You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@cxf.apache.org by Rajeev Parekh <rp...@indigoconsulting.com> on 2014/09/15 20:00:52 UTC
Configuration Issue with FEDIZ
Hello
I am a newbie to both CXF and FEDIZ, I wanted to install and configure
the basic test case with one IDP, STS & one RP. here is what I have so far:
* The default IDP & STS wars deployed and configured in one tomcat
instance running on https/9443 for REALM A as explained in the config doc
* The FEDIZ HelloWorld RP deployed in a separate TOMCAT instance
available on https/8443
* The default trust keystores available to both the IDP/STS and RP instances
Here is the problem I am facing:
* Access the RP: https://localhost:8443/fedizhelloworld/secure/fedservlet
* Redirected to
https://localhost:9443/fediz-idp/?wa=wsignin1.0&wreply=https://localhost:8443/fedizhelloworld/secure/fedservlet&wtrealm=https://localhost:8443/fedizhelloworld/&wct=2014-09-15T17:25:48.112Z
** NOW The IDP does not redirect to Login, but instead just displays the
IDP index.html
Can you please guide me to the required config so as to get the basic
flow working. I am attaching the config files from the IDP side
Thanks In Advance
RE: Configuration Issue with FEDIZ
Posted by Oliver Wulff <ow...@talend.com>.
Hi
Documentation is updated. Thanks for spotting this.
Oli
------
Oliver Wulff
Blog: http://owulff.blogspot.com
Solution Architect
http://coders.talend.com
Talend Application Integration Division http://www.talend.com
________________________________________
From: Rajeev Parekh [rparekh@indigoconsulting.com]
Sent: 17 September 2014 18:37
To: users@cxf.apache.org
Subject: Re: Configuration Issue with FEDIZ
Colm:
Thank you for the tip, that was the problem, Ioannis had suggested the
same to me. I think the basic configuration listed on
http://cxf.apache.org/fediz-configuration.html
is misleading (wrong issuer and no realm) and should be updated, it
currently reads:
|<?||xml| |version="1.0" encoding="UTF-8" standalone="yes"?>|
|<||FedizConfig||>|
|||<||contextConfig| |name="/fedizhelloworld">|
| ..|
|||<||protocol| |xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
<http://www.w3.org/2001/XMLSchema-instance%22>
xsi:type="federationProtocolType" version="1.2">|
|||<||issuer||>https://localhost:9443/fediz-idp/</||issuer||>|
|||</||protocol||>|
|||</||contextConfig||>|
|</||FedizConfig||>
should be
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<FedizConfig>
<contextConfig name="/fedizhelloworld">
..
<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="federationProtocolType" version="1.2">
<issuer>https://localhost:9443/fediz-idp/federation</issuer>
<realm>urn:org:apache:cxf:fediz:fedizhelloworld</realm>
</protocol>
</contextConfig>
</FedizConfig>
|
Many Thanks
On 9/17/2014 9:27 AM, Colm O hEigeartaigh wrote:
> Hi,
>
> The problem appears to be that the IdP URL is misconfigured - the value for
> the "issuer" URL in the "fediz_config.xml" you are using should be "
> https://localhost:9443/fediz-idp/federation" and not "
> https://localhost:9443/fediz-idp".
>
> Colm.
>
> On Mon, Sep 15, 2014 at 7:00 PM, Rajeev Parekh <rparekh@indigoconsulting.com
>> wrote:
>> Hello
>>
>> I am a newbie to both CXF and FEDIZ, I wanted to install and configure the
>> basic test case with one IDP, STS & one RP. here is what I have so far:
>>
>> * The default IDP & STS wars deployed and configured in one tomcat
>> instance running on https/9443 for REALM A as explained in the config doc
>> * The FEDIZ HelloWorld RP deployed in a separate TOMCAT instance available
>> on https/8443
>> * The default trust keystores available to both the IDP/STS and RP
>> instances
>>
>> Here is the problem I am facing:
>> * Access the RP: https://localhost:8443/fedizhelloworld/secure/fedservlet
>> * Redirected to https://localhost:9443/fediz-idp/?wa=wsignin1.0&wreply=
>> https://localhost:8443/fedizhelloworld/secure/fedservlet&wtrealm=https://
>> localhost:8443/fedizhelloworld/&wct=2014-09-15T17:25:48.112Z
>>
>> ** NOW The IDP does not redirect to Login, but instead just displays the
>> IDP index.html
>>
>> Can you please guide me to the required config so as to get the basic flow
>> working. I am attaching the config files from the IDP side
>>
>> Thanks In Advance
>>
>>
>>
>>
>>
>>
>>
>
Re: Configuration Issue with FEDIZ
Posted by Rajeev Parekh <rp...@indigoconsulting.com>.
Colm:
Thank you for the tip, that was the problem, Ioannis had suggested the
same to me. I think the basic configuration listed on
http://cxf.apache.org/fediz-configuration.html
is misleading (wrong issuer and no realm) and should be updated, it
currently reads:
|<?||xml| |version="1.0" encoding="UTF-8" standalone="yes"?>|
|<||FedizConfig||>|
|||<||contextConfig| |name="/fedizhelloworld">|
| ..|
|||<||protocol| |xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
<http://www.w3.org/2001/XMLSchema-instance%22>
xsi:type="federationProtocolType" version="1.2">|
|||<||issuer||>https://localhost:9443/fediz-idp/</||issuer||>|
|||</||protocol||>|
|||</||contextConfig||>|
|</||FedizConfig||>
should be
<?xml version="1.0" encoding="UTF-8" standalone="yes"?>
<FedizConfig>
<contextConfig name="/fedizhelloworld">
..
<protocol xmlns:xsi="http://www.w3.org/2001/XMLSchema-instance"
xsi:type="federationProtocolType" version="1.2">
<issuer>https://localhost:9443/fediz-idp/federation</issuer>
<realm>urn:org:apache:cxf:fediz:fedizhelloworld</realm>
</protocol>
</contextConfig>
</FedizConfig>
|
Many Thanks
On 9/17/2014 9:27 AM, Colm O hEigeartaigh wrote:
> Hi,
>
> The problem appears to be that the IdP URL is misconfigured - the value for
> the "issuer" URL in the "fediz_config.xml" you are using should be "
> https://localhost:9443/fediz-idp/federation" and not "
> https://localhost:9443/fediz-idp".
>
> Colm.
>
> On Mon, Sep 15, 2014 at 7:00 PM, Rajeev Parekh <rparekh@indigoconsulting.com
>> wrote:
>> Hello
>>
>> I am a newbie to both CXF and FEDIZ, I wanted to install and configure the
>> basic test case with one IDP, STS & one RP. here is what I have so far:
>>
>> * The default IDP & STS wars deployed and configured in one tomcat
>> instance running on https/9443 for REALM A as explained in the config doc
>> * The FEDIZ HelloWorld RP deployed in a separate TOMCAT instance available
>> on https/8443
>> * The default trust keystores available to both the IDP/STS and RP
>> instances
>>
>> Here is the problem I am facing:
>> * Access the RP: https://localhost:8443/fedizhelloworld/secure/fedservlet
>> * Redirected to https://localhost:9443/fediz-idp/?wa=wsignin1.0&wreply=
>> https://localhost:8443/fedizhelloworld/secure/fedservlet&wtrealm=https://
>> localhost:8443/fedizhelloworld/&wct=2014-09-15T17:25:48.112Z
>>
>> ** NOW The IDP does not redirect to Login, but instead just displays the
>> IDP index.html
>>
>> Can you please guide me to the required config so as to get the basic flow
>> working. I am attaching the config files from the IDP side
>>
>> Thanks In Advance
>>
>>
>>
>>
>>
>>
>>
>
Re: Configuration Issue with FEDIZ
Posted by Colm O hEigeartaigh <co...@apache.org>.
Hi,
The problem appears to be that the IdP URL is misconfigured - the value for
the "issuer" URL in the "fediz_config.xml" you are using should be "
https://localhost:9443/fediz-idp/federation" and not "
https://localhost:9443/fediz-idp".
Colm.
On Mon, Sep 15, 2014 at 7:00 PM, Rajeev Parekh <rparekh@indigoconsulting.com
> wrote:
> Hello
>
> I am a newbie to both CXF and FEDIZ, I wanted to install and configure the
> basic test case with one IDP, STS & one RP. here is what I have so far:
>
> * The default IDP & STS wars deployed and configured in one tomcat
> instance running on https/9443 for REALM A as explained in the config doc
> * The FEDIZ HelloWorld RP deployed in a separate TOMCAT instance available
> on https/8443
> * The default trust keystores available to both the IDP/STS and RP
> instances
>
> Here is the problem I am facing:
> * Access the RP: https://localhost:8443/fedizhelloworld/secure/fedservlet
> * Redirected to https://localhost:9443/fediz-idp/?wa=wsignin1.0&wreply=
> https://localhost:8443/fedizhelloworld/secure/fedservlet&wtrealm=https://
> localhost:8443/fedizhelloworld/&wct=2014-09-15T17:25:48.112Z
>
> ** NOW The IDP does not redirect to Login, but instead just displays the
> IDP index.html
>
> Can you please guide me to the required config so as to get the basic flow
> working. I am attaching the config files from the IDP side
>
> Thanks In Advance
>
>
>
>
>
>
>
--
Colm O hEigeartaigh
Talend Community Coder
http://coders.talend.com