's say that your issuer is <code>"org.custom.MyIssuer"</code>. Then create a Axis2 service archive with the following in the services.xml. Drop the archive into the repository and you have a STS with a CustomToken issuer.</p>
+
+ <pre>
+
+<module ref="rampart" />
+
+<operation name="IssueToken"
+ mep="http://www.w3.org/2006/01/wsdl/in-out">
+ <messageReceiver
+ class="org.apache.rahas.STSMessageReceiver"/>
+
+ <!-- Action mapping to accept RST requests -->
+ <actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT</actionMapping>
+ <actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Issue</actionMapping>
+ <actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Renew</actionMapping>
+ <actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Cancel</actionMapping>
+ <actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/SCT/Cancel</actionMapping>
+ <actionMapping>http://schemas.xmlsoap.org/ws/2005/02/trust/RST/Validate</actionMapping>
+
+ <parameter name="token-dispatcher-configuration">
+ <token-dispatcher-configuration>
+ <!-- Issuers. You may have many issuers. -->
+ <issuer class="org.custom.MyIssuer" default="true">
+ <configuration
+ type="parameter">saml-issuer-config</configuration>
+ <tokenType>http://docs.oasis-open.org/wss/oasis-wss-saml-token-profile-1.1#SAMLV1.1</tokenType>
+ </issuer>
+ </token-dispatcher-configuration>
+ </parameter>
+
+</operation>
+
+</pre>
+ </body>
+ </document>
\ No newline at end of file